OTL do sprawdzenia

[Jackaal]

Log do sprawdzenia

OTL logfile created on: 2009-09-08 06:57:29 - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Jeti\Pulpit
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,66 Gb Available Physical Memory | 82,94% Memory free
3,85 Gb Paging File | 3,62 Gb Available in Paging File | 94,09% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 15,00 Gb Total Space | 9,12 Gb Free Space | 60,82% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 134,04 Gb Total Space | 130,51 Gb Free Space | 97,37% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DONALD
Current User Name: Jeti
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2008-04-14 22:51:18 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009-05-13 16:48:22 | 00,108,289 | ---- | M] (Avira GmbH) -- E:\Programy\Avira\AntiVir Desktop\sched.exe
PRC - [2009-07-21 14:34:33 | 00,185,089 | ---- | M] (Avira GmbH) -- E:\Programy\Avira\AntiVir Desktop\avguard.exe
PRC - [2009-02-11 12:33:12 | 00,876,760 | R--- | M] (cFos Software GmbH) -- E:\Programy\cFosSpeed\cFosSpeed.exe
PRC - [2009-03-02 13:08:47 | 00,209,153 | ---- | M] (Avira GmbH) -- E:\Programy\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009-02-11 12:33:16 | 00,385,240 | R--- | M] (cFos Software GmbH) -- E:\Programy\cFosSpeed\spd.exe
PRC - [2005-09-22 16:01:54 | 00,053,248 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2007-04-20 00:05:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe
PRC - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe
PRC - [2008-12-18 02:26:25 | 07,678,568 | ---- | M] (Mozilla Corporation) -- E:\Programy\Firefox\firefox.exe
PRC - [2009-09-08 06:56:02 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeti\Pulpit\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2009-05-13 16:48:22 | 00,108,289 | ---- | M] (Avira GmbH) -- E:\Programy\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService [Auto | Running])
SRV - [2009-07-21 14:34:33 | 00,185,089 | ---- | M] (Avira GmbH) -- E:\Programy\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService [Auto | Running])
SRV - [2009-02-11 12:33:16 | 00,385,240 | R--- | M] (cFos Software GmbH) -- E:\Programy\cFosSpeed\spd.exe -- (cFosSpeedS [Auto | Running])
SRV - [2008-04-14 22:50:46 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005-09-22 16:01:54 | 00,053,248 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2007-04-20 00:05:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2009-08-31 15:17:42 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe -- (PnkBstrA [Disabled | Stopped])
SRV - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Auto | Running])

========== Driver Services (SafeList) ==========

DRV - [2006-05-19 09:44:52 | 03,965,056 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
DRV - [2009-02-13 12:17:49 | 00,045,416 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\DRIVERS\avgntdd.sys -- (avgntdd [system | Running])
DRV - [2009-02-13 12:29:11 | 00,022,360 | ---- | M] (Avira GmbH) -- C:\WINDOWS\SYSTEM32\DRIVERS\avgntmgr.sys -- (avgntmgr [boot | Running])
DRV - [2009-03-30 10:33:07 | 00,096,104 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\DRIVERS\avipbb.sys -- (avipbb [system | Running])
DRV - [2009-02-11 12:33:20 | 00,787,672 | ---- | M] (cFos Software GmbH) -- C:\WINDOWS\System32\DRIVERS\cfosspeed.sys -- (cFosSpeed [On_Demand | Running])
DRV - [2007-04-20 00:05:00 | 06,739,168 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2005-07-26 11:48:28 | 00,033,664 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\NVENETFD.sys -- (NVENETFD [On_Demand | Running])
DRV - [2005-07-26 11:48:30 | 00,012,928 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nvnetbus.sys -- (nvnetbus [On_Demand | Running])
DRV - [2002-09-23 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2009-04-28 22:20:06 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [boot | Running])
DRV - [2008-04-13 22:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2009-05-11 10:12:24 | 00,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\DRIVERS\ssmdrv.sys -- (ssmdrv [system | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1078081533-1708537768-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1078081533-1708537768-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-1078081533-1708537768-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-1078081533-1708537768-839522115-1004\S-1-5-21-1078081533-1708537768-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Wikipedia (pl)"
FF - prefs.js..browser.startup.homepage: "www.google.pl"

FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: E:\Programy\Firefox\components [2009-08-30 01:54:59 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: E:\Programy\Firefox\plugins [2009-08-30 01:54:59 | 00,000,000 | ---D | M]

[2009-09-07 08:26:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeti\Dane aplikacji\mozilla\Firefox\Profiles\ptp4aqat.default\extensions
[2009-08-30 01:54:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeti\Dane aplikacji\mozilla\Firefox\Profiles\ptp4aqat.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2009-08-31 14:09:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeti\Dane aplikacji\mozilla\Firefox\Profiles\ptp4aqat.default\extensions\battlefieldheroespatcher@ea.com

O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [avgnt] E:\Programy\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [cFosSpeed] E:\Programy\cFosSpeed\cFosSpeed.exe (cFos Software GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKU\.DEFAULT..\Run: [mset] C:\WINDOWS\System32\config\systemprofile\mset.exe File not found
O4 - HKU\S-1-5-18..\Run: [mset] C:\WINDOWS\System32\config\systemprofile\mset.exe File not found
O4 - HKLM..\RunServices: [Windows Update] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1078081533-1708537768-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 88.156.63.9 82.139.8.7
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-08-26 16:24:23 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009-09-08 06:56:05 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jeti\Pulpit\OTL.exe
[2009-09-06 22:27:15 | 00,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2009-09-06 22:27:15 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE
[2009-09-06 22:20:14 | 01,081,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscomctl.ocx
[2009-09-06 22:20:14 | 00,245,760 | ---- | C] (vbAccelerator) -- C:\WINDOWS\System32\vbalColumnTreeView6.ocx
[2009-09-06 22:20:14 | 00,152,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Comdlg32.ocx
[2009-09-06 22:20:14 | 00,057,344 | ---- | C] (CodeGuru) -- C:\WINDOWS\System32\CGZipLibrary.DLL
[2009-09-06 22:20:14 | 00,040,960 | ---- | C] (vbAccelerator) -- C:\WINDOWS\System32\SSubTmr6.dll
[2009-09-06 22:20:14 | 00,018,728 | ---- | C] () -- C:\WINDOWS\System32\ISHF_Ex.tlb
[2009-09-06 22:20:14 | 00,008,096 | ---- | C] () -- C:\WINDOWS\System32\OLEGUIDS.TLB
[2009-09-03 21:40:01 | 00,000,432 | ---- | C] () -- C:\Documents and Settings\Jeti\Pulpit\Dragon Ball Kai Online.lnk
[2009-09-03 18:17:20 | 00,002,240 | ---- | C] () -- C:\Documents and Settings\Jeti\Moje dokumenty\Task1.tsk
[2009-09-02 18:58:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jeti\Dane aplikacji\DBKO
[2009-09-02 13:46:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jeti\Moje dokumenty\Battlefield Heroes
[2009-09-02 13:01:18 | 00,038,912 | ---- | C] () -- C:\Documents and Settings\Jeti\Moje dokumenty\zestaw_podrecznikow_klasy_III.doc
[2009-09-01 10:37:02 | 00,011,422 | ---- | C] () -- C:\Documents and Settings\Jeti\Moje dokumenty\plan lekcji.ods
[2009-09-01 10:03:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jeti\Dane aplikacji\OpenOffice.ux.pl
[2009-08-31 15:18:02 | 00,139,152 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-08-31 15:18:02 | 00,139,152 | ---- | C] () -- C:\Documents and Settings\Jeti\Dane aplikacji\PnkBstrK.sys
[2009-08-31 15:17:45 | 00,111,928 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009-08-31 15:17:42 | 00,794,408 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2009-08-31 15:17:42 | 00,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009-08-31 15:17:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2009-08-31 10:50:54 | 00,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS53.DLL
[2009-08-31 10:50:53 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ
[2009-08-31 10:38:29 | 05,119,474 | ---- | C] () -- C:\Documents and Settings\Jeti\Moje dokumenty\wsip.rtf
[2009-08-31 10:34:54 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys
[2009-08-31 10:34:54 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2009-08-30 17:11:42 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2009-08-30 17:11:41 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2009-08-30 17:11:41 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbscan.sys
[2009-08-30 17:11:41 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2009-08-30 12:40:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jeti\Dane aplikacji\Winamp
[2009-08-30 00:46:35 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-08-30 00:46:34 | 00,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm
[2009-08-30 00:46:34 | 00,217,088 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2009-08-30 00:46:34 | 00,118,784 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2009-08-30 00:46:34 | 00,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml
[2009-08-30 00:46:33 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009-08-30 00:46:33 | 00,086,016 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll
[2009-08-30 00:46:32 | 00,684,032 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx.dll
[2009-08-30 00:46:31 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll
[2009-08-29 20:18:51 | 00,004,608 | ---- | C] () -- C:\Documents and Settings\Jeti\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-08-29 20:18:51 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-08-29 16:41:27 | 00,000,584 | ---- | C] () -- C:\Documents and Settings\Jeti\Pulpit\SSIII Solo Ultratus.lnk
[2009-08-29 16:19:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jeti\Dane aplikacji\fizzy
[2009-08-29 16:19:15 | 00,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2009-08-28 15:32:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jeti\Dane aplikacji\Nowe Gadu-Gadu
[2009-08-28 14:29:10 | 00,787,672 | ---- | C] (cFos Software GmbH) -- C:\WINDOWS\System32\drivers\cfosspeed.sys
[2009-08-28 14:29:10 | 00,290,008 | ---- | C] (cFos Software GmbH) -- C:\WINDOWS\System32\cfosspeed.dll
[2009-08-28 13:48:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jeti\Dane aplikacji\BESTplayer
[2009-08-27 18:48:46 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBSTOR.SYS
[2009-08-27 18:48:46 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2009-08-27 12:37:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2009-08-27 12:37:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009-08-27 12:31:38 | 01,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2009-08-27 12:31:38 | 00,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2009-08-27 12:31:37 | 01,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6.dll
[2009-08-27 12:31:37 | 00,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2009-08-27 12:31:36 | 00,693,932 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2009-08-27 12:31:36 | 00,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2009-08-27 12:31:36 | 00,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2009-08-27 12:31:36 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpdxm.dll
[2009-08-27 12:31:36 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2009-08-27 12:31:36 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2009-08-27 12:31:36 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2009-08-27 12:31:36 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2009-08-27 12:31:36 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2009-08-27 12:31:36 | 00,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2009-08-27 12:31:36 | 00,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2009-08-27 12:31:36 | 00,071,460 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2009-08-27 12:31:36 | 00,027,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2009-08-27 12:31:36 | 00,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2009-08-27 12:31:36 | 00,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2009-08-27 12:31:36 | 00,001,714 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2009-08-27 12:31:36 | 00,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2009-08-27 12:31:35 | 04,874,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.dll
[2009-08-27 12:31:35 | 00,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2009-08-27 12:31:35 | 00,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2009-08-27 12:31:35 | 00,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2009-08-27 12:31:35 | 00,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2009-08-27 12:31:35 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmerror.dll
[2009-08-27 12:31:35 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpasf.dll
[2009-08-27 12:31:35 | 00,089,253 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2009-08-27 12:31:35 | 00,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2009-08-27 12:31:35 | 00,066,160 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2009-08-27 12:31:35 | 00,058,350 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2009-08-27 12:31:35 | 00,034,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2009-08-27 12:31:35 | 00,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2009-08-27 12:31:35 | 00,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2009-08-27 12:31:35 | 00,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2009-08-27 12:31:35 | 00,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2009-08-27 12:31:35 | 00,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2009-08-27 12:31:35 | 00,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2009-08-27 12:31:35 | 00,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2009-08-27 12:31:35 | 00,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2009-08-27 12:31:35 | 00,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2009-08-27 12:31:35 | 00,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2009-08-27 12:31:35 | 00,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2009-08-27 12:31:35 | 00,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2009-08-27 12:31:35 | 00,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2009-08-27 12:31:35 | 00,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2009-08-27 12:31:35 | 00,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2009-08-27 12:31:35 | 00,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2009-08-27 12:31:35 | 00,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2009-08-27 12:31:35 | 00,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2009-08-27 12:31:35 | 00,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2009-08-27 12:31:35 | 00,001,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2009-08-27 12:31:35 | 00,001,482 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2009-08-27 12:31:35 | 00,001,479 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2009-08-27 12:31:35 | 00,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2009-08-27 12:31:35 | 00,001,471 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2009-08-27 12:31:35 | 00,001,463 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2009-08-27 12:31:35 | 00,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2009-08-27 12:31:35 | 00,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2009-08-27 12:31:35 | 00,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2009-08-27 12:31:35 | 00,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2009-08-27 12:31:35 | 00,001,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2009-08-27 12:31:35 | 00,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2009-08-27 12:31:35 | 00,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2009-08-27 12:31:35 | 00,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2009-08-27 12:31:35 | 00,001,041 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2009-08-27 12:31:35 | 00,000,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2009-08-27 12:31:35 | 00,000,822 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2009-08-27 12:31:35 | 00,000,808 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2009-08-27 12:31:35 | 00,000,792 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2009-08-27 12:31:35 | 00,000,786 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2009-08-27 12:31:35 | 00,000,738 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2009-08-27 12:31:35 | 00,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2009-08-27 12:31:34 | 00,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2009-08-27 12:31:34 | 00,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2009-08-27 12:31:34 | 00,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp4sdmod.dll
[2009-08-27 12:31:34 | 00,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2009-08-27 12:31:34 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2009-08-27 12:31:34 | 00,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp43dmod.dll
[2009-08-27 12:31:34 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2009-08-27 12:31:34 | 00,184,137 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2009-08-27 12:31:34 | 00,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2009-08-27 12:31:34 | 00,036,644 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2009-08-27 12:31:34 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2009-08-27 12:31:34 | 00,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2009-08-27 12:31:34 | 00,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2009-08-27 12:31:34 | 00,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2009-08-27 12:31:34 | 00,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2009-08-27 12:31:34 | 00,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2009-08-27 12:31:34 | 00,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2009-08-27 12:31:34 | 00,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2009-08-27 12:31:34 | 00,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2009-08-27 12:31:34 | 00,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2009-08-27 12:31:34 | 00,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2009-08-27 12:31:34 | 00,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2009-08-27 12:31:34 | 00,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2009-08-27 12:31:34 | 00,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2009-08-27 12:31:33 | 04,874,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmp.dll
[2009-08-27 12:31:33 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpdxm.dll
[2009-08-27 12:31:33 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmerror.dll
[2009-08-27 12:31:33 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpasf.dll
[2009-08-27 12:31:32 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logman.exe
[2009-08-27 12:31:32 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MsPMSNSv.dll
[2009-08-27 12:31:32 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsnsv.dll
[2009-08-27 12:31:32 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\proxycfg.exe
[2009-08-27 12:31:31 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2009-08-27 12:31:30 | 00,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2009-08-27 12:31:30 | 00,370,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2009-08-27 12:31:30 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2009-08-27 12:31:30 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fsquirt.exe
[2009-08-27 12:31:30 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2009-08-27 12:31:30 | 00,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2009-08-27 12:31:30 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3svc.dll
[2009-08-27 12:31:30 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2009-08-27 12:31:30 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthprops.cpl
[2009-08-27 12:31:30 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2009-08-27 12:31:30 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2009-08-27 12:31:30 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\firewall.cpl
[2009-08-27 12:31:30 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\blastcln.exe
[2009-08-27 12:31:30 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fwcfg.dll
[2009-08-27 12:31:30 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2009-08-27 12:31:30 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2009-08-27 12:31:30 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2009-08-27 12:31:30 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\extmgr.dll
[2009-08-27 12:31:30 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\btpanui.dll
[2009-08-27 12:31:30 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2009-08-27 12:31:30 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2009-08-27 12:31:30 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2009-08-27 12:31:30 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2009-08-27 12:31:30 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapsvc.dll
[2009-08-27 12:31:30 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2009-08-27 12:31:30 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthserv.dll
[2009-08-27 12:31:30 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2009-08-27 12:31:30 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\httpapi.dll
[2009-08-27 12:31:30 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2009-08-27 12:31:30 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthci.dll
[2009-08-27 12:31:30 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsntfy.dll
[2009-08-27 12:31:30 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltlib.dll
[2009-08-27 12:31:30 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\auditusr.exe
[2009-08-27 12:31:30 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmsetacl.dll
[2009-08-27 12:31:30 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\credssp.dll
[2009-08-27 12:31:30 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2009-08-27 12:31:30 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2009-08-27 12:31:30 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2009-08-27 12:31:30 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2009-08-27 12:31:29 | 00,554,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2psvc.dll
[2009-08-27 12:31:29 | 00,427,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpob2res.dll
[2009-08-27 12:31:29 | 00,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2009-08-27 12:31:29 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2009-08-27 12:31:29 | 00,380,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irprops.cpl
[2009-08-27 12:31:29 | 00,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgraph.dll
[2009-08-27 12:31:29 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagentrt.dll
[2009-08-27 12:31:29 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2009-08-27 12:31:29 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2009-08-27 12:31:29 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2009-08-27 12:31:29 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2009-08-27 12:31:29 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2009-08-27 12:31:29 | 00,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2p.dll
[2009-08-27 12:31:29 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2009-08-27 12:31:29 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2009-08-27 12:31:29 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdadiag.dll
[2009-08-27 12:31:29 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pnetsh.dll
[2009-08-27 12:31:29 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2009-08-27 12:31:29 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgasvc.dll
[2009-08-27 12:31:29 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2009-08-27 12:31:29 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2009-08-27 12:31:29 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2009-08-27 12:31:29 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2009-08-27 12:31:29 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kmsvc.dll
[2009-08-27 12:31:29 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pnrpnsp.dll
[2009-08-27 12:31:29 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.exe
[2009-08-27 12:31:29 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2009-08-27 12:31:29 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2009-08-27 12:31:29 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2009-08-27 12:31:29 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2009-08-27 12:31:29 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdhcinst.dll
[2009-08-27 12:31:29 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.cpl
[2009-08-27 12:31:29 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smbinst.exe
[2009-08-27 12:31:29 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsno.dll
[2009-08-27 12:31:29 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsfi.dll
[2009-08-27 12:31:29 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdukx.dll
[2009-08-27 12:31:29 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdno1.dll
[2009-08-27 12:31:29 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfi1.dll
[2009-08-27 12:31:29 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinmal.dll
[2009-08-27 12:31:29 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2009-08-27 12:31:29 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2009-08-27 12:31:29 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt48.dll
[2009-08-27 12:31:29 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt47.dll
[2009-08-27 12:31:29 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2009-08-27 12:31:29 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinben.dll
[2009-08-27 12:31:29 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinbe1.dll
[2009-08-27 12:31:29 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2009-08-27 12:31:29 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmaori.dll
[2009-08-27 12:31:28 | 02,953,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp2res.dll
[2009-08-27 12:31:28 | 00,757,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2009-08-27 12:31:28 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2009-08-27 12:31:28 | 00,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2009-08-27 12:31:28 | 00,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2009-08-27 12:31:28 | 00,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2009-08-27 12:31:28 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2009-08-27 12:31:28 | 00,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2009-08-27 12:31:28 | 00,163,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl
[2009-08-27 12:31:28 | 00,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscui.cpl
[2009-08-27 12:31:28 | 00,129,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprov.dll
[2009-08-27 12:31:28 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmllite.dll
[2009-08-27 12:31:28 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuweb.dll
[2009-08-27 12:31:28 | 00,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2009-08-27 12:31:28 | 00,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshbth.dll
[2009-08-27 12:31:28 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscsvc.dll
[2009-08-27 12:31:28 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\strmfilt.dll
[2009-08-27 12:31:28 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2009-08-27 12:31:28 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tzchange.exe
[2009-08-27 12:31:28 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\twext.dll
[2009-08-27 12:31:28 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2009-08-27 12:31:28 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tspkg.dll
[2009-08-27 12:31:28 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprovi.dll
[2009-08-27 12:31:28 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2009-08-27 12:31:28 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2009-08-27 12:31:28 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2009-08-27 12:31:28 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winshfhc.dll
[2009-08-27 12:31:28 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\w3ssl.dll
[2009-08-27 12:31:28 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
[2009-08-27 12:31:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-pl
[2009-08-27 12:31:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\pl
[2009-08-27 12:31:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2009-08-27 12:31:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\provisioning
[2009-08-27 12:31:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\peernet
[2009-08-27 12:31:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009-08-27 12:30:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2009-08-27 12:29:24 | 00,042,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\agp440.sys
[2009-08-27 12:29:24 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2009-08-27 12:29:23 | 00,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2009-08-27 12:29:23 | 00,044,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\agpcpq.sys
[2009-08-27 12:29:23 | 00,042,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\alim1541.sys
[2009-08-27 12:29:23 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthmodem.sys
[2009-08-27 12:29:23 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthenum.sys
[2009-08-27 12:29:22 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthport.sys
[2009-08-27 12:29:22 | 00,264,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\http.sys
[2009-08-27 12:29:22 | 00,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fltmgr.sys
[2009-08-27 12:29:22 | 00,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2009-08-27 12:29:22 | 00,101,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthpan.sys
[2009-08-27 12:29:22 | 00,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2009-08-27 12:29:22 | 00,046,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gagp30kx.sys
[2009-08-27 12:29:22 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\intelppm.sys
[2009-08-27 12:29:22 | 00,036,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ip6fw.sys
[2009-08-27 12:29:22 | 00,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2009-08-27 12:29:22 | 00,025,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidbth.sys
[2009-08-27 12:29:22 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidir.sys
[2009-08-27 12:29:22 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthusb.sys
[2009-08-27 12:29:22 | 00,015,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mssmbios.sys
[2009-08-27 12:29:22 | 00,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2009-08-27 12:29:21 | 00,121,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbvideo.sys
[2009-08-27 12:29:21 | 00,079,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sdbus.sys
[2009-08-27 12:29:21 | 00,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rfcomm.sys
[2009-08-27 12:29:21 | 00,044,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\uagp35.sys
[2009-08-27 12:29:21 | 00,042,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\viaagp.sys
[2009-08-27 12:29:21 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2009-08-27 12:29:21 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wacompen.sys
[2009-08-27 12:29:21 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023x.sys
[2009-08-27 12:29:21 | 00,011,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffdisk.sys
[2009-08-27 12:29:21 | 00,011,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_sd.sys
[2009-08-27 12:29:21 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_mmc.sys
[2009-08-27 12:29:21 | 00,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2009-08-27 12:29:02 | 00,019,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009-08-27 12:28:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2009-08-27 12:28:54 | 00,026,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2009-08-27 12:28:22 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2009-08-27 12:28:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2009-08-26 23:36:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jeti\Dane aplikacji\WinRAR
[2009-08-26 20:05:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jeti\Ustawienia lokalne\Dane aplikacji\Ahead
[2009-08-26 20:02:37 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2009-08-26 20:02:23 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2009-08-26 20:02:15 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2009-08-26 20:02:14 | 00,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sdmod.dll
[2009-08-26 20:02:14 | 00,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp43dmod.dll
[2009-08-26 20:02:14 | 00,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mpg4dmod.dll
[2009-08-26 20:02:14 | 00,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4dmod.dll
[2009-08-26 20:02:13 | 02,370,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvcore.dll
[2009-08-26 20:02:13 | 02,370,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvcore.dll
[2009-08-26 20:02:13 | 01,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmsdmoe2.dll
[2009-08-26 20:02:13 | 01,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe2.dll
[2009-08-26 20:02:13 | 01,027,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmnetmgr.dll
[2009-08-26 20:02:13 | 01,027,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmnetmgr.dll
[2009-08-26 20:02:13 | 01,003,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdmoe2.dll
[2009-08-26 20:02:13 | 01,003,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmoe2.dll
[2009-08-26 20:02:13 | 00,940,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmoe.dll
[2009-08-26 20:02:13 | 00,940,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmoe.dll
[2009-08-26 20:02:13 | 00,895,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdmod.dll
[2009-08-26 20:02:13 | 00,895,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmod.dll
[2009-08-26 20:02:13 | 00,774,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmsdmod.dll
[2009-08-26 20:02:13 | 00,774,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmod.dll
[2009-08-26 20:02:13 | 00,716,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmadmoe.dll
[2009-08-26 20:02:13 | 00,716,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmoe.dll
[2009-08-26 20:02:13 | 00,413,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmod.dll
[2009-08-26 20:02:13 | 00,413,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmod.dll
[2009-08-26 20:02:13 | 00,396,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmadmod.dll
[2009-08-26 20:02:13 | 00,396,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmod.dll
[2009-08-26 20:02:13 | 00,224,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmasf.dll
[2009-08-26 20:02:13 | 00,224,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmasf.dll
[2009-08-26 20:02:13 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qasf.dll
[2009-08-26 20:02:13 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qasf.dll
[2009-08-26 20:02:13 | 00,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmidx.dll
[2009-08-26 20:02:13 | 00,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidx.dll
[2009-08-26 20:02:13 | 00,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logagent.exe
[2009-08-26 20:02:13 | 00,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logagent.exe
[2009-08-26 20:02:13 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\laprxy.dll
[2009-08-26 20:02:13 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\laprxy.dll
[2009-08-26 20:02:12 | 00,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drmv2clt.dll
[2009-08-26 20:02:12 | 00,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmv2clt.dll
[2009-08-26 20:02:12 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blackbox.dll
[2009-08-26 20:02:12 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\blackbox.dll
[2009-08-26 20:02:12 | 00,258,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drmclien.dll
[2009-08-26 20:02:12 | 00,258,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmclien.dll
[2009-08-26 20:02:12 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2009-08-26 20:02:12 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msnetobj.dll
[2009-08-26 20:02:12 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msnetobj.dll
[2009-08-26 20:02:12 | 00,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drmstor.dll
[2009-08-26 20:02:12 | 00,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmstor.dll
[2009-08-26 20:02:12 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2009-08-26 20:01:32 | 00,106,496 | ---- | C] (Pegasus Software) -- C:\WINDOWS\System32\TwnLib20.dll
[2009-08-26 20:01:29 | 01,568,768 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagX7.dll
[2009-08-26 20:01:29 | 00,476,320 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXpr7.dll
[2009-08-26 20:01:29 | 00,471,040 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXRA7.dll
[2009-08-26 20:01:29 | 00,262,144 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXR7.dll
[2009-08-26 20:01:28 | 00,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\WINDOWS\System32\NeroCheck.exe
[2009-08-26 20:01:24 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2009-08-26 19:03:07 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2009-08-26 19:03:07 | 00,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2009-08-26 19:03:07 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2009-08-26 19:03:07 | 00,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2009-08-26 19:03:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Avira
[2009-08-26 18:15:31 | 00,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2009-08-26 18:15:31 | 00,000,211 | RHS- | C] () -- C:\boot.ini
[2009-08-26 18:13:39 | 00,000,000 | R--- | C] () -- C:\WINDOWS\System32\TFTP3676
[2009-08-26 18:13:01 | 00,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2009-08-26 18:13:01 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2009-08-26 18:13:01 | 00,000,000 | R--D | C] -- C:\WINDOWS\Web
[2009-08-26 18:13:01 | 00,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1045
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\system32
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\system
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\security
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\repair
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\mui
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\Media
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\java
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\ime
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\Help
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\Config
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\addins
[2009-08-26 18:13:01 | 00,000,000 | ---D | C] -- C:\WINDOWS
[2009-08-26 18:05:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jeti\Dane aplikacji\Macromedia
[2009-08-26 18:05:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jeti\Dane aplikacji\Adobe
[2009-08-26 18:05:33 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009-08-26 18:04:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009-08-26 18:04:06 | 00,002,920 | ---- | C] () -- C:\WINDOWS\System32\x.exe
[2009-08-26 18:03:58 | 00,001,230 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2009-08-26 18:00:09 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009-08-26 18:00:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jeti\Ustawienia lokalne\Dane aplikacji\Mozilla
[2009-08-26 18:00:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jeti\Dane aplikacji\Mozilla
[2009-08-26 17:56:11 | 00,017,280 | ---- | C] () -- C:\Documents and Settings\Jeti\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-08-26 17:54:26 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2009-08-26 17:54:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2009-08-26 17:54:03 | 01,432,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvidctl.dll
[2009-08-26 17:54:03 | 01,291,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\quartz.dll
[2009-08-26 17:54:03 | 00,563,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qedit.dll
[2009-08-26 17:54:03 | 00,387,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qdvd.dll
[2009-08-26 17:54:03 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009-08-26 17:54:03 | 00,279,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qdv.dll
[2009-08-26 17:54:03 | 00,204,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mswebdvd.dll
[2009-08-26 17:54:03 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcap.dll
[2009-08-26 17:54:03 | 00,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmime.dll
[2009-08-26 17:54:03 | 00,148,992 | ---- | C] () -- C:\WINDOWS\System32\mpg2splt.ax
[2009-08-26 17:54:03 | 00,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ks.sys
[2009-08-26 17:54:03 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2009-08-26 17:54:03 | 00,118,272 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax
[2009-08-26 17:54:03 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmstyle.dll
[2009-08-26 17:54:03 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmusic.dll
[2009-08-26 17:54:03 | 00,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmsynth.dll
[2009-08-26 17:54:03 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2009-08-26 17:54:03 | 00,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nabtsfec.sys
[2009-08-26 17:54:03 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2009-08-26 17:54:03 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\devenum.dll
[2009-08-26 17:54:03 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2009-08-26 17:54:03 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wstdecod.dll
[2009-08-26 17:54:03 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msdv.sys
[2009-08-26 17:54:03 | 00,049,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\stream.sys
[2009-08-26 17:54:03 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2009-08-26 17:54:03 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmloader.dll
[2009-08-26 17:54:03 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciqtz32.dll
[2009-08-26 17:54:03 | 00,033,280 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2009-08-26 17:54:03 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vbisurf.ax
[2009-08-26 17:54:03 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\encapi.dll
[2009-08-26 17:54:03 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wstcodec.sys
[2009-08-26 17:54:03 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bdaplgin.ax
[2009-08-26 17:54:03 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ccdecode.sys
[2009-08-26 17:54:03 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msyuv.dll
[2009-08-26 17:54:03 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2009-08-26 17:54:03 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\streamip.sys
[2009-08-26 17:54:03 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys
[2009-08-26 17:54:03 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksolay.ax
[2009-08-26 17:54:03 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys
[2009-08-26 17:54:03 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\slip.sys
[2009-08-26 17:54:03 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndisip.sys
[2009-08-26 17:54:03 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mskssrv.sys
[2009-08-26 17:54:03 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mstee.sys
[2009-08-26 17:54:03 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspclock.sys
[2009-08-26 17:54:03 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspqm.sys
[2009-08-26 17:54:03 | 00,004,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swenum.sys
[2009-08-26 17:54:03 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2009-08-26 17:54:02 | 02,113,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiagn.dll
[2009-08-26 17:54:02 | 01,689,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d9.dll
[2009-08-26 17:54:02 | 01,298,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiag.exe
[2009-08-26 17:54:02 | 01,293,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsound3d.dll
[2009-08-26 17:54:02 | 01,227,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dx8vb.dll
[2009-08-26 17:54:02 | 01,179,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d8.dll
[2009-08-26 17:54:02 | 00,824,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dim700.dll
[2009-08-26 17:54:02 | 00,619,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dx7vb.dll
[2009-08-26 17:54:02 | 00,375,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnet.dll
[2009-08-26 17:54:02 | 00,367,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsound.dll
[2009-08-26 17:54:02 | 00,279,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ddraw.dll
[2009-08-26 17:54:02 | 00,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dplayx.dll
[2009-08-26 17:54:02 | 00,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvoice.dll
[2009-08-26 17:54:02 | 00,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsdmo.dll
[2009-08-26 17:54:02 | 00,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvvox.dll
[2009-08-26 17:54:02 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvsetup.exe
[2009-08-26 17:54:02 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmscript.dll
[2009-08-26 17:54:02 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsdmoprp.dll
[2009-08-26 17:54:02 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmcompos.dll
[2009-08-26 17:54:02 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnhupnp.dll
[2009-08-26 17:54:02 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpwsockx.dll
[2009-08-26 17:54:02 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdllreg.exe
[2009-08-26 17:54:02 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnhpast.dll
[2009-08-26 17:54:02 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dplaysvr.exe
[2009-08-26 17:54:02 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmband.dll
[2009-08-26 17:54:02 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ddrawex.dll
[2009-08-26 17:54:02 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpmodemx.dll
[2009-08-26 17:54:02 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvacm.dll
[2009-08-26 17:54:02 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dswave.dll
[2009-08-26 17:54:02 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnsvr.exe
[2009-08-26 17:54:02 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d8thk.dll
[2009-08-26 17:54:02 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnlobby.dll
[2009-08-26 17:54:02 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnaddr.dll
[2009-08-26 17:53:39 | 00,115,998 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2009-08-26 17:53:04 | 00,017,177 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2009-08-26 17:53:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\nview
[2009-08-26 17:52:36 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2009-08-26 17:50:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009-08-26 17:45:38 | 00,000,000 | R--- | C] () -- C:\WINDOWS\System32\TFTP1656
[2009-08-26 17:44:34 | 00,013,646 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2009-08-26 17:44:16 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys
[2009-08-26 17:44:15 | 00,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wdmaud.sys
[2009-08-26 17:44:15 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dmusic.sys
[2009-08-26 17:44:14 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kmixer.sys
[2009-08-26 17:44:14 | 00,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\aec.sys
[2009-08-26 17:44:14 | 00,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swmidi.sys
[2009-08-26 17:44:13 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sysaudio.sys
[2009-08-26 17:44:13 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmkaud.sys
[2009-08-26 17:43:57 | 00,135,168 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2009-08-26 17:43:54 | 00,141,016 | R--- | C] () -- C:\WINDOWS\System32\ALSNDMGR.WAV
[2009-08-26 17:43:49 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2009-08-26 17:43:49 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2009-08-26 17:43:48 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdmaud.drv
[2009-08-26 17:43:45 | 00,191,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iuengine.dll
[2009-08-26 17:42:37 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\Cilevb.com
[2009-08-26 17:19:23 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\audstub.sys
[2009-08-26 17:19:15 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hidserv.dll
[2009-08-26 17:19:04 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\redbook.sys
[2009-08-26 17:18:52 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2009-08-26 17:18:27 | 00,002,675 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009-08-26 17:18:25 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2009-08-26 17:18:24 | 01,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2009-08-26 17:18:24 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2009-08-26 17:18:24 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2009-08-26 17:18:23 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2009-08-26 17:18:23 | 00,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2009-08-26 17:18:23 | 00,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2009-08-26 17:18:23 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2009-08-26 17:18:23 | 00,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2009-08-26 17:18:23 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2009-08-26 17:18:22 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2009-08-26 17:18:22 | 00,000,000 | R--D | C] -- C:\Program Files
[2009-08-26 17:18:22 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2009-08-26 17:18:22 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files
[2009-08-26 17:18:21 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2009-08-26 17:18:21 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2009-08-26 17:18:21 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2009-08-26 17:18:21 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2009-08-26 17:18:21 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2009-08-26 17:18:21 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2009-08-26 17:18:21 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2009-08-26 17:18:21 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2009-08-26 17:18:20 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2009-08-26 17:18:19 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2009-08-26 17:18:19 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2009-08-26 17:18:19 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2009-08-26 17:18:19 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2009-08-26 17:18:19 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2009-08-26 17:18:19 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2009-08-26 17:18:19 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2009-08-26 17:18:19 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2009-08-26 17:18:19 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2009-08-26 17:18:19 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2009-08-26 17:18:19 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2009-08-26 17:18:19 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2009-08-26 17:18:19 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2009-08-26 17:18:19 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2009-08-26 17:18:19 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2009-08-26 17:18:19 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2009-08-26 17:18:19 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2009-08-26 17:18:19 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2009-08-26 17:18:19 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2009-08-26 17:18:19 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2009-08-26 17:18:19 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2009-08-26 17:18:19 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2009-08-26 17:18:19 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2009-08-26 17:18:19 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2009-08-26 17:18:19 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2009-08-26 17:18:19 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2009-08-26 17:18:19 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2009-08-26 17:18:17 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2009-08-26 17:18:17 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2009-08-26 17:18:17 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2009-08-26 17:18:17 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2009-08-26 17:18:17 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2009-08-26 17:18:17 | 00,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2009-08-26 17:18:17 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2009-08-26 17:18:17 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2009-08-26 17:18:17 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2009-08-26 17:18:17 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2009-08-26 17:18:17 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2009-08-26 17:18:17 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2009-08-26 17:18:17 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2009-08-26 17:18:17 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2009-08-26 17:18:17 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2009-08-26 17:18:17 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2009-08-26 17:18:17 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2009-08-26 17:18:17 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2009-08-26 17:18:17 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2009-08-26 17:18:16 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2009-08-26 17:18:16 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2009-08-26 17:18:16 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2009-08-26 17:18:16 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2009-08-26 17:18:16 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2009-08-26 17:18:16 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2009-08-26 17:18:16 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2009-08-26 17:18:16 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2009-08-26 17:18:16 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2009-08-26 17:18:16 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2009-08-26 17:18:16 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2009-08-26 17:18:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2009-08-26 17:18:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2009-08-26 17:18:15 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2009-08-26 17:18:13 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2009-08-26 17:18:13 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2009-08-26 17:18:13 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2009-08-26 17:18:13 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2009-08-26 17:18:13 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2009-08-26 17:18:13 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2009-08-26 17:18:13 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2009-08-26 17:18:13 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2009-08-26 17:18:13 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2009-08-26 17:18:13 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2009-08-26 17:18:13 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2009-08-26 17:18:13 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2009-08-26 17:18:13 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2009-08-26 17:18:13 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2009-08-26 17:18:13 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2009-08-26 17:18:13 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2009-08-26 17:18:13 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2009-08-26 17:18:13 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2009-08-26 17:18:13 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2009-08-26 17:18:13 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2009-08-26 17:18:13 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2009-08-26 17:18:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2009-08-26 17:18:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2009-08-26 17:18:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2009-08-26 17:18:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2009-08-26 17:18:12 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wfwnet.drv
[2009-08-26 17:18:12 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2009-08-26 17:18:12 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2009-08-26 17:18:12 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2009-08-26 17:18:12 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irenum.sys
[2009-08-26 17:18:12 | 00,009,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ver.dll
[2009-08-26 17:18:12 | 00,009,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2009-08-26 17:18:12 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vga.drv
[2009-08-26 17:18:12 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2009-08-26 17:18:11 | 00,127,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvideo.dll
[2009-08-26 17:18:11 | 00,127,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2009-08-26 17:18:11 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olecli.dll
[2009-08-26 17:18:11 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2009-08-26 17:18:11 | 00,069,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\mmsystem.dll
[2009-08-26 17:18:11 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciwave.drv
[2009-08-26 17:18:11 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2009-08-26 17:18:11 | 00,025,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciseq.drv
[2009-08-26 17:18:11 | 00,025,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2009-08-26 17:18:11 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olesvr.dll
[2009-08-26 17:18:11 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2009-08-26 17:18:11 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapi.dll
[2009-08-26 17:18:11 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2009-08-26 17:18:11 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell.dll
[2009-08-26 17:18:11 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2009-08-26 17:18:11 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\timer.drv
[2009-08-26 17:18:11 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2009-08-26 17:18:11 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\system.drv
[2009-08-26 17:18:11 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2009-08-26 17:18:11 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouse.drv
[2009-08-26 17:18:11 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2009-08-26 17:18:11 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sound.drv
[2009-08-26 17:18:11 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2009-08-26 17:18:11 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmtask.tsk
[2009-08-26 17:18:11 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2009-08-26 17:18:10 | 00,109,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifile.dll
[2009-08-26 17:18:10 | 00,109,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2009-08-26 17:18:10 | 00,073,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciavi.drv
[2009-08-26 17:18:10 | 00,073,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2009-08-26 17:18:10 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe
[2009-08-26 17:18:10 | 00,070,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avicap.dll
[2009-08-26 17:18:10 | 00,070,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2009-08-26 17:18:10 | 00,033,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\commdlg.dll
[2009-08-26 17:18:10 | 00,033,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2009-08-26 17:18:10 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2009-08-26 17:18:10 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2009-08-26 17:18:10 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lzexpand.dll
[2009-08-26 17:18:10 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2009-08-26 17:18:10 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\keyboard.drv
[2009-08-26 17:18:10 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2009-08-26 17:18:09 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2009-08-26 17:18:09 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2009-08-26 17:18:09 | 00,001,734 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2009-08-26 17:18:08 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2009-08-26 17:17:36 | 00,808,524 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2009-08-26 17:17:36 | 00,657,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\CLASSES.CAT
[2009-08-26 17:17:36 | 00,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2009-08-26 17:17:36 | 00,390,168 | ---- | C] () -- C:\WINDOWS\System32\dllcache\WFC.CAT
[2009-08-26 17:17:36 | 00,056,081 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DAJAVAC.CAT
[2009-08-26 17:17:36 | 00,052,311 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DX3.CAT
[2009-08-26 17:17:36 | 00,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2009-08-26 17:17:36 | 00,022,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\TCLASSES.CAT
[2009-08-26 17:17:36 | 00,021,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\XMLDSOC.CAT
[2009-08-26 17:17:36 | 00,014,031 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSJDBC.CAT
[2009-08-26 17:17:36 | 00,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2009-08-26 17:17:36 | 00,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2009-08-26 17:17:36 | 00,007,407 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2009-08-26 17:17:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2009-08-26 17:17:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2009-08-26 17:17:23 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
[2009-08-26 17:17:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings
[2009-08-26 17:17:10 | 00,112,584 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-08-26 16:46:56 | 05,879,702 | -H-- | C] () -- C:\Documents and Settings\Jeti\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-08-26 16:44:34 | 00,003,632 | ---- | C] () -- C:\WINDOWS\System32\nvnrm.nvu
[2009-08-26 16:36:33 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2009-08-26 16:36:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jeti\Dane aplikacji\Identities
[2009-08-26 16:36:28 | 00,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2009-08-26 16:36:27 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Jeti\Moje dokumenty\Moje obrazy
[2009-08-26 16:36:27 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Jeti\Moje dokumenty\Moja muzyka
[2009-08-26 16:36:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jeti\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-08-26 16:36:20 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Jeti\Dane aplikacji\Microsoft
[2009-08-26 16:35:57 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2009-08-26 16:27:02 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2009-08-26 16:25:31 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009-08-26 16:25:26 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2009-08-26 16:25:26 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2009-08-26 16:25:25 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2009-08-26 16:25:25 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2009-08-26 16:25:25 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2009-08-26 16:25:25 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2009-08-26 16:25:25 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2009-08-26 16:25:25 | 00,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2009-08-26 16:25:24 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2009-08-26 16:25:24 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2009-08-26 16:25:24 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2009-08-26 16:25:23 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2009-08-26 16:25:23 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2009-08-26 16:25:23 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2009-08-26 16:25:23 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2009-08-26 16:25:22 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2009-08-26 16:25:22 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2009-08-26 16:25:22 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2009-08-26 16:25:22 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2009-08-26 16:25:22 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2009-08-26 16:25:22 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2009-08-26 16:25:21 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2009-08-26 16:25:21 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2009-08-26 16:25:20 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2009-08-26 16:25:20 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2009-08-26 16:25:20 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2009-08-26 16:25:19 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2009-08-26 16:25:19 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2009-08-26 16:25:19 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpapi.dll
[2009-08-26 16:25:19 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2009-08-26 16:25:19 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2009-08-26 16:25:18 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2009-08-26 16:25:18 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2009-08-26 16:25:18 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2009-08-26 16:25:18 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2009-08-26 16:25:18 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2009-08-26 16:25:18 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2009-08-26 16:25:18 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2009-08-26 16:25:18 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2009-08-26 16:25:18 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2009-08-26 16:25:18 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2009-08-26 16:25:18 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2009-08-26 16:25:18 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2009-08-26 16:25:17 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2009-08-26 16:25:17 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2009-08-26 16:25:16 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seo.dll
[2009-08-26 16:25:16 | 00,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2009-08-26 16:25:16 | 00,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2009-08-26 16:25:16 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2009-08-26 16:25:16 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2009-08-26 16:25:16 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_rwnh.dll
[2009-08-26 16:25:15 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2009-08-26 16:25:15 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2009-08-26 16:25:15 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2009-08-26 16:25:14 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2009-08-26 16:25:14 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2009-08-26 16:25:14 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2009-08-26 16:25:13 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2009-08-26 16:25:13 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2009-08-26 16:25:13 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2009-08-26 16:25:13 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2009-08-26 16:25:13 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2009-08-26 16:25:13 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2009-08-26 16:25:12 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2009-08-26 16:25:12 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2009-08-26 16:25:12 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2009-08-26 16:25:12 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2009-08-26 16:25:12 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2009-08-26 16:25:12 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2009-08-26 16:25:12 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2009-08-26 16:25:11 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2009-08-26 16:25:10 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2009-08-26 16:25:08 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2009-08-26 16:25:08 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2009-08-26 16:25:06 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2009-08-26 16:25:06 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2009-08-26 16:25:06 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2009-08-26 16:25:05 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2009-08-26 16:25:05 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2009-08-26 16:25:04 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2009-08-26 16:25:04 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2009-08-26 16:25:04 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2009-08-26 16:25:04 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2009-08-26 16:25:04 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2009-08-26 16:25:04 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2009-08-26 16:25:04 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2009-08-26 16:25:04 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2009-08-26 16:25:03 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2009-08-26 16:25:03 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2009-08-26 16:25:03 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2009-08-26 16:25:03 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2009-08-26 16:25:03 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2009-08-26 16:25:03 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2009-08-26 16:25:03 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2009-08-26 16:25:03 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2009-08-26 16:25:02 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2009-08-26 16:25:02 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2009-08-26 16:25:02 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2009-08-26 16:25:02 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2009-08-26 16:25:02 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2009-08-26 16:25:02 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2009-08-26 16:25:02 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2009-08-26 16:25:01 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2009-08-26 16:25:01 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2009-08-26 16:25:01 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2009-08-26 16:25:01 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2009-08-26 16:25:01 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2009-08-26 16:25:01 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2009-08-26 16:25:01 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2009-08-26 16:25:01 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2009-08-26 16:25:00 | 00,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2009-08-26 16:25:00 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2009-08-26 16:24:59 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2009-08-26 16:24:59 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2009-08-26 16:24:59 | 00,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2009-08-26 16:24:59 | 00,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2009-08-26 16:24:59 | 00,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2009-08-26 16:24:59 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2009-08-26 16:24:59 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2009-08-26 16:24:59 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2009-08-26 16:24:59 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2009-08-26 16:24:59 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2009-08-26 16:24:58 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2009-08-26 16:24:58 | 00,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2009-08-26 16:24:58 | 00,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2009-08-26 16:24:58 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2009-08-26 16:24:58 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2009-08-26 16:24:58 | 00,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2009-08-26 16:24:58 | 00,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2009-08-26 16:24:58 | 00,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2009-08-26 16:24:58 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2009-08-26 16:24:57 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2009-08-26 16:24:57 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2009-08-26 16:24:57 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2009-08-26 16:24:57 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2009-08-26 16:24:57 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2009-08-26 16:24:57 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2009-08-26 16:24:55 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2009-08-26 16:24:53 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2009-08-26 16:24:51 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2009-08-26 16:24:50 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2009-08-26 16:24:50 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2009-08-26 16:24:49 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2009-08-26 16:24:49 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2009-08-26 16:24:48 | 00,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2009-08-26 16:24:48 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2009-08-26 16:24:48 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2009-08-26 16:24:47 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2009-08-26 16:24:47 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2009-08-26 16:24:47 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2009-08-26 16:24:46 | 00,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2009-08-26 16:24:44 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2009-08-26 16:24:43 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2009-08-26 16:24:43 | 00,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2009-08-26 16:24:43 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2009-08-26 16:24:43 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2009-08-26 16:24:42 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2009-08-26 16:24:42 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2009-08-26 16:24:42 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2009-08-26 16:24:42 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2009-08-26 16:24:42 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2009-08-26 16:24:42 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2009-08-26 16:24:41 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2009-08-26 16:24:41 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2009-08-26 16:24:41 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2009-08-26 16:24:41 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2009-08-26 16:24:41 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2009-08-26 16:24:40 | 00,314,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqueue.dll
[2009-08-26 16:24:40 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2009-08-26 16:24:40 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2009-08-26 16:24:40 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2009-08-26 16:24:39 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2009-08-26 16:24:39 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2009-08-26 16:24:37 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpsnap.dll
[2009-08-26 16:24:36 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpadm.dll
[2009-08-26 16:24:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2009-08-26 16:24:30 | 00,000,000 | ---D | C] -- C:\Program Files\xerox
[2009-08-26 16:24:30 | 00,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2009-08-26 16:24:23 | 00,002,596 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2009-08-26 16:24:23 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2009-08-26 16:24:23 | 00,000,000 | RHS- | C] () -- C:\IO.SYS
[2009-08-26 16:24:23 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2009-08-26 16:24:23 | 00,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2009-08-26 16:24:22 | 00,025,065 | ---- | C] () -- C:\WINDOWS\System32\wmpscheme.xml
[2009-08-26 16:24:21 | 00,299,552 | ---- | C] () -- C:\WINDOWS\WMSysPrx.prx
[2009-08-26 16:24:21 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2009-08-26 16:24:21 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2009-08-26 16:24:19 | 00,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT
[2009-08-26 16:24:16 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2009-08-26 16:23:48 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009-08-26 16:23:48 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009-08-26 16:23:48 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2009-08-26 16:23:48 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2009-08-26 16:23:45 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2009-08-26 16:23:45 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009-08-26 16:23:45 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009-08-26 16:23:45 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009-08-26 16:23:45 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009-08-26 16:23:45 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009-08-26 16:23:38 | 04,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2009-08-26 16:23:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2009-08-26 16:23:10 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2009-08-26 16:23:10 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2009-08-26 16:23:10 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2009-08-26 16:23:10 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2009-08-26 16:23:10 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2009-08-26 16:23:10 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2009-08-26 16:23:10 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2009-08-26 16:23:09 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2009-08-26 16:23:09 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2009-08-26 16:23:09 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2009-08-26 16:23:08 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2009-08-26 16:23:08 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2009-08-26 16:23:03 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2009-08-26 16:23:03 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2009-08-26 16:23:02 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg723.acm
[2009-08-26 16:23:02 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmsrvc.exe
[2009-08-26 16:23:02 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2009-08-26 16:23:02 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2009-08-26 16:23:02 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2009-08-26 16:23:01 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2009-08-26 16:23:01 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2009-08-26 16:23:01 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2009-08-26 16:23:01 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2009-08-26 16:23:01 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2009-08-26 16:23:00 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2009-08-26 16:22:57 | 00,278,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2009-08-26 16:22:57 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2009-08-26 16:22:57 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2009-08-26 16:22:57 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2009-08-26 16:22:57 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2009-08-26 16:22:57 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2009-08-26 16:22:57 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2009-08-26 16:22:56 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2009-08-26 16:22:56 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2009-08-26 16:22:56 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2009-08-26 16:22:55 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2009-08-26 16:22:55 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2009-08-26 16:22:55 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2009-08-26 16:22:55 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2009-08-26 16:22:55 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2009-08-26 16:22:53 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2009-08-26 16:22:52 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2009-08-26 16:22:51 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2009-08-26 16:22:51 | 00,520,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpvis.dll
[2009-08-26 16:22:51 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2009-08-26 16:22:51 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2009-08-26 16:22:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2009-08-26 16:22:50 | 00,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll
[2009-08-26 16:22:50 | 00,327,743 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmres.dll
[2009-08-26 16:22:50 | 00,163,897 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmutil.dll
[2009-08-26 16:22:50 | 00,110,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmfilt.dll
[2009-08-26 16:22:50 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2009-08-26 16:22:50 | 00,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2009-08-26 16:22:47 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2009-08-26 16:22:47 | 00,240,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2009-08-26 16:22:47 | 00,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll
[2009-08-26 16:22:47 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys
[2009-08-26 16:22:47 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll
[2009-08-26 16:22:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2009-08-26 16:22:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\PCHealth
[2009-08-26 16:22:46 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msh261.drv
[2009-08-26 16:22:46 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2009-08-26 16:22:46 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2009-08-26 16:22:46 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2009-08-26 16:22:46 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2009-08-26 16:22:46 | 00,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2009-08-26 16:22:44 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcomm.dll
[2009-08-26 16:22:44 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2009-08-26 16:22:44 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2009-08-26 16:22:44 | 00,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2009-08-26 16:22:43 | 00,278,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstask.dll
[2009-08-26 16:22:43 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schedsvc.dll
[2009-08-26 16:22:43 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2009-08-26 16:22:43 | 00,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2009-08-26 16:22:39 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2009-08-26 16:22:38 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy
[2009-08-26 16:22:38 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka
[2009-08-26 16:22:38 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2009-08-26 16:22:36 | 00,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009-08-26 16:22:36 | 00,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2009-08-26 16:22:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2009-08-26 16:22:22 | 00,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2009-08-26 16:22:22 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2009-08-26 16:22:22 | 00,000,000 | ---D | C] -- C:\Program Files\Usługi online
[2009-08-26 16:22:20 | 00,000,000 | ---D | C] -- C:\Program Files\Messenger
[2009-08-26 16:22:19 | 00,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2009-08-26 16:22:18 | 02,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2009-08-26 16:22:18 | 01,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2009-08-26 16:22:18 | 01,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2009-08-26 16:22:18 | 00,781,397 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2009-08-26 16:22:18 | 00,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2009-08-26 16:22:18 | 00,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2009-08-26 16:22:18 | 00,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2009-08-26 16:22:18 | 00,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2009-08-26 16:22:18 | 00,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2009-08-26 16:22:18 | 00,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2009-08-26 16:22:18 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2009-08-26 16:22:18 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2009-08-26 16:22:18 | 00,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2009-08-26 16:22:17 | 01,041,491 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2009-08-26 16:22:17 | 00,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2009-08-26 16:22:17 | 00,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2009-08-26 16:22:17 | 00,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2009-08-26 16:22:17 | 00,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2009-08-26 16:22:17 | 00,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2009-08-26 16:22:17 | 00,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2009-08-26 16:22:17 | 00,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2009-08-26 16:22:17 | 00,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2009-08-26 16:22:17 | 00,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2009-08-26 16:22:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2009-08-26 16:22:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2009-08-26 16:22:16 | 00,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2009-08-26 16:22:09 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2009-08-26 16:22:09 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2009-08-26 16:22:09 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2009-08-26 16:22:09 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2009-08-26 16:22:08 | 00,231,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2009-08-26 16:22:08 | 00,231,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2009-08-26 16:22:08 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2009-08-26 16:22:08 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2009-08-26 16:22:08 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2009-08-26 16:22:08 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2009-08-26 16:22:08 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2009-08-26 16:22:07 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2009-08-26 16:22:07 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2009-08-26 16:22:03 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Bąbelki.bmp
[2009-08-26 16:22:03 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Pod mikroskopem.bmp
[2009-08-26 16:22:03 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Stiuk z Santa Fe.bmp
[2009-08-26 16:22:03 | 00,026,680 | ---- | C] () -- C:\WINDOWS\Wachlarze.bmp
[2009-08-26 16:22:03 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Nefryt.bmp
[2009-08-26 16:22:03 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp
[2009-08-26 16:22:03 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Na rybkach.bmp
[2009-08-26 16:22:03 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Kawa.bmp
[2009-08-26 16:22:03 | 00,016,730 | ---- | C] () -- C:\WINDOWS\Puch.bmp
[2009-08-26 16:22:03 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Indiański pled.bmp
[2009-08-26 16:22:03 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Niebieska koronka 16.bmp
[2009-08-26 16:22:02 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2009-08-26 16:22:02 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2009-08-26 16:22:02 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2009-08-26 16:22:02 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2009-08-26 16:22:02 | 00,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2009-08-26 16:22:02 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2009-08-26 16:22:02 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2009-08-26 16:22:02 | 00,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2009-08-26 16:22:02 | 00,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2009-08-26 16:22:02 | 00,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2009-08-26 16:22:02 | 00,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2009-08-26 16:22:02 | 00,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2009-08-26 16:22:02 | 00,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2009-08-26 16:22:02 | 00,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2009-08-26 16:22:01 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2009-08-26 16:22:01 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2009-08-26 16:22:01 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2009-08-26 16:22:01 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2009-08-26 16:22:01 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2009-08-26 16:22:01 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2009-08-26 16:22:01 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2009-08-26 16:22:01 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2009-08-26 16:22:01 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys
[2009-08-26 16:22:01 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys
[2009-08-26 16:22:00 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2009-08-26 16:22:00 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2009-08-26 16:22:00 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2009-08-26 16:22:00 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2009-08-26 16:22:00 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2009-08-26 16:22:00 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2009-08-26 16:22:00 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2009-08-26 16:22:00 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2009-08-26 16:22:00 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2009-08-26 16:22:00 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2009-08-26 16:22:00 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2009-08-26 16:22:00 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2009-08-26 16:22:00 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2009-08-26 16:22:00 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2009-08-26 16:22:00 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2009-08-26 16:22:00 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2009-08-26 16:22:00 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2009-08-26 16:22:00 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2009-08-26 16:22:00 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2009-08-26 16:22:00 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2009-08-26 16:22:00 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2009-08-26 16:22:00 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2009-08-26 16:22:00 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2009-08-26 16:22:00 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2009-08-26 16:22:00 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2009-08-26 16:22:00 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2009-08-26 16:22:00 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2009-08-26 16:22:00 | 00,001,225 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2009-08-26 16:21:59 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2009-08-26 16:21:59 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2009-08-26 16:21:59 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2009-08-26 16:21:59 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2009-08-26 16:21:59 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2009-08-26 16:21:59 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2009-08-26 16:21:59 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2009-08-26 16:21:59 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2009-08-26 16:21:59 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2009-08-26 16:21:59 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe
[2009-08-26 16:21:59 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2009-08-26 16:21:58 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2009-08-26 16:21:58 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2009-08-26 16:21:58 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2009-08-26 16:21:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2009-08-26 16:21:58 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2009-08-26 16:21:57 | 00,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2009-08-26 16:21:57 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatq.dll
[2009-08-26 16:21:57 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2009-08-26 16:21:57 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2009-08-26 16:21:57 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2009-08-26 16:21:57 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2009-08-26 16:21:57 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2009-08-26 16:21:57 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2009-08-26 16:21:57 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2009-08-26 16:21:57 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2009-08-26 16:21:57 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2009-08-26 16:21:54 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2009-08-26 16:21:54 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2009-08-26 16:21:54 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2009-08-26 16:21:53 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2009-08-26 16:21:53 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2009-08-26 16:21:53 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2009-08-26 16:21:53 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2009-08-26 16:21:53 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2009-08-26 16:21:53 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2009-08-26 16:21:53 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2009-08-26 16:21:53 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2009-08-26 16:21:53 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2009-08-26 16:21:52 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2009-08-26 16:21:52 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2009-08-26 16:21:52 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2009-08-26 16:21:52 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2009-08-26 16:21:52 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2009-08-26 16:21:52 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2009-08-26 16:21:51 | 00,187,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2009-08-26 16:21:51 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2009-08-26 16:21:48 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2009-08-26 16:21:48 | 00,345,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2009-08-26 16:21:48 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2009-08-26 16:21:48 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2009-08-26 16:21:48 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt.exe
[2009-08-26 16:21:48 | 00,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2009-08-26 16:21:48 | 00,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2009-08-26 16:21:48 | 00,000,000 | ---D | C] -- C:\Program Files\MSN
[2009-08-26 16:21:47 | 02,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstscax.dll
[2009-08-26 16:21:47 | 01,135,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll
[2009-08-26 16:21:47 | 00,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2009-08-26 16:21:47 | 00,598,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2009-08-26 16:21:47 | 00,390,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2009-08-26 16:21:47 | 00,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys
[2009-08-26 16:21:47 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2009-08-26 16:21:47 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotepg.dll
[2009-08-26 16:21:47 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2009-08-26 16:21:47 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauserv.dll
[2009-08-26 16:21:46 | 00,427,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2009-08-26 16:21:46 | 00,296,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll
[2009-08-26 16:21:46 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2009-08-26 16:21:46 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe
[2009-08-26 16:21:46 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2009-08-26 16:21:46 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2009-08-26 16:21:46 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2009-08-26 16:21:46 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2009-08-26 16:21:46 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2009-08-26 16:21:46 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2009-08-26 16:21:46 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2009-08-26 16:21:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2009-08-26 16:21:45 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2009-08-26 16:21:45 | 00,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2009-08-26 16:21:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2009-08-26 16:21:42 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2009-08-26 16:21:38 | 00,196,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpdr.sys
[2009-08-26 16:21:38 | 00,040,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\termdd.sys
[2007-04-20 00:05:00 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007-04-20 00:05:00 | 01,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007-04-20 00:05:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007-04-20 00:05:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007-04-20 00:05:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2002-09-23 14:00:00 | 00,000,487 | ---- | C] () -- C:\WINDOWS\win.ini
[2002-09-23 14:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009-09-08 06:56:02 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeti\Pulpit\OTL.exe
[2009-09-08 06:38:35 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-09-08 06:38:34 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-09-07 19:55:14 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009-09-07 15:35:29 | 05,879,702 | -H-- | M] () -- C:\Documents and Settings\Jeti\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-09-07 11:05:24 | 00,002,240 | ---- | M] () -- C:\Documents and Settings\Jeti\Moje dokumenty\Task1.tsk
[2009-09-07 08:11:24 | 00,000,487 | ---- | M] () -- C:\WINDOWS\win.ini
[2009-09-07 08:11:24 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009-09-07 08:11:24 | 00,000,211 | RHS- | M] () -- C:\boot.ini
[2009-09-06 22:27:15 | 00,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2009-09-06 22:27:15 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE
[2009-09-05 11:47:14 | 00,004,608 | ---- | M] () -- C:\Documents and Settings\Jeti\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-09-03 21:40:01 | 00,000,432 | ---- | M] () -- C:\Documents and Settings\Jeti\Pulpit\Dragon Ball Kai Online.lnk
[2009-09-02 14:51:11 | 00,017,280 | ---- | M] () -- C:\Documents and Settings\Jeti\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-09-02 13:01:19 | 00,038,912 | ---- | M] () -- C:\Documents and Settings\Jeti\Moje dokumenty\zestaw_podrecznikow_klasy_III.doc
[2009-09-01 11:46:29 | 00,011,422 | ---- | M] () -- C:\Documents and Settings\Jeti\Moje dokumenty\plan lekcji.ods
[2009-08-31 17:48:35 | 00,112,584 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-08-31 15:18:02 | 00,139,152 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-08-31 15:18:02 | 00,139,152 | ---- | M] () -- C:\Documents and Settings\Jeti\Dane aplikacji\PnkBstrK.sys
[2009-08-31 15:17:52 | 00,111,928 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009-08-31 15:17:42 | 00,794,408 | ---- | M] () -- C:\WINDOWS\System32\pbsvc.exe
[2009-08-31 15:17:42 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009-08-31 10:38:29 | 05,119,474 | ---- | M] () -- C:\Documents and Settings\Jeti\Moje dokumenty\wsip.rtf
[2009-08-30 12:42:22 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009-08-29 16:41:27 | 00,000,584 | ---- | M] () -- C:\Documents and Settings\Jeti\Pulpit\SSIII Solo Ultratus.lnk
[2009-08-27 13:05:44 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-08-27 12:40:26 | 00,763,990 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009-08-27 12:40:26 | 00,355,486 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2009-08-27 12:40:26 | 00,311,604 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009-08-27 12:40:26 | 00,049,492 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2009-08-27 12:40:26 | 00,039,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009-08-27 12:36:37 | 00,002,675 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009-08-27 12:29:14 | 00,251,152 | RHS- | M] () -- C:\ntldr
[2009-08-27 12:29:14 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009-08-26 18:13:39 | 00,000,000 | R--- | M] () -- C:\WINDOWS\System32\TFTP3676
[2009-08-26 18:04:06 | 00,002,920 | ---- | M] () -- C:\WINDOWS\System32\x.exe
[2009-08-26 18:03:58 | 00,001,230 | ---- | M] () -- C:\WINDOWS\mozver.dat
[2009-08-26 18:00:09 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009-08-26 17:45:38 | 00,000,000 | R--- | M] () -- C:\WINDOWS\System32\TFTP1656
[2009-08-26 17:44:33 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2009-08-26 17:42:37 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\Cilevb.com
[2009-08-26 16:36:31 | 00,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2009-08-26 16:27:02 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2009-08-26 16:25:31 | 00,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009-08-26 16:24:23 | 00,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009-08-26 16:24:23 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009-08-26 16:24:23 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2009-08-26 16:24:23 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2009-08-26 16:24:23 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009-08-26 16:24:23 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009-08-26 16:24:21 | 00,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2009-08-26 16:24:21 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009-08-26 16:24:21 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009-08-26 16:24:16 | 00,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2009-08-26 16:23:48 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009-08-26 16:23:48 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009-08-26 16:23:45 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2009-08-26 16:23:45 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009-08-26 16:23:45 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009-08-26 16:23:45 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009-08-26 16:23:45 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009-08-26 16:23:45 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009-08-26 16:22:36 | 00,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009-08-26 16:22:36 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2009-08-26 16:22:36 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini

========== LOP Check ==========

[2009-08-31 10:50:53 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji
[2009-08-31 10:50:53 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ
[2009-08-26 17:18:05 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji
[2009-09-02 18:58:20 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Jeti\Dane aplikacji
[2009-09-05 12:34:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeti\Dane aplikacji\BESTplayer
[2009-09-06 18:14:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeti\Dane aplikacji\DBKO
[2009-08-29 16:19:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeti\Dane aplikacji\fizzy
[2009-08-28 15:32:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeti\Dane aplikacji\Nowe Gadu-Gadu
[2009-09-01 10:03:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeti\Dane aplikacji\OpenOffice.ux.pl
[2009-08-26 16:35:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji
[2009-08-26 16:35:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji
[2002-09-23 14:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009-09-08 06:38:35 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========


< End of report >

[MarekM25]

Wygląda na czysty. Jakiś powód sprawdzania czy tylko kontrolne sprawdzenie loga??

[Gość]

Ja tu widzę Backdoora.

Najlepiej by było żebyś wklejił log z ComboFixa.

.

[Jackaal]

Problem z pingiem. -> Temat

Zaraz dodam loga z ComboFixa.

Combofix

Log do sprawdzenia

ComboFix 09-09-08.01 - Jeti 2009-09-08 19:07.1.2 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.3.1250.48.1045.18.2047.1659 [GMT 2:00]

Uruchomiony z: c:\documents and settings\Jeti\Pulpit\ComboFix.exe

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\logfile32.txt

c:\windows\system32\config\systemprofile\oashdihasidhasuidhiasdhiashdiuasdhasd

c:\windows\system32\ieuinit.inf

c:\windows\system32\x.exe

.

((((((((((((((((((((((((( Pliki utworzone od 2009-08-08 do 2009-09-08 )))))))))))))))))))))))))))))))

.

2009-09-06 20:27 . 2009-09-06 20:27 73216 ----a-w- c:\windows\ST6UNST.EXE

2009-09-06 20:27 . 2009-09-06 20:27 249856 ------w- c:\windows\Setup1.exe

2009-09-06 20:20 . 2003-01-26 12:41 40960 ----a-w- c:\windows\system32\SSubTmr6.dll

2009-09-06 20:20 . 1999-08-02 15:11 57344 ----a-w- c:\windows\system32\CGZipLibrary.DLL

2009-09-02 16:58 . 2009-09-06 16:14 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\DBKO

2009-09-01 08:03 . 2009-09-01 08:03 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\OpenOffice.ux.pl

2009-08-31 13:18 . 2009-08-31 13:18 139152 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys

2009-08-31 13:17 . 2009-08-31 13:17 111928 ----a-w- c:\windows\system32\PnkBstrB.exe

2009-08-31 13:17 . 2009-08-31 13:17 794408 ----a-w- c:\windows\system32\pbsvc.exe

2009-08-31 13:17 . 2009-08-31 13:17 75064 ----a-w- c:\windows\system32\PnkBstrA.exe

2009-08-31 13:17 . 2009-08-31 13:17 -------- d-----w- c:\windows\system32\LogFiles

2009-08-31 08:50 . 2005-11-30 03:00 8704 ----a-w- c:\windows\system32\CNMVS53.DLL

2009-08-31 08:50 . 2005-11-30 03:00 140288 ----a-w- c:\windows\system32\CNMLM53.DLL

2009-08-31 08:50 . 2009-08-31 08:50 -------- d--h--w- c:\documents and settings\All Users\Dane aplikacji\CanonBJ

2009-08-31 08:50 . 2005-03-08 16:17 90112 ----a-w- c:\windows\system32\CNMCP53.exe

2009-08-31 08:34 . 2008-04-13 22:17 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys

2009-08-31 08:34 . 2008-04-13 22:17 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys

2009-08-30 15:11 . 2001-10-26 15:29 5632 ----a-w- c:\windows\system32\ptpusb.dll

2009-08-30 15:11 . 2008-04-14 20:50 159232 ----a-w- c:\windows\system32\ptpusd.dll

2009-08-30 15:11 . 2008-04-13 22:15 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys

2009-08-30 15:11 . 2008-04-13 22:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys

2009-08-30 10:40 . 2009-08-30 12:57 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\Winamp

2009-08-29 22:46 . 2008-09-16 19:23 168448 ----a-w- c:\windows\system32\unrar.dll

2009-08-29 22:46 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll

2009-08-29 22:46 . 2008-12-11 00:33 86016 ----a-w- c:\windows\system32\dpl100.dll

2009-08-29 22:46 . 2008-11-06 16:37 3596288 ----a-w- c:\windows\system32\qt-dx331.dll

2009-08-29 22:46 . 2008-11-06 16:33 684032 ----a-w- c:\windows\system32\divx.dll

2009-08-29 22:46 . 2004-01-11 22:00 348160 ----a-w- c:\windows\system32\msvcr71.dll

2009-08-29 14:19 . 2009-08-29 14:19 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\fizzy

2009-08-29 14:19 . 2009-08-29 14:19 -------- d-sh--w- c:\windows\ftpcache

2009-08-28 13:32 . 2009-08-28 13:32 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\Nowe Gadu-Gadu

2009-08-28 12:29 . 2009-02-11 10:33 787672 ----a-w- c:\windows\system32\drivers\cfosspeed.sys

2009-08-28 12:29 . 2009-02-11 10:33 290008 ----a-w- c:\windows\system32\cfosspeed.dll

2009-08-28 11:48 . 2009-09-05 10:34 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\BESTplayer

2009-08-27 16:48 . 2008-04-13 22:15 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys

2009-08-27 10:38 . 2009-08-27 10:38 -------- d-----w- c:\documents and settings\LocalService\Menu Start

2009-08-27 10:38 . 2009-08-27 10:38 -------- d-----w- c:\windows\system32\wbem\AutoRecover

2009-08-27 10:30 . 2009-08-27 10:30 -------- d-----w- c:\windows\ServicePackFiles

2009-08-27 10:28 . 2007-08-10 18:53 26488 ----a-w- c:\windows\system32\spupdsvc.exe

2009-08-27 10:28 . 2009-08-27 10:28 -------- d-----w- c:\windows\EHome

2009-08-26 18:05 . 2009-08-26 18:05 -------- d-----w- c:\documents and settings\Jeti\Ustawienia lokalne\Dane aplikacji\Ahead

2009-08-26 18:01 . 2000-06-26 09:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll

2009-08-26 18:01 . 2004-07-26 15:16 476320 ------w- c:\windows\system32\ImagXpr7.dll

2009-08-26 18:01 . 2004-07-26 15:16 471040 ------w- c:\windows\system32\ImagXRA7.dll

2009-08-26 18:01 . 2004-07-26 15:16 262144 ------w- c:\windows\system32\ImagXR7.dll

2009-08-26 18:01 . 2004-07-26 15:16 1568768 ------w- c:\windows\system32\ImagX7.dll

2009-08-26 18:01 . 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

2009-08-26 18:01 . 2009-08-26 18:01 -------- d-----w- c:\program files\Common Files\Ahead

2009-08-26 17:03 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys

2009-08-26 17:03 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys

2009-08-26 17:03 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys

2009-08-26 17:03 . 2009-08-26 17:03 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Avira

.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-09-02 12:51 . 2009-08-26 15:56 17280 ----a-w- c:\documents and settings\Jeti\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT

2009-08-31 13:18 . 2009-08-31 13:18 139152 ----a-w- c:\documents and settings\Jeti\Dane aplikacji\PnkBstrK.sys

2009-08-27 10:40 . 2002-09-23 12:00 49492 ----a-w- c:\windows\system32\perfc015.dat

2009-08-27 10:40 . 2002-09-23 12:00 355486 ----a-w- c:\windows\system32\perfh015.dat

2009-08-26 18:02 . 2009-08-26 18:02 -------- d-----w- c:\program files\Common Files\Nero

2009-08-26 18:02 . 2009-08-26 18:02 -------- d-----w- c:\program files\Common Files\LightScribe

2009-08-26 16:03 . 2009-08-26 16:03 1230 ----a-w- c:\windows\mozver.dat

2009-08-26 16:00 . 2009-08-26 16:00 0 ----a-w- c:\windows\nsreg.dat

2009-08-26 15:52 . 2009-08-26 15:52 -------- d-----w- c:\program files\Common Files\InstallShield

2009-08-26 15:42 . 2009-08-26 15:42 0 ----a-w- c:\windows\system32\Cilevb.com

2009-08-26 14:24 . 2009-08-26 14:24 -------- d-----w- c:\program files\microsoft frontpage

2009-08-26 14:22 . 2009-08-26 14:22 21856 ----a-w- c:\windows\system32\emptyregdb.dat

2009-08-26 14:22 . 2009-08-26 14:22 -------- d-----w- c:\program files\Usługi online

.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-19 8429568]

"cFosSpeed"="e:\programy\cFosSpeed\cFosSpeed.exe" [2009-02-11 876760]

"avgnt"="e:\programy\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mset

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Regedit32

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Explorer

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Update

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"wuauserv"=2 (0x2)

"Messenger"=2 (0x2)

"PnkBstrA"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"e:\\Programy\\BitComet\\BitComet.exe"=

"c:\\WINDOWS\\system32\\PnkBstrA.exe"=

"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"16819:TCP"= 16819:TCP:BitComet 16819 TCP

"16819:UDP"= 16819:UDP:BitComet 16819 UDP

R0 avgntmgr;avgntmgr;c:\windows\system32\drivers\avgntmgr.sys [2009-08-26 22360]

R1 avgntdd;avgntdd;c:\windows\system32\drivers\avgntdd.sys [2009-08-26 45416]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;e:\programy\Avira\AntiVir Desktop\sched.exe [2009-08-26 108289]

S2 hfsno;Center System;c:\windows\system32\svchost.exe -k netsvcs [2002-09-23 14336]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

hfsno

.

.

------- Skan uzupełniający -------

.

uStart Page = hxxp://www.google.pl/

TCP: {74FD82B1-0139-4B27-B64C-DAC93F24608B} = 208.67.222.222,208.67.220.220

DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab

DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab

FF - ProfilePath - c:\documents and settings\Jeti\Dane aplikacji\Mozilla\Firefox\Profiles\ptp4aqat.default\

FF - prefs.js: browser.search.selectedEngine - Wikipedia (pl)

FF - prefs.js: browser.startup.homepage - www.google.pl

FF - component: c:\documents and settings\Jeti\Dane aplikacji\Mozilla\Firefox\Profiles\ptp4aqat.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll

FF - component: e:\programy\Firefox\components\xpinstal.dll

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-09-08 19:09

Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone

ukryte pliki: 0

**************************************************************************

.

Czas ukończenia: 2009-09-08 19:09

ComboFix-quarantined-files.txt 2009-09-08 17:09

Przed: 9 739 689 984 bajtów wolnych

Po: 10 262 822 912 bajtów wolnych

WindowsXP-KB310994-SP2-Home-BootDisk-PLK.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

158

Edytowane 8 września 2009 przez Jackaal

[Gość]

1. Użyj (w Trybie Awaryjnym)-->SDFix.

Pokaż Report.txt znajdujący się w folderze SDFix.

2. Wklej do Notatnika:

File::c:\windows\system32\Cilevb.comRegistry::[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mset][-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Regedit32][-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Explorer][-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Update]

>>Plik>>Zapisz jako... >>> CFScript

Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe

-->

Ma się rozpocząć usuwanie. (i powstanie log).Daj ten log, który powstanie w trakcie usuwania.

Jeśli pójdzie dobrze, to: Po restarcie usuń ręcznie folder C:\Qoobox.

.

[Jackaal]

SDFix

Log do sprawdzenia

SDFix: Version 1.240

Run by Administrator on 2009-09-08 at 20:40

Microsoft Windows XP [Wersja 5.1.2600]

Running From: C:\SDFix

Checking Services :

Restoring Default Security Values

Restoring Default Hosts File

Rebooting

Checking Files :

Trojan Files Found:

C:\WINDOWS\system32\TFTP1656 - Deleted

C:\WINDOWS\system32\TFTP3676 - Deleted

Removing Temp Files

ADS Check :

Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-09-08 20:42:52

Windows 5.1.2600 Dodatek Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\hfsno]

"DisplayName"="Center System"

"Type"=dword:00000020

"Start"=dword:00000002

"ErrorControl"=dword:00000000

"ImagePath"=str(2):"%SystemRoot%\system32\svchost.exe -k netsvcs"

"ObjectName"="LocalSystem"

"Description"="Pobiera numer seryjny ka|dego przeno[nego odtwarzacza muzycznego podBczonego do tego komputera"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\hfsno\Parameters]

"ServiceDll"=str(2):"C:\WINDOWS\System32\mbjmc.dll"

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden services: 0

hidden files: 0

Remaining Services :

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"E:\\Programy\\BitComet\\BitComet.exe"="E:\\Programy\\BitComet\\BitComet.exe:*:Enabled:BitComet.exe"

"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"

"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

Remaining Files :

File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes :

Mon 23 Sep 2002 163,185 A.SHR --- "C:\Documents and Settings\All Users\Dane aplikacji\Avira\AntiVir Desktop\TEMP\AVSCAN-20090826-191229-D99F5DBA\ARK6.tmp"

Finished!

Zaraz jeszcze combofixem zadziałam.

Ewidentnie widać poprawę, ale nie jest to stan taki jaki powinien być. Może sieć zapchana... Jutro jeszcze będę testował i dam znać. W każdym razie wielkie dzięki.

[Gość]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\hfsno\Parameters]"ServiceDll"=str(2):"C:\WINDOWS\System32\mbjmc.dll"

Coś czuję, że tutaj się czaje jakiś Rootkit.

C:\WINDOWS\System32\mbjmc.dll

Sprawdź go na ---> VIRUSSCAN.

Albo na --> VIRUSTOTAL.

.

[Jackaal]

Nie mam takiego pliku <_<

Eh... Pinguję wp.pl i wychodzi 21-74ms. Ciągle wysoko

Okej, jest dobrze. Polecam ten poradnik: http://forum.wolfet.pl/viewtopic.php?f=35&t=4996

[Gość]

Jest. Skopiuj nazwę i wklej w wyszukiwarkę.

.

[Jackaal]

"Wyszukiwanie zakończone. Nie ma żadnych plików do wyświetlenia."

[Gość]

Pokaż log z ComboFixa.

.

[Jackaal]

Dzisiaj włączając komputer Avira pokazała, że są pliki zakażone: mbjmc.dll, o którym pisałeś i jakiś bodajże x.exe? Usunąłem. Combofixa dam później.

[Gość]

Czyli jest Rootkit, i chyba twój winowacja.

Czekam na log z ComboFixa.

.

[Jackaal]

Log do sprawdzenia

ComboFix 09-09-11.01 - Jeti 2009-09-12 11:10.3.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.48.1045.18.2047.1566 [GMT 2:00]
Uruchomiony z: c:\documents and settings\Jeti\Pulpit\ComboFix.exe
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\System32\mbjmc.dll

.
((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_HFSNO
-------\Service_hfsno
-------\Legacy_pauqawqwj
-------\Service_pauqawqwj


((((((((((((((((((((((((( Pliki utworzone od 2009-08-12 do 2009-09-12 )))))))))))))))))))))))))))))))
.

2009-09-11 12:07 . 2009-09-11 12:07 -------- d-----w- c:\documents and settings\Jeti\Ustawienia lokalne\Dane aplikacji\cache
2009-09-10 09:58 . 2009-09-10 09:58 -------- d-----w- c:\documents and settings\Jeti\Ustawienia lokalne\Dane aplikacji\PunkBuster
2009-09-08 18:40 . 2009-09-08 18:40 580096 -c--a-w- c:\windows\system32\dllcache\user32.dll
2009-09-08 18:39 . 2009-09-08 18:39 -------- d-----w- c:\windows\ERUNT
2009-09-08 18:36 . 2009-09-08 18:43 -------- d-----w- C:\SDFix
2009-09-06 20:27 . 2009-09-06 20:27 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-09-06 20:27 . 2009-09-06 20:27 249856 ------w- c:\windows\Setup1.exe
2009-09-06 20:20 . 2003-01-26 12:41 40960 ----a-w- c:\windows\system32\SSubTmr6.dll
2009-09-06 20:20 . 1999-08-02 15:11 57344 ----a-w- c:\windows\system32\CGZipLibrary.DLL
2009-09-02 16:58 . 2009-09-06 16:14 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\DBKO
2009-09-01 08:03 . 2009-09-01 08:03 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\OpenOffice.ux.pl
2009-08-31 13:18 . 2009-08-31 13:18 139152 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-08-31 13:17 . 2009-08-31 13:17 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-08-31 13:17 . 2009-09-10 09:58 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-08-31 13:17 . 2009-08-31 13:17 794408 ----a-w- c:\windows\system32\pbsvc.exe
2009-08-31 13:17 . 2009-08-31 13:17 -------- d-----w- c:\windows\system32\LogFiles
2009-08-31 08:50 . 2005-11-30 03:00 8704 ----a-w- c:\windows\system32\CNMVS53.DLL
2009-08-31 08:50 . 2005-11-30 03:00 140288 ----a-w- c:\windows\system32\CNMLM53.DLL
2009-08-31 08:50 . 2009-08-31 08:50 -------- d--h--w- c:\documents and settings\All Users\Dane aplikacji\CanonBJ
2009-08-31 08:50 . 2005-03-08 16:17 90112 ----a-w- c:\windows\system32\CNMCP53.exe
2009-08-31 08:34 . 2008-04-13 22:17 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-08-31 08:34 . 2008-04-13 22:17 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-08-30 15:11 . 2001-10-26 15:29 5632 ----a-w- c:\windows\system32\ptpusb.dll
2009-08-30 15:11 . 2008-04-14 20:50 159232 ----a-w- c:\windows\system32\ptpusd.dll
2009-08-30 15:11 . 2008-04-13 22:15 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-08-30 15:11 . 2008-04-13 22:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-08-30 10:40 . 2009-08-30 12:57 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\Winamp
2009-08-29 22:46 . 2008-09-16 19:23 168448 ----a-w- c:\windows\system32\unrar.dll
2009-08-29 22:46 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2009-08-29 22:46 . 2008-12-11 00:33 86016 ----a-w- c:\windows\system32\dpl100.dll
2009-08-29 22:46 . 2008-11-06 16:37 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2009-08-29 22:46 . 2008-11-06 16:33 684032 ----a-w- c:\windows\system32\divx.dll
2009-08-29 22:46 . 2004-01-11 22:00 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-08-29 14:19 . 2009-08-29 14:19 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\fizzy
2009-08-29 14:19 . 2009-08-29 14:19 -------- d-sh--w- c:\windows\ftpcache
2009-08-28 13:32 . 2009-08-28 13:32 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\Nowe Gadu-Gadu
2009-08-28 12:29 . 2009-02-11 10:33 787672 ----a-w- c:\windows\system32\drivers\cfosspeed.sys
2009-08-28 12:29 . 2009-02-11 10:33 290008 ----a-w- c:\windows\system32\cfosspeed.dll
2009-08-28 11:48 . 2009-09-05 10:34 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\BESTplayer
2009-08-27 16:48 . 2008-04-13 22:15 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2009-08-27 10:38 . 2009-08-27 10:38 -------- d-----w- c:\documents and settings\LocalService\Menu Start
2009-08-27 10:38 . 2009-08-27 10:38 -------- d-----w- c:\windows\system32\wbem\AutoRecover
2009-08-27 10:30 . 2009-08-27 10:30 -------- d-----w- c:\windows\ServicePackFiles
2009-08-27 10:28 . 2007-08-10 18:53 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2009-08-27 10:28 . 2009-08-27 10:28 -------- d-----w- c:\windows\EHome
2009-08-26 18:05 . 2009-08-26 18:05 -------- d-----w- c:\documents and settings\Jeti\Ustawienia lokalne\Dane aplikacji\Ahead
2009-08-26 18:01 . 2000-06-26 09:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2009-08-26 18:01 . 2004-07-26 15:16 476320 ------w- c:\windows\system32\ImagXpr7.dll
2009-08-26 18:01 . 2004-07-26 15:16 471040 ------w- c:\windows\system32\ImagXRA7.dll
2009-08-26 18:01 . 2004-07-26 15:16 262144 ------w- c:\windows\system32\ImagXR7.dll
2009-08-26 18:01 . 2004-07-26 15:16 1568768 ------w- c:\windows\system32\ImagX7.dll
2009-08-26 18:01 . 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2009-08-26 18:01 . 2009-08-26 18:01 -------- d-----w- c:\program files\Common Files\Ahead
2009-08-26 17:03 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-08-26 17:03 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-08-26 17:03 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-08-26 17:03 . 2009-08-26 17:03 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Avira

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-02 12:51 . 2009-08-26 15:56 17280 ----a-w- c:\documents and settings\Jeti\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2009-08-31 13:18 . 2009-08-31 13:18 139152 ----a-w- c:\documents and settings\Jeti\Dane aplikacji\PnkBstrK.sys
2009-08-27 10:40 . 2002-09-23 12:00 49492 ----a-w- c:\windows\system32\perfc015.dat
2009-08-27 10:40 . 2002-09-23 12:00 355486 ----a-w- c:\windows\system32\perfh015.dat
2009-08-26 18:02 . 2009-08-26 18:02 -------- d-----w- c:\program files\Common Files\Nero
2009-08-26 18:02 . 2009-08-26 18:02 -------- d-----w- c:\program files\Common Files\LightScribe
2009-08-26 16:03 . 2009-08-26 16:03 1230 ----a-w- c:\windows\mozver.dat
2009-08-26 16:00 . 2009-08-26 16:00 0 ----a-w- c:\windows\nsreg.dat
2009-08-26 15:52 . 2009-08-26 15:52 -------- d-----w- c:\program files\Common Files\InstallShield
2009-08-26 14:24 . 2009-08-26 14:24 -------- d-----w- c:\program files\microsoft frontpage
2009-08-26 14:22 . 2009-08-26 14:22 21856 ----a-w- c:\windows\system32\emptyregdb.dat
2009-08-26 14:22 . 2009-08-26 14:22 -------- d-----w- c:\program files\Usługi online
.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-19 8429568]
"cFosSpeed"="e:\programy\cFosSpeed\cFosSpeed.exe" [2009-02-11 876760]
"avgnt"="e:\programy\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"MSConfig"="c:\windows\pchealth\helpctr\Binaries\MSCONFIG.EXE" [2008-04-14 171520]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=2 (0x2)
"Messenger"=2 (0x2)
"PnkBstrA"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"e:\\Programy\\BitComet\\BitComet.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"16819:TCP"= 16819:TCP:BitComet 16819 TCP
"16819:UDP"= 16819:UDP:BitComet 16819 UDP
"9053:TCP"= 9053:TCP:iipzevbg

R0 avgntmgr;avgntmgr;c:\windows\system32\drivers\avgntmgr.sys [2009-08-26 22360]
R1 avgntdd;avgntdd;c:\windows\system32\drivers\avgntdd.sys [2009-08-26 45416]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;e:\programy\Avira\AntiVir Desktop\sched.exe [2009-08-26 108289]
S2 pauqawqwj;Update Shell;c:\windows\system32\svchost.exe -k netsvcs [2002-09-23 14336]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
pauqawqwj
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.google.pl/
TCP: {74FD82B1-0139-4B27-B64C-DAC93F24608B} = 208.67.222.222,208.67.220.220
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Jeti\Dane aplikacji\Mozilla\Firefox\Profiles\ptp4aqat.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (pl)
FF - prefs.js: browser.startup.homepage - www.google.pl
FF - component: c:\documents and settings\Jeti\Dane aplikacji\Mozilla\Firefox\Profiles\ptp4aqat.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
FF - component: e:\programy\Firefox\components\xpinstal.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-12 11:15
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pauqawqwj]
"ServiceDll"="c:\windows\system32\mbjmc.dll"
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
e:\programy\Avira\AntiVir Desktop\avguard.exe
e:\programy\cFosSpeed\spd.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\imapi.exe
.
**************************************************************************
.
Czas ukończenia: 2009-09-12 11:16 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2009-09-12 09:16
ComboFix2.txt 2009-09-08 18:50

Przed: 11 116 486 656 bajtów wolnych
Po: 11 098 636 288 bajtów wolnych

169

[Gość]

Widzę, że ComboFix usunął 2 Rootkity, ale jeden się momentalnie odrodził.

Wklej do Notatnika:

KILLALL::

Driver::

pauqawqwj

NetSvc::

pauqawqwj

File::

c:\windows\system32\mbjmc.dll

Folder::

C:\SDFix

Registry::

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"9053:TCP"=-

Reboot::

>>Plik>>Zapisz jako... >>> CFScript

Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe

-->

Ma się rozpocząć usuwanie. (i powstanie log).Daj ten log, który powstanie w trakcie usuwania.

Jeśli pójdzie dobrze, to: Po restarcie usuń ręcznie folder C:\Qoobox.

.

[Jackaal]

Mam pytanie. Czy ten rootkit może znajdować się w sterowniku od karty dźwiękowej? Odkąd stosuję się do twoich rad muszę instalować od początku sterownik do "Realtek AC'97 Audio" przy każdym uruchomieniu komputera, czasem częściej. To może być to?

Log do sprawdzenia

ComboFix 09-09-11.01 - Jeti 2009-09-12 12:21.4.2 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.3.1250.48.1045.18.2047.1696 [GMT 2:00]

Uruchomiony z: c:\documents and settings\Jeti\Pulpit\ComboFix.exe

Użyto następujących komend :: c:\documents and settings\Jeti\Pulpit\CFScript.txt

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

FILE ::

"c:\windows\system32\mbjmc.dll"

.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\SDFix

c:\sdfix\Add_DBFix_RunOnce_key.inf

c:\sdfix\apps\assosfix.reg

c:\sdfix\apps\Cghtme.exe

c:\sdfix\apps\cliptext.exe

c:\sdfix\apps\DBFix.inf

c:\sdfix\apps\download.exe

c:\sdfix\apps\dummy.sys

c:\sdfix\apps\Enable_Command_Prompt.inf

c:\sdfix\apps\Enable_Command_Prompt.reg

c:\sdfix\apps\ERDNT.E_E

c:\sdfix\apps\ERDNTDOS.LOC

c:\sdfix\apps\ERDNTWIN.LOC

c:\sdfix\apps\ERUNT.EXE

c:\sdfix\apps\ERUNT.LOC

c:\sdfix\apps\fix.reg

c:\sdfix\apps\FixBeep.reg

c:\sdfix\apps\FixBH.reg

c:\sdfix\apps\FixComponents.reg

c:\sdfix\apps\FIXCU.reg

c:\sdfix\apps\FIXLM.reg

c:\sdfix\apps\FixPath.exe

c:\sdfix\apps\FixRedir.reg

c:\sdfix\apps\FixSchedule.reg

c:\sdfix\apps\FixWebCheck.reg

c:\sdfix\apps\fixXP.reg

c:\sdfix\apps\FixXPsp2.reg

c:\sdfix\apps\grep.exe

c:\sdfix\apps\HaxdFix.reg

c:\sdfix\apps\HPFix.reg

c:\sdfix\apps\HPFix2.reg

c:\sdfix\apps\HPFix3.reg

c:\sdfix\apps\HPFix4.reg

c:\sdfix\apps\HPFix5.reg

c:\sdfix\apps\HPFix6.reg

c:\sdfix\apps\HPFix7.reg

c:\sdfix\apps\HPFix8.reg

c:\sdfix\apps\HPFix9.reg

c:\sdfix\apps\Installed.txt

c:\sdfix\apps\isadmin.exe

c:\sdfix\apps\leg2.txt

c:\sdfix\apps\legacy.txt

c:\sdfix\apps\legacybk.txt

c:\sdfix\apps\locate.com

c:\sdfix\apps\LS.exe

c:\sdfix\apps\MD5File.exe

c:\sdfix\apps\moveex.exe

c:\sdfix\apps\MyGcpvFix.reg

c:\sdfix\apps\MyGkFix2.reg

c:\sdfix\apps\Process.exe

c:\sdfix\apps\procs.exe

c:\sdfix\apps\psservice.exe

c:\sdfix\apps\Rem.txt

c:\sdfix\apps\Rem2.txt

c:\sdfix\apps\Replace\regedit.exe

c:\sdfix\apps\Replace\w2k\AUTOEXEC.NT

c:\sdfix\apps\Replace\w2k\beep.sys

c:\sdfix\apps\Replace\w2k\command.com

c:\sdfix\apps\Replace\w2k\command.PIF

c:\sdfix\apps\Replace\w2k\CONFIG.NT

c:\sdfix\apps\Replace\w2k\null.sys

c:\sdfix\apps\Replace\xp\AUTOEXEC.NT

c:\sdfix\apps\Replace\xp\beep.sys

c:\sdfix\apps\Replace\xp\command.com

c:\sdfix\apps\Replace\xp\command.PIF

c:\sdfix\apps\Replace\xp\CONFIG.NT

c:\sdfix\apps\Replace\xp\null.sys

c:\sdfix\apps\Reset_AppInit_DLLs.reg

c:\sdfix\apps\RestartIt!.exe

c:\sdfix\apps\Restore_SafeBoot_Windows2000.reg

c:\sdfix\apps\Restore_SafeBoot_WindowsXP.reg

c:\sdfix\apps\Restore_SafeBoot_WindowsXP_SP2.reg

c:\sdfix\apps\Restore_SafeBoot_WindowsXP_SP3.reg

c:\sdfix\apps\Restore_SecurityCenter.reg

c:\sdfix\apps\Restore_SharedAccess.reg

c:\sdfix\apps\sc.exe

c:\sdfix\apps\sed.exe

c:\sdfix\apps\SF.exe

c:\sdfix\apps\shutdown.exe

c:\sdfix\apps\srv2.txt

c:\sdfix\apps\srv2bk.txt

c:\sdfix\apps\svc.txt

c:\sdfix\apps\svcbk.txt

c:\sdfix\apps\Swreg.exe

c:\sdfix\apps\swsc.exe

c:\sdfix\apps\UnRAR.exe

c:\sdfix\apps\unzip.exe

c:\sdfix\apps\vfind.exe

c:\sdfix\apps\WINMSG.EXE

c:\sdfix\apps\winsec.reg

c:\sdfix\apps\zip.exe

c:\sdfix\backups\backupreg.zip

c:\sdfix\backups\backups.zip

c:\sdfix\backups\catchme.log

c:\sdfix\backups\HOSTS

c:\sdfix\catchme.exe

c:\sdfix\DBFix.bat

c:\sdfix\dummy.sys

c:\sdfix\Report.txt

c:\sdfix\RunThis.bat

c:\sdfix\SDFIX_ReadMe_Online.url

c:\sdfix\W2K_VirusAlert_Repair.inf

c:\sdfix\XP_VirusAlert_Repair.inf

.

((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Service_pauqawqwj

((((((((((((((((((((((((( Pliki utworzone od 2009-08-12 do 2009-09-12 )))))))))))))))))))))))))))))))

.

2009-09-11 12:07 . 2009-09-11 12:07 -------- d-----w- c:\documents and settings\Jeti\Ustawienia lokalne\Dane aplikacji\cache

2009-09-10 09:58 . 2009-09-10 09:58 -------- d-----w- c:\documents and settings\Jeti\Ustawienia lokalne\Dane aplikacji\PunkBuster

2009-09-08 18:40 . 2009-09-08 18:40 580096 -c--a-w- c:\windows\system32\dllcache\user32.dll

2009-09-08 18:39 . 2009-09-08 18:39 -------- d-----w- c:\windows\ERUNT

2009-09-06 20:27 . 2009-09-06 20:27 73216 ----a-w- c:\windows\ST6UNST.EXE

2009-09-06 20:27 . 2009-09-06 20:27 249856 ------w- c:\windows\Setup1.exe

2009-09-06 20:20 . 2003-01-26 12:41 40960 ----a-w- c:\windows\system32\SSubTmr6.dll

2009-09-06 20:20 . 1999-08-02 15:11 57344 ----a-w- c:\windows\system32\CGZipLibrary.DLL

2009-09-02 16:58 . 2009-09-06 16:14 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\DBKO

2009-09-01 08:03 . 2009-09-01 08:03 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\OpenOffice.ux.pl

2009-08-31 13:18 . 2009-08-31 13:18 139152 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys

2009-08-31 13:17 . 2009-08-31 13:17 111928 ----a-w- c:\windows\system32\PnkBstrB.exe

2009-08-31 13:17 . 2009-09-10 09:58 75064 ----a-w- c:\windows\system32\PnkBstrA.exe

2009-08-31 13:17 . 2009-08-31 13:17 794408 ----a-w- c:\windows\system32\pbsvc.exe

2009-08-31 13:17 . 2009-08-31 13:17 -------- d-----w- c:\windows\system32\LogFiles

2009-08-31 08:50 . 2005-11-30 03:00 8704 ----a-w- c:\windows\system32\CNMVS53.DLL

2009-08-31 08:50 . 2005-11-30 03:00 140288 ----a-w- c:\windows\system32\CNMLM53.DLL

2009-08-31 08:50 . 2009-08-31 08:50 -------- d--h--w- c:\documents and settings\All Users\Dane aplikacji\CanonBJ

2009-08-31 08:50 . 2005-03-08 16:17 90112 ----a-w- c:\windows\system32\CNMCP53.exe

2009-08-31 08:34 . 2008-04-13 22:17 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys

2009-08-31 08:34 . 2008-04-13 22:17 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys

2009-08-30 15:11 . 2001-10-26 15:29 5632 ----a-w- c:\windows\system32\ptpusb.dll

2009-08-30 15:11 . 2008-04-14 20:50 159232 ----a-w- c:\windows\system32\ptpusd.dll

2009-08-30 15:11 . 2008-04-13 22:15 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys

2009-08-30 15:11 . 2008-04-13 22:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys

2009-08-30 10:40 . 2009-08-30 12:57 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\Winamp

2009-08-29 22:46 . 2008-09-16 19:23 168448 ----a-w- c:\windows\system32\unrar.dll

2009-08-29 22:46 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll

2009-08-29 22:46 . 2008-12-11 00:33 86016 ----a-w- c:\windows\system32\dpl100.dll

2009-08-29 22:46 . 2008-11-06 16:37 3596288 ----a-w- c:\windows\system32\qt-dx331.dll

2009-08-29 22:46 . 2008-11-06 16:33 684032 ----a-w- c:\windows\system32\divx.dll

2009-08-29 22:46 . 2004-01-11 22:00 348160 ----a-w- c:\windows\system32\msvcr71.dll

2009-08-29 14:19 . 2009-08-29 14:19 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\fizzy

2009-08-29 14:19 . 2009-08-29 14:19 -------- d-sh--w- c:\windows\ftpcache

2009-08-28 13:32 . 2009-08-28 13:32 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\Nowe Gadu-Gadu

2009-08-28 12:29 . 2009-02-11 10:33 787672 ----a-w- c:\windows\system32\drivers\cfosspeed.sys

2009-08-28 12:29 . 2009-02-11 10:33 290008 ----a-w- c:\windows\system32\cfosspeed.dll

2009-08-28 11:48 . 2009-09-05 10:34 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\BESTplayer

2009-08-27 16:48 . 2008-04-13 22:15 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys

2009-08-27 10:38 . 2009-08-27 10:38 -------- d-----w- c:\documents and settings\LocalService\Menu Start

2009-08-27 10:38 . 2009-08-27 10:38 -------- d-----w- c:\windows\system32\wbem\AutoRecover

2009-08-27 10:30 . 2009-08-27 10:30 -------- d-----w- c:\windows\ServicePackFiles

2009-08-27 10:28 . 2007-08-10 18:53 26488 ----a-w- c:\windows\system32\spupdsvc.exe

2009-08-27 10:28 . 2009-08-27 10:28 -------- d-----w- c:\windows\EHome

2009-08-26 18:05 . 2009-08-26 18:05 -------- d-----w- c:\documents and settings\Jeti\Ustawienia lokalne\Dane aplikacji\Ahead

2009-08-26 18:01 . 2000-06-26 09:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll

2009-08-26 18:01 . 2004-07-26 15:16 476320 ------w- c:\windows\system32\ImagXpr7.dll

2009-08-26 18:01 . 2004-07-26 15:16 471040 ------w- c:\windows\system32\ImagXRA7.dll

2009-08-26 18:01 . 2004-07-26 15:16 262144 ------w- c:\windows\system32\ImagXR7.dll

2009-08-26 18:01 . 2004-07-26 15:16 1568768 ------w- c:\windows\system32\ImagX7.dll

2009-08-26 18:01 . 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

2009-08-26 18:01 . 2009-08-26 18:01 -------- d-----w- c:\program files\Common Files\Ahead

2009-08-26 17:03 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys

2009-08-26 17:03 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys

2009-08-26 17:03 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys

2009-08-26 17:03 . 2009-08-26 17:03 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Avira

.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-09-02 12:51 . 2009-08-26 15:56 17280 ----a-w- c:\documents and settings\Jeti\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT

2009-08-31 13:18 . 2009-08-31 13:18 139152 ----a-w- c:\documents and settings\Jeti\Dane aplikacji\PnkBstrK.sys

2009-08-27 10:40 . 2002-09-23 12:00 49492 ----a-w- c:\windows\system32\perfc015.dat

2009-08-27 10:40 . 2002-09-23 12:00 355486 ----a-w- c:\windows\system32\perfh015.dat

2009-08-26 18:02 . 2009-08-26 18:02 -------- d-----w- c:\program files\Common Files\Nero

2009-08-26 18:02 . 2009-08-26 18:02 -------- d-----w- c:\program files\Common Files\LightScribe

2009-08-26 16:03 . 2009-08-26 16:03 1230 ----a-w- c:\windows\mozver.dat

2009-08-26 16:00 . 2009-08-26 16:00 0 ----a-w- c:\windows\nsreg.dat

2009-08-26 15:52 . 2009-08-26 15:52 -------- d-----w- c:\program files\Common Files\InstallShield

2009-08-26 14:24 . 2009-08-26 14:24 -------- d-----w- c:\program files\microsoft frontpage

2009-08-26 14:22 . 2009-08-26 14:22 21856 ----a-w- c:\windows\system32\emptyregdb.dat

2009-08-26 14:22 . 2009-08-26 14:22 -------- d-----w- c:\program files\Usługi online

.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-19 8429568]

"cFosSpeed"="e:\programy\cFosSpeed\cFosSpeed.exe" [2009-02-11 876760]

"avgnt"="e:\programy\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

"MSConfig"="c:\windows\pchealth\helpctr\Binaries\MSCONFIG.EXE" [2008-04-14 171520]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"wuauserv"=2 (0x2)

"Messenger"=2 (0x2)

"PnkBstrA"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"e:\\Programy\\BitComet\\BitComet.exe"=

"c:\\WINDOWS\\system32\\PnkBstrA.exe"=

"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"16819:TCP"= 16819:TCP:BitComet 16819 TCP

"16819:UDP"= 16819:UDP:BitComet 16819 UDP

"9053:TCP"= 9053:TCP:iipzevbg

R0 avgntmgr;avgntmgr;c:\windows\system32\drivers\avgntmgr.sys [2009-08-26 22360]

R1 avgntdd;avgntdd;c:\windows\system32\drivers\avgntdd.sys [2009-08-26 45416]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;e:\programy\Avira\AntiVir Desktop\sched.exe [2009-08-26 108289]

.

.

------- Skan uzupełniający -------

.

uStart Page = hxxp://www.google.pl/

TCP: {74FD82B1-0139-4B27-B64C-DAC93F24608B} = 208.67.222.222,208.67.220.220

DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab

DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab

FF - ProfilePath - c:\documents and settings\Jeti\Dane aplikacji\Mozilla\Firefox\Profiles\ptp4aqat.default\

FF - prefs.js: browser.search.selectedEngine - Wikipedia (pl)

FF - prefs.js: browser.startup.homepage - www.google.pl

FF - component: c:\documents and settings\Jeti\Dane aplikacji\Mozilla\Firefox\Profiles\ptp4aqat.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll

FF - component: e:\programy\Firefox\components\xpinstal.dll

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-09-12 12:25

Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone

ukryte pliki: 0

**************************************************************************

.

------------------------ Pozostałe uruchomione procesy ------------------------

.

e:\programy\Avira\AntiVir Desktop\avguard.exe

c:\windows\SOUNDMAN.EXE

e:\programy\cFosSpeed\spd.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\windows\system32\nvsvc32.exe

c:\windows\system32\wdfmgr.exe

c:\windows\system32\imapi.exe

.

**************************************************************************

.

Czas ukończenia: 2009-09-12 12:26 - komputer został uruchomiony ponownie

ComboFix-quarantined-files.txt 2009-09-12 10:26

ComboFix2.txt 2009-09-12 09:16

ComboFix3.txt 2009-09-08 18:50

Przed: 11 076 923 392 bajtów wolnych

Po: 11 044 745 216 bajtów wolnych

267

Edytowane 12 września 2009 przez Jackaal

[Gość]

"Realtek AC'97 Audio" przy każdym uruchomieniu komputera, czasem częściej. To może być to?

Raczej nie, możesz też przeskanować folder Realtka np. jakimś skanerem lub Antyvirusem.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\ GloballyOpenPorts\List]"9053:TCP"= 9053:TCP:iipzevbg

O to zostało.

Do Notatnika wklej:

Windows Registry Editor Version 5.00[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\ GloballyOpenPorts\List]"9053:TCP"=-

Z menu Notatnika >>> Plik >>> Zapisz jako >>> Ustaw rozszerzenie na: "Wszystkie pliki" >>> Zapisz jako FIX.REG>>>

plik uruchom (dwuklik i OK- zgódź się na dodanie do Rejestru).

Zrestartuj komputer.

*********************************************************************************************

1. Odpal OTL i wywołaj go z opcji CleanUp, zgódź się na czyszczenie + restart komputera.

2. Z folderu "System Volume Information" usuniesz kopie "wirusów" poprzez chwilowe wyłączenie "Przywracania Systemu":

>Panel Sterowania>System>Przywracanie Systemu>>zaznacz w okienku przy "Wyłącz przywracanie na wszystkich dyskach">Zastosuj>OK.

Potem możesz powrócić do poprzedniego ustawienia (czyli usunąć zaznaczenie z okienka).

3. Użyj programu Malwarebytes.

Wciskamy Skanuj, wybieramy dyski do skanowania i Rozpoczynamy skanowanie, na końcu wciskamy Usuń zaznaczone jak będą i Ok.

Wrzuć wygenerowany raport po usuwaniu MBAMem.

.

[Jackaal]

Log do sprawdzenia

Malwarebytes' Anti-Malware 1.41
Wersja bazy definicji: 2784
Windows 5.1.2600 Dodatek Service Pack 3

2009-09-12 12:53:14
mbam-log-2009-09-12 (12-53-14).txt

Typ skanowania: Pełne skanowanie (C:\|E:\|)
Przeskanowane obiekty: 111689
Upłynęło: 7 minute(s), 32 second(s)

Zainfekowane procesy w pamięci: 0
Zainfekowane moduły pamięci: 0
Zainfekowane klucze rejestru: 0
Zainfekowane wartości rejestru: 0
Zainfekowane pliki rejestru: 3
Zainfekowane foldery: 0
Zainfekowane pliki: 0

Zainfekowane procesy w pamięci:
(Nie wykryto groźnych plików)

Zainfekowane moduły pamięci:
(Nie wykryto groźnych plików)

Zainfekowane klucze rejestru:
(Nie wykryto groźnych plików)

Zainfekowane wartości rejestru:
(Nie wykryto groźnych plików)

Zainfekowane pliki rejestru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Zainfekowane foldery:
(Nie wykryto groźnych plików)

Zainfekowane pliki:
(Nie wykryto groźnych plików)

Ping nadal wysoki...

Jeszcze jakiś skan? Czy dla mnie nie ma już nadziei? <_<

[Gość]

Wklej ponownie log z ComboFixa.

.

[Jackaal]

Log do sprawdzenia

ComboFix 09-09-14.02 - Jeti 2009-09-14 22:09.5.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.48.1045.18.2047.1619 [GMT 2:00]
Uruchomiony z: c:\documents and settings\Jeti\Pulpit\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
* Utworzono nowy punkt przywracania
.

((((((((((((((((((((((((( Pliki utworzone od 2009-08-14 do 2009-09-14 )))))))))))))))))))))))))))))))
.

2009-09-12 10:43 . 2009-09-12 10:43 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\Malwarebytes
2009-09-12 10:43 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-12 10:43 . 2009-09-12 10:43 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Malwarebytes
2009-09-12 10:43 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-12 10:32 . 2006-08-01 13:02 49152 ----a-w- c:\windows\system32\ChCfg.exe
2009-09-12 10:32 . 2009-09-12 10:32 -------- d-----w- c:\program files\Realtek AC97
2009-09-12 10:32 . 2009-09-12 10:32 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-12 10:32 . 2006-07-31 09:19 315392 ----a-w- c:\windows\alcupd.exe
2009-09-11 12:07 . 2009-09-11 12:07 -------- d-----w- c:\documents and settings\Jeti\Ustawienia lokalne\Dane aplikacji\cache
2009-09-10 09:58 . 2009-09-10 09:58 -------- d-----w- c:\documents and settings\Jeti\Ustawienia lokalne\Dane aplikacji\PunkBuster
2009-09-08 18:40 . 2009-09-08 18:40 580096 -c--a-w- c:\windows\system32\dllcache\user32.dll
2009-09-08 18:39 . 2009-09-08 18:39 -------- d-----w- c:\windows\ERUNT
2009-09-06 20:27 . 2009-09-06 20:27 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-09-06 20:27 . 2009-09-06 20:27 249856 ------w- c:\windows\Setup1.exe
2009-09-06 20:20 . 2003-01-26 12:41 40960 ----a-w- c:\windows\system32\SSubTmr6.dll
2009-09-06 20:20 . 1999-08-02 15:11 57344 ----a-w- c:\windows\system32\CGZipLibrary.DLL
2009-09-02 16:58 . 2009-09-06 16:14 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\DBKO
2009-09-01 08:03 . 2009-09-01 08:03 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\OpenOffice.ux.pl
2009-08-31 13:18 . 2009-08-31 13:18 139152 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-08-31 13:17 . 2009-08-31 13:17 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-08-31 13:17 . 2009-09-10 09:58 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-08-31 13:17 . 2009-08-31 13:17 794408 ----a-w- c:\windows\system32\pbsvc.exe
2009-08-31 13:17 . 2009-08-31 13:17 -------- d-----w- c:\windows\system32\LogFiles
2009-08-31 08:50 . 2005-11-30 03:00 8704 ----a-w- c:\windows\system32\CNMVS53.DLL
2009-08-31 08:50 . 2005-11-30 03:00 140288 ----a-w- c:\windows\system32\CNMLM53.DLL
2009-08-31 08:50 . 2009-08-31 08:50 -------- d--h--w- c:\documents and settings\All Users\Dane aplikacji\CanonBJ
2009-08-31 08:50 . 2005-03-08 16:17 90112 ----a-w- c:\windows\system32\CNMCP53.exe
2009-08-31 08:34 . 2008-04-13 22:17 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-08-31 08:34 . 2008-04-13 22:17 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-08-30 15:11 . 2001-10-26 15:29 5632 ----a-w- c:\windows\system32\ptpusb.dll
2009-08-30 15:11 . 2008-04-14 20:50 159232 ----a-w- c:\windows\system32\ptpusd.dll
2009-08-30 15:11 . 2008-04-13 22:15 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-08-30 15:11 . 2008-04-13 22:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-08-30 10:40 . 2009-08-30 12:57 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\Winamp
2009-08-29 22:46 . 2008-09-16 19:23 168448 ----a-w- c:\windows\system32\unrar.dll
2009-08-29 22:46 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2009-08-29 22:46 . 2008-12-11 00:33 86016 ----a-w- c:\windows\system32\dpl100.dll
2009-08-29 22:46 . 2008-11-06 16:37 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2009-08-29 22:46 . 2008-11-06 16:33 684032 ----a-w- c:\windows\system32\divx.dll
2009-08-29 22:46 . 2004-01-11 22:00 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-08-29 14:19 . 2009-08-29 14:19 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\fizzy
2009-08-29 14:19 . 2009-08-29 14:19 -------- d-sh--w- c:\windows\ftpcache
2009-08-28 13:32 . 2009-08-28 13:32 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\Nowe Gadu-Gadu
2009-08-28 12:29 . 2009-02-11 10:33 787672 ----a-w- c:\windows\system32\drivers\cfosspeed.sys
2009-08-28 12:29 . 2009-02-11 10:33 290008 ----a-w- c:\windows\system32\cfosspeed.dll
2009-08-28 11:48 . 2009-09-05 10:34 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\BESTplayer
2009-08-27 16:48 . 2008-04-13 22:15 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2009-08-27 10:38 . 2009-08-27 10:38 -------- d-----w- c:\documents and settings\LocalService\Menu Start
2009-08-27 10:38 . 2009-08-27 10:38 -------- d-----w- c:\windows\system32\wbem\AutoRecover
2009-08-27 10:30 . 2009-08-27 10:30 -------- d-----w- c:\windows\ServicePackFiles
2009-08-27 10:28 . 2007-08-10 18:53 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2009-08-27 10:28 . 2009-08-27 10:28 -------- d-----w- c:\windows\EHome
2009-08-26 18:05 . 2009-08-26 18:05 -------- d-----w- c:\documents and settings\Jeti\Ustawienia lokalne\Dane aplikacji\Ahead
2009-08-26 18:01 . 2000-06-26 09:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2009-08-26 18:01 . 2004-07-26 15:16 476320 ------w- c:\windows\system32\ImagXpr7.dll
2009-08-26 18:01 . 2004-07-26 15:16 471040 ------w- c:\windows\system32\ImagXRA7.dll
2009-08-26 18:01 . 2004-07-26 15:16 262144 ------w- c:\windows\system32\ImagXR7.dll
2009-08-26 18:01 . 2004-07-26 15:16 1568768 ------w- c:\windows\system32\ImagX7.dll
2009-08-26 18:01 . 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2009-08-26 18:01 . 2009-08-26 18:01 -------- d-----w- c:\program files\Common Files\Ahead
2009-08-26 17:03 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-08-26 17:03 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-08-26 17:03 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-08-26 17:03 . 2009-08-26 17:03 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Avira

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-02 12:51 . 2009-08-26 15:56 17280 ----a-w- c:\documents and settings\Jeti\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2009-08-31 13:18 . 2009-08-31 13:18 139152 ----a-w- c:\documents and settings\Jeti\Dane aplikacji\PnkBstrK.sys
2009-08-27 10:40 . 2002-09-23 12:00 49492 ----a-w- c:\windows\system32\perfc015.dat
2009-08-27 10:40 . 2002-09-23 12:00 355486 ----a-w- c:\windows\system32\perfh015.dat
2009-08-26 18:02 . 2009-08-26 18:02 -------- d-----w- c:\program files\Common Files\Nero
2009-08-26 18:02 . 2009-08-26 18:02 -------- d-----w- c:\program files\Common Files\LightScribe
2009-08-26 16:03 . 2009-08-26 16:03 1230 ----a-w- c:\windows\mozver.dat
2009-08-26 16:00 . 2009-08-26 16:00 0 ----a-w- c:\windows\nsreg.dat
2009-08-26 15:52 . 2009-08-26 15:52 -------- d-----w- c:\program files\Common Files\InstallShield
2009-08-26 14:24 . 2009-08-26 14:24 -------- d-----w- c:\program files\microsoft frontpage
2009-08-26 14:22 . 2009-08-26 14:22 21856 ----a-w- c:\windows\system32\emptyregdb.dat
2009-08-26 14:22 . 2009-08-26 14:22 -------- d-----w- c:\program files\Usługi online
.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-19 8429568]
"cFosSpeed"="e:\programy\cFosSpeed\cFosSpeed.exe" [2009-02-11 876760]
"avgnt"="e:\programy\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2007-04-16 577536]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=2 (0x2)
"Messenger"=2 (0x2)
"PnkBstrA"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"e:\\Programy\\BitComet\\BitComet.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"16819:TCP"= 16819:TCP:BitComet 16819 TCP
"16819:UDP"= 16819:UDP:BitComet 16819 UDP
"9053:TCP"= 9053:TCP:iipzevbg

R0 avgntmgr;avgntmgr;c:\windows\system32\drivers\avgntmgr.sys [2009-08-26 22360]
R1 avgntdd;avgntdd;c:\windows\system32\drivers\avgntdd.sys [2009-08-26 45416]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;e:\programy\Avira\AntiVir Desktop\sched.exe [2009-08-26 108289]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\E2.tmp --> c:\windows\system32\E2.tmp [?]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://users.iptelecom.net.ua/~codecs/
TCP: {74FD82B1-0139-4B27-B64C-DAC93F24608B} = 208.67.222.222,208.67.220.220
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Jeti\Dane aplikacji\Mozilla\Firefox\Profiles\ptp4aqat.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (pl)
FF - prefs.js: browser.startup.homepage - www.google.pl
FF - component: c:\documents and settings\Jeti\Dane aplikacji\Mozilla\Firefox\Profiles\ptp4aqat.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
FF - component: e:\programy\Firefox\components\xpinstal.dll
.
- - - - USUNIĘTO PUSTE WPISY - - - -

AddRemove-CANONBJ_Deinstall_CNMCP53.DLL - c:\windows\system32\CNMCP53.exe -PRINTERNAMECanon i350 -HELPERDLLc:\documents and settings\All Users\Dane aplikacji\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350 Installer\Inst2\cnmis.dll



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-14 22:11
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\E2.tmp"
.
Czas ukończenia: 2009-09-14 22:12
ComboFix-quarantined-files.txt 2009-09-14 20:12

Przed: 10 898 706 432 bajtów wolnych
Po: 10 962 137 088 bajtów wolnych

155

[Gość]

Przez te ,,głupie" IPB3 nie może się usunąć jeden szkodliwy port. Quote rozszerza a code... zmniejsza.

Wklej do Notatnika ten tekst który jest na stronie:

http://wklej.org/id/150437/

>>Plik>>Zapisz jako... >>> CFScript

Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe

-->

Ma się rozpocząć usuwanie. (i powstanie log).Daj ten log, który powstanie w trakcie usuwania.

Jeśli pójdzie dobrze, to: Po restarcie usuń ręcznie folder C:\Qoobox.

.

[Jackaal]

Log do sprawdzenia

ComboFix 09-09-14.02 - Jeti 2009-09-15 19:29.6.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.48.1045.18.2047.1751 [GMT 2:00]
Uruchomiony z: c:\documents and settings\Jeti\Pulpit\ComboFix.exe
Użyto następujących komend :: c:\documents and settings\Jeti\Pulpit\CFScript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

FILE ::
"c:\windows\system32\E2.tmp"
.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_MEMSWEEP2


((((((((((((((((((((((((( Pliki utworzone od 2009-08-15 do 2009-09-15 )))))))))))))))))))))))))))))))
.

2009-09-14 21:26 . 2009-09-14 21:27 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\Dbind
2009-09-12 10:43 . 2009-09-12 10:43 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\Malwarebytes
2009-09-12 10:43 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-12 10:43 . 2009-09-12 10:43 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Malwarebytes
2009-09-12 10:43 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-12 10:32 . 2006-08-01 13:02 49152 ----a-w- c:\windows\system32\ChCfg.exe
2009-09-12 10:32 . 2009-09-12 10:32 -------- d-----w- c:\program files\Realtek AC97
2009-09-12 10:32 . 2009-09-12 10:32 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-12 10:32 . 2006-07-31 09:19 315392 ----a-w- c:\windows\alcupd.exe
2009-09-11 12:07 . 2009-09-11 12:07 -------- d-----w- c:\documents and settings\Jeti\Ustawienia lokalne\Dane aplikacji\cache
2009-09-10 09:58 . 2009-09-10 09:58 -------- d-----w- c:\documents and settings\Jeti\Ustawienia lokalne\Dane aplikacji\PunkBuster
2009-09-08 18:40 . 2009-09-08 18:40 580096 -c--a-w- c:\windows\system32\dllcache\user32.dll
2009-09-08 18:39 . 2009-09-08 18:39 -------- d-----w- c:\windows\ERUNT
2009-09-06 20:27 . 2009-09-06 20:27 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-09-06 20:27 . 2009-09-06 20:27 249856 ------w- c:\windows\Setup1.exe
2009-09-06 20:20 . 2003-01-26 12:41 40960 ----a-w- c:\windows\system32\SSubTmr6.dll
2009-09-06 20:20 . 1999-08-02 15:11 57344 ----a-w- c:\windows\system32\CGZipLibrary.DLL
2009-09-02 16:58 . 2009-09-06 16:14 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\DBKO
2009-09-01 08:03 . 2009-09-01 08:03 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\OpenOffice.ux.pl
2009-08-31 13:18 . 2009-08-31 13:18 139152 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-08-31 13:17 . 2009-08-31 13:17 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-08-31 13:17 . 2009-09-10 09:58 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-08-31 13:17 . 2009-08-31 13:17 794408 ----a-w- c:\windows\system32\pbsvc.exe
2009-08-31 13:17 . 2009-08-31 13:17 -------- d-----w- c:\windows\system32\LogFiles
2009-08-31 08:50 . 2005-11-30 03:00 8704 ----a-w- c:\windows\system32\CNMVS53.DLL
2009-08-31 08:50 . 2005-11-30 03:00 140288 ----a-w- c:\windows\system32\CNMLM53.DLL
2009-08-31 08:50 . 2009-08-31 08:50 -------- d--h--w- c:\documents and settings\All Users\Dane aplikacji\CanonBJ
2009-08-31 08:50 . 2005-03-08 16:17 90112 ----a-w- c:\windows\system32\CNMCP53.exe
2009-08-31 08:34 . 2008-04-13 22:17 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-08-31 08:34 . 2008-04-13 22:17 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-08-30 15:11 . 2001-10-26 15:29 5632 ----a-w- c:\windows\system32\ptpusb.dll
2009-08-30 15:11 . 2008-04-14 20:50 159232 ----a-w- c:\windows\system32\ptpusd.dll
2009-08-30 15:11 . 2008-04-13 22:15 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-08-30 15:11 . 2008-04-13 22:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-08-30 10:40 . 2009-08-30 12:57 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\Winamp
2009-08-29 22:46 . 2008-09-16 19:23 168448 ----a-w- c:\windows\system32\unrar.dll
2009-08-29 22:46 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2009-08-29 22:46 . 2008-12-11 00:33 86016 ----a-w- c:\windows\system32\dpl100.dll
2009-08-29 22:46 . 2008-11-06 16:37 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2009-08-29 22:46 . 2008-11-06 16:33 684032 ----a-w- c:\windows\system32\divx.dll
2009-08-29 22:46 . 2004-01-11 22:00 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-08-29 14:19 . 2009-08-29 14:19 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\fizzy
2009-08-29 14:19 . 2009-08-29 14:19 -------- d-sh--w- c:\windows\ftpcache
2009-08-28 13:32 . 2009-08-28 13:32 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\Nowe Gadu-Gadu
2009-08-28 12:29 . 2009-02-11 10:33 787672 ----a-w- c:\windows\system32\drivers\cfosspeed.sys
2009-08-28 12:29 . 2009-02-11 10:33 290008 ----a-w- c:\windows\system32\cfosspeed.dll
2009-08-28 11:48 . 2009-09-05 10:34 -------- d-----w- c:\documents and settings\Jeti\Dane aplikacji\BESTplayer
2009-08-27 16:48 . 2008-04-13 22:15 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2009-08-27 10:38 . 2009-08-27 10:38 -------- d-----w- c:\documents and settings\LocalService\Menu Start
2009-08-27 10:38 . 2009-08-27 10:38 -------- d-----w- c:\windows\system32\wbem\AutoRecover
2009-08-27 10:30 . 2009-08-27 10:30 -------- d-----w- c:\windows\ServicePackFiles
2009-08-27 10:28 . 2007-08-10 18:53 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2009-08-27 10:28 . 2009-08-27 10:28 -------- d-----w- c:\windows\EHome
2009-08-26 18:05 . 2009-08-26 18:05 -------- d-----w- c:\documents and settings\Jeti\Ustawienia lokalne\Dane aplikacji\Ahead
2009-08-26 18:01 . 2000-06-26 09:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2009-08-26 18:01 . 2004-07-26 15:16 476320 ------w- c:\windows\system32\ImagXpr7.dll
2009-08-26 18:01 . 2004-07-26 15:16 471040 ------w- c:\windows\system32\ImagXRA7.dll
2009-08-26 18:01 . 2004-07-26 15:16 262144 ------w- c:\windows\system32\ImagXR7.dll
2009-08-26 18:01 . 2004-07-26 15:16 1568768 ------w- c:\windows\system32\ImagX7.dll
2009-08-26 18:01 . 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2009-08-26 18:01 . 2009-08-26 18:01 -------- d-----w- c:\program files\Common Files\Ahead
2009-08-26 17:03 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-08-26 17:03 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-08-26 17:03 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-08-26 17:03 . 2009-08-26 17:03 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Avira

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-02 12:51 . 2009-08-26 15:56 17280 ----a-w- c:\documents and settings\Jeti\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2009-08-31 13:18 . 2009-08-31 13:18 139152 ----a-w- c:\documents and settings\Jeti\Dane aplikacji\PnkBstrK.sys
2009-08-27 10:40 . 2002-09-23 12:00 49492 ----a-w- c:\windows\system32\perfc015.dat
2009-08-27 10:40 . 2002-09-23 12:00 355486 ----a-w- c:\windows\system32\perfh015.dat
2009-08-26 18:02 . 2009-08-26 18:02 -------- d-----w- c:\program files\Common Files\Nero
2009-08-26 18:02 . 2009-08-26 18:02 -------- d-----w- c:\program files\Common Files\LightScribe
2009-08-26 16:03 . 2009-08-26 16:03 1230 ----a-w- c:\windows\mozver.dat
2009-08-26 16:00 . 2009-08-26 16:00 0 ----a-w- c:\windows\nsreg.dat
2009-08-26 15:52 . 2009-08-26 15:52 -------- d-----w- c:\program files\Common Files\InstallShield
2009-08-26 14:24 . 2009-08-26 14:24 -------- d-----w- c:\program files\microsoft frontpage
2009-08-26 14:22 . 2009-08-26 14:22 21856 ----a-w- c:\windows\system32\emptyregdb.dat
2009-08-26 14:22 . 2009-08-26 14:22 -------- d-----w- c:\program files\Usługi online
.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-19 8429568]
"cFosSpeed"="e:\programy\cFosSpeed\cFosSpeed.exe" [2009-02-11 876760]
"avgnt"="e:\programy\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2007-04-16 577536]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=2 (0x2)
"Messenger"=2 (0x2)
"PnkBstrA"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"e:\\Programy\\BitComet\\BitComet.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"16819:TCP"= 16819:TCP:BitComet 16819 TCP
"16819:UDP"= 16819:UDP:BitComet 16819 UDP

R0 avgntmgr;avgntmgr;c:\windows\system32\drivers\avgntmgr.sys [2009-08-26 22360]
R1 avgntdd;avgntdd;c:\windows\system32\drivers\avgntdd.sys [2009-08-26 45416]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;e:\programy\Avira\AntiVir Desktop\sched.exe [2009-08-26 108289]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://users.iptelecom.net.ua/~codecs/
TCP: {74FD82B1-0139-4B27-B64C-DAC93F24608B} = 208.67.222.222,208.67.220.220
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Jeti\Dane aplikacji\Mozilla\Firefox\Profiles\ptp4aqat.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (pl)
FF - prefs.js: browser.startup.homepage - www.google.pl
FF - component: c:\documents and settings\Jeti\Dane aplikacji\Mozilla\Firefox\Profiles\ptp4aqat.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
FF - component: e:\programy\Firefox\components\xpinstal.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-15 19:31
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
e:\programy\Avira\AntiVir Desktop\avguard.exe
e:\programy\cFosSpeed\spd.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wdfmgr.exe
.
**************************************************************************
.
Czas ukończenia: 2009-09-15 19:32 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2009-09-15 17:32
ComboFix2.txt 2009-09-14 20:12

Przed: 10 906 386 432 bajtów wolnych
Po: 10 879 598 592 bajtów wolnych

170

[Gość]

Log jest OK.

Czy dalej masz wysokie pingi?

.

[Jackaal]

Jak na razie jest dobrze. Dzięki za pomoc

No niestety muszę temat odświeżyć. Codziennie po kilka razy Avira pokazuje mi że wykryło trojana x.exe lub mbjmc.dll. Oczywiście je usuwam, ale o co tutaj chodzi? Wydawało mi się, że wszystkie szkodliwe pliki zostały skasowane...

[MarekM25]

daj ponownie loga z otl. Możliwe, że w tym czasie się zainfekowałeś