x-kom hosting

Outlook Express nie wysyła maili, zablokowany port 25

iluzja
utworzono
utworzono (edytowane)

Witam serdecznie, trafiłam tutaj z innego forum z nadzieją, iż tutaj znajdę pomoc. Jak na kobietę przystało jestem laikiem w sprawach komputerowych...

Najpierw przedstawię problem.

Kilka dni temu pojawił się problem, gdy logowałam się do serwisu wordpress.com (może to przypadek), korzystając z przeglądarki IE. Wówczas komputer został zainfekowany i wszystkie strony były przekierowywane na podmena-vidachi.com

Skończyło się formatem, który na szczęście pomógł i wszystko "śmigało".

Dzisiaj, po 3 dniach od formatu, ponownie byłam zalogowana na w/w serwisie, jednak korzystałam już z Opery. W tym samym czasie wysyłałam też jednocześnie 4 maile z Outlook Express. Pierwszy 3 wysłały się od razu, a 4 ostatni już nie... Po chwili Norton "wyrzucił" jakiś błąd, nie doczytałam do końca, ale na 99% było to to: http://service1.symantec.com/SUPPORT/INTER/sharedtechintl.nsf/d02b2a5428beaa2488256dfa005deafd/3de59b9d6195475e802570d5004ef41f?OpenDocument

A w Outlook'u pojawił się komunikat, który pojawia się do tej pory, o treści:

"Łączenie z serwerem nie powiodło się. Konto 'poczta.interia.pl', Serwer: 'poczta.interia.pl', Protokół: SMTP, Port: 25, Zabezpieczenie (SSL): Nie, Błąd łączy: 10061, Numer błędu: 0x800CCC0E"

Idąc tym tropem, pomyślałam, że może Norton uznał, że rozsyłam spam i zablokował mi port, bo zablokowanie przez usługodawcę raczej nie wchodzi w grę.

Zrobiłam następujące czynności:

* wyłączyłam skanowanie poczty przez Norton - nie pomogło

* odinstalowałam Nortona - także nie pomogło

* założyłam w Outlook'u nowe konto, tym razem nie z interii, lecz z o2 - też poczty nie wysyła

* usunęłam i założyłam na nowo konto z interii - nie pomogło

Przez tych kilka dni od formatu nie używałam intensywnie komputera, więc nie sądzę, abym mogła coś złapać, ale na wszelki wypadek naiwnie przeskanowałam komputer czym się dało, czyli:

Norton 2009, Kaspersky, Dr.Web, Avast, SUPERantispyware, Malwarebytes, Spybot S&D - żadne nic nie znalazło. Przeczyściłam też system i rejestr CCleaner.

Dodam, że rok temu miałam taki sam problem, wówczas też kilka antywirusów nic nie znajdywało, dopiero Kaspersky znalazł wirusa, który blokował ten port, usunęłam i było po sprawie.

Teraz nie wiem, co zrobić, a chciałabym uniknąć kolejnego formata.

Przygotowałam kilka logów, może coś w nich będzie....

HijackThis:

Log do sprawdzenia
Logfile of HijackThis v1.99.1

Scan saved at 19:51:12, on 2009-09-08

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\WINDOWS\ehome\ehtray.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

D:\Programy\Daemon\daemon.exe

D:\Programy\iTunes\iTunesHelper.exe

C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccSvcHst.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccSvcHst.exe

D:\Programy\Konnekt\konnekt.exe

C:\WINDOWS\system32\wuauclt.exe

D:\Programy\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.pl/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.vobis.pl/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.vobis.pl/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\IPSBHO.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\coIEPlg.dll

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Programy\Daemon\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [QuickTime Task] "D:\programy\applequicktime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "D:\Programy\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Microsoft Office.lnk = D:\Programy\Office\Office10\OSA.EXE

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://D:\Programy\Office\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.vobis.pl/

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab

O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\coIEPlg.dll

O20 - Winlogon Notify: !SASWinLogon - D:\Programy\SUPERantispyware\SASWINLO.dll

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O23 - Service: Urządzenie mobilne Apple (Apple Mobile Device) - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)

O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files\Norton Internet Security\Engine\16.5.0.134\diMaster.dll" /prefetch:1 (file missing)

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

SilentRunners:

Log do sprawdzenia

"Silent Runners.vbs", revision 58, http://www.silentrunners.org/

Operating System: Windows XP

Output limited to non-default values, except where indicated by "{++}"

Startup items buried in registry:

---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

"CTFMON.EXE" = "C:\WINDOWS\system32\ctfmon.exe" [MS]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}

"VTTimer" = "VTTimer.exe" ["S3 Graphics, Inc."]

"VTTrayp" = "VTtrayp.exe" ["S3 Graphics Co., Ltd."]

"ehTray" = "C:\WINDOWS\ehome\ehtray.exe" [MS]

"High Definition Audio Property Page Shortcut" = "HDAShCut.exe" ["Windows ® Server 2003 DDK provider"]

"SoundMAXPnP" = "C:\Program Files\Analog Devices\Core\smax4pnp.exe" ["Analog Devices, Inc."]

"SoundMAX" = ""C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray" ["Analog Devices, Inc."]

"HP Software Update" = "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" ["Hewlett-Packard Development Company, L.P."]

"DAEMON Tools-1033" = ""D:\Programy\Daemon\daemon.exe" -lang 1033" ["VeNoM386 and SwENSkE"]

"QuickTime Task" = ""D:\programy\applequicktime\QTTask.exe" -atboottime" ["Apple Inc."]

"iTunesHelper" = ""D:\Programy\iTunes\iTunesHelper.exe"" ["Apple Inc."]

"Adobe Reader Speed Launcher" = ""C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"" ["Adobe Systems Incorporated"]

"SunJavaUpdateSched" = ""C:\Program Files\Java\jre6\bin\jusched.exe"" ["Sun Microsystems, Inc."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\(Default) = "AcroIEHelperStub"

-> {HKLM...CLSID} = "Adobe PDF Link Helper"

\InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll" ["Adobe Systems Incorporated"]

{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\(Default) = "Symantec NCO BHO"

-> {HKLM...CLSID} = "Symantec NCO BHO"

\InProcServer32\(Default) = "C:\Program Files\Norton Internet Security\Engine\16.5.0.134\coIEPlg.dll" ["Symantec Corporation"]

{6D53EC84-6AAE-4787-AEEE-F4628F01010C}\(Default) = "Symantec Intrusion Prevention"

-> {HKLM...CLSID} = "Symantec Intrusion Prevention"

\InProcServer32\(Default) = "C:\Program Files\Norton Internet Security\Engine\16.5.0.134\IPSBHO.DLL" ["Symantec Corporation"]

{DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided)

-> {HKLM...CLSID} = "Java Plug-In 2 SSV Helper"

\InProcServer32\(Default) = "C:\Program Files\Java\jre6\bin\jp2ssv.dll" ["Sun Microsystems, Inc."]

{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\(Default) = "JQSIEStartDetectorImpl"

-> {HKLM...CLSID} = "JQSIEStartDetectorImpl Class"

\InProcServer32\(Default) = "C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll" ["Sun Microsystems, Inc."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Display Panning CPL Extension"

-> {HKLM...CLSID} = "Display Panning CPL Extension"

\InProcServer32\(Default) = "deskpan.dll" [file not found]

"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"

-> {HKLM...CLSID} = "HyperTerminal Icon Ext"

\InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]

"{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"

-> {HKLM...CLSID} = "Portable Media Devices Menu"

\InProcServer32\(Default) = "C:\WINDOWS\system32\audiodev.dll" [MS]

"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"

-> {HKLM...CLSID} = "WinRAR"

\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

"{32020A01-506E-484D-A2A8-BE3CF17601C3}" = "AlcoholShellEx"

-> {HKLM...CLSID} = "AlcoholShellEx"

\InProcServer32\(Default) = "D:\Programy\Alcohol\ALCOHO~1\AXShlEx.dll" ["Alcohol Soft Development Team"]

"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"

-> {HKLM...CLSID} = (no title provided)

\InProcServer32\(Default) = "D:\Programy\Office\Office10\msohev.dll" [MS]

"{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}" = "iTunes"

-> {HKLM...CLSID} = "iTunes"

\InProcServer32\(Default) = "D:\Programy\iTunes\iTunesMiniPlayer.dll" ["Apple Inc."]

"{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}" = "Nokia Phone Browser"

-> {HKLM...CLSID} = "Nokia Phone Browser"

\InProcServer32\(Default) = "D:\Programy\Nokia\Nokia PC Suite 7\PhoneBrowser.dll" ["Nokia"]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\

<<!>> "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" = (no title provided)

-> {HKLM...CLSID} = "SABShellExecuteHook Class"

\InProcServer32\(Default) = "D:\Programy\SUPERantispyware\SASSEH.DLL" ["SuperAdBlocker.com"]

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\

<<!>> !SASWinLogon\DLLName = "D:\Programy\SUPERantispyware\SASWINLO.dll" ["SUPERAntiSpyware.com"]

<<!>> dimsntfy\DLLName = "C:\WINDOWS\System32\dimsntfy.dll" [MS]

HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\

{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"

-> {HKLM...CLSID} = "PDF Shell Extension"

\InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]

HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\

Symantec.Norton.Antivirus.IEContextMenu\(Default) = "{FAD61B3D-699D-49B2-BE16-7F82CB4C59CA}"

-> {HKLM...CLSID} = "IEContextMenu Class"

\InProcServer32\(Default) = ""C:\Program Files\Norton Internet Security\Engine\16.5.0.134\NavShExt.dll"" ["Symantec Corporation"]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

-> {HKLM...CLSID} = "WinRAR"

\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

-> {HKLM...CLSID} = "WinRAR"

\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\

MBAMShlExt\(Default) = "{57CE581A-0CB6-4266-9CA0-19364C90A0B3}"

-> {HKLM...CLSID} = "MBAMShlExt Class"

\InProcServer32\(Default) = "D:\Programy\Malwarebytes\Malwarebytes' Anti-Malware\mbamext.dll" ["Malwarebytes Corporation"]

Symantec.Norton.Antivirus.IEContextMenu\(Default) = "{FAD61B3D-699D-49B2-BE16-7F82CB4C59CA}"

-> {HKLM...CLSID} = "IEContextMenu Class"

\InProcServer32\(Default) = ""C:\Program Files\Norton Internet Security\Engine\16.5.0.134\NavShExt.dll"" ["Symantec Corporation"]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

-> {HKLM...CLSID} = "WinRAR"

\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\

MBAMShlExt\(Default) = "{57CE581A-0CB6-4266-9CA0-19364C90A0B3}"

-> {HKLM...CLSID} = "MBAMShlExt Class"

\InProcServer32\(Default) = "D:\Programy\Malwarebytes\Malwarebytes' Anti-Malware\mbamext.dll" ["Malwarebytes Corporation"]

Group Policies {GPedit.msc branch and setting}:

-----------------------------------------------

Note: detected settings may not have any effect.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\

"HonorAutoRunSetting" = (REG_DWORD) dword:0x00000001

{unrecognized setting}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\

"shutdownwithoutlogon" = (REG_DWORD) dword:0x00000001

{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|

Shutdown: Allow system to be shut down without having to log on}

"undockwithoutlogon" = (REG_DWORD) dword:0x00000001

{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|

Devices: Allow undock without having to log on}

"InstallVisualStyle" = (REG_EXPAND_SZ) C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles

{unrecognized setting}

"InstallTheme" = (REG_EXPAND_SZ) C:\WINDOWS\Resources\Themes\Royale.theme

{unrecognized setting}

Active Desktop and Wallpaper:

-----------------------------

Active Desktop may be disabled at this entry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:

HKCU\Software\Microsoft\Internet Explorer\Desktop\General\

"Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:

HKCU\Control Panel\Desktop\

"Wallpaper" = "C:\Documents and Settings\Milena\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"

Enabled Screen Saver:

---------------------

HKCU\Control Panel\Desktop\

"SCRNSAVE.EXE" = "C:\WINDOWS\System32\logon.scr" [MS]

Windows Portable Device AutoPlay Handlers

-----------------------------------------

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\

AlcoholAutoPlayV2.BurnDisc\

"Provider" = "Alcohol 120%"

"InvokeProgID" = "AlcoholAutoPlayV2"

"InvokeVerb" = "BurnDisc"

HKLM\SOFTWARE\Classes\AlcoholAutoPlayV2\shell\BurnDisc\command\(Default) = ""D:\Programy\Alcohol\Alcohol 120\Alcohol.exe" %1" ["Alcohol Soft Development Team"]

AlcoholAutoPlayV2.ReadDisc\

"Provider" = "Alcohol 120%"

"InvokeProgID" = "AlcoholAutoPlayV2"

"InvokeVerb" = "ReadDisc"

HKLM\SOFTWARE\Classes\AlcoholAutoPlayV2\shell\ReadDisc\command\(Default) = ""D:\Programy\Alcohol\Alcohol 120\Alcohol.exe" %1" ["Alcohol Soft Development Team"]

EHomeMusicDropTarget\

"Provider" = "Media Center"

"InvokeProgID" = "EHomeDropTarget.EHomeMusicDropTarget"

"InvokeVerb" = "play"

HKLM\SOFTWARE\Classes\EHomeDropTarget.EHomeMusicDropTarget\shell\play\DropTarget\CLSID = "{ED87EFF3-FF22-404E-B2BD-BC3841BDCB2C}"

-> {HKLM...CLSID} = "EHomeMusicDropTarget Class"

\InProcServer32\(Default) = "C:\WINDOWS\eHome\ehdrop.dll" [MS]

EHomePhotosHandler\

"Provider" = "Media Center"

"InvokeProgID" = "EHomeDropTarget.EHomePhotosHandler"

"InvokeVerb" = "play"

HKLM\SOFTWARE\Classes\EHomeDropTarget.EHomePhotosHandler\shell\play\DropTarget\CLSID = "{4b7601c1-d292-4902-89f4-583a5ce0c535}"

-> {HKLM...CLSID} = "EHomePhotosHandler Class"

\InProcServer32\(Default) = "C:\WINDOWS\eHome\ehdrop.dll" [MS]

EHomeVideoDropTarget\

"Provider" = "Media Center"

"InvokeProgID" = "EHomeDropTarget.EHomeVideoDropTarget"

"InvokeVerb" = "play"

HKLM\SOFTWARE\Classes\EHomeDropTarget.EHomeVideoDropTarget\shell\play\DropTarget\CLSID = "{A48E70A4-8E15-4465-9D85-CCE9E63F8AAB}"

-> {HKLM...CLSID} = "EHomeVideoDropTarget Class"

\InProcServer32\(Default) = "C:\WINDOWS\eHome\ehdrop.dll" [MS]

EHomeVideosHandler\

"Provider" = "Media Center"

"InvokeProgID" = "EHomeDropTarget.EHomeVideosHandler"

"InvokeVerb" = "play"

HKLM\SOFTWARE\Classes\EHomeDropTarget.EHomeVideosHandler\shell\play\DropTarget\CLSID = "{4f61ec50-acef-4ae7-b4c6-b19bddc0f745}"

-> {HKLM...CLSID} = "EHomeVideosHandler Class"

\InProcServer32\(Default) = "C:\WINDOWS\eHome\ehdrop.dll" [MS]

iTunesBurnCDOnArrival\

"Provider" = "iTunes"

"InvokeProgID" = "iTunes.BurnCD"

"InvokeVerb" = "burn"

HKLM\SOFTWARE\Classes\iTunes.BurnCD\shell\burn\command\(Default) = ""D:\Programy\iTunes\iTunes.exe" /AutoPlayBurn "%L"" ["Apple Inc."]

iTunesImportSongsOnArrival\

"Provider" = "iTunes"

"InvokeProgID" = "iTunes.ImportSongsOnCD"

"InvokeVerb" = "import"

HKLM\SOFTWARE\Classes\iTunes.ImportSongsOnCD\shell\import\command\(Default) = ""D:\Programy\iTunes\iTunes.exe" /AutoPlayImportSongs "%L"" ["Apple Inc."]

iTunesPlaySongsOnArrival\

"Provider" = "iTunes"

"InvokeProgID" = "iTunes.PlaySongsOnCD"

"InvokeVerb" = "play"

HKLM\SOFTWARE\Classes\iTunes.PlaySongsOnCD\shell\play\command\(Default) = ""D:\Programy\iTunes\iTunes.exe" /playCD "%L"" ["Apple Inc."]

iTunesShowSongsOnArrival\

"Provider" = "iTunes"

"InvokeProgID" = "iTunes.ShowSongsOnCD"

"InvokeVerb" = "showsongs"

HKLM\SOFTWARE\Classes\iTunes.ShowSongsOnCD\shell\showsongs\command\(Default) = ""D:\Programy\iTunes\iTunes.exe" /AutoPlayShowSongs "%L"" ["Apple Inc."]

Startup items in "Milena" & "All Users" startup folders:

--------------------------------------------------------

C:\Documents and Settings\All Users\Start Menu\Programs\Startup

"Adobe Gamma Loader" -> shortcut to: "C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe" ["Adobe Systems, Inc."]

"HP Digital Imaging Monitor" -> shortcut to: "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" ["Hewlett-Packard Development Company, L.P."]

"Microsoft Office" -> shortcut to: "D:\Programy\Office\Office10\OSA.EXE -b -l" [MS]

Enabled Scheduled Tasks:

------------------------

"AppleSoftwareUpdate" -> launches: "C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task" ["Apple Inc."]

Winsock2 Service Provider DLLs:

-------------------------------

Namespace Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}

000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]

000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

Transport Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}

0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 13

%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05

Toolbars, Explorer Bars, Extensions:

------------------------------------

Toolbars

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\

"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" = "Norton Toolbar"

-> {HKLM...CLSID} = "Norton Toolbar"

\InProcServer32\(Default) = "C:\Program Files\Norton Internet Security\Engine\16.5.0.134\coIEPlg.dll" ["Symantec Corporation"]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\

{E2E2DD38-D088-4134-82B7-F2BA38496583}\

"MenuText" = "@xpsp3res.dll,-20001"

"Exec" = "%windir%\Network Diagnostic\xpnetdiag.exe" [MS]

{FB5F1910-F110-11D2-BB9E-00C04F795683}\

"ButtonText" = "Messenger"

"MenuText" = "Windows Messenger"

"Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]

Miscellaneous IE Hijack Points

------------------------------

C:\WINDOWS\INF\IERESET.INF (used to "Reset Web Settings")

Added lines (compared with English-language version):

[strings]: START_PAGE_URL=http://www.vobis.pl/

Missing lines (compared with English-language version):

[strings]: 1 line

Running Services (Display Name, Service Name, Path {Service DLL}):

------------------------------------------------------------------

Java Quick Starter, JavaQuickStarterService, ""C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"" ["Sun Microsystems, Inc."]

Media Center Extender Service, McrdSvc, "C:\WINDOWS\ehome\mcrdsvc.exe" [MS]

Norton Internet Security, Norton Internet Security, ""C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files\Norton Internet Security\Engine\16.5.0.134\diMaster.dll" /prefetch:1" ["Symantec Corporation"]

Pml Driver HPZ12, Pml Driver HPZ12, "C:\WINDOWS\system32\HPZipm12.exe" ["HP"]

Urządzenie mobilne Apple, Apple Mobile Device, ""C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"" ["Apple, Inc."]

Usługa iPod, iPod Service, ""C:\Program Files\iPod\bin\iPodService.exe"" ["Apple Inc."]

Usługa Odbiornik Media Center, ehRecvr, "C:\WINDOWS\eHome\ehRecvr.exe" [MS]

Usługa Planowanie nagrywania, ehSched, "C:\WINDOWS\eHome\ehSched.exe" [MS]

Print Monitors:

---------------

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\

HP Standard TCP/IP Port\Driver = "HpTcpMon.dll" ["Hewlett Packard"]

---------- (launch time: 2009-09-08 19:51:30)

<<!>>: Suspicious data at a malware launch point.

+ This report excludes default entries except where indicated.

+ To see *everywhere* the script checks and *everything* it finds,

launch it from a command prompt or a shortcut with the -all parameter.

+ To search all directories of local fixed drives for DESKTOP.INI

DLL launch points, use the -supp parameter or answer "No" at the

first message box and "Yes" at the second message box.

---------- (total run time: 31 seconds, including 5 seconds for message boxes)

OTL:

Log do sprawdzenia

OTL logfile created on: 2009-09-08 19:54:57 - Run 1

OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Milena\Desktop

Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd

958,42 Mb Total Physical Memory | 502,44 Mb Available Physical Memory | 52,42% Memory free

2,26 Gb Paging File | 1,86 Gb Available in Paging File | 82,48% Paging File free

Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 19,53 Gb Total Space | 4,56 Gb Free Space | 23,36% Space Free | Partition Type: NTFS

Drive D: | 78,13 Gb Total Space | 38,88 Gb Free Space | 49,76% Space Free | Partition Type: NTFS

Drive E: | 135,21 Gb Total Space | 81,31 Gb Free Space | 60,13% Space Free | Partition Type: NTFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Drive L: | 421,17 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: MILENA-B8A4823E

Current User Name: Milena

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (SafeList) ==========

PRC - [2008-04-14 05:42:20 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE

PRC - [2006-08-24 14:00:00 | 00,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\VTTimer.exe

PRC - [2006-08-24 14:00:00 | 00,163,840 | ---- | M] (S3 Graphics Co., Ltd.) -- C:\WINDOWS\System32\VTtrayp.exe

PRC - [2005-08-05 13:56:34 | 00,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehtray.exe

PRC - [2006-08-24 14:00:00 | 00,925,696 | R--- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe

PRC - [2006-02-19 02:41:10 | 00,049,152 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

PRC - [2002-06-22 15:04:36 | 00,073,728 | ---- | M] (VeNoM386 and SwENSkE) -- D:\Programy\Daemon\daemon.exe

PRC - [2007-12-11 12:10:26 | 00,267,048 | ---- | M] (Apple Inc.) -- D:\Programy\iTunes\iTunesHelper.exe

PRC - [2009-09-08 16:08:46 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe

PRC - [2006-02-19 04:21:22 | 00,288,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

PRC - [2007-10-31 14:09:16 | 00,110,592 | ---- | M] (Apple, Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

PRC - [2005-10-11 08:40:32 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehRecvr.exe

PRC - [2005-08-05 13:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehSched.exe

PRC - [2009-09-08 16:08:46 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe

PRC - [2009-09-08 19:44:04 | 00,115,560 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccSvcHst.exe

PRC - [2006-03-03 21:03:10 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe

PRC - [2005-08-05 13:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe

PRC - [2007-12-11 12:10:16 | 00,504,104 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe

PRC - [2005-08-05 13:56:28 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehmsas.exe

PRC - [2009-09-08 19:44:04 | 00,115,560 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccSvcHst.exe

PRC - [2005-05-24 23:41:09 | 00,503,808 | ---- | M] (Stamina) -- D:\Programy\Konnekt\konnekt.exe

PRC - [2009-02-26 10:49:18 | 00,099,328 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe

PRC - [2009-02-06 12:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\wmiprvse.exe

PRC - [2009-09-08 19:54:26 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Milena\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2007-10-31 14:09:16 | 00,110,592 | ---- | M] (Apple, Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])

SRV - [2004-07-15 01:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])

SRV - [2005-10-11 08:40:32 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehRecvr.exe -- (ehRecvr [Auto | Running])

SRV - [2005-08-05 13:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehSched.exe -- (ehSched [Auto | Running])

SRV - [2008-04-14 05:42:04 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])

SRV - [2007-12-11 12:10:16 | 00,504,104 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])

SRV - [2009-09-08 16:08:46 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])

SRV - [2005-08-05 13:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe -- (McrdSvc [Auto | Running])

SRV - [2004-08-10 13:11:50 | 00,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mhn.dll -- (MHN [On_Demand | Stopped])

SRV - [2009-09-08 19:44:04 | 00,115,560 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccSvcHst.exe -- (Norton Internet Security [Auto | Running])

SRV - [2006-03-03 21:03:10 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe -- (Pml Driver HPZ12 [unknown | Running])

SRV - [2009-06-02 10:10:08 | 00,637,952 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped])

SRV - [2005-08-03 18:29:52 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2006-08-24 14:00:00 | 00,141,312 | R--- | M] (Analog Devices, Inc.) -- C:\WINDOWS\System32\drivers\ADIHdAud.sys -- (ADIHdAudAddService [On_Demand | Running])

DRV - [2006-08-24 14:00:00 | 00,127,872 | R--- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\System32\drivers\AEAudio.sys -- (AEAudioService [On_Demand | Running])

DRV - [2003-07-02 17:41:42 | 00,005,248 | ---- | M] ( ) -- C:\WINDOWS\system32\DRIVERS\axwhisky.sys -- (axwhisky [boot | Running])

DRV - [2003-07-02 16:49:52 | 00,124,160 | ---- | M] ( ) -- C:\WINDOWS\system32\DRIVERS\axwskbus.sys -- (axwskbus [boot | Running])

DRV - [2009-09-08 19:44:05 | 00,258,608 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\BHDrvx86.sys -- (BHDrvx86 [system | Running])

DRV - [2009-09-08 19:44:05 | 00,482,352 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\ccHPx86.sys -- (ccHP [system | Running])

DRV - [2006-08-24 14:00:00 | 00,043,008 | ---- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\DRIVERS\fetnd5bv.sys -- (FETND5BV [On_Demand | Running])

DRV - [2006-09-19 14:44:04 | 00,015,664 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])

DRV - [1996-04-03 21:33:26 | 00,005,248 | ---- | M] () -- C:\WINDOWS\system32\giveio.sys -- (giveio [boot | Running])

DRV - [2009-09-06 15:49:20 | 00,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\DRIVERS\hamachi.sys -- (hamachi [On_Demand | Running])

DRV - [2004-10-27 15:21:30 | 00,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Stopped])

DRV - [2008-04-13 22:06:06 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])

DRV - [2009-07-11 21:34:12 | 00,276,344 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090904.002\IDSxpx86.sys -- (IDSxpx86 [system | Running])

DRV - [2006-08-24 14:00:00 | 00,006,912 | ---- | M] (JMicron ) -- C:\WINDOWS\system32\DRIVERS\JGOGO.sys -- (JGOGO [boot | Running])

DRV - [2006-08-24 14:00:00 | 00,042,880 | ---- | M] (JMicron Technology Corp.) -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (jraid [boot | Running])

DRV - [2006-08-24 14:00:00 | 00,005,810 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running])

DRV - [2009-09-07 10:00:00 | 00,084,912 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090907.050\NAVENG.SYS -- (NAVENG [On_Demand | Running])

DRV - [2009-09-07 10:00:00 | 01,323,568 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090907.050\NAVEX15.SYS -- (NAVEX15 [On_Demand | Running])

DRV - [2008-08-26 10:26:12 | 00,018,816 | ---- | M] (Nokia) -- C:\WINDOWS\System32\DRIVERS\pccsmcfd.sys -- (pccsmcfd [On_Demand | Stopped])

DRV - [2006-08-24 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])

DRV - [2006-11-02 16:57:04 | 00,036,624 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [boot | Running])

DRV - [2009-09-04 14:50:00 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- D:\Programy\SUPERantispyware\SASDIFSV.SYS -- (SASDIFSV [system | Running])

DRV - [2009-09-04 14:50:02 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- D:\Programy\SUPERantispyware\SASENUM.SYS -- (SASENUM [On_Demand | Stopped])

DRV - [2009-09-04 14:49:58 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- D:\Programy\SUPERantispyware\SASKUTIL.sys -- (SASKUTIL [system | Running])

DRV - [2008-04-13 22:09:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Running])

DRV - [2006-08-24 14:00:00 | 00,393,088 | R--- | M] (Sensaura) -- C:\WINDOWS\System32\drivers\Senfilt.sys -- (SenFiltService [On_Demand | Running])

DRV - [2006-09-24 15:28:46 | 00,005,248 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\system32\speedfan.sys -- (speedfan [boot | Running])

DRV - [2009-09-08 19:44:06 | 00,307,760 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\SRTSP.SYS -- (SRTSP [On_Demand | Running])

DRV - [2009-09-08 19:44:06 | 00,043,696 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\SRTSPX.SYS -- (SRTSPX [system | Running])

DRV - [2002-08-07 16:00:10 | 00,083,360 | ---- | M] (Generic) -- C:\WINDOWS\system32\DRIVERS\stlth317.sys -- (Stlth317 [boot | Running])

DRV - [2009-09-08 19:44:06 | 00,310,320 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\NIS\1005000.086\SYMEFA.SYS -- (SymEFA [boot | Running])

DRV - [2009-09-08 19:44:11 | 00,124,464 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMEVENT.SYS -- (SymEvent [On_Demand | Running])

DRV - [2009-09-08 19:44:06 | 00,089,776 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\SYMFW.SYS -- (SYMFW [On_Demand | Running])

DRV - [2009-09-08 19:44:06 | 00,034,736 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\SYMIDS.SYS -- (SYMIDS [On_Demand | Running])

DRV - [2009-09-08 19:44:06 | 00,036,400 | R--- | M] (Symantec Corporation) -- C:\WINDOWS\System32\DRIVERS\SymIM.sys -- (SymIM [On_Demand | Stopped])

DRV - [2009-09-08 19:44:06 | 00,036,400 | R--- | M] (Symantec Corporation) -- C:\WINDOWS\System32\DRIVERS\SymIM.sys -- (SymIMMP [On_Demand | Running])

DRV - [2009-09-08 19:44:06 | 00,037,296 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\SYMNDIS.SYS -- (SYMNDIS [On_Demand | Running])

DRV - [2009-09-08 19:44:06 | 00,217,392 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\SYMTDI.SYS -- (SYMTDI [system | Running])

DRV - [2006-08-24 14:00:00 | 00,027,904 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1 [boot | Running])

DRV - [2006-08-24 14:00:00 | 00,254,080 | ---- | M] (Copyright © VIA/S3 Graphics Co, Ltd.) -- C:\WINDOWS\System32\DRIVERS\vtmini.sys -- (viagfx [On_Demand | Running])

DRV - [2006-08-24 14:00:00 | 00,100,992 | ---- | M] (VIA Technologies inc,.ltd) -- C:\WINDOWS\System32\drivers\VIAMRAID.SYS -- (viamraid [boot | Stopped])

DRV - [2006-08-24 14:00:00 | 00,009,728 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videx32 [boot | Running])

DRV - [2006-08-24 14:00:00 | 00,011,264 | ---- | M] (VIA Technologies,Inc) -- C:\WINDOWS\system32\DRIVERS\xfilt.sys -- (xfilt [boot | Running])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.vobis.pl/

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.vobis.pl/

IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.vobis.pl/

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.vobis.pl/

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.vobis.pl/

IE - HKU\S-1-5-21-1417001333-1958367476-839522115-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKU\S-1-5-21-1417001333-1958367476-839522115-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKU\S-1-5-21-1417001333-1958367476-839522115-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.vobis.pl/

IE - HKU\S-1-5-21-1417001333-1958367476-839522115-1001\S-1-5-21-1417001333-1958367476-839522115-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1417001333-1958367476-839522115-1001\S-1-5-21-1417001333-1958367476-839522115-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: D:\Programy\Nokia\Nokia PC Suite 7\bkmrksync\ [2009-09-06 15:46:22 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-09-08 16:08:46 | 00,000,000 | ---D | M]

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\coIEPlg.dll (Symantec Corporation)

O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\IPSBHO.DLL (Symantec Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\coIEPlg.dll (Symantec Corporation)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [DAEMON Tools-1033] D:\Programy\Daemon\daemon.exe (VeNoM386 and SwENSkE)

O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)

O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HDAShCut.exe (Windows ® Server 2003 DDK provider)

O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Development Company, L.P.)

O4 - HKLM..\Run: [iTunesHelper] D:\Programy\iTunes\iTunesHelper.exe (Apple Inc.)

O4 - HKLM..\Run: [QuickTime Task] D:\programy\applequicktime\QTTask.exe (Apple Inc.)

O4 - HKLM..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)

O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)

O4 - HKLM..\Run: [VTTrayp] C:\WINDOWS\System32\VTtrayp.exe (S3 Graphics Co., Ltd.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = D:\Programy\Office\Office10\OSA.EXE (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-1417001333-1958367476-839522115-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Programy\Office\Office10\EXCEL.EXE (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)

O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)

O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\coIEPlg.dll (Symantec Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\!SASWinLogon: DllName - D:\Programy\SUPERantispyware\SASWINLO.dll - D:\Programy\SUPERantispyware\SASWINLO.dll (SUPERAntiSpyware.com)

O24 - Desktop Components:0 (My Current Home Page) - About:Home

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - D:\Programy\SUPERantispyware\SASSEH.DLL (SuperAdBlocker.com)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009-09-06 01:58:19 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2001-04-18 17:25:50 | 00,000,188 | RH-- | M] () - L:\AUTORUN.INF -- [ CDFS ]

O34 - HKLM BootExecute: (autocheck) - File not found

O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)

O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]

[7 C:\WINDOWS\*.tmp files]

[2009-09-08 19:54:25 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Milena\Desktop\OTL.exe

[2009-09-08 19:44:34 | 00,560,436 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\Cat.DB

[2009-09-08 19:44:26 | 00,036,400 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SymIM.sys

[2009-09-08 19:44:11 | 00,124,464 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS

[2009-09-08 19:44:11 | 00,060,808 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL

[2009-09-08 19:44:11 | 00,007,386 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT

[2009-09-08 19:44:11 | 00,000,805 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF

[2009-09-08 19:44:11 | 00,000,000 | ---D | C] -- C:\Program Files\Symantec

[2009-09-08 19:44:11 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared

[2009-09-08 19:44:07 | 00,001,984 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton Internet Security.lnk

[2009-09-08 19:44:06 | 00,310,320 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\SymEFA.sys

[2009-09-08 19:44:06 | 00,307,760 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\srtsp.sys

[2009-09-08 19:44:06 | 00,217,392 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\symtdi.sys

[2009-09-08 19:44:06 | 00,089,776 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\symfw.sys

[2009-09-08 19:44:06 | 00,043,696 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\srtspx.sys

[2009-09-08 19:44:06 | 00,039,984 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\symndisv.sys

[2009-09-08 19:44:06 | 00,037,296 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\symndis.sys

[2009-09-08 19:44:06 | 00,034,736 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\symids.sys

[2009-09-08 19:44:05 | 00,482,352 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\cchpx86.sys

[2009-09-08 19:44:05 | 00,258,608 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\BHDrvx86.sys

[2009-09-08 19:43:57 | 00,003,373 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\SymEFA.inf

[2009-09-08 19:43:57 | 00,001,528 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\SymNet.inf

[2009-09-08 19:43:57 | 00,001,389 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\srtspx.inf

[2009-09-08 19:43:57 | 00,001,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\srtsp.inf

[2009-09-08 19:43:57 | 00,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\isolate.ini

[2009-09-08 19:43:56 | 00,001,753 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\ccHPx86.inf

[2009-09-08 19:43:56 | 00,000,640 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\BHDrvx86.inf

[2009-09-08 19:43:49 | 00,009,423 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\SymNet.cat

[2009-09-08 19:43:49 | 00,007,410 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\SymEFA.cat

[2009-09-08 19:43:49 | 00,007,372 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\srtspx.cat

[2009-09-08 19:43:49 | 00,007,364 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\BHDrvx86.CAT

[2009-09-08 19:43:49 | 00,007,355 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\srtsp.cat

[2009-09-08 19:43:49 | 00,007,347 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\ccHPx86.cat

[2009-09-08 19:43:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS\1005000.086

[2009-09-08 19:43:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS

[2009-09-08 19:43:47 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar

[2009-09-08 19:43:47 | 00,000,000 | ---D | C] -- C:\Program Files\Norton Internet Security

[2009-09-08 19:42:35 | 00,000,000 | ---D | C] -- C:\Program Files\NortonInstaller

[2009-09-08 18:07:24 | 17,228,768 | ---- | C] (Doctor Web, Ltd.) -- C:\Documents and Settings\Milena\Desktop\launch.exe

[2009-09-08 17:32:41 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy

[2009-09-08 17:32:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

[2009-09-08 16:10:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun

[2009-09-08 16:08:43 | 00,000,000 | ---D | C] -- C:\Program Files\Java

[2009-09-08 16:07:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Application Data\Sun

[2009-09-08 15:59:07 | 00,142,334 | ---- | C] () -- C:\Documents and Settings\Milena\My Documents\cc_20090908_155906.reg

[2009-09-08 15:00:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Local Settings\Application Data\Symantec

[2009-09-08 12:12:05 | 24,281,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe

[2009-09-07 15:45:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch

[2009-09-07 15:24:41 | 01,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6.dll

[2009-09-07 15:24:41 | 01,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll

[2009-09-07 15:24:41 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll

[2009-09-07 15:24:41 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll

[2009-09-07 15:24:33 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll

[2009-09-07 15:24:33 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll

[2009-09-07 15:24:33 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe

[2009-09-07 15:24:29 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll

[2009-09-07 15:24:29 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll

[2009-09-07 15:24:29 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll

[2009-09-07 15:24:28 | 00,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll

[2009-09-07 15:24:28 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3svc.dll

[2009-09-07 15:24:28 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll

[2009-09-07 15:24:28 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll

[2009-09-07 15:24:28 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll

[2009-09-07 15:24:28 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll

[2009-09-07 15:24:28 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll

[2009-09-07 15:24:28 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll

[2009-09-07 15:24:28 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsntfy.dll

[2009-09-07 15:24:28 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\credssp.dll

[2009-09-07 15:24:28 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll

[2009-09-07 15:24:27 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll

[2009-09-07 15:24:27 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll

[2009-09-07 15:24:27 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll

[2009-09-07 15:24:27 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll

[2009-09-07 15:24:27 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll

[2009-09-07 15:24:27 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll

[2009-09-07 15:24:27 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapsvc.dll

[2009-09-07 15:24:27 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll

[2009-09-07 15:24:26 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll

[2009-09-07 15:24:26 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll

[2009-09-07 15:24:25 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll

[2009-09-07 15:24:25 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll

[2009-09-07 15:24:25 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll

[2009-09-07 15:24:25 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kmsvc.dll

[2009-09-07 15:24:25 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll

[2009-09-07 15:24:25 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe

[2009-09-07 15:24:25 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll

[2009-09-07 15:24:25 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll

[2009-09-07 15:24:24 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll

[2009-09-07 15:24:24 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe

[2009-09-07 15:24:24 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll

[2009-09-07 15:24:24 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll

[2009-09-07 15:24:24 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll

[2009-09-07 15:24:24 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll

[2009-09-07 15:24:23 | 00,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll

[2009-09-07 15:24:23 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagentrt.dll

[2009-09-07 15:24:23 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll

[2009-09-07 15:24:23 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll

[2009-09-07 15:24:23 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll

[2009-09-07 15:24:23 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll

[2009-09-07 15:24:23 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll

[2009-09-07 15:24:22 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll

[2009-09-07 15:24:22 | 00,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll

[2009-09-07 15:24:22 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll

[2009-09-07 15:24:22 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tspkg.dll

[2009-09-07 15:24:22 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe

[2009-09-07 15:24:22 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax

[2009-09-07 15:24:22 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe

[2009-09-07 15:24:21 | 00,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll

[2009-09-07 15:24:21 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll

[2009-09-07 15:24:20 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmllite.dll

[2009-09-07 15:24:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us

[2009-09-07 15:24:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting

[2009-09-07 15:24:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas

[2009-09-07 15:24:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en

[2009-09-07 15:24:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits

[2009-09-07 15:19:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic

[2009-09-07 15:19:05 | 00,044,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\agpcpq.sys

[2009-09-07 15:19:05 | 00,042,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\alim1541.sys

[2009-09-07 15:19:05 | 00,042,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\agp440.sys

[2009-09-07 15:19:03 | 00,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty

[2009-09-07 15:19:03 | 00,101,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthpan.sys

[2009-09-07 15:19:03 | 00,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod

[2009-09-07 15:19:03 | 00,046,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gagp30kx.sys

[2009-09-07 15:19:03 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthmodem.sys

[2009-09-07 15:19:03 | 00,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys

[2009-09-07 15:19:03 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthusb.sys

[2009-09-07 15:19:03 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthenum.sys

[2009-09-07 15:19:02 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidbth.sys

[2009-09-07 15:19:01 | 00,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img

[2009-09-07 15:19:01 | 00,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rfcomm.sys

[2009-09-07 15:19:01 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys

[2009-09-07 15:19:01 | 00,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys

[2009-09-07 15:19:01 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_mmc.sys

[2009-09-07 15:19:00 | 00,121,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbvideo.sys

[2009-09-07 15:19:00 | 00,044,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\uagp35.sys

[2009-09-07 15:19:00 | 00,042,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\viaagp.sys

[2009-09-07 15:19:00 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wacompen.sys

[2009-09-07 15:19:00 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023x.sys

[2009-09-07 15:19:00 | 00,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys

[2009-09-07 15:15:11 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$

[2009-09-07 14:06:52 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Milena\My Documents\My Videos

[2009-09-07 14:03:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com

[2009-09-07 14:03:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Application Data\SUPERAntiSpyware.com

[2009-09-07 14:02:29 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard

[2009-09-07 02:37:45 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0

[2009-09-07 00:26:37 | 00,000,295 | ---- | C] () -- C:\WINDOWS\Chrome.uns

[2009-09-07 00:26:33 | 00,000,000 | ---D | C] -- C:\S3Graphics

[2009-09-07 00:14:45 | 00,000,000 | ---D | C] -- C:\Program Files\WinRAR

[2009-09-06 23:46:54 | 00,023,552 | R--- | C] (Analog Devices, Inc.) -- C:\WINDOWS\System32\PostProc.dll

[2009-09-06 23:46:53 | 00,393,088 | R--- | C] (Sensaura) -- C:\WINDOWS\System32\drivers\senfilt.sys

[2009-09-06 23:46:53 | 00,141,312 | R--- | C] (Analog Devices, Inc.) -- C:\WINDOWS\System32\drivers\ADIHdAud.sys

[2009-09-06 23:46:52 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups

[2009-09-06 23:46:48 | 01,285,632 | ---- | C] (Analog Devices) -- C:\WINDOWS\System32\SMMedia.dll

[2009-09-06 23:46:48 | 00,053,248 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\wdmioctl.dll

[2009-09-06 23:46:45 | 00,049,152 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\DSndUp.exe

[2009-09-06 23:46:45 | 00,045,056 | ---- | C] (adi) -- C:\WINDOWS\System32\CleanUp.exe

[2009-09-06 23:46:45 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information

[2009-09-06 23:46:45 | 00,000,000 | ---D | C] -- C:\Program Files\Analog Devices

[2009-09-06 23:46:29 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys

[2009-09-06 23:46:27 | 00,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wdmaud.sys

[2009-09-06 23:46:26 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dmusic.sys

[2009-09-06 23:46:21 | 00,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swmidi.sys

[2009-09-06 23:46:20 | 00,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\aec.sys

[2009-09-06 23:46:18 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kmixer.sys

[2009-09-06 23:46:16 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmkaud.sys

[2009-09-06 23:46:14 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sysaudio.sys

[2009-09-06 23:46:12 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mskssrv.sys

[2009-09-06 23:46:10 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspqm.sys

[2009-09-06 23:46:09 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspclock.sys

[2009-09-06 23:45:59 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys

[2009-09-06 23:45:58 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys

[2009-09-06 23:45:57 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax

[2009-09-06 23:45:57 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll

[2009-09-06 23:44:37 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield

[2009-09-06 23:29:20 | 00,000,613 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Konnekt.lnk

[2009-09-06 23:23:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Application Data\Xfire

[2009-09-06 23:22:16 | 00,000,232 | ---- | C] () -- C:\WINDOWS\WINCMD.INI

[2009-09-06 23:21:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Application Data\teamspeak2

[2009-09-06 23:20:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Application Data\Skype

[2009-09-06 23:20:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Local Settings\Application Data\Adobe

[2009-09-06 23:14:56 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\kb913800.exe

[2009-09-06 23:12:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tlen.pl

[2009-09-06 23:10:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Application Data\Tlen.pl

[2009-09-06 23:07:59 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe

[2009-09-06 23:07:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Application Data\Hamachi

[2009-09-06 22:57:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Application Data\Adobe

[2009-09-06 22:57:00 | 00,018,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\Bebiko ScreenSaver.dat

[2009-09-06 22:56:59 | 00,432,992 | ---- | C] (MacSourcery) -- C:\WINDOWS\Bebiko ScreenSaver.scr

[2009-09-06 22:56:59 | 00,040,960 | ---- | C] (MacSourcery) -- C:\WINDOWS\Bebiko ScreenSaver.dll

[2009-09-06 22:15:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\My Documents\Odebrane pliki

[2009-09-06 16:19:10 | 00,000,333 | ---- | C] () -- C:\Documents and Settings\Milena\Desktop\Adobe InDesign CS.lnk

[2009-09-06 16:13:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\My Documents\BattleForge

[2009-09-06 16:01:42 | 00,245,760 | ---- | C] (Iterated Systems, Inc.) -- C:\WINDOWS\System32\DECO_32.DLL

[2009-09-06 15:52:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Application Data\Malwarebytes

[2009-09-06 15:52:37 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2009-09-06 15:52:35 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2009-09-06 15:52:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2009-09-06 15:49:20 | 00,025,280 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\hamachi.sys

[2009-09-06 15:46:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Application Data\Nokia

[2009-09-06 15:46:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Application Data\PC Suite

[2009-09-06 15:46:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Suite

[2009-09-06 15:46:25 | 00,001,616 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nokia PC Suite.lnk

[2009-09-06 15:46:23 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PCSuite

[2009-09-06 15:46:19 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia

[2009-09-06 15:46:12 | 00,000,000 | ---D | C] -- C:\Program Files\DIFX

[2009-09-06 15:46:11 | 00,018,816 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys

[2009-09-06 15:46:07 | 00,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution

[2009-09-06 15:45:58 | 00,091,136 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcls.dll

[2009-09-06 15:45:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Installations

[2009-09-06 15:41:35 | 01,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll

[2009-09-06 15:41:35 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll

[2009-09-06 15:41:34 | 04,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll

[2009-09-06 15:41:34 | 00,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll

[2009-09-06 15:41:34 | 00,069,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll

[2009-09-06 15:41:33 | 02,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll

[2009-09-06 15:41:33 | 00,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll

[2009-09-06 15:41:33 | 00,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll

[2009-09-06 15:41:33 | 00,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll

[2009-09-06 15:41:32 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll

[2009-09-06 15:41:32 | 00,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll

[2009-09-06 15:41:32 | 00,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll

[2009-09-06 15:41:31 | 00,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll

[2009-09-06 15:41:31 | 00,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll

[2009-09-06 15:41:31 | 00,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll

[2009-09-06 15:41:31 | 00,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll

[2009-09-06 15:41:30 | 01,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll

[2009-09-06 15:41:30 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll

[2009-09-06 15:41:30 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll

[2009-09-06 15:41:29 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll

[2009-09-06 15:41:29 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll

[2009-09-06 15:41:29 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll

[2009-09-06 15:41:28 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll

[2009-09-06 15:41:28 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll

[2009-09-06 15:41:28 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll

[2009-09-06 15:41:28 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll

[2009-09-06 15:41:27 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll

[2009-09-06 15:41:27 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll

[2009-09-06 15:41:26 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll

[2009-09-06 15:41:26 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll

[2009-09-06 15:41:26 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll

[2009-09-06 15:41:26 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll

[2009-09-06 15:41:25 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll

[2009-09-06 15:41:24 | 01,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll

[2009-09-06 15:41:24 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll

[2009-09-06 15:41:24 | 00,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll

[2009-09-06 15:41:23 | 03,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll

[2009-09-06 15:41:23 | 00,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll

[2009-09-06 15:41:22 | 01,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll

[2009-09-06 15:41:22 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll

[2009-09-06 15:41:21 | 03,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll

[2009-09-06 15:41:20 | 00,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll

[2009-09-06 15:41:20 | 00,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll

[2009-09-06 15:41:19 | 01,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll

[2009-09-06 15:41:19 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll

[2009-09-06 15:41:18 | 03,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll

[2009-09-06 15:39:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs

[2009-09-06 15:39:05 | 00,000,000 | ---D | C] -- C:\Program Files\SpeedFan

[2009-09-06 15:39:03 | 00,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo

[2009-09-06 15:38:53 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn

[2009-09-06 15:38:53 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for

[2009-09-06 15:38:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Application Data\Apple Computer

[2009-09-06 15:38:20 | 00,000,000 | ---D | C] -- C:\Program Files\iPod

[2009-09-06 15:37:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer

[2009-09-06 15:37:29 | 00,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2009-09-06 15:37:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Local Settings\Application Data\Apple

[2009-09-06 15:37:28 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update

[2009-09-06 15:37:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE

[2009-09-06 15:37:10 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple

[2009-09-06 15:37:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple

[2009-09-06 15:36:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Local Settings\Application Data\Apple Computer

[2009-09-06 15:33:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\QuickTime

[2009-09-06 15:32:50 | 00,000,601 | ---- | C] () -- C:\Documents and Settings\Milena\Desktop\ALLPlayer V2.3.lnk

[2009-09-06 15:22:33 | 00,001,571 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk

[2009-09-06 15:22:23 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Designer

[2009-09-06 15:21:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\ShellNew

[2009-09-06 15:17:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt

[2009-09-06 15:15:20 | 00,001,820 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk

[2009-09-06 15:13:57 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe

[2009-09-06 15:08:23 | 00,000,418 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2009-09-06 14:52:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Application Data\AdobeAUM

[2009-09-06 14:52:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Application Data\AdobeUM

[2009-09-06 14:30:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLEXnet

[2009-09-06 14:20:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe

[2009-09-06 13:57:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HP

[2009-09-06 13:56:54 | 00,000,733 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential.lnk

[2009-09-06 13:56:22 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\HP

[2009-09-06 13:56:13 | 00,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

[2009-09-06 13:55:52 | 00,000,862 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Centrum obsługi HP.lnk

[2009-09-06 13:55:09 | 00,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard

[2009-09-06 13:54:49 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard

[2009-09-06 13:44:00 | 00,000,000 | ---D | C] -- C:\Program Files\HP

[2009-09-06 13:41:15 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys

[2009-09-06 13:28:25 | 00,120,188 | ---- | C] () -- C:\WINDOWS\hpoins11.dat

[2009-09-06 13:27:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Application Data\Sony Corporation

[2009-09-06 13:21:12 | 00,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll

[2009-09-06 13:21:11 | 00,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll

[2009-09-06 13:21:10 | 01,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll

[2009-09-06 13:21:10 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll

[2009-09-06 13:21:09 | 03,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll

[2009-09-06 13:21:08 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll

[2009-09-06 13:21:08 | 00,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll

[2009-09-06 13:21:08 | 00,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll

[2009-09-06 13:21:07 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll

[2009-09-06 13:21:07 | 00,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll

[2009-09-06 13:21:07 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll

[2009-09-06 13:21:07 | 00,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll

[2009-09-06 13:21:06 | 00,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll

[2009-09-06 13:21:06 | 00,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll

[2009-09-06 13:21:06 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll

[2009-09-06 13:21:06 | 00,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll

[2009-09-06 13:21:01 | 02,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll

[2009-09-06 13:21:00 | 02,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll

[2009-09-06 13:21:00 | 00,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll

[2009-09-06 13:21:00 | 00,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll

[2009-09-06 13:20:59 | 02,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll

[2009-09-06 13:20:59 | 02,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll

[2009-09-06 13:20:59 | 00,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll

[2009-09-06 13:20:58 | 02,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll

[2009-09-06 13:20:58 | 02,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll

[2009-09-06 13:20:56 | 02,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll

[2009-09-06 13:19:58 | 00,000,857 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Picture Package Music Transfer.lnk

[2009-09-06 13:19:10 | 00,000,743 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Image Export Tool.lnk

[2009-09-06 13:18:25 | 00,000,781 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PMB - Picture Motion Browser.lnk

[2009-09-06 13:18:25 | 00,000,690 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PMB Guide.lnk

[2009-09-06 13:16:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Application Data\InstallShield

[2009-09-06 07:08:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Local Settings\Application Data\Identities

[2009-09-06 04:14:37 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WMErrPLK.dll

[2009-09-06 04:14:37 | 00,036,946 | ---- | C] () -- C:\WINDOWS\WMPrfPLK.prx

[2009-09-06 04:14:01 | 00,000,000 | ---D | C] -- C:\Program Files\Windows XP MUI Pack

[2009-09-06 04:05:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages

[2009-09-06 04:02:43 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys

[2009-09-06 04:02:43 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidir.sys

[2009-09-06 03:55:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp

[2009-09-06 03:54:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Local Settings\Application Data\ApplicationHistory

[2009-09-06 03:41:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Local Settings\Application Data\Opera

[2009-09-06 03:41:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Application Data\Opera

[2009-09-06 03:41:34 | 00,000,000 | ---D | C] -- C:\Program Files\Opera

[2009-09-06 03:39:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Application Data\Macromedia

[2009-09-06 03:32:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles

[2009-09-06 03:30:27 | 00,000,000 | -HSD | C] -- C:\RECYCLER

[2009-09-06 03:14:36 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthport.sys

[2009-09-06 03:14:36 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys

[2009-09-06 03:13:14 | 00,333,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys

[2009-09-06 03:13:13 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll

[2009-09-06 03:12:56 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys

[2009-09-06 03:12:53 | 01,315,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoe.dll

[2009-09-06 03:12:38 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll

[2009-09-06 03:12:37 | 00,689,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll

[2009-09-06 03:12:37 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe

[2009-09-06 03:11:27 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll

[2009-09-06 03:11:27 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll

[2009-09-06 03:11:27 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe

[2009-09-06 03:11:26 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll

[2009-09-06 03:11:26 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll

[2009-09-06 03:11:26 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll

[2009-09-06 03:11:26 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll

[2009-09-06 03:11:26 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll

[2009-09-06 03:11:26 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe

[2009-09-06 03:11:25 | 02,189,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe

[2009-09-06 03:11:25 | 02,145,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe

[2009-09-06 03:11:24 | 02,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe

[2009-09-06 03:10:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\My Documents\Symantec

[2009-09-06 03:09:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec

[2009-09-06 03:09:21 | 00,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys

[2009-09-06 03:09:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton

[2009-09-06 03:08:48 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll

[2009-09-06 03:08:30 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tzchange.exe

[2009-09-06 03:07:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller

[2009-09-06 03:01:27 | 00,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll

[2009-09-06 03:00:31 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$

[2009-09-06 03:00:15 | 00,026,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe

[2009-09-06 03:00:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall

[2009-09-06 03:00:14 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$

[2009-09-06 02:48:36 | 00,019,480 | ---- | C] () -- C:\Documents and Settings\Milena\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

[2009-09-06 02:47:21 | 05,856,816 | -H-- | C] () -- C:\Documents and Settings\Milena\Local Settings\Application Data\IconCache.db

[2009-09-06 02:44:43 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Milena\My Documents\My Pictures

[2009-09-06 02:44:43 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Milena\My Documents\My Music

[2009-09-06 02:44:43 | 00,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information

[2009-09-06 02:44:39 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Milena\Application Data\Microsoft

[2009-09-06 02:44:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Local Settings\Application Data\Microsoft

[2009-09-06 02:44:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Milena\Application Data\Identities

[2009-09-06 02:44:37 | 10,050,47808 | -HS- | C] () -- C:\hiberfil.sys

[2009-09-06 02:41:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution

[2009-09-06 02:40:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Recorded TV

[2009-09-06 02:40:36 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution

[2009-09-06 02:40:26 | 00,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT

[2009-09-06 02:40:25 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft

[2009-09-06 02:40:22 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD

[2009-09-06 02:39:17 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2009-09-06 02:39:08 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehresko.dll

[2009-09-06 02:39:07 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehresja.dll

[2009-09-06 02:39:07 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehresfr.dll

[2009-09-06 02:39:07 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehresde.dll

[2009-09-06 02:38:57 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehreschs.dll

[2009-09-06 02:38:53 | 00,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls

[2009-09-06 02:38:51 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll

[2009-09-06 02:38:49 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime

[2009-09-06 02:38:49 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime

[2009-09-06 02:38:49 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime

[2009-09-06 02:38:49 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime

[2009-09-06 02:38:48 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime

[2009-09-06 02:38:48 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime

[2009-09-06 02:38:48 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll

[2009-09-06 02:38:48 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys

[2009-09-06 02:38:47 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll

[2009-09-06 02:38:46 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll

[2009-09-06 02:38:46 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll

[2009-09-06 02:38:46 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll

[2009-09-06 02:38:46 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll

[2009-09-06 02:38:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll

[2009-09-06 02:38:46 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll

[2009-09-06 02:38:45 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll

[2009-09-06 02:38:45 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime

[2009-09-06 02:38:44 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe

[2009-09-06 02:38:43 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime

[2009-09-06 02:38:43 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe

[2009-09-06 02:38:43 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll

[2009-09-06 02:38:43 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe

[2009-09-06 02:38:43 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys

[2009-09-06 02:38:43 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys

[2009-09-06 02:38:43 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys

[2009-09-06 02:38:43 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll

[2009-09-06 02:38:41 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll

[2009-09-06 02:38:41 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll

[2009-09-06 02:38:40 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll

[2009-09-06 02:38:39 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll

[2009-09-06 02:38:39 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll

[2009-09-06 02:38:38 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll

[2009-09-06 02:38:38 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll

[2009-09-06 02:38:38 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll

[2009-09-06 02:38:38 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll

[2009-09-06 02:38:38 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll

[2009-09-06 02:38:38 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll

[2009-09-06 02:38:38 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll

[2009-09-06 02:38:38 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll

[2009-09-06 02:38:38 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll

[2009-09-06 02:38:38 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll

[2009-09-06 02:38:38 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll

[2009-09-06 02:38:37 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll

[2009-09-06 02:38:37 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll

[2009-09-06 02:38:37 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll

[2009-09-06 02:38:37 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll

[2009-09-06 02:38:37 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll

[2009-09-06 02:38:37 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll

[2009-09-06 02:38:37 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll

[2009-09-06 02:38:35 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll

[2009-09-06 02:38:35 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll

[2009-09-06 02:38:34 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll

[2009-09-06 02:38:34 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll

[2009-09-06 02:38:33 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime

[2009-09-06 02:38:33 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe

[2009-09-06 02:38:33 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe

[2009-09-06 02:38:31 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime

[2009-09-06 02:38:31 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe

[2009-09-06 02:38:31 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe

[2009-09-06 02:38:30 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll

[2009-09-06 02:38:30 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls

[2009-09-06 02:38:30 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls

[2009-09-06 02:38:30 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe

[2009-09-06 02:38:30 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll

[2009-09-06 02:38:30 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll

[2009-09-06 02:38:30 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll

[2009-09-06 02:38:29 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime

[2009-09-06 02:38:29 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll

[2009-09-06 02:38:29 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime

[2009-09-06 02:38:29 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll

[2009-09-06 02:38:29 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll

[2009-09-06 02:38:29 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll

[2009-09-06 02:38:29 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll

[2009-09-06 02:38:28 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll

[2009-09-06 02:38:28 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll

[2009-09-06 02:38:28 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll

[2009-09-06 02:38:27 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll

[2009-09-06 02:38:27 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll

[2009-09-06 02:38:26 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll

[2009-09-06 02:38:25 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll

[2009-09-06 02:38:22 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex

[2009-09-06 02:38:22 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll

[2009-09-06 02:38:18 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys

[2009-09-06 02:38:18 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll

[2009-09-06 02:38:17 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll

[2009-09-06 02:38:17 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll

[2009-09-06 02:38:16 | 00,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls

[2009-09-06 02:38:16 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll

[2009-09-06 02:38:15 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex

[2009-09-06 02:38:15 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll

[2009-09-06 02:38:15 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll

[2009-09-06 02:38:15 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll

[2009-09-06 02:38:15 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll

[2009-09-06 02:38:15 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll

[2009-09-06 02:38:15 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll

[2009-09-06 02:38:14 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll

[2009-09-06 02:38:14 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll

[2009-09-06 02:38:14 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll

[2009-09-06 02:38:14 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll

[2009-09-06 02:38:14 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll

[2009-09-06 02:38:14 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll

[2009-09-06 02:38:14 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll

[2009-09-06 02:38:14 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll

[2009-09-06 02:38:14 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll

[2009-09-06 02:38:14 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll

[2009-09-06 02:38:14 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll

[2009-09-06 02:38:14 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll

[2009-09-06 02:38:14 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll

[2009-09-06 02:38:14 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll

[2009-09-06 02:38:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll

[2009-09-06 02:38:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll

[2009-09-06 02:38:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll

[2009-09-06 02:38:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll

[2009-09-06 02:38:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll

[2009-09-06 02:38:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll

[2009-09-06 02:38:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll

[2009-09-06 02:38:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll

[2009-09-06 02:38:13 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll

[2009-09-06 02:38:13 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll

[2009-09-06 02:38:13 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll

[2009-09-06 02:38:12 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll

[2009-09-06 02:38:12 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll

[2009-09-06 02:38:12 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll

[2009-09-06 02:38:12 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll

[2009-09-06 02:38:11 | 00,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll

[2009-09-06 02:38:11 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll

[2009-09-06 02:38:10 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll

[2009-09-06 02:38:10 | 00,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe

[2009-09-06 02:38:10 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll

[2009-09-06 02:38:10 | 00,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe

[2009-09-06 02:38:10 | 00,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe

[2009-09-06 02:38:10 | 00,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe

[2009-09-06 02:38:10 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe

[2009-09-06 02:38:10 | 00,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe

[2009-09-06 02:38:10 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll

[2009-09-06 02:38:10 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe

[2009-09-06 02:38:10 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe

[2009-09-06 02:38:10 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe

[2009-09-06 02:38:09 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll

[2009-09-06 02:38:09 | 00,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll

[2009-09-06 02:38:09 | 00,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll

[2009-09-06 02:38:09 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime

[2009-09-06 02:38:09 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe

[2009-09-06 02:38:09 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll

[2009-09-06 02:38:09 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll

[2009-09-06 02:38:09 | 00,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll

[2009-09-06 02:38:09 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe

[2009-09-06 02:38:09 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe

[2009-09-06 02:38:08 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex

[2009-09-06 02:38:08 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll

[2009-09-06 02:38:08 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime

[2009-09-06 02:38:08 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll

[2009-09-06 02:38:08 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll

[2009-09-06 02:38:08 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe

[2009-09-06 02:38:08 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll

[2009-09-06 02:38:04 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll

[2009-09-06 02:38:01 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll

[2009-09-06 02:37:58 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll

[2009-09-06 02:37:56 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex

[2009-09-06 02:37:56 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll

[2009-09-06 02:37:55 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll

[2009-09-06 02:37:55 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe

[2009-09-06 02:37:54 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll

[2009-09-06 02:37:54 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll

[2009-09-06 02:37:54 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll

[2009-09-06 02:37:54 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll

[2009-09-06 02:37:53 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll

[2009-09-06 02:37:53 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe

[2009-09-06 02:37:52 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys

[2009-09-06 02:37:51 | 00,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll

[2009-09-06 02:37:48 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime

[2009-09-06 02:37:47 | 00,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe

[2009-09-06 02:37:47 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe

[2009-09-06 02:37:47 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll

[2009-09-06 02:37:47 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll

[2009-09-06 02:37:47 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe

[2009-09-06 02:37:46 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe

[2009-09-06 02:37:46 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime

[2009-09-06 02:37:45 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll

[2009-09-06 02:37:45 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll

[2009-09-06 02:37:45 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll

[2009-09-06 02:37:45 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll

[2009-09-06 02:37:45 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll

[2009-09-06 02:37:44 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll

[2009-09-06 02:37:44 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime

[2009-09-06 02:37:44 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe

[2009-09-06 02:37:44 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe

[2009-09-06 02:37:44 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe

[2009-09-06 02:37:44 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe

[2009-09-06 02:37:43 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls

[2009-09-06 02:37:43 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys

[2009-09-06 02:37:43 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll

[2009-09-06 02:37:43 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll

[2009-09-06 02:37:42 | 00,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls

[2009-09-06 02:37:42 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls

[2009-09-06 02:37:42 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls

[2009-09-06 02:37:42 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls

[2009-09-06 02:37:42 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls

[2009-09-06 02:37:42 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls

[2009-09-06 02:37:42 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls

[2009-09-06 02:37:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls

[2009-09-06 02:37:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls

[2009-09-06 02:37:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls

[2009-09-06 02:37:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls

[2009-09-06 02:37:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls

[2009-09-06 02:37:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls

[2009-09-06 02:37:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls

[2009-09-06 02:37:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls

[2009-09-06 02:37:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls

[2009-09-06 02:37:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls

[2009-09-06 02:37:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls

[2009-09-06 02:37:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls

[2009-09-06 02:37:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls

[2009-09-06 02:37:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls

[2009-09-06 02:37:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls

[2009-09-06 02:37:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls

[2009-09-06 02:37:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls

[2009-09-06 02:37:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls

[2009-09-06 02:37:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls

[2009-09-06 02:37:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls

[2009-09-06 02:37:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls

[2009-09-06 02:37:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls

[2009-09-06 02:37:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls

[2009-09-06 02:37:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls

[2009-09-06 02:37:40 | 00,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls

[2009-09-06 02:37:40 | 00,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls

[2009-09-06 02:37:40 | 00,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls

[2009-09-06 02:37:40 | 00,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls

[2009-09-06 02:37:40 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls

[2009-09-06 02:37:40 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls

[2009-09-06 02:37:40 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls

[2009-09-06 02:37:40 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls

[2009-09-06 02:37:40 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls

[2009-09-06 02:37:40 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls

[2009-09-06 02:37:40 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls

[2009-09-06 02:37:40 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls

[2009-09-06 02:37:40 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls

[2009-09-06 02:37:40 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls

[2009-09-06 02:37:39 | 00,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls

[2009-09-06 02:37:39 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls

[2009-09-06 02:37:39 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls

[2009-09-06 02:37:39 | 00,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls

[2009-09-06 02:37:39 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls

[2009-09-06 02:37:39 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls

[2009-09-06 02:37:39 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls

[2009-09-06 02:37:39 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls

[2009-09-06 02:37:39 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls

[2009-09-06 02:37:39 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls

[2009-09-06 02:37:39 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls

[2009-09-06 02:37:39 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls

[2009-09-06 02:37:38 | 00,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls

[2009-09-06 02:37:38 | 00,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls

[2009-09-06 02:37:38 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll

[2009-09-06 02:37:37 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll

[2009-09-06 02:37:37 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll

[2009-09-06 02:37:37 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll

[2009-09-06 02:37:37 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll

[2009-09-06 02:37:35 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll

[2009-09-06 02:37:35 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll

[2009-09-06 02:37:35 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll

[2009-09-06 02:37:34 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll

[2009-09-06 02:37:34 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll

[2009-09-06 02:37:32 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll

[2009-09-06 02:37:32 | 00,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe

[2009-09-06 02:37:27 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll

[2009-09-06 02:37:27 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll

[2009-09-06 02:37:27 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe

[2009-09-06 02:37:27 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll

[2009-09-06 02:37:26 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe

[2009-09-06 02:37:26 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll

[2009-09-06 02:37:24 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx

[2009-09-06 02:37:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom

[2009-09-06 02:37:21 | 00,000,000 | ---D | C] -- C:\Program Files\xerox

[2009-09-06 02:37:21 | 00,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage

[2009-09-06 02:29:22 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music

[2009-09-06 02:28:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration

[2009-09-06 02:27:59 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures

[2009-09-06 02:27:35 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos

[2009-09-06 01:58:56 | 00,000,000 | ---D | C] -- C:\Temp

[2009-09-06 01:58:50 | 00,000,000 | ---D | C] -- C:\Program Files\Shavlik Technologies

[2009-09-06 01:58:45 | 00,000,000 | ---D | C] -- C:\Program Files\AIDA32

[2009-09-06 01:58:28 | 00,260,272 | RHS- | C] () -- C:\cmldr

[2009-09-06 01:58:22 | 00,000,000 | RHSD | C] -- C:\cmdcons

[2009-09-06 01:58:19 | 00,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT

[2009-09-06 01:58:19 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS

[2009-09-06 01:58:19 | 00,000,000 | RHS- | C] () -- C:\IO.SYS

[2009-09-06 01:58:19 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS

[2009-09-06 01:58:19 | 00,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT

[2009-09-06 01:58:15 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb

[2009-09-06 01:58:15 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb

[2009-09-06 01:58:14 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx

[2009-09-06 01:58:11 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll

[2009-09-06 01:57:04 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest

[2009-09-06 01:57:04 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest

[2009-09-06 01:57:04 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files

[2009-09-06 01:57:04 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages

[2009-09-06 01:57:00 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest

[2009-09-06 01:57:00 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest

[2009-09-06 01:57:00 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest

[2009-09-06 01:57:00 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest

[2009-09-06 01:57:00 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest

[2009-09-06 01:57:00 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest

[2009-09-06 01:56:57 | 00,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate

[2009-09-06 01:56:51 | 04,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex

[2009-09-06 01:56:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX

[2009-09-06 01:56:33 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe

[2009-09-06 01:56:33 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll

[2009-09-06 01:56:33 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll

[2009-09-06 01:56:33 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll

[2009-09-06 01:56:32 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe

[2009-09-06 01:56:32 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll

[2009-09-06 01:56:31 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp

[2009-09-06 01:56:31 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp

[2009-09-06 01:56:27 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg723.acm

[2009-09-06 01:56:27 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe

[2009-09-06 01:56:27 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe

[2009-09-06 01:56:27 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll

[2009-09-06 01:56:27 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe

[2009-09-06 01:56:27 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll

[2009-09-06 01:56:27 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe

[2009-09-06 01:56:27 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf

[2009-09-06 01:56:26 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll

[2009-09-06 01:56:26 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll

[2009-09-06 01:56:26 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Services

[2009-09-06 01:56:24 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll

[2009-09-06 01:56:24 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe

[2009-09-06 01:56:24 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll

[2009-09-06 01:56:24 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll

[2009-09-06 01:56:24 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll

[2009-09-06 01:56:24 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll

[2009-09-06 01:56:24 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll

[2009-09-06 01:56:24 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe

[2009-09-06 01:56:24 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll

[2009-09-06 01:56:24 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks

[2009-09-06 01:56:24 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap

[2009-09-06 01:56:23 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx

[2009-09-06 01:56:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed

[2009-09-06 01:56:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst

[2009-09-06 01:56:20 | 00,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe

[2009-09-06 01:56:20 | 00,819,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe

[2009-09-06 01:56:20 | 00,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll

[2009-09-06 01:56:20 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll

[2009-09-06 01:56:20 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe

[2009-09-06 01:56:19 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll

[2009-09-06 01:56:19 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll

[2009-09-06 01:56:19 | 00,323,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll

[2009-09-06 01:56:19 | 00,213,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl

[2009-09-06 01:56:19 | 00,202,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuweb.dll

[2009-09-06 01:56:19 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll

[2009-09-06 01:56:19 | 00,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe

[2009-09-06 01:56:19 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt.exe

[2009-09-06 01:56:19 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll

[2009-09-06 01:56:19 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll

[2009-09-06 01:56:19 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauserv.dll

[2009-09-06 01:56:18 | 00,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll

[2009-09-06 01:56:18 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll

[2009-09-06 01:56:18 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll

[2009-09-06 01:56:18 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll

[2009-09-06 01:56:13 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll

[2009-09-06 01:56:13 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll

[2009-09-06 01:56:13 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll

[2009-09-06 01:56:13 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll

[2009-09-06 01:56:11 | 00,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fltmgr.sys

[2009-09-06 01:56:11 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe

[2009-09-06 01:56:11 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltlib.dll

[2009-09-06 01:56:10 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll

[2009-09-06 01:56:10 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msh261.drv

[2009-09-06 01:56:10 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll

[2009-09-06 01:56:10 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll

[2009-09-06 01:56:10 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys

[2009-09-06 01:56:10 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll

[2009-09-06 01:56:10 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll

[2009-09-06 01:56:10 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmsrvc.exe

[2009-09-06 01:56:10 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll

[2009-09-06 01:56:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore

[2009-09-06 01:56:09 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll

[2009-09-06 01:56:08 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll

[2009-09-06 01:56:08 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll

[2009-09-06 01:56:08 | 00,000,000 | ---D | C] -- C:\Program Files\NetMeeting

[2009-09-06 01:56:07 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcomm.dll

[2009-09-06 01:56:07 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll

[2009-09-06 01:56:06 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstask.dll

[2009-09-06 01:56:06 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schedsvc.dll

[2009-09-06 01:56:06 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe

[2009-09-06 01:56:06 | 00,000,000 | ---D | C] -- C:\Program Files\Outlook Express

[2009-09-06 01:56:05 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll

[2009-09-06 01:56:05 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll

[2009-09-06 01:56:05 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll

[2009-09-06 01:56:05 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll

[2009-09-06 01:56:02 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll

[2009-09-06 01:56:02 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\System

[2009-09-06 01:56:01 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx

[2009-09-06 01:56:01 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Explorer

[2009-09-06 01:55:31 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly

[2009-09-06 01:55:16 | 00,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2009-09-06 01:55:15 | 00,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications

[2009-09-06 01:55:11 | 00,000,000 | ---D | C] -- C:\Program Files\Online Services

[2009-09-06 01:55:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET

[2009-09-06 01:54:57 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Player

[2009-09-06 01:54:42 | 01,742,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mypixdx.scr

[2009-09-06 01:54:42 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Plus

[2009-09-06 01:54:41 | 07,093,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\space.scr

[2009-09-06 01:54:40 | 04,396,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wpgldfsh.scr

[2009-09-06 01:54:39 | 03,343,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nature.scr

[2009-09-06 01:54:38 | 05,068,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\davinci.scr

[2009-09-06 01:54:34 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mhn.dll

[2009-09-06 01:54:34 | 00,011,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mhndrv.sys

[2009-09-06 01:54:34 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\igdetect.dll

[2009-09-06 01:54:31 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll

[2009-09-06 01:54:31 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll

[2009-09-06 01:54:31 | 00,000,000 | ---D | C] -- C:\Program Files\Movie Maker

[2009-09-06 01:53:55 | 00,462,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehsqqp20.dll

[2009-09-06 01:53:55 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehsqdb20.dll

[2009-09-06 01:53:55 | 00,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdatunepia.dll

[2009-09-06 01:53:55 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehsqse20.dll

[2009-09-06 01:53:55 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\medctrro.exe

[2009-09-06 01:53:55 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehmsas.exe

[2009-09-06 01:53:50 | 10,604,352 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ehcir.ird

[2009-09-06 01:53:50 | 01,370,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehchsime.dll

[2009-09-06 01:53:50 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehcommon.dll

[2009-09-06 01:53:50 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehjpnime.dll

[2009-09-06 01:53:50 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehentt.dll

[2009-09-06 01:53:50 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehiuserxp.dll

[2009-09-06 01:53:49 | 03,219,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehshell.exe

[2009-09-06 01:53:49 | 01,863,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehcm.dll

[2009-09-06 01:53:49 | 00,492,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehui.dll

[2009-09-06 01:53:49 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehdrop.dll

[2009-09-06 01:53:49 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehSched.exe

[2009-09-06 01:53:49 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehRec.exe

[2009-09-06 01:53:49 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehtray.exe

[2009-09-06 01:53:49 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehdebug.dll

[2009-09-06 01:53:45 | 08,843,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehres.dll

[2009-09-06 01:53:45 | 01,349,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehuihlp.dll

[2009-09-06 01:53:45 | 00,864,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehepg.dll

[2009-09-06 01:53:45 | 00,269,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehglid.dll

[2009-09-06 01:53:45 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\debugsvc.dll

[2009-09-06 01:53:45 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehepgdat.dll

[2009-09-06 01:53:45 | 00,097,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehProxy.dll

[2009-09-06 01:53:45 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehepgdec.dll

[2009-09-06 01:53:45 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehepgnet.dll

[2009-09-06 01:53:44 | 00,389,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehRecObj.dll

[2009-09-06 01:53:44 | 00,389,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehiProxy.dll

[2009-09-06 01:53:44 | 00,307,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehPlayer.dll

[2009-09-06 01:53:44 | 00,278,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehiVidCtl.dll

[2009-09-06 01:53:44 | 00,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehiPlay.dll

[2009-09-06 01:53:44 | 00,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehiwmp.dll

[2009-09-06 01:53:44 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehCIR.dll

[2009-09-06 01:53:44 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehiExtens.dll

[2009-09-06 01:53:43 | 00,000,000 | ---D | C] -- C:\Program Files\Messenger

[2009-09-06 01:53:42 | 02,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll

[2009-09-06 01:53:42 | 01,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll

[2009-09-06 01:53:42 | 00,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll

[2009-09-06 01:53:42 | 00,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll

[2009-09-06 01:53:42 | 00,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll

[2009-09-06 01:53:42 | 00,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll

[2009-09-06 01:53:42 | 00,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe

[2009-09-06 01:53:42 | 00,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe

[2009-09-06 01:53:42 | 00,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe

[2009-09-06 01:53:42 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe

[2009-09-06 01:53:42 | 00,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll

[2009-09-06 01:53:41 | 01,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll

[2009-09-06 01:53:41 | 01,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll

[2009-09-06 01:53:41 | 00,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll

[2009-09-06 01:53:41 | 00,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll

[2009-09-06 01:53:41 | 00,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll

[2009-09-06 01:53:41 | 00,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll

[2009-09-06 01:53:41 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe

[2009-09-06 01:53:41 | 00,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll

[2009-09-06 01:53:41 | 00,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll

[2009-09-06 01:53:41 | 00,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll

[2009-09-06 01:53:41 | 00,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll

[2009-09-06 01:53:40 | 00,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe

[2009-09-06 01:53:40 | 00,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll

[2009-09-06 01:53:40 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe

[2009-09-06 01:53:40 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe

[2009-09-06 01:53:40 | 00,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone

[2009-09-06 01:53:35 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe

[2009-09-06 01:53:35 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe

[2009-09-06 01:53:34 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll

[2009-09-06 01:53:34 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll

[2009-09-06 01:53:34 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll

[2009-09-06 01:53:34 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll

[2009-09-06 01:53:34 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe

[2009-09-06 01:53:34 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe

[2009-09-06 01:53:34 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll

[2009-09-06 01:53:34 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll

[2009-09-06 01:53:31 | 00,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce

[2009-09-06 01:53:31 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp

[2009-09-06 01:53:31 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp

[2009-09-06 01:53:31 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp

[2009-09-06 01:53:31 | 00,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp

[2009-09-06 01:53:31 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp

[2009-09-06 01:53:31 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp

[2009-09-06 01:53:31 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp

[2009-09-06 01:53:31 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp

[2009-09-06 01:53:31 | 00,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp

[2009-09-06 01:53:31 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp

[2009-09-06 01:53:31 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp

[2009-09-06 01:53:30 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll

[2009-09-06 01:53:30 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll

[2009-09-06 01:53:30 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe

[2009-09-06 01:53:30 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe

[2009-09-06 01:53:30 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe

[2009-09-06 01:53:30 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe

[2009-09-06 01:53:30 | 00,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce

[2009-09-06 01:53:30 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe

[2009-09-06 01:53:30 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe

[2009-09-06 01:53:30 | 00,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce

[2009-09-06 01:53:30 | 00,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce

[2009-09-06 01:53:30 | 00,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce

[2009-09-06 01:53:30 | 00,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce

[2009-09-06 01:53:30 | 00,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce

[2009-09-06 01:53:30 | 00,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce

[2009-09-06 01:53:29 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe

[2009-09-06 01:53:29 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe

[2009-09-06 01:53:29 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe

[2009-09-06 01:53:29 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe

[2009-09-06 01:53:29 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe

[2009-09-06 01:53:29 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe

[2009-09-06 01:53:29 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe

[2009-09-06 01:53:29 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe

[2009-09-06 01:53:29 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe

[2009-09-06 01:53:29 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe

[2009-09-06 01:53:29 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe

[2009-09-06 01:53:29 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe

[2009-09-06 01:53:29 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe

[2009-09-06 01:53:29 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe

[2009-09-06 01:53:29 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe

[2009-09-06 01:53:29 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe

[2009-09-06 01:53:29 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe

[2009-09-06 01:53:29 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe

[2009-09-06 01:53:29 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe

[2009-09-06 01:53:29 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe

[2009-09-06 01:53:29 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe

[2009-09-06 01:53:29 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe

[2009-09-06 01:53:29 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe

[2009-09-06 01:53:29 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe

[2009-09-06 01:53:29 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll

[2009-09-06 01:53:29 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll

[2009-09-06 01:53:29 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h

[2009-09-06 01:53:29 | 00,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd

[2009-09-06 01:53:28 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll

[2009-09-06 01:53:28 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll

[2009-09-06 01:53:28 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll

[2009-09-06 01:53:28 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe

[2009-09-06 01:53:28 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe

[2009-09-06 01:53:28 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb

[2009-09-06 01:53:28 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe

[2009-09-06 01:53:28 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe

[2009-09-06 01:53:28 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll

[2009-09-06 01:53:28 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll

[2009-09-06 01:53:28 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe

[2009-09-06 01:53:28 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe

[2009-09-06 01:53:28 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe

[2009-09-06 01:53:28 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll

[2009-09-06 01:53:28 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h

[2009-09-06 01:53:27 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll

[2009-09-06 01:53:27 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll

[2009-09-06 01:53:27 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll

[2009-09-06 01:53:27 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll

[2009-09-06 01:53:25 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll

[2009-09-06 01:53:25 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll

[2009-09-06 01:53:25 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll

[2009-09-06 01:53:25 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll

[2009-09-06 01:53:25 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll

[2009-09-06 01:53:25 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb

[2009-09-06 01:53:25 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll

[2009-09-06 01:53:25 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll

[2009-09-06 01:53:25 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll

[2009-09-06 01:53:25 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb

[2009-09-06 01:53:25 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe

[2009-09-06 01:53:25 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll

[2009-09-06 01:53:25 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe

[2009-09-06 01:53:25 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll

[2009-09-06 01:53:24 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll

[2009-09-06 01:53:24 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc

[2009-09-06 01:53:24 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll

[2009-09-06 01:53:16 | 00,000,000 | ---D | C] -- C:\Program Files\MSN

[2009-09-06 01:53:15 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe

[2009-09-06 01:53:15 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe

[2009-09-06 01:53:15 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe

[2009-09-06 01:53:15 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe

[2009-09-06 01:53:15 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe

[2009-09-06 01:53:15 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl

[2009-09-06 01:53:15 | 00,000,000 | ---D | C] -- C:\Program Files\Windows NT

[2009-09-06 01:53:14 | 02,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstscax.dll

[2009-09-06 01:53:14 | 02,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll

[2009-09-06 01:53:14 | 00,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe

[2009-09-06 01:53:14 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe

[2009-09-06 01:53:14 | 00,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe

[2009-09-06 01:53:14 | 00,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys

[2009-09-06 01:53:14 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe

[2009-09-06 01:53:14 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll

[2009-09-06 01:53:14 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys

[2009-09-06 01:53:14 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys

[2009-09-06 01:53:13 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll

[2009-09-06 01:53:13 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll

[2009-09-06 01:53:13 | 00,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe

[2009-09-06 01:53:13 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll

[2009-09-06 01:53:13 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe

[2009-09-06 01:53:13 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe

[2009-09-06 01:53:13 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotepg.dll

[2009-09-06 01:53:13 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe

[2009-09-06 01:53:13 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe

[2009-09-06 01:53:13 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll

[2009-09-06 01:53:13 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll

[2009-09-06 01:53:13 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe

[2009-09-06 01:53:13 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe

[2009-09-06 01:53:13 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll

[2009-09-06 01:53:12 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll

[2009-09-06 01:53:12 | 00,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll

[2009-09-06 01:53:12 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll

[2009-09-06 01:53:12 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll

[2009-09-06 01:53:12 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll

[2009-09-06 01:53:12 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll

[2009-09-06 01:53:12 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe

[2009-09-06 01:53:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc

[2009-09-06 01:53:11 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll

[2009-09-06 01:53:11 | 00,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll

[2009-09-06 01:53:11 | 00,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll

[2009-09-06 01:53:11 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll

[2009-09-06 01:53:11 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll

[2009-09-06 01:53:11 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll

[2009-09-06 01:53:11 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll

[2009-09-06 01:53:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Com

[2009-09-06 01:53:10 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatq.dll

[2009-09-06 01:53:07 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll

[2009-09-06 01:53:06 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll

[2009-09-06 01:53:06 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll

[2009-09-06 01:53:06 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll

[2009-09-06 01:53:05 | 00,196,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpdr.sys

[2009-09-06 01:53:05 | 00,040,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\termdd.sys

[2009-09-05 19:23:58 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft

[2009-09-05 18:52:05 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\audstub.sys

[2009-09-05 18:51:57 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hidserv.dll

[2009-09-05 18:51:35 | 00,057,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\redbook.sys

[2009-09-05 18:51:08 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll

[2009-09-05 18:50:03 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer

[2009-09-05 18:50:03 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC

[2009-09-05 18:50:02 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll

[2009-09-05 18:50:02 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll

[2009-09-05 18:50:01 | 01,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd

[2009-09-05 18:50:01 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll

[2009-09-05 18:50:01 | 00,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa

[2009-09-05 18:50:01 | 00,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa

[2009-09-05 18:50:01 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe

[2009-09-05 18:50:01 | 00,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf

[2009-09-05 18:50:01 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines

[2009-09-05 18:50:00 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared

[2009-09-05 18:50:00 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files

[2009-09-05 18:50:00 | 00,000,000 | ---D | C] -- C:\Program Files

[2009-09-05 18:49:59 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls

[2009-09-05 18:49:59 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls

[2009-09-05 18:49:59 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll

[2009-09-05 18:49:59 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll

[2009-09-05 18:49:59 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll

[2009-09-05 18:49:59 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll

[2009-09-05 18:49:59 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll

[2009-09-05 18:49:59 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll

[2009-09-05 18:49:58 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls

[2009-09-05 18:49:58 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls

[2009-09-05 18:49:58 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls

[2009-09-05 18:49:58 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls

[2009-09-05 18:49:58 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls

[2009-09-05 18:49:58 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls

[2009-09-05 18:49:58 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll

[2009-09-05 18:49:58 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll

[2009-09-05 18:49:57 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls

[2009-09-05 18:49:57 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls

[2009-09-05 18:49:57 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls

[2009-09-05 18:49:57 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS

[2009-09-05 18:49:57 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls

[2009-09-05 18:49:57 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls

[2009-09-05 18:49:57 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll

[2009-09-05 18:49:57 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll

[2009-09-05 18:49:57 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll

[2009-09-05 18:49:57 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll

[2009-09-05 18:49:57 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll

[2009-09-05 18:49:57 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll

[2009-09-05 18:49:57 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll

[2009-09-05 18:49:57 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll

[2009-09-05 18:49:57 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll

[2009-09-05 18:49:57 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll

[2009-09-05 18:49:57 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll

[2009-09-05 18:49:57 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll

[2009-09-05 18:49:57 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll

[2009-09-05 18:49:57 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll

[2009-09-05 18:49:57 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll

[2009-09-05 18:49:57 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll

[2009-09-05 18:49:57 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll

[2009-09-05 18:49:57 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll

[2009-09-05 18:49:57 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll

[2009-09-05 18:49:57 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll

[2009-09-05 18:49:57 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll

[2009-09-05 18:49:57 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll

[2009-09-05 18:49:56 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls

[2009-09-05 18:49:56 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls

[2009-09-05 18:49:56 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls

[2009-09-05 18:49:56 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls

[2009-09-05 18:49:56 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls

[2009-09-05 18:49:56 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls

[2009-09-05 18:49:56 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls

[2009-09-05 18:49:56 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls

[2009-09-05 18:49:56 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS

[2009-09-05 18:49:56 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls

[2009-09-05 18:49:56 | 00,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll

[2009-09-05 18:49:56 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll

[2009-09-05 18:49:56 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll

[2009-09-05 18:49:56 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll

[2009-09-05 18:49:56 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll

[2009-09-05 18:49:56 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll

[2009-09-05 18:49:56 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll

[2009-09-05 18:49:56 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll

[2009-09-05 18:49:56 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll

[2009-09-05 18:49:56 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll

[2009-09-05 18:49:56 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll

[2009-09-05 18:49:56 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll

[2009-09-05 18:49:56 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll

[2009-09-05 18:49:56 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll

[2009-09-05 18:49:55 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls

[2009-09-05 18:49:55 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls

[2009-09-05 18:49:55 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls

[2009-09-05 18:49:55 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls

[2009-09-05 18:49:55 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls

[2009-09-05 18:49:55 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS

[2009-09-05 18:49:55 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll

[2009-09-05 18:49:55 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll

[2009-09-05 18:49:55 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll

[2009-09-05 18:49:55 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll

[2009-09-05 18:49:55 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll

[2009-09-05 18:49:55 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll

[2009-09-05 18:49:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll

[2009-09-05 18:49:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll

[2009-09-05 18:49:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll

[2009-09-05 18:49:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll

[2009-09-05 18:49:54 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_852.nls

[2009-09-05 18:49:54 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls

[2009-09-05 18:49:54 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls

[2009-09-05 18:49:54 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls

[2009-09-05 18:49:54 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls

[2009-09-05 18:49:54 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls

[2009-09-05 18:49:54 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls

[2009-09-05 18:49:54 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls

[2009-09-05 18:49:54 | 00,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll

[2009-09-05 18:49:54 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll

[2009-09-05 18:49:54 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll

[2009-09-05 18:49:54 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll

[2009-09-05 18:49:54 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll

[2009-09-05 18:49:54 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll

[2009-09-05 18:49:54 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll

[2009-09-05 18:49:54 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll

[2009-09-05 18:49:54 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll

[2009-09-05 18:49:54 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll

[2009-09-05 18:49:54 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL

[2009-09-05 18:49:54 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll

[2009-09-05 18:49:54 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll

[2009-09-05 18:49:54 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll

[2009-09-05 18:49:54 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll

[2009-09-05 18:49:54 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll

[2009-09-05 18:49:54 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll

[2009-09-05 18:49:54 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll

[2009-09-05 18:49:54 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll

[2009-09-05 18:49:54 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll

[2009-09-05 18:49:54 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll

[2009-09-05 18:49:54 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll

[2009-09-05 18:49:54 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll

[2009-09-05 18:49:54 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll

[2009-09-05 18:49:53 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls

[2009-09-05 18:49:53 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls

[2009-09-05 18:49:53 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll

[2009-09-05 18:49:53 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll

[2009-09-05 18:49:52 | 00,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL

[2009-09-05 18:49:52 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL

[2009-09-05 18:49:52 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL

[2009-09-05 18:49:52 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL

[2009-09-05 18:49:52 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV

[2009-09-05 18:49:52 | 00,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL

[2009-09-05 18:49:52 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL

[2009-09-05 18:49:52 | 00,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV

[2009-09-05 18:49:52 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV

[2009-09-05 18:49:52 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV

[2009-09-05 18:49:52 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV

[2009-09-05 18:49:52 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV

[2009-09-05 18:49:51 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv

[2009-09-05 18:49:51 | 00,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL

[2009-09-05 18:49:51 | 00,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV

[2009-09-05 18:49:51 | 00,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL

[2009-09-05 18:49:51 | 00,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL

[2009-09-05 18:49:51 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV

[2009-09-05 18:49:51 | 00,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV

[2009-09-05 18:49:51 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE

[2009-09-05 18:49:51 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe

[2009-09-05 18:49:51 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irenum.sys

[2009-09-05 18:49:51 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL

[2009-09-05 18:49:51 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll

[2009-09-05 18:49:51 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV

[2009-09-05 18:49:51 | 00,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT

[2009-09-05 18:49:51 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK

[2009-09-05 18:49:50 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll

[2009-09-05 18:49:50 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe

[2009-09-05 18:49:50 | 00,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL

[2009-09-05 18:49:47 | 00,077,881 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plus.cat

[2009-09-05 18:49:47 | 00,017,916 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sonic.cat

[2009-09-05 18:49:47 | 00,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT

[2009-09-05 18:49:47 | 00,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat

[2009-09-05 18:49:47 | 00,007,029 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT

[2009-09-05 18:49:46 | 00,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT

[2009-09-05 18:49:46 | 00,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT

[2009-09-05 18:49:46 | 00,106,147 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT

[2009-09-05 18:49:46 | 00,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT

[2009-09-05 18:49:46 | 00,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT

[2009-09-05 18:49:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2

[2009-09-05 18:49:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot

[2009-09-05 18:49:19 | 01,414,200 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2009-09-05 18:49:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings

[2009-09-05 18:48:30 | 00,000,209 | -HS- | C] () -- C:\boot.ini

[2009-09-05 18:48:28 | 00,003,655 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf

[2009-09-05 18:43:26 | 00,000,000 | ---D | C] -- C:\Install

[2009-09-05 18:43:16 | 00,000,000 | -HSD | C] -- C:\System Volume Information

[2009-09-05 18:38:31 | 00,000,000 | R-SD | C] -- C:\WINDOWS\Fonts

[2009-09-05 18:38:31 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache

[2009-09-05 18:38:31 | 00,000,000 | R--D | C] -- C:\WINDOWS\Web

[2009-09-05 18:38:31 | 00,000,000 | -H-D | C] -- C:\WINDOWS\inf

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\WinSxS

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\twain_32

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\Temp

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wins

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\spool

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ras

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\npp

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\mui

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IME

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ias

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\export

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\config

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3076

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\2052

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1054

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1042

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1041

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1037

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1033

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1031

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1028

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1025

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\system32

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\system

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\security

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\Resources

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\repair

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\Provisioning

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\PeerNet

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\pchealth

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\mui

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\msapps

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\msagent

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\Media

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\java

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\ime

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\Help

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\ehome

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\Debug

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cursors

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\Config

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\AppPatch

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\addins

[2009-09-05 18:38:31 | 00,000,000 | ---D | C] -- C:\WINDOWS

[2009-08-13 21:53:54 | 00,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll

[2006-08-24 14:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll

[2006-08-24 14:00:00 | 00,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys

[2006-08-24 14:00:00 | 00,000,780 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[2006-08-24 14:00:00 | 00,000,573 | ---- | C] () -- C:\WINDOWS\win.ini

[2006-08-24 14:00:00 | 00,000,278 | ---- | C] () -- C:\WINDOWS\system.ini

[2005-08-05 14:01:54 | 00,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

[2003-07-02 17:41:42 | 00,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\axwhisky.sys

[2003-07-02 16:49:52 | 00,124,160 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\axwskbus.sys

[2001-07-07 03:00:02 | 00,003,234 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI

[1996-04-03 21:33:26 | 00,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]

[7 C:\WINDOWS\*.tmp files]

[2009-09-08 19:54:26 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Milena\Desktop\OTL.exe

[2009-09-08 19:49:03 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn

[2009-09-08 19:48:56 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2009-09-08 19:48:55 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2009-09-08 19:48:54 | 10,050,47808 | -HS- | M] () -- C:\hiberfil.sys

[2009-09-08 19:47:00 | 05,856,816 | -H-- | M] () -- C:\Documents and Settings\Milena\Local Settings\Application Data\IconCache.db

[2009-09-08 19:44:39 | 00,560,436 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\Cat.DB

[2009-09-08 19:44:11 | 00,124,464 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS

[2009-09-08 19:44:11 | 00,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL

[2009-09-08 19:44:11 | 00,007,386 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT

[2009-09-08 19:44:11 | 00,000,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF

[2009-09-08 19:44:07 | 00,001,984 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Internet Security.lnk

[2009-09-08 19:44:06 | 00,310,320 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\SymEFA.sys

[2009-09-08 19:44:06 | 00,307,760 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\srtsp.sys

[2009-09-08 19:44:06 | 00,217,392 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\symtdi.sys

[2009-09-08 19:44:06 | 00,089,776 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\symfw.sys

[2009-09-08 19:44:06 | 00,043,696 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\srtspx.sys

[2009-09-08 19:44:06 | 00,039,984 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\symndisv.sys

[2009-09-08 19:44:06 | 00,037,296 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\symndis.sys

[2009-09-08 19:44:06 | 00,036,400 | R--- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SymIM.sys

[2009-09-08 19:44:06 | 00,034,736 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\symids.sys

[2009-09-08 19:44:05 | 00,482,352 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\cchpx86.sys

[2009-09-08 19:44:05 | 00,258,608 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1005000.086\BHDrvx86.sys

[2009-09-08 19:43:57 | 00,003,373 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\SymEFA.inf

[2009-09-08 19:43:57 | 00,001,528 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\SymNet.inf

[2009-09-08 19:43:57 | 00,001,389 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\srtspx.inf

[2009-09-08 19:43:57 | 00,001,383 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\srtsp.inf

[2009-09-08 19:43:57 | 00,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\isolate.ini

[2009-09-08 19:43:56 | 00,001,753 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\ccHPx86.inf

[2009-09-08 19:43:56 | 00,000,640 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\BHDrvx86.inf

[2009-09-08 19:43:49 | 00,009,423 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\SymNet.cat

[2009-09-08 19:43:49 | 00,007,410 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\SymEFA.cat

[2009-09-08 19:43:49 | 00,007,372 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\srtspx.cat

[2009-09-08 19:43:49 | 00,007,364 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\BHDrvx86.CAT

[2009-09-08 19:43:49 | 00,007,355 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\srtsp.cat

[2009-09-08 19:43:49 | 00,007,347 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1005000.086\ccHPx86.cat

[2009-09-08 18:07:24 | 17,228,768 | ---- | M] (Doctor Web, Ltd.) -- C:\Documents and Settings\Milena\Desktop\launch.exe

[2009-09-08 16:08:59 | 00,019,480 | ---- | M] () -- C:\Documents and Settings\Milena\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

[2009-09-08 15:59:11 | 00,142,334 | ---- | M] () -- C:\Documents and Settings\Milena\My Documents\cc_20090908_155906.reg

[2009-09-07 15:51:50 | 01,414,200 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2009-09-07 15:50:16 | 00,549,192 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2009-09-07 15:50:16 | 00,472,092 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2009-09-07 15:50:16 | 00,069,682 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2009-09-07 15:48:13 | 00,000,573 | ---- | M] () -- C:\WINDOWS\win.ini

[2009-09-07 15:48:06 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx

[2009-09-07 15:45:46 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2009-09-07 15:18:43 | 00,250,048 | RHS- | M] () -- C:\ntldr

[2009-09-07 00:27:32 | 00,000,295 | ---- | M] () -- C:\WINDOWS\Chrome.uns

[2009-09-06 23:29:20 | 00,000,613 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Konnekt.lnk

[2009-09-06 23:22:54 | 00,000,232 | ---- | M] () -- C:\WINDOWS\WINCMD.INI

[2009-09-06 22:57:00 | 00,432,992 | ---- | M] (MacSourcery) -- C:\WINDOWS\Bebiko ScreenSaver.scr

[2009-09-06 22:57:00 | 00,040,960 | ---- | M] (MacSourcery) -- C:\WINDOWS\Bebiko ScreenSaver.dll

[2009-09-06 22:57:00 | 00,018,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Bebiko ScreenSaver.dat

[2009-09-06 16:19:10 | 00,000,333 | ---- | M] () -- C:\Documents and Settings\Milena\Desktop\Adobe InDesign CS.lnk

[2009-09-06 15:49:20 | 00,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\hamachi.sys

[2009-09-06 15:46:25 | 00,001,616 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nokia PC Suite.lnk

[2009-09-06 15:39:05 | 00,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo

[2009-09-06 15:38:53 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for

[2009-09-06 15:37:30 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2009-09-06 15:32:50 | 00,000,601 | ---- | M] () -- C:\Documents and Settings\Milena\Desktop\ALLPlayer V2.3.lnk

[2009-09-06 15:23:14 | 00,000,418 | ---- | M] () -- C:\WINDOWS\ODBC.INI

[2009-09-06 15:22:33 | 00,001,571 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk

[2009-09-06 15:15:20 | 00,001,820 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk

[2009-09-06 13:57:51 | 00,120,188 | ---- | M] () -- C:\WINDOWS\hpoins11.dat

[2009-09-06 13:56:54 | 00,000,733 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential.lnk

[2009-09-06 13:56:13 | 00,001,808 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

[2009-09-06 13:55:52 | 00,000,862 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Centrum obsługi HP.lnk

[2009-09-06 13:19:58 | 00,000,857 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Picture Package Music Transfer.lnk

[2009-09-06 13:19:10 | 00,000,743 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Image Export Tool.lnk

[2009-09-06 13:18:25 | 00,000,781 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PMB - Picture Motion Browser.lnk

[2009-09-06 13:18:25 | 00,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PMB Guide.lnk

[2009-09-06 02:40:22 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD

[2009-09-06 02:39:23 | 00,003,655 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf

[2009-09-06 02:30:29 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2009-09-06 02:30:25 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb

[2009-09-06 02:30:25 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb

[2009-09-06 02:30:20 | 00,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI

[2009-09-06 02:29:52 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest

[2009-09-06 02:29:52 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest

[2009-09-06 02:29:47 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest

[2009-09-06 02:29:47 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest

[2009-09-06 02:29:47 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest

[2009-09-06 02:29:47 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest

[2009-09-06 02:29:47 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest

[2009-09-06 02:29:47 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest

[2009-09-06 02:28:47 | 00,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat

[2009-09-06 02:27:35 | 00,000,209 | -HS- | M] () -- C:\boot.ini

[2009-09-06 01:58:19 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2009-09-06 01:58:19 | 00,000,000 | RHS- | M] () -- C:\IO.SYS

[2009-09-06 01:58:19 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini

[2009-09-06 01:58:19 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2009-09-06 01:58:19 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT

[2009-09-06 01:55:14 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini

[2009-09-06 01:55:14 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini

[2009-09-06 01:42:55 | 00,000,278 | ---- | M] () -- C:\WINDOWS\system.ini

[2009-08-13 21:53:54 | 00,041,872 | ---- | M] () -- C:\WINDOWS\System32\xfcodec.dll

========== LOP Check ==========

[2009-09-08 17:32:41 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data

[2009-09-06 14:30:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet

[2009-09-06 15:45:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations

[2009-09-08 19:43:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Norton

[2009-09-08 19:43:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller

[2009-09-06 15:46:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite

[2009-09-06 23:12:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tlen.pl

[2009-09-06 02:30:30 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Application Data

[2009-09-06 02:40:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data

[2009-09-08 16:07:58 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Milena\Application Data

[2009-09-06 15:50:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Milena\Application Data\Hamachi

[2009-09-06 15:46:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Milena\Application Data\Nokia

[2009-09-06 03:41:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Milena\Application Data\Opera

[2009-09-06 15:46:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Milena\Application Data\PC Suite

[2009-09-06 23:21:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Milena\Application Data\teamspeak2

[2009-09-06 23:10:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Milena\Application Data\Tlen.pl

[2009-09-08 00:14:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Milena\Application Data\Xfire

[2009-09-06 02:40:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data

[2009-09-06 15:37:30 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

[2006-08-24 14:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini

[2009-09-08 19:48:56 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========

< End of report >

GMER:

Log do sprawdzenia

GMER 1.0.15.15077 [gdw4pcf9.exe] - http://www.gmer.net

Rootkit scan 2009-09-08 20:32:05

Windows 5.1.2600 Service Pack 3

---- System - GMER 1.0.15 ----

SSDT 85BA5390 ZwAlertResumeThread

SSDT 85BA57C8 ZwAlertThread

SSDT 85B7F5A0 ZwAllocateVirtualMemory

SSDT 85A33490 ZwAssignProcessToJobObject

SSDT 85EF7CB8 ZwConnectPort

SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwCreateKey [0xF5CEF040]

SSDT 85B72008 ZwCreateMutant

SSDT 85A3AD70 ZwCreateSymbolicLinkObject

SSDT 860F6430 ZwCreateThread

SSDT 85A33998 ZwDebugActiveProcess

SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteKey [0xF5CEF2C0]

SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteValueKey [0xF5CEF820]

SSDT 859EE298 ZwDuplicateObject

SSDT 859F4B30 ZwFreeVirtualMemory

SSDT 85B142F8 ZwImpersonateAnonymousToken

SSDT 85F38B70 ZwImpersonateThread

SSDT 85E2B638 ZwLoadDriver

SSDT 859F4990 ZwMapViewOfSection

SSDT 85B114F8 ZwOpenEvent

SSDT 859EE5F8 ZwOpenProcess

SSDT 85EF6498 ZwOpenProcessToken

SSDT 85BB8008 ZwOpenSection

SSDT 859EE428 ZwOpenThread

SSDT 858C4D00 ZwProtectVirtualMemory

SSDT 85B10408 ZwResumeThread

SSDT 85F38800 ZwSetContextThread

SSDT 85AABD30 ZwSetInformationProcess

SSDT 85DDD0B8 ZwSetSystemInformation

SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwSetValueKey [0xF5CEFA70]

SSDT 85B10B48 ZwSuspendProcess

SSDT 85F0F1E8 ZwSuspendThread

SSDT 85EFEC10 ZwTerminateProcess

SSDT 85F10610 ZwTerminateThread

SSDT 85F257E0 ZwUnmapViewOfSection

SSDT 859F4F80 ZwWriteVirtualMemory

---- Kernel code sections - GMER 1.0.15 ----

? SYMEFA.SYS Nie można odnaleźć określonego pliku. !

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device \Driver\Cdrom \Device\CdRom0 85DFB450

Device \Driver\Cdrom \Device\CdRom1 85DFB450

Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 85DBE5D8

Device \Driver\atapi \Device\Ide\IdePort0 85DBE5D8

Device \Driver\atapi \Device\Ide\IdePort1 85DBE5D8

Device \Driver\atapi \Device\Ide\IdePort2 85DBE5D8

Device \Driver\atapi \Device\Ide\IdePort3 85DBE5D8

Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-12 85DBE5D8

Device \Driver\Cdrom \Device\CdRom2 85DFB450

AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device \Driver\axwhisky \Device\Scsi\axwhisky1 85C42828

Device \Driver\axwhisky \Device\Scsi\axwhisky1Port6Path0Target0Lun0 85C42828

Device \Driver\Stlth317 \Device\Scsi\Stlth3171Port0Path0Target0Lun0 85C85490

Device \Driver\Stlth317 \Device\Scsi\Stlth3171 85C85490

---- EOF - GMER 1.0.15 ----

System Repair Engineer

Log do sprawdzenia


2009-09-08,20:34:34

System Repair Engineer 2.7.0.1210
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 3 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been selected:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Running Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan
Scheduled Tasks
API HOOK
Hidden Process


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<CTFMON.EXE><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<VTTimer><VTTimer.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<VTTrayp><VTtrayp.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<ehTray><C:\WINDOWS\ehome\ehtray.exe> [(Verified)Microsoft Windows Publisher]
<High Definition Audio Property Page Shortcut><HDAShCut.exe> [(Verified)Microsoft Windows XP Publisher]
<SoundMAXPnP><C:\Program Files\Analog Devices\Core\smax4pnp.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<SoundMAX><"C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray> [Analog Devices, Inc.]
<HP Software Update><C:\Program Files\HP\HP Software Update\HPWuSchd2.exe> [Hewlett-Packard Development Company, L.P.]
<DAEMON Tools-1033><"D:\Programy\Daemon\daemon.exe" -lang 1033> [VeNoM386 and SwENSkE]
<QuickTime Task><"D:\programy\applequicktime\QTTask.exe" -atboottime> [Apple Inc.]
<iTunesHelper><"D:\Programy\iTunes\iTunesHelper.exe"> [(Verified)Apple Inc.]
<Adobe Reader Speed Launcher><"C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"> [(Verified)"Adobe Systems, Incorporated"]
<SunJavaUpdateSched><"C:\Program Files\Java\jre6\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Windows Component Publisher]
<{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}><D:\Programy\SUPERantispyware\SASSEH.DLL> [superAdBlocker.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<WebCheck><%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Windows Component Publisher]
<SysTray><C:\WINDOWS\system32\stobject.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
<WinlogonNotify: !SASWinLogon><D:\Programy\SUPERantispyware\SASWINLO.dll> [sUPERAntiSpyware.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
<WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\KB910393]
<KB910393><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{407408d4-94ed-4d86-ab69-a7f649d112ee}]
<Media Center><%SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4b218e3e-bc98-4770-93d3-2731b9329278}]
<Internet Explorer><%SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Address Book 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Windows Desktop Update><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><C:\WINDOWS\System32\logon.scr> [(Verified)Microsoft Windows Component Publisher]

==================================
Startup Folders
[Adobe Gamma Loader]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk --> C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N>
[HP Digital Imaging Monitor]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk --> C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [Hewlett-Packard Development Company, L.P.]><N>
[Microsoft Office]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk --> D:\Programy\Office\Office10\OSA.EXE [Microsoft Corporation]><N>

==================================
Services
[urządzenie mobilne Apple / Apple Mobile Device][Running/Auto Start]
<"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"><Apple, Inc.>
[ASP.NET State Service / aspnet_state][stopped/Manual Start]
<C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[usługa iPod / iPod Service][Running/Manual Start]
<"C:\Program Files\iPod\bin\iPodService.exe"><Apple Inc.>
[Java Quick Starter / JavaQuickStarterService][Running/Auto Start]
<"C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"><Sun Microsystems, Inc.>
[MHN / MHN][stopped/Manual Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\mhn.dll><Microsoft Corporation>
[Norton Internet Security / Norton Internet Security][Running/Auto Start]
<"C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files\Norton Internet Security\Engine\16.5.0.134\diMaster.dll" /prefetch:1><Symantec Corporation>
[Pml Driver HPZ12 / Pml Driver HPZ12][Running/Auto Start]
<C:\WINDOWS\system32\HPZipm12.exe><HP>
[serviceLayer / ServiceLayer][stopped/Manual Start]
<"C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"><Nokia.>

==================================
Drivers
[ADI UAA Function Driver for High Definition Audio Service / ADIHdAudAddService][Running/Manual Start]
<system32\drivers\ADIHdAud.sys><Analog Devices, Inc.>
[AEAudio Service / AEAudioService][Running/Manual Start]
<system32\drivers\AEAudio.sys><Andrea Electronics Corporation>
[axwhisky / axwhisky][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\axwhisky.sys><>
[axwskbus / axwskbus][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\axwskbus.sys><>
[symantec Heuristics Driver / BHDrvx86][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\NIS\1005000.086\BHDrvx86.sys><Symantec Corporation>
[symantec Hash Provider / ccHP][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\NIS\1005000.086\ccHPx86.sys><Symantec Corporation>
[VIA Rhine-Family Fast Ethernet Adapter Driver Service / FETND5BV][Running/Manual Start]
<system32\DRIVERS\fetnd5bv.sys><VIA Technologies, Inc.>
[GEARAspiWDM / GEARAspiWDM][Running/Manual Start]
<System32\Drivers\GEARAspiWDM.sys><GEAR Software Inc.>
[giveio / giveio][Running/Boot Start]
<\SystemRoot\system32\giveio.sys><N/A>
[Hamachi Network Interface / hamachi][Running/Manual Start]
<system32\DRIVERS\hamachi.sys><LogMeIn, Inc.>
[Microsoft UAA Function Driver for High Definition Audio Service / HdAudAddService][stopped/Manual Start]
<system32\drivers\HdAudio.sys><Windows ® Server 2003 DDK provider>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
<system32\DRIVERS\HDAudBus.sys><Windows ® Server 2003 DDK provider>
[iDSxpx86 / IDSxpx86][Running/System Start]
<\??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090904.002\IDSxpx86.sys><Symantec Corporation>
[JMicron Hot-Plug Driver / JGOGO][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\JGOGO.sys><JMicron>
[jraid / jraid][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\jraid.sys><JMicron Technology Corp.>
[MHN driver / MHNDRV][stopped/Manual Start]
<system32\DRIVERS\mhndrv.sys><Microsoft Corporation>
[ATK0110 ACPI UTILITY / MTsensor][Running/Manual Start]
<system32\DRIVERS\ASACPI.sys><>
[NAVENG / NAVENG][Running/Manual Start]
<\??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090907.050\NAVENG.SYS><Symantec Corporation>
[NAVEX15 / NAVEX15][Running/Manual Start]
<\??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090907.050\NAVEX15.SYS><Symantec Corporation>
[PCCS Mode Change Filter Driver / pccsmcfd][stopped/Manual Start]
<system32\DRIVERS\pccsmcfd.sys><Nokia>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[sASDIFSV / SASDIFSV][Running/System Start]
<\??\D:\Programy\SUPERantispyware\SASDIFSV.SYS><SUPERAdBlocker.com and SUPERAntiSpyware.com>
[sASENUM / SASENUM][stopped/Manual Start]
<\??\D:\Programy\SUPERantispyware\SASENUM.SYS><SUPERAdBlocker.com and SUPERAntiSpyware.com>
[sASKUTIL / SASKUTIL][Running/System Start]
<\??\D:\Programy\SUPERantispyware\SASKUTIL.sys><SUPERAdBlocker.com and SUPERAntiSpyware.com>
[secdrv / Secdrv][Running/Auto Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[senFilt Service / SenFiltService][Running/Manual Start]
<system32\drivers\Senfilt.sys><Sensaura>
[speedfan / speedfan][Running/Boot Start]
<\SystemRoot\system32\speedfan.sys><Windows ® 2000 DDK provider>
[symantec Real Time Storage Protection / SRTSP][Running/Manual Start]
<\??\C:\WINDOWS\system32\drivers\NIS\1005000.086\SRTSP.SYS><Symantec Corporation>
[symantec Real Time Storage Protection (PEL) / SRTSPX][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\NIS\1005000.086\SRTSPX.SYS><Symantec Corporation>
[stlth317 / Stlth317][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\stlth317.sys><Generic>
[symantec Extended File Attributes / SymEFA][Running/Boot Start]
<\SystemRoot\system32\drivers\NIS\1005000.086\SYMEFA.SYS><Symantec Corporation>
[symEvent / SymEvent][Running/Manual Start]
<\??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS><Symantec Corporation>
[symantec Network Filter Driver / SYMFW][Running/Manual Start]
<\??\C:\WINDOWS\system32\drivers\NIS\1005000.086\SYMFW.SYS><Symantec Corporation>
[symantec Network Filter Driver / SYMIDS][Running/Manual Start]
<\??\C:\WINDOWS\system32\drivers\NIS\1005000.086\SYMIDS.SYS><Symantec Corporation>
[symantec Network Security Intermediate Filter Service / SymIM][stopped/Manual Start]
<system32\DRIVERS\SymIM.sys><Symantec Corporation>
[symIMMP / SymIMMP][Running/Manual Start]
<system32\DRIVERS\SymIM.sys><Symantec Corporation>
[symantec Network Filter Driver / SYMNDIS][Running/Manual Start]
<\??\C:\WINDOWS\system32\drivers\NIS\1005000.086\SYMNDIS.SYS><Symantec Corporation>
[symantec Network Dispatch Driver / SYMTDI][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\NIS\1005000.086\SYMTDI.SYS><Symantec Corporation>
[VIA AGP Filter / viaagp1][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\viaagp1.sys><VIA Technologies, Inc.>
[viagfx / viagfx][Running/Manual Start]
<system32\DRIVERS\vtmini.sys><Copyright © VIA/S3 Graphics Co, Ltd.>
[videx32 / videx32][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\videX32.sys><VIA Technologies, Inc.>
[VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>

==================================
Browser Add-ons
[Adobe PDF Link Helper]
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>
[symantec NCO BHO]
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} <C:\Program Files\Norton Internet Security\Engine\16.5.0.134\coIEPlg.dll, (Signed) Symantec Corporation>
[symantec Intrusion Prevention]
{6D53EC84-6AAE-4787-AEEE-F4628F01010C} <C:\Program Files\Norton Internet Security\Engine\16.5.0.134\IPSBHO.DLL, (Signed) Symantec Corporation>
[Java Plug-In 2 SSV Helper]
{DBC80044-A445-435b-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, (Signed) Sun Microsystems, Inc.>
[JQSIEStartDetectorImpl Class]
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} <C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, Sun Microsystems, Inc.>
[]
{e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[Norton Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} <C:\Program Files\Norton Internet Security\Engine\16.5.0.134\coIEPlg.dll, (Signed) Symantec Corporation>
[Java Plug-in 1.6.0_16]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[Java Plug-in 1.6.0_16]
{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[Java Plug-in 1.6.0_16]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\npjpi160_16.dll, (Signed) Sun Microsystems, Inc.>
[shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx, (Signed) Adobe Systems, Inc.>
[]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, >
[Adobe PDF Link Helper]
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>
[Microsoft Terminal Services Client Control (redist)]
{4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
{4EDCB26C-D24C-4e72-AF07-B576699AC0DE} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[symantec NCO BHO]
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} <C:\Program Files\Norton Internet Security\Engine\16.5.0.134\coIEPlg.dll, (Signed) Symantec Corporation>
[symantec Intrusion Prevention]
{6D53EC84-6AAE-4787-AEEE-F4628F01010C} <C:\Program Files\Norton Internet Security\Engine\16.5.0.134\IPSBHO.DLL, (Signed) Symantec Corporation>
[Microsoft Terminal Services Client Control (redist)]
{7390f3d8-0439-4c05-91e3-cf5cb290c3d0} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
{7584c670-2274-4efb-b00b-d6aaba6d3850} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[Norton Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} <C:\Program Files\Norton Internet Security\Engine\16.5.0.134\coIEPlg.dll, (Signed) Symantec Corporation>
[Java Plug-in 1.6.0_16]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[Microsoft Terminal Services Client Control (redist)]
{9059f30f-4eb1-4bd2-9fdc-36f43a218f4a} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx, (Signed) Adobe Systems, Inc.>
[Java Plug-In 2 SSV Helper]
{DBC80044-A445-435B-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, (Signed) Sun Microsystems, Inc.>
[]
{E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[JQSIEStartDetectorImpl Class]
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} <C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, Sun Microsystems, Inc.>
[]
{FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[E&ksport do programu Microsoft Excel]
<res://D:\Programy\Office\Office10\EXCEL.EXE/3000, N/A>

==================================
Running Processes
[PID: 1016 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1064 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1088 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[D:\Programy\SUPERantispyware\SASWINLO.dll] [sUPERAntiSpyware.com, 1, 0, 0, 1054]
[PID: 1132 / SYSTEM][C:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)]
[PID: 1144 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[PID: 1340 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1408 / USŁUGA SIECIOWA][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1968 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 304 / USŁUGA SIECIOWA][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 532 / USŁUGA LOKALNA][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 664 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[C:\WINDOWS\system32\HpTcpMon.dll] [Hewlett Packard, 6.01.00.009]
[C:\WINDOWS\system32\hpzjrd01.dll] [Hewlett Packard, 2.01.00.005]
[C:\WINDOWS\system32\HPTcpMUI.dll] [Microsoft Corporation, 6.01.00.009]
[C:\WINDOWS\system32\hptcpmib.dll] [Hewlett Packard, 6.01.00.009]
[PID: 992 / Milena][C:\WINDOWS\Explorer.EXE] [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\ASOEHOOK.DLL] [symantec Corporation, 4.5.0.44]
[D:\Programy\SUPERantispyware\SASSEH.DLL] [superAdBlocker.com, 1, 0, 0, 1012]
[C:\Program Files\Internet Explorer\mui\0415\browselc.dll] [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL] [, ]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\NavShExt.dll] [symantec Corporation, 16.5.0.134]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccVrTrst.dll] [symantec Corporation, 108.1.0.24]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccL80U.dll] [symantec Corporation, 108.1.0.24]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\EFACli.dll] [symantec Corporation, 1.0.2.8]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccSet.dll] [symantec Corporation, 108.1.0.24]
[D:\Programy\Malwarebytes\Malwarebytes' Anti-Malware\mbamext.dll] [Malwarebytes Corporation, 1, 2, 0, 0]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 9.1.0.2009022700]
[D:\Programy\SUPERantispyware\SASCTXMN.DLL] [sUPERAntiSpyware.com, 1, 0, 0, 1004]
[D:\Programy\Nokia\Nokia PC Suite 7\PhoneBrowser.dll] [Nokia, 7, 1, 108, 0]
[D:\Programy\Nokia\Nokia PC Suite 7\NGSCM.DLL] [Nokia, 7, 1, 154, 0]
[D:\Programy\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_pol.nlr] [Nokia, 7, 1, 69, 0]
[D:\Programy\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr] [Nokia, 7, 1, 21, 0]
[C:\Program Files\Internet Explorer\mui\0415\shdoclc.dll] [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
[PID: 1448 / Milena][C:\WINDOWS\system32\VTTimer.exe] [s3 Graphics, Inc., 2.00.01-0307]
[PID: 1456 / Milena][C:\WINDOWS\system32\VTtrayp.exe] [s3 Graphics Co., Ltd., 2.00.41-1031]
[C:\WINDOWS\system32\VTDisply.dll] [s3 Graphics Co., Ltd., 2.00.58-0523]
[C:\WINDOWS\system32\VTGamma2.dll] [s3 Graphics Co., Ltd., 2.00.28-1128]
[C:\WINDOWS\system32\VTInfo2.dll] [s3 Graphics Co., Ltd., 2.00.35-1031]
[C:\WINDOWS\system32\VTOvrlay.dll] [s3 Graphics Co., Ltd., 2.00.40-0504]
[PID: 1464 / Milena][C:\WINDOWS\ehome\ehtray.exe] [(Verified) Microsoft Corporation, 5.1.2710.2732 (xpsp(wmbla).050805-1239)]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\ASOEHOOK.DLL] [symantec Corporation, 4.5.0.44]
[PID: 1480 / Milena][C:\Program Files\Analog Devices\Core\smax4pnp.exe] [Analog Devices, Inc., 6, 0, 0, 20]
[C:\Program Files\Analog Devices\Core\SMWDMIF.dll] [Analog Devices, Inc., 6, 0, 4000, 014]
[PID: 1524 / Milena][C:\Program Files\HP\HP Software Update\HPWuSchd2.exe] [Hewlett-Packard Development Company, L.P., 70.0.170.000]
[PID: 1532 / Milena][D:\Programy\Daemon\daemon.exe] [VeNoM386 and SwENSkE, 3.16.0.0]
[C:\WINDOWS\daemon.dll] [Generic, 3.17.0.0]
[D:\Programy\Daemon\PFCTOC.DLL] [Padus®, Inc., 1, 0, 0, 12]
[PID: 1552 / Milena][D:\Programy\iTunes\iTunesHelper.exe] [Apple Inc., 7.5.0.20]
[D:\Programy\iTunes\iTunesHelper.Resources\pl.lproj\iTunesHelperLocalized.DLL] [Apple Inc., 7.5.0.13]
[D:\Programy\iTunes\iTunesHelper.Resources\iTunesHelper.DLL] [Apple Inc., 7.5.0.20]
[D:\programy\applequicktime\QTSystem\QuickTime.qts] [Apple Inc., 7.3.1]
[D:\Programy\applequicktime\QTSystem\CoreVideo.qtx] [Apple Computer, Inc., 7.3.1]
[D:\Programy\applequicktime\QTSystem\QuickTime3GPP.qtx] [Apple Inc., 7.3.1]
[D:\Programy\applequicktime\QTSystem\QuickTime3GPPAuthoring.qtx] [Apple Inc., 7.3.1]
[D:\Programy\applequicktime\QTSystem\QuickTimeAudioSupport.qtx] [Apple Computer, Inc., 7.3.1]
[D:\Programy\applequicktime\QTSystem\QuickTimeAuthoring.qtx] [Apple Inc., 7.3.1]
[D:\Programy\applequicktime\QTSystem\QuickTimeCapture.qtx] [Apple Inc., 7.3.1]
[D:\Programy\applequicktime\QTSystem\QuickTimeEffects.qtx] [Apple Inc., 7.3.1]
[D:\Programy\applequicktime\QTSystem\QuickTimeEssentials.qtx] [Apple Inc., 7.3.1]
[D:\Programy\applequicktime\QTSystem\QuickTimeH264.qtx] [Apple Inc., 7.3.1]
[D:\Programy\applequicktime\QTSystem\QuickTimeImage.qtx] [Apple Inc., 7.3.1]
[D:\Programy\applequicktime\QTSystem\QuickTimeInternetExtras.qtx] [Apple Inc., 7.3.1]
[D:\Programy\applequicktime\QTSystem\QuickTimeMPEG.qtx] [Apple Inc., 7.3.1]
[D:\Programy\applequicktime\QTSystem\QuickTimeMPEG4.qtx] [Apple Inc., 7.3.1]
[D:\Programy\applequicktime\QTSystem\QuickTimeMPEG4Authoring.qtx] [Apple Inc., 7.3.1]
[D:\Programy\applequicktime\QTSystem\QuickTimeMusic.qtx] [Apple Inc., 7.3.1]
[D:\Programy\applequicktime\QTSystem\QuickTimeQD3D.qtx] [Apple Inc., 7.3.1]
[D:\Programy\applequicktime\QTSystem\QuickTimeStreaming.qtx] [Apple Inc., 7.3.1]
[D:\Programy\applequicktime\QTSystem\QuickTimeStreamingAuthoring.qtx] [Apple Inc., 7.3.1]
[D:\Programy\applequicktime\QTSystem\QuickTimeStreamingExtras.qtx] [Apple Inc., 7.3.1]
[D:\Programy\applequicktime\QTSystem\QuickTimeVR.qtx] [Apple Inc., 7.3.1]
[C:\Program Files\Common Files\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll] [Apple Inc., 7, 5, 108, 0]
[PID: 1576 / Milena][C:\Program Files\Java\jre6\bin\jusched.exe] [sun Microsystems, Inc., 6.0.160.1]
[PID: 1584 / Milena][C:\WINDOWS\system32\ctfmon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[PID: 1628 / Milena][C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe] [Hewlett-Packard Development Company, L.P., 70.0.170.000]
[C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll] [Hewlett-Packard Development Company, L.P., 70.0.170.000]
[C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll] [Hewlett-Packard Development Company, L.P., 70.0.170.000]
[C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc] [Hewlett-Packard Development Company, L.P., 70.0.170.000]
[C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll] [Hewlett-Packard Development Company, L.P., 70.0.170.000]
[C:\Program Files\HP\Digital Imaging\bin\hpotra08.dll] [Hewlett-Packard Development Company, L.P., 70.0.219.000]
[C:\Program Files\HP\Digital Imaging\bin\hpotra08.rsc] [Hewlett-Packard Development Company, L.P., 70.0.219.000]
[C:\Program Files\HP\Digital Imaging\bin\hpotradd.dll] [Hewlett-Packard Development Company, L.P., 70.0.170.000]
[C:\Program Files\HP\Digital Imaging\bin\hpqrif08.dll] [Hewlett-Packard Development Company, L.P., 70.0.170.000]
[C:\Program Files\HP\Digital Imaging\bin\hpqmif08.dll] [Hewlett-Packard Development Company, L.P., 70.0.170.000]
[C:\Program Files\HP\Digital Imaging\bin\hpodvd09.dll] [Hewlett-Packard Development Company, L.P., 70.0.170.000]
[C:\Program Files\HP\Digital Imaging\bin\hpoddcomm09.dll] [Hewlett-Packard Development Company, L.P., 70.0.170.000]
[C:\Program Files\HP\Digital Imaging\bin\hpqusg.dll] [Hewlett-Packard Development Company, L.P., 70.0.170.000]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\ASOEHOOK.DLL] [symantec Corporation, 4.5.0.44]
[PID: 288 / USŁUGA LOKALNA][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 328 / SYSTEM][C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe] [Apple, Inc., 1, 14, 0, 0]
[PID: 348 / SYSTEM][C:\WINDOWS\eHome\ehRecvr.exe] [Microsoft Corporation, 5.1.2715.2773 (xpsp(wmbla).051011-0745)]
[C:\WINDOWS\system32\sbe.dll] [, ]
[C:\WINDOWS\system32\quartz.dll] [, ]
[C:\WINDOWS\system32\devenum.dll] [, ]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[PID: 376 / SYSTEM][C:\WINDOWS\eHome\ehSched.exe] [(Verified) Microsoft Corporation, 5.1.2710.2732 (xpsp(wmbla).050805-1239)]
[PID: 556 / SYSTEM][C:\Program Files\Java\jre6\bin\jqs.exe] [sun Microsystems, Inc., 6.0.160.1]
[PID: 772 / SYSTEM][C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccSvcHst.exe] [symantec Corporation, 108.1.0.24]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccL80U.dll] [symantec Corporation, 108.1.0.24]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccVrTrst.dll] [symantec Corporation, 108.1.0.24]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\EFACli.dll] [symantec Corporation, 1.0.2.8]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccSvc.dll] [symantec Corporation, 108.1.0.24]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\srtsp32.dll] [symantec Corporation, 11.1.0.22]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccIPC.dll] [symantec Corporation, 108.1.0.24]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\DIMASTER.DLL] [symantec Corporation, 5.5.0.58]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccSet.dll] [symantec Corporation, 108.1.0.24]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\IPSPLUG.DLL] [symantec Corporation, 9.0.3.10]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\UIPERFSV.DLL] [symantec Corporation, 2009.5.0.236]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\CCJOBMGR.DLL] [symantec Corporation, 108.1.0.24]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\FWCORE.DLL] [symantec Corporation, 16.5.0.134]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\HTEC.DLL] [symantec Corporation, 3.0.0.78]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccGEvt.dll] [symantec Corporation, 108.1.0.24]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\NCWTRUST.DLL] [symantec Corporation, 16.5.0.134]
[C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090904.002\IDSxpx86.dll] [symantec Corporation, 9.0.5.23]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\AVPSVC32.DLL] [symantec Corporation, 16.5.0.134]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\BHSVCPLG.DLL] [symantec Corporation, 5.5.0.48]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccsubeng.dll] [symantec Corporation, 108.1.0.24]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccGLog.dll] [symantec Corporation, 108.1.0.24]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\SNDSVC.DLL] [symantec Corporation, 9.1.0.54]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\COSVCPLG.DLL] [symantec Corporation, 2009.5.0.66]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\ISDATAPR.DLL] [symantec Corporation, 16.5.0.134]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\ISDATASV.DLL] [symantec Corporation, 16.5.0.134]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\CLTLMC.DLL] [symantec Corporation, 9.5.0.26]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\CLTLMS.DLL] [symantec Corporation, 9.5.0.26]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\SYMRDRSV.DLL] [symantec Corporation, 9.1.0.54]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\APPMGR32.DLL] [symantec Corporation, 16.5.0.134]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\HNCORE.DLL] [symantec Corporation, 16.5.0.134]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\SymNeti.dll] [symantec Corporation, 9.1.0.54]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\avModule.dll] [symantec Corporation, 16.5.0.134]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\AVIfc.dll] [symantec Corporation, 16.5.0.134]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\FWGenPlg.dll] [symantec Corporation, 16.5.0.134]
[C:\WINDOWS\system32\msjetoledb40.dll] [, ]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\FWHelper.dll] [symantec Corporation, 16.5.0.134]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\BHClient.dll] [symantec Corporation, 5.5.0.48]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\coDataPr.dll] [symantec Corporation, 2009.5.0.66]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\QBackup.dll] [symantec Corporation, 16.5.0.134]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\IMCfg.dll] [symantec Corporation, 16.5.0.134]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\bbRGen.dll] [symantec Corporation, 5.5.0.48]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\NUMEng.dll] [symantec Corporation, 2009.5.0.236]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\LUE.DLL] [symantec Corporation, 1.1.0.39]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\FWSetup.dll] [symantec Corporation, 16.5.0.134]
[PID: 644 / SYSTEM][C:\WINDOWS\system32\HPZipm12.exe] [HP, 10, 1, 1, 5]
[PID: 1852 / USŁUGA LOKALNA][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1696 / USŁUGA LOKALNA][C:\WINDOWS\ehome\mcrdsvc.exe] [Microsoft Corporation, 4.1.2710.2732 (xpsp(wmbla).050805-1239)]
[PID: 2540 / SYSTEM][C:\Program Files\iPod\bin\iPodService.exe] [Apple Inc., 7.5.0.20]
[C:\Program Files\iPod\bin\iPodService.Resources\pl.lproj\iPodServiceLocalized.DLL] [Apple Inc., 7.5.0.13]
[C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL] [Apple Inc., 7.5.0.20]
[PID: 2708 / SYSTEM][C:\WINDOWS\system32\dllhost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
[PID: 3188 / USŁUGA LOKALNA][C:\WINDOWS\System32\alg.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[PID: 2956 / Milena][C:\WINDOWS\eHome\ehmsas.exe] [(Verified) Microsoft Corporation, 5.1.2710.2732 (xpsp(wmbla).050805-1239)]
[PID: 3132 / Milena][C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccSvcHst.exe] [symantec Corporation, 108.1.0.24]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccL80U.dll] [symantec Corporation, 108.1.0.24]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccVrTrst.dll] [symantec Corporation, 108.1.0.24]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\EFACli.dll] [symantec Corporation, 1.0.2.8]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccIPC.dll] [symantec Corporation, 108.1.0.24]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccSvc.dll] [symantec Corporation, 108.1.0.24]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\srtsp32.dll] [symantec Corporation, 11.1.0.22]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\UIHOST.DLL] [symantec Corporation, 2009.5.0.236]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\NPCTRAY.DLL] [symantec Corporation, 2009.5.0.236]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\isDataPr.dll] [symantec Corporation, 16.5.0.134]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\AVPAPP32.DLL] [symantec Corporation, 16.5.0.134]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\BHCLIENT.DLL] [symantec Corporation, 5.5.0.48]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\AVIfc.dll] [symantec Corporation, 16.5.0.134]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\ASOEHOOK.DLL] [symantec Corporation, 4.5.0.44]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccJobMgr.dll] [symantec Corporation, 108.1.0.24]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\CCEMLPXY.DLL] [symantec Corporation, 108.1.0.24]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccSet.dll] [symantec Corporation, 108.1.0.24]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccGEvt.dll] [symantec Corporation, 108.1.0.24]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\CLTALDIS.DLL] [symantec Corporation, 9.5.0.26]
[C:\Program Files\Norton Internet Security\MUI\16.5.0.134\15\01\cltRes.loc] [symantec Corporation, 9.5.0.26]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\FWSESAL.DLL] [symantec Corporation, 16.5.0.134]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\coDataPr.dll] [symantec Corporation, 2009.5.0.66]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\ACCTMGR.DLL] [symantec Corporation, 2009.5.0.66]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\SymRedir.dll] [symantec Corporation, 9.1.0.54]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\SDKCMN.DLL] [symantec Corporation, 4.1.0.27]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\CLTLMC.DLL] [symantec Corporation, 9.5.0.26]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\UIALERT.DLL] [symantec Corporation, 2009.5.0.236]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\asFilter.dll] [symantec Corporation, 4.5.0.44]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\asUniPlg.dll] [symantec Corporation, 4.5.0.44]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\AVMail.dll] [symantec Corporation, 16.5.0.134]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\AppMgr32.dll] [symantec Corporation, 16.5.0.134]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\NPCStatus.dll] [symantec Corporation, 2009.5.0.236]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\hsui.dll] [symantec Corporation, 2009.5.0.236]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\cltui.dll] [symantec Corporation, 2009.5.0.236]
[C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\CLT\cltLMSx.dll] [symantec Corporation, 9.5.0.26]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\isPwd.dll] [symantec Corporation, 16.5.0.134]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\SYMHTML.DLL] [symantec Corporation, 3.5.0.43]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\uiPerfsv.dll] [symantec Corporation, 2009.5.0.236]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\diMaster.dll] [symantec Corporation, 5.5.0.58]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\cltNAHD.dll] [symantec Corporation, 9.5.0.26]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\Settings.dll] [symantec Corporation, 16.5.0.134]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\asSetHlp.dll] [symantec Corporation, 4.5.0.44]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\asBAList.dll] [symantec Corporation, 4.5.0.44]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\IMCfg.dll] [symantec Corporation, 16.5.0.134]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\RuleUI.dll] [symantec Corporation, 16.5.0.134]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\asAdITsk.dll] [symantec Corporation, 4.5.0.44]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\asAuAdIm.dll] [symantec Corporation, 4.5.0.44]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\asAddrBk.dll] [symantec Corporation, 4.5.0.44]
[C:\Program Files\Internet Explorer\mui\0415\msidntld.dll] [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
[PID: 620 / Milena][D:\Programy\Konnekt\konnekt.exe] [stamina, 0.6.22.137]
[D:\Programy\Konnekt\ui.dll] [stamina, 0.1.22.54]
[D:\Programy\Konnekt\data\dll\DevIL.dll] [Abysmal Software, 1.6.7]
[D:\Programy\Konnekt\data\dll\DevILUT.dll] [Abysmal Software, 1.6.6]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\ASOEHOOK.DLL] [symantec Corporation, 4.5.0.44]
[D:\Programy\Konnekt\plugins\exPIMP.dll] [stamina, 1.3]
[D:\Programy\Konnekt\plugins\gg.dll] [stamina, 1.7.2]
[D:\Programy\Konnekt\data\dll\libgaduw32.dll] [, 1.181.1]
[D:\Programy\Konnekt\data\dll\SSLEAY32.dll] [N/A, ]
[D:\Programy\Konnekt\data\dll\LIBEAY32.dll] [N/A, ]
[D:\Programy\Konnekt\plugins\kIEview.dll] [stamina-Konnekt, 0.1.8.3]
[D:\Programy\Konnekt\plugins\konnferencja.dll] [stamina, 1.0]
[D:\Programy\Konnekt\plugins\kstyle.dll] [stamina, 1.2.1]
[D:\Programy\Konnekt\plugins\kTransfer.dll] [Piotr Pawluczuk, Rafał Lindemann, 2.0.0.11]
[D:\Programy\Konnekt\plugins\notify.dll] [stamina-Konnekt, 0.4.7.2]
[D:\Programy\Konnekt\data\dll\DevILU.dll] [Abysmal Software, 1.6.6]
[D:\Programy\Konnekt\plugins\sms.dll] [stamina, 1.8.2]
[D:\Programy\Konnekt\data\dll\LuaPlus.dll] [, 5.0.0.4]
[D:\Programy\Konnekt\plugins\sound.dll] [stamina, 1.4.0]
[D:\Programy\Konnekt\plugins\update.dll] [stamina, 2.7]
[D:\Programy\Konnekt\data\dll\SMemory.dll] [N/A, ]
[D:\Programy\Konnekt\plugins\kSL.dll] [, 0.0.5.9]
[PID: 1736 / Milena][C:\Program Files\Opera\opera.exe] [Opera Software, 10487]
[C:\Program Files\Opera\Opera.dll] [Opera Software, 10487]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\ASOEHOOK.DLL] [symantec Corporation, 4.5.0.44]
[C:\Program Files\Opera\Program\Plugins\NPSWF32.dll] [, ]
[D:\Programy\SUPERantispyware\SASSEH.DLL] [superAdBlocker.com, 1, 0, 0, 1012]
[PID: 3876 / Milena][C:\Program Files\Outlook Express\msimn.exe] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\Internet Explorer\mui\0415\acctres.dll] [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
[C:\Program Files\Internet Explorer\mui\0415\inetres.dll] [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
[C:\Program Files\Internet Explorer\mui\0415\msoeres.dll] [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\ASOEHOOK.DLL] [symantec Corporation, 4.5.0.44]
[C:\Program Files\Internet Explorer\mui\0415\msidntld.dll] [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
[C:\Program Files\Internet Explorer\mui\0415\shdoclc.dll] [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\asUniPlg.dll] [symantec Corporation, 4.5.0.44]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccL80U.dll] [symantec Corporation, 108.1.0.24]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccVrTrst.dll] [symantec Corporation, 108.1.0.24]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\EFACli.dll] [symantec Corporation, 1.0.2.8]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccSet.dll] [symantec Corporation, 108.1.0.24]
[C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccIPC.dll] [symantec Corporation, 108.1.0.24]
[C:\Program Files\Internet Explorer\mui\0415\wab32res.dll] [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
[PID: 3712 / Milena][C:\Documents and Settings\Milena\Desktop\sr\SREngLdr.EXE] [smallfrogs Studio, 2.7.0.1210]
[PID: 2112 / Milena][C:\Documents and Settings\Milena\Desktop\sr\SRE4e0d2150.EXE] [smallfrogs Studio, 2.7.0.1210]
[C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\16.5.0.134\ASOEHOOK.DLL] [symantec Corporation, 4.5.0.44]
[C:\Documents and Settings\Milena\Desktop\sr\Upload\3rdUpd.DLL] [smallfrogs Studio, 2, 1, 0, 15]

==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1 localhost

==================================
Process Privileges Scan
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1524, C:\PROGRAM FILES\HP\HP SOFTWARE UPDATE\HPWUSCHD2.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1532, D:\PROGRAMY\DAEMON\DAEMON.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 328, C:\PROGRAM FILES\COMMON FILES\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 620, D:\PROGRAMY\KONNEKT\KONNEKT.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1736, C:\PROGRAM FILES\OPERA\OPERA.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3712, C:\DOCUMENTS AND SETTINGS\MILENA\DESKTOP\SR\SRENGLDR.EXE]

==================================
Scheduled Tasks
[Enabled] AppleSoftwareUpdate.job
C:\Program Files\Apple Software Update\SoftwareUpdate.exe

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================


[/code]

ComboFix

Log do sprawdzenia

ComboFix 09-09-08.01 - Milena 2009-09-08 20:39.1.2 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1250.48.1033.18.958.475 [GMT 2:00]

Uruchomiony z: c:\documents and settings\Milena\Desktop\ComboFix.exe

AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}

FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\kb913800.exe

.

((((((((((((((((((((((((( Pliki utworzone od 2009-08-08 do 2009-09-08 )))))))))))))))))))))))))))))))

.

2009-09-08 17:44 . 2009-09-08 17:44 36400 ----a-r- c:\windows\system32\drivers\SymIM.sys

2009-09-08 17:44 . 2009-09-08 17:44 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL

2009-09-08 17:44 . 2009-09-08 17:44 124464 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

2009-09-08 17:44 . 2009-09-08 17:44 -------- d-----w- c:\program files\Symantec

2009-09-08 17:44 . 2009-09-08 17:44 -------- d-----w- c:\program files\Common Files\Symantec Shared

2009-09-08 17:43 . 2009-09-08 17:43 -------- d-----w- c:\windows\system32\drivers\NIS

2009-09-08 17:43 . 2009-09-08 17:43 -------- d-----w- c:\program files\Norton Internet Security

2009-09-08 17:43 . 2009-09-08 17:43 -------- d-----w- c:\program files\Windows Sidebar

2009-09-08 17:42 . 2009-09-08 17:42 -------- d-----w- c:\program files\NortonInstaller

2009-09-08 16:07 . 2009-09-08 16:07 -------- d-----w- c:\documents and settings\Milena\DoctorWeb

2009-09-08 15:32 . 2009-09-08 15:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2009-09-08 15:32 . 2009-09-08 15:36 -------- d-----w- c:\program files\Spybot - Search & Destroy

2009-09-08 14:10 . 2009-09-08 14:10 -------- d-----w- c:\windows\Sun

2009-09-08 14:08 . 2009-09-08 14:08 411368 ----a-w- c:\windows\system32\deploytk.dll

2009-09-08 14:08 . 2009-09-08 14:08 -------- d-----w- c:\program files\Java

2009-09-08 13:00 . 2009-09-08 13:00 -------- d-----w- c:\documents and settings\Milena\Local Settings\Application Data\Symantec

2009-09-07 13:19 . 2008-04-14 03:41 4255 ------w- c:\windows\system32\drivers\adv01nt5.dll

2009-09-07 13:18 . 2008-04-13 20:04 25471 ------w- c:\windows\system32\drivers\watv10nt.sys

2009-09-07 13:18 . 2008-04-13 20:04 22271 ------w- c:\windows\system32\drivers\watv06nt.sys

2009-09-07 12:03 . 2009-09-07 12:03 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com

2009-09-07 12:03 . 2009-09-07 12:03 -------- d-----w- c:\documents and settings\Milena\Application Data\SUPERAntiSpyware.com

2009-09-07 12:02 . 2009-09-07 12:02 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

2009-09-07 00:37 . 2009-09-07 00:37 -------- d-----w- c:\program files\MSXML 4.0

2009-09-06 22:26 . 2009-09-06 22:26 -------- d-----w- C:\S3Graphics

2009-09-06 21:45 . 2008-04-13 22:49 146048 ----a-w- c:\windows\system32\drivers\portcls.sys

2009-09-06 21:45 . 2008-04-13 22:15 60160 ----a-w- c:\windows\system32\drivers\drmk.sys

2009-09-06 21:45 . 2008-04-14 03:41 4096 ----a-w- c:\windows\system32\ksuser.dll

2009-09-06 21:44 . 2009-09-06 21:44 -------- d-----w- c:\program files\Common Files\InstallShield

2009-09-06 21:23 . 2009-09-07 22:14 -------- d-----w- c:\documents and settings\Milena\Application Data\Xfire

2009-09-06 21:21 . 2009-09-06 21:21 -------- d-----w- c:\documents and settings\Milena\Application Data\teamspeak2

2009-09-06 21:20 . 2009-09-06 21:27 -------- d-----w- c:\documents and settings\Milena\Application Data\Skype

2009-09-06 21:20 . 2009-09-07 10:01 -------- d-----w- c:\documents and settings\Milena\Local Settings\Application Data\Adobe

2009-09-06 21:12 . 2009-09-06 21:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Tlen.pl

2009-09-06 21:10 . 2009-09-06 21:10 -------- d-----w- c:\documents and settings\Milena\Application Data\Tlen.pl

2009-09-06 21:07 . 2009-09-07 10:00 -------- d-----w- c:\program files\Common Files\Adobe

2009-09-06 21:07 . 2009-09-06 13:50 -------- d-----w- c:\documents and settings\Milena\Application Data\Hamachi

2009-09-06 20:57 . 2009-09-06 20:57 3781585 ----a-w- c:\windows\Bebiko ScreenSaver.exe

2009-09-06 20:57 . 2009-09-06 20:57 18192 ----a-w- c:\windows\Bebiko ScreenSaver.dat

2009-09-06 20:56 . 2009-09-06 20:57 432992 ----a-w- c:\windows\Bebiko ScreenSaver.scr

2009-09-06 20:56 . 2009-09-06 20:57 40960 ----a-w- c:\windows\Bebiko ScreenSaver.dll

2009-09-06 14:01 . 2001-04-04 11:00 245760 ------w- c:\windows\system32\DECO_32.DLL

2009-09-06 14:00 . 1998-11-13 11:10 307200 ----a-w- c:\windows\IsUn0415.exe

2009-09-06 13:52 . 2009-09-06 13:52 -------- d-----w- c:\documents and settings\Milena\Application Data\Malwarebytes

2009-09-06 13:52 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-09-06 13:52 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-09-06 13:52 . 2009-09-06 13:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2009-09-06 13:49 . 2009-09-06 13:49 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys

2009-09-06 13:46 . 2009-09-06 13:46 -------- d-----w- c:\documents and settings\Milena\Application Data\Nokia

2009-09-06 13:46 . 2009-09-06 13:46 -------- d-----w- c:\documents and settings\Milena\Application Data\PC Suite

2009-09-06 13:46 . 2009-09-06 13:46 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite

2009-09-06 13:46 . 2009-09-06 13:46 -------- d-----w- c:\program files\Common Files\PCSuite

2009-09-06 13:46 . 2009-09-06 13:46 -------- d-----w- c:\program files\Common Files\Nokia

2009-09-06 13:46 . 2009-09-06 13:46 -------- d-----w- c:\program files\DIFX

2009-09-06 13:46 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys

2009-09-06 13:46 . 2009-09-06 13:46 -------- d-----w- c:\program files\PC Connectivity Solution

2009-09-06 13:45 . 2009-02-09 06:37 91136 ----a-w- c:\windows\system32\nmwcdcls.dll

2009-09-06 13:45 . 2009-09-06 13:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations

2009-09-06 13:39 . 2009-09-06 13:39 -------- d-----w- c:\windows\Logs

2009-09-06 13:39 . 2009-09-06 13:39 -------- d-----w- c:\program files\SpeedFan

2009-09-06 13:38 . 2009-09-06 13:38 -------- d-----w- c:\documents and settings\Milena\Application Data\Apple Computer

2009-09-06 13:38 . 2009-09-06 13:38 -------- d-----w- c:\program files\iPod

2009-09-06 13:37 . 2009-09-06 13:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer

2009-09-06 13:37 . 2009-09-06 13:37 -------- d-----w- c:\documents and settings\Milena\Local Settings\Application Data\Apple

2009-09-06 13:37 . 2009-09-06 13:37 -------- d-----w- c:\program files\Apple Software Update

2009-09-06 13:37 . 2009-09-06 13:46 -------- dc----w- c:\windows\system32\DRVSTORE

2009-09-06 13:37 . 2009-09-06 13:37 -------- d-----w- c:\program files\Common Files\Apple

2009-09-06 13:37 . 2009-09-06 13:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple

2009-09-06 13:36 . 2009-09-06 13:38 -------- d-----w- c:\documents and settings\Milena\Local Settings\Application Data\Apple Computer

2009-09-06 13:33 . 2009-09-06 13:34 -------- d-----w- c:\documents and settings\All Users\Application Data\QuickTime

2009-09-06 13:21 . 2009-09-06 13:22 -------- d-----w- c:\windows\ShellNew

2009-09-06 12:52 . 2009-09-06 12:52 -------- d-----w- c:\documents and settings\Milena\Application Data\AdobeAUM

2009-09-06 12:52 . 2009-09-06 12:52 -------- d-----w- c:\documents and settings\Milena\Application Data\AdobeUM

2009-09-06 12:30 . 2009-09-06 12:30 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet

2009-09-06 11:57 . 2009-09-06 11:57 -------- d-----w- c:\documents and settings\All Users\Application Data\HP

2009-09-06 11:56 . 2009-09-06 11:56 -------- d-----w- c:\program files\Common Files\HP

2009-09-06 11:55 . 2009-09-06 11:55 -------- d-----w- c:\program files\Hewlett-Packard

2009-09-06 11:54 . 2009-09-06 11:54 -------- d-----w- c:\program files\Common Files\Hewlett-Packard

2009-09-06 11:45 . 2006-03-03 19:03 282680 ----a-w- c:\windows\system32\HPZidr12.dll

2009-09-06 11:45 . 2006-03-03 19:03 65536 ----a-w- c:\windows\system32\HPZinw12.exe

2009-09-06 11:45 . 2006-03-03 19:03 69632 ----a-w- c:\windows\system32\HPZipm12.exe

2009-09-06 11:45 . 2006-03-03 19:02 204800 ----a-w- c:\windows\system32\HPZipr12.dll

2009-09-06 11:45 . 2006-03-03 19:02 94208 ----a-w- c:\windows\system32\HPZipt12.dll

2009-09-06 11:45 . 2006-03-03 19:02 57344 ----a-w- c:\windows\system32\HPZisn12.dll

2009-09-06 11:45 . 1998-10-29 14:45 306688 ----a-w- c:\windows\IsUninst.exe

2009-09-06 11:44 . 2009-09-06 11:56 -------- d-----w- c:\program files\HP

2009-09-06 11:41 . 2008-04-13 22:17 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys

2009-09-06 11:28 . 2009-09-06 11:57 120188 ----a-w- c:\windows\hpoins11.dat

2009-09-06 11:27 . 2009-09-06 11:27 -------- d-----w- c:\documents and settings\Milena\Application Data\Sony Corporation

2009-09-06 11:20 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll

2009-09-06 11:18 . 2006-11-02 14:57 118520 ----a-w- c:\windows\system32\PxInsI64.exe

2009-09-06 11:18 . 2006-10-18 17:43 115960 ----a-w- c:\windows\system32\PxCpyI64.exe

2009-09-06 11:18 . 2006-08-28 19:48 2560 ----a-w- c:\windows\system32\drivers\cdralw2k.sys

2009-09-06 11:18 . 2006-08-28 19:48 2432 ----a-w- c:\windows\system32\drivers\cdr4_xp.sys

2009-09-06 11:16 . 2009-09-06 11:16 -------- d-----w- c:\documents and settings\Milena\Application Data\InstallShield

2009-09-06 05:08 . 2009-09-06 05:08 -------- d-----w- c:\documents and settings\Milena\Local Settings\Application Data\Identities

2009-09-06 02:14 . 2009-09-06 02:14 -------- d-----w- c:\windows\system32\wbem\MUI

2009-09-06 02:14 . 2001-12-05 03:00 65536 ----a-w- c:\windows\system32\WMErrPLK.dll

2009-09-06 02:14 . 2009-09-06 02:14 -------- d-----w- c:\program files\Windows XP MUI Pack

2009-09-06 02:02 . 2008-04-13 22:15 46592 ------w- c:\windows\system32\drivers\irbus.sys

2009-09-06 02:02 . 2008-04-13 22:15 19200 ------w- c:\windows\system32\drivers\hidir.sys

2009-09-06 01:55 . 2009-09-06 01:56 -------- d-----w- c:\windows\system32\URTTemp

2009-09-06 01:54 . 2009-09-06 01:59 -------- d-----w- c:\documents and settings\Milena\Local Settings\Application Data\ApplicationHistory

2009-09-06 01:41 . 2009-09-06 01:41 -------- d-----w- c:\documents and settings\Milena\Local Settings\Application Data\Opera

2009-09-06 01:41 . 2009-09-06 01:41 -------- d-----w- c:\program files\Opera

2009-09-06 01:32 . 2009-09-07 13:21 -------- d-----w- c:\windows\ServicePackFiles

2009-09-06 01:14 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys

2009-09-06 01:14 . 2008-06-13 11:05 272128 ------w- c:\windows\system32\drivers\bthport.sys

2009-09-06 01:13 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys

2009-09-06 01:13 . 2008-04-11 19:04 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll

2009-09-06 01:12 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys

2009-09-06 01:12 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll

2009-09-06 01:12 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll

2009-09-06 01:12 . 2008-04-21 12:08 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe

2009-09-06 01:11 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll

2009-09-06 01:11 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll

2009-09-06 01:11 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe

2009-09-06 01:11 . 2009-02-09 12:10 729088 -c----w- c:\windows\system32\dllcache\lsasrv.dll

2009-09-06 01:11 . 2009-02-09 12:10 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll

2009-09-06 01:11 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll

2009-09-06 01:11 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll

2009-09-06 01:11 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll

2009-09-06 01:11 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe

2009-09-06 01:11 . 2009-02-06 11:08 2189056 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe

2009-09-06 01:11 . 2009-02-06 11:06 2145280 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe

2009-09-06 01:11 . 2009-02-06 10:32 2023936 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe

.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-09-08 17:44 . 2009-09-08 17:44 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF

2009-09-08 17:44 . 2009-09-08 17:44 7386 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT

2009-09-06 21:46 . 2009-09-06 21:46 -------- d-----w- c:\program files\Analog Devices

2009-09-06 13:14 . 2009-09-06 21:46 -------- d--h--w- c:\program files\InstallShield Installation Information

2009-09-06 00:37 . 2009-09-06 00:37 -------- d-----w- c:\program files\microsoft frontpage

2009-09-06 00:28 . 2009-09-05 23:55 21640 ----a-w- c:\windows\system32\emptyregdb.dat

2009-09-05 23:54 . 2009-09-05 23:54 -------- d-----w- c:\program files\Windows Plus

2009-08-13 19:53 . 2009-08-13 19:53 41872 ----a-w- c:\windows\system32\xfcodec.dll

2009-08-05 09:01 . 2006-08-24 12:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll

2009-07-29 04:37 . 2006-08-24 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll

2009-07-29 04:37 . 2006-08-24 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll

2009-07-17 19:01 . 2006-08-24 12:00 58880 ----a-w- c:\windows\system32\atl.dll

2009-07-13 08:08 . 2006-08-24 12:00 286720 ----a-w- c:\windows\system32\wmpdxm.dll

2009-06-26 16:50 . 2006-08-24 12:00 666624 ----a-w- c:\windows\system32\wininet.dll

2009-06-26 16:50 . 2006-08-24 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll

2009-06-25 18:36 . 2006-08-24 12:00 95744 ----a-w- c:\windows\system32\mqsec.dll

2009-06-25 18:36 . 2006-08-24 12:00 661504 ----a-w- c:\windows\system32\mqqm.dll

2009-06-25 18:36 . 2006-08-24 12:00 517120 ----a-w- c:\windows\system32\mqsnap.dll

2009-06-25 18:36 . 2006-08-24 12:00 48640 ----a-w- c:\windows\system32\mqupgrd.dll

2009-06-25 18:36 . 2006-08-24 12:00 471552 ----a-w- c:\windows\system32\mqutil.dll

2009-06-25 18:36 . 2006-08-24 12:00 47104 ----a-w- c:\windows\system32\mqdscli.dll

2009-06-25 18:36 . 2006-08-24 12:00 225280 ----a-w- c:\windows\system32\mqoa.dll

2009-06-25 18:36 . 2006-08-24 12:00 186880 ----a-w- c:\windows\system32\mqtrig.dll

2009-06-25 18:36 . 2006-08-24 12:00 177152 ----a-w- c:\windows\system32\mqrt.dll

2009-06-25 18:36 . 2006-08-24 12:00 16896 ----a-w- c:\windows\system32\mqise.dll

2009-06-25 18:36 . 2006-08-24 12:00 138240 ----a-w- c:\windows\system32\mqad.dll

2009-06-25 18:36 . 2006-08-24 12:00 123392 ----a-w- c:\windows\system32\mqrtdep.dll

2009-06-22 11:49 . 2006-08-24 12:00 19968 ----a-w- c:\windows\system32\mqbkup.exe

2009-06-22 11:49 . 2006-08-24 12:00 117248 ----a-w- c:\windows\system32\mqtgsvc.exe

2009-06-22 11:49 . 2006-08-24 12:00 4608 ----a-w- c:\windows\system32\mqsvc.exe

2009-06-22 11:48 . 2006-08-24 12:00 91776 ----a-w- c:\windows\system32\drivers\mqac.sys

2009-06-12 12:31 . 2006-08-24 12:00 80896 ----a-w- c:\windows\system32\tlntsess.exe

2009-06-12 12:31 . 2006-08-24 12:00 76288 ----a-w- c:\windows\system32\telnet.exe

.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]

"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-08-24 925696]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]

"DAEMON Tools-1033"="d:\programy\Daemon\daemon.exe" [2002-06-22 73728]

"QuickTime Task"="d:\programy\applequicktime\QTTask.exe" [2007-12-11 286720]

"iTunesHelper"="d:\programy\iTunes\iTunesHelper.exe" [2007-12-11 267048]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-08 149280]

"VTTimer"="VTTimer.exe" - c:\windows\system32\VTTimer.exe [2006-08-24 53248]

"VTTrayp"="VTtrayp.exe" - c:\windows\system32\VTTrayp.exe [2006-08-24 163840]

"High Definition Audio Property Page Shortcut"="HDAShCut.exe" - c:\windows\system32\HdAShCut.exe [2004-10-27 61952]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-9-6 110592]

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]

Microsoft Office.lnk - d:\programy\Office\Office10\OSA.EXE [2001-2-13 83360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "d:\programy\SUPERantispyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2009-09-03 13:21 548352 ----a-w- d:\programy\SUPERantispyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

@="FSFilter Activity Monitor"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=

"d:\\Programy\\iTunes\\iTunes.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R0 axwhisky;axwhisky;c:\windows\system32\drivers\axwhisky.sys [2003-07-02 5248]

R0 axwskbus;axwskbus;c:\windows\system32\drivers\axwskbus.sys [2003-07-02 124160]

R0 Stlth317;Stlth317;c:\windows\system32\drivers\stlth317.sys [2002-08-07 83360]

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1005000.086\SymEFA.sys [2009-09-08 310320]

R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2006-08-24 11264]

R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NIS\1005000.086\BHDrvx86.sys [2009-09-08 258608]

R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1005000.086\cchpx86.sys [2009-09-08 482352]

R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090904.002\IDSXpx86.sys [2009-09-08 276344]

R1 SASDIFSV;SASDIFSV;d:\programy\SUPERantispyware\sasdifsv.sys [2009-09-04 9968]

R1 SASKUTIL;SASKUTIL;d:\programy\SUPERantispyware\SASKUTIL.SYS [2009-09-04 74480]

R2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.5.0.134\ccSvcHst.exe [2009-09-08 115560]

S3 SASENUM;SASENUM;d:\programy\SUPERantispyware\SASENUM.SYS [2009-09-04 7408]

--- Inne Usługi/Sterowniki w Pamięci ---

*NewlyCreated* - AUJASNKJ

*Deregistered* - aujasnkj

.

Zawartość folderu 'Zaplanowane zadania'

2009-09-06 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 12:57]

.

.

------- Skan uzupełniający -------

.

uStart Page = hxxp://www.vobis.pl/

uInternet Settings,ProxyOverride = *.local

IE: E&ksport do programu Microsoft Excel - d:\programy\Office\Office10\EXCEL.EXE/3000

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-09-08 20:42

Windows 5.1.2600 Service Pack 3 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone

ukryte pliki: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton Internet Security]

"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.5.0.134\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.5.0.134\diMaster.dll\" /prefetch:1"

.

--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]

@Denied: (A 2) (Everyone)

@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

- - - - - - - > 'winlogon.exe'(1088)

d:\programy\SUPERantispyware\SASWINLO.dll

.

Czas ukończenia: 2009-09-08 20:43

ComboFix-quarantined-files.txt 2009-09-08 18:43

Przed: 4 812 722 176 bytes free

Po: 4 899 491 840 bajtów wolnych

WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

296 --- E O F --- 2009-09-08 10:23

Na innym forum polecono mi, abym zmieniła port na 587. I istotnie, wysyła, tylko ja się jednak martwię, naczytałam się trochę na innych stronach, że to może być trojan, który może też robić inne szkody. Sprawdzałam telnetem port 25 jest zablokowany, stało się to nagle, jak wyżej wspomniałam wysyłałam cztery maile, trzy wysłały się, na czwartym się już "zawiesiło" i do tej pory ani drgnęło :) Może to ten Norton przyblokował jakoś trwale ten port?

Przepraszam za tak obszerne rozpisanie się i z góry dziękuję za każdą próbę pomocy. :)

EDIT:

Szukam troszkę z pomocą google ustaliłam, że pliki odtext.dll, odpdx32.dll to jakieś robaki (?!) i że są to pliki systemowe (więc w końcu wirus, czy antywirus źle poinformował?! różnie ludzie piszą), a usunięcie ich nie jest dobrym rozwiązaniem, problem w tym, że już je usunęłam i jakie skutki będą - jeszcze nie wiem... Mks niestety ponownie się w tym samym miejscu wiesza, więc dalej nie przeskanuję, ale raczej bardzo prawdopodobne jest już, że komputer ponownie jest zainfekowany i to mi blokuje port...

Próbowałam przywrócić te pliki z płytki Windowsa, niestety mam płytkę Vobisu, a system po znalezieniu 4 brakujących plików woła o płytkę Windowsa XP Professional.... więc plików nie przywróciłam, portu nie odblokowałam. Chyba format?

MarekM25
komentarz
komentarz

Ja w logu nic nie zauważyłem tak poważnego, ale czasami mogę coś przeoczyć. Jeżeli jednak wysyła Ci maile z innego portu to nie powinnaś się raczej przejmować:)

iluzja
komentarz
komentarz

Dziękuję za odpowiedź. :) Jednak potrzebny był format, okazało się, że dostawca mnie zablokował, bo komputer był zainfekowany i rozsyłał spam... Jestem zaskoczona, gdzie w ciągu 3 dni po formacie złapałam takiego wirusa znów. Teraz aż się boję korzystać z Internetu, mam włączoną zaporę, ciągle aktualizowanego antywirusa, nie wiem skąd mi się to wszystko bierze. :( Może ten wirus ciągle gdzieś jest na pozostałych partycjach? Bo ja tylko C formatuję...

MarekM25
komentarz
komentarz

Internet Explorer (Version = 6.0.2900.5512)-możliwe, że stąd z aktualizuj IE do najnowszej wersji

iluzja
komentarz
komentarz

Internet Explorer (Version = 6.0.2900.5512)-możliwe, że stąd z aktualizuj IE do najnowszej wersji

A jeśli w ogóle nie korzystam już z IE, tylko z Opery...to też muszę? :) Tak też początkowo myślałam, że to wina IE, za pierwszym razem z niej od czasu do czasu korzystałam, ale po pierwszym formacie, nie chcąc mieć z nią już nic wspólnego, nie włączyłam jej ani razu, a wirus i tak się pojawił nie wiadomo skąd :( nic nie ściągałam, nic nie pobierałam...

MarekM25
komentarz
komentarz

W razie czego najlepiej wszystko aktualizować;)

iluzja
komentarz
komentarz

Może i racja :) W takim razie zaraz zaktualizuję. Dziękuję za pomoc :)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.