x-kom hosting

Problem z zainfekowanym oprogramowaniem.

Gość
utworzono
utworzono (edytowane)

Cześć mam problem, jakiś wirus podmienił mi kilka plików m.in w WMP i IE. Oto skany:

RSIT: [log]Logfile of random's system information tool 1.06 (written by random/random)
Run by kretton at 2009-10-14 18:54:21
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive C: has 10 GB (49%) free of 20 GB
Total RAM: 2047 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:54:23, on 2009-10-14
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
E:\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
E:\Personal Firewall 4\kpf4ss.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
E:\Personal Firewall 4\kpf4gui.exe
E:\BlueSoleil\BsHelpCS.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
E:\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Windows Media Player\wmplayer.exe
E:\Mozilla Firefox\firefox.exe
C:\Documents and Settings\kretton\Pulpit\RSIT.exe
C:\Program Files\trend micro\kretton.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Livebox\SearchURLHook\SearchPageURL.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\Spybot\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\kretton\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\adobe reader\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\Livebox\SessionManager\SessionManager.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ares] "E:\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Statystyki dla ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Spybot\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Spybot\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: BlueSoleilCS - Unknown owner - E:\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - Unknown owner - E:\BlueSoleil\BsHelpCS.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - E:\Personal Firewall 4\kpf4ss.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 7912 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - E:\Spybot\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-07-28 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-12 762864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-07-28 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-08-28 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-08-28 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}]
IEPluginBHO Class - C:\Documents and Settings\kretton\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll [2009-07-27 42088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-07-28 256112]
{37B85A29-692B-4205-9CAD-2626E4993404}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-05-21 17881600]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-02-09 13680640]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-02-09 86016]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe [2008-02-08 227856]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-08-28 149280]
"Adobe Reader Speed Launcher"=E:\adobe reader\Reader\Reader_sl.exe [2009-02-27 35696]
"ORAHSSSessionManager"=C:\Program Files\Livebox\SessionManager\SessionManager.exe [2008-06-10 107248]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ares"=E:\Ares\Ares.exe [2009-02-03 1004544]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-28 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate]
E:\allplayer\ALLUpdate.exe [2009-06-04 869888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
E:\Ares\Ares.exe [2009-02-03 1004544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]
E:\BearShare\BearShare.exe /pause []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [2005-10-28 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
E:\BlueSoleil\BtTray.exe [2009-10-03 258134]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Quick Search Box]
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe /autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIDIA nTune]
C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2007-09-04 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Odkurzacz-MCD]
F:\Odkurzacz\odk_mcd.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
E:\Spybot\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-28 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
E:\Winamp\winampa.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2008-02-08 219664]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe"="C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server"
"E:\Gadu-Gadu\gg.exe"="E:\Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu"
"E:\BearShare\BearShare.exe"="E:\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files\Kaspersky Internet Security 7.0.1.325\Polish\setup.exe"="C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files\Kaspersky Internet Security 7.0.1.325\Polish\setup.exe:*:Enabled:Kaspersky Internet Security 7.0 Setup"
"E:\Personal Firewall 4\kpf4gui.exe"="E:\Personal Firewall 4\kpf4gui.exe:*:Enabled:Kerio Personal Firewall 4 - GUI"
"E:\Personal Firewall 4\kpf4ss.exe"="E:\Personal Firewall 4\kpf4ss.exe:*:Enabled:Kerio Personal Firewall 4 - Service"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe"="C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
"E:\Ares\Ares.exe"="E:\Ares\Ares.exe:*:Disabled:Ares p2p for windows"
"E:\Nowe Gadu-Gadu\gg.exe"="E:\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu"
"E:\BlueSoleil\BlueSoleilCS.exe"="E:\BlueSoleil\BlueSoleilCS.exe:*:Enabled:BlueSoleilCS"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 3 months======

2009-10-14 17:48:12 ----HDC---- C:\WINDOWS\$NtUninstallKB974455$
2009-10-14 17:48:07 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-14 17:46:40 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-14 17:46:36 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-14 17:46:27 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-14 17:46:09 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-14 17:45:54 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-14 17:44:58 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-14 17:44:51 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-14 17:44:48 ----A---- C:\WINDOWS\imsins.BAK
2009-10-14 17:44:45 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-03 14:54:57 ----A---- C:\WINDOWS\system32\SHORTCUT.INI
2009-10-03 14:54:23 ----A---- C:\WINDOWS\system32\REMOTEDEVICE.INI
2009-10-03 14:54:20 ----A---- C:\WINDOWS\system32\LOCALSERVICE.INI
2009-10-03 14:54:18 ----A---- C:\WINDOWS\system32\LOCALDEVICE.INI
2009-10-03 14:53:16 ----A---- C:\WINDOWS\system32\BSPRINT.INI
2009-10-03 14:52:46 ----SHD---- C:\Config.Msi
2009-09-30 17:16:58 ----A---- C:\WINDOWS\system32\Autodial2000.dll
2009-09-30 17:16:52 ----A---- C:\WINDOWS\system32\w32n50.dll
2009-09-30 17:16:21 ----D---- C:\Program Files\Livebox
2009-09-30 17:04:38 ----N---- C:\WINDOWS\system32\atl71.dll
2009-09-30 17:04:38 ----D---- C:\Program Files\Common Files\France Telecom
2009-09-22 17:06:15 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-09-21 19:24:29 ----HD---- C:\BJPrinter
2009-09-21 19:24:22 ----A---- C:\WINDOWS\system32\CNMVS5y.DLL
2009-09-21 19:24:22 ----A---- C:\WINDOWS\system32\CNMLM5y.DLL
2009-09-21 17:50:11 ----D---- C:\Program Files\Microsoft Works
2009-09-21 17:49:58 ----D---- C:\Program Files\Microsoft Visual Studio
2009-09-21 17:49:58 ----D---- C:\Program Files\Common Files\DESIGNER
2009-09-21 17:49:44 ----D---- C:\Program Files\Microsoft.NET
2009-09-21 17:48:32 ----D---- C:\WINDOWS\SHELLNEW
2009-09-21 17:48:17 ----D---- C:\Program Files\Microsoft Office
2009-09-21 17:48:17 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
2009-09-21 17:48:05 ----RHD---- C:\MSOCache
2009-09-21 15:32:14 ----D---- C:\Program Files\Microsoft Silverlight
2009-09-20 16:50:58 ----A---- C:\WINDOWS\system32\MRT.exe
2009-09-20 15:46:15 ----D---- C:\Program Files\NVIDIA nTune Performance Application
2009-09-18 18:40:53 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-09-18 18:40:49 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-18 18:40:45 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-09-18 18:40:40 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-09-18 18:40:35 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-09-18 18:40:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-09-18 18:40:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-09-18 18:40:20 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-09-18 18:40:15 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-09-18 18:40:13 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-09-18 18:40:08 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-09-18 18:40:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-09-18 18:38:56 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2009-09-18 18:38:49 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-09-18 15:47:58 ----A---- C:\WINDOWS\BricoPackUninst.cmd
2009-09-18 15:44:29 ----A---- C:\WINDOWS\BricoPackUninst.txt
2009-09-18 15:44:29 ----A---- C:\WINDOWS\BricoPackFoldersDelete.cmd
2009-09-18 15:44:05 ----D---- C:\WINDOWS\BricoPacks
2009-09-08 19:40:13 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
2009-09-05 19:22:44 ----RSD---- C:\WINDOWS\assembly
2009-09-05 19:22:44 ----D---- C:\WINDOWS\Microsoft.NET
2009-09-05 19:22:42 ----D---- C:\WINDOWS\system32\URTTemp
2009-09-04 21:17:10 ----SHD---- C:\WINDOWS\CSC
2009-09-03 15:43:24 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Media Player Classic
2009-09-03 15:42:37 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-09-03 15:42:37 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-09-03 15:42:37 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-09-03 15:42:36 ----N---- C:\WINDOWS\system32\msvcr71.dll
2009-09-03 15:42:36 ----N---- C:\WINDOWS\system32\msvcp71.dll
2009-09-03 15:42:36 ----A---- C:\WINDOWS\system32\pncrt.dll
2009-09-03 15:42:35 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Real
2009-09-03 15:42:35 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Real
2009-09-02 22:08:18 ----A---- C:\WINDOWS\system32\xvidcore.dll
2009-09-02 22:08:18 ----A---- C:\WINDOWS\system32\iconv.dll
2009-09-02 22:08:16 ----D---- C:\Program Files\NAPI-PROJEKT
2009-09-01 19:27:22 ----D---- C:\Program Files\trend micro
2009-09-01 19:27:21 ----D---- C:\rsit
2009-08-30 23:20:13 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Vso
2009-08-30 23:13:36 ----D---- C:\Program Files\Jasc Software Inc
2009-08-30 22:58:30 ----A---- C:\WINDOWS\PhotoSnapViewer.INI
2009-08-29 17:03:48 ----D---- C:\WINDOWS\Minidump
2009-08-28 21:12:44 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Azureus
2009-08-28 21:12:42 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Azureus
2009-08-28 18:29:27 ----D---- C:\WINDOWS\Sun
2009-08-28 18:29:09 ----A---- C:\WINDOWS\system32\javaws.exe
2009-08-28 18:29:09 ----A---- C:\WINDOWS\system32\javaw.exe
2009-08-28 18:29:09 ----A---- C:\WINDOWS\system32\java.exe
2009-08-28 18:29:09 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-08-28 18:28:56 ----D---- C:\Program Files\Java
2009-08-28 18:27:12 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Sun
2009-08-27 19:34:02 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-08-26 10:40:13 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2009-08-08 20:50:14 ----A---- C:\WINDOWS\NeroDigital.ini
2009-08-02 13:38:20 ----A---- C:\WINDOWS\inout2.dll
2009-08-02 13:29:31 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Remere's Map Editor
2009-07-30 20:27:13 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Ahead
2009-07-30 20:26:13 ----D---- C:\Program Files\Common Files\Ahead
2009-07-29 14:14:11 ----HDC---- C:\WINDOWS\$NtUninstallKB972260$
2009-07-29 14:07:26 ----D---- C:\WINDOWS\system32\appmgmt
2009-07-28 21:47:06 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-07-28 21:47:02 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-07-28 21:46:56 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-07-28 21:46:52 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-07-28 21:46:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-07-28 21:46:43 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-07-28 21:46:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-07-28 21:46:25 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-07-28 21:46:20 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-07-28 21:46:15 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-28 21:46:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-07-28 21:45:57 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-07-28 21:45:50 ----HDC---- C:\WINDOWS\$NtUninstallKB969897$
2009-07-28 21:45:45 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-07-28 21:45:40 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-28 21:45:34 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-07-28 21:45:28 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-07-28 21:45:16 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-07-28 21:45:11 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-07-28 21:45:06 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2009-07-28 21:44:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-07-28 21:44:42 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-07-28 21:44:35 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-07-28 21:44:30 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-07-28 21:44:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-07-28 21:44:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-07-28 21:44:15 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-07-28 21:44:11 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-07-28 21:44:06 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-07-28 21:44:02 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-07-28 21:43:57 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-07-28 21:43:52 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-28 21:43:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-07-28 21:43:35 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-07-28 19:51:33 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Help
2009-07-28 19:44:03 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\WinRAR
2009-07-28 19:36:44 ----D---- C:\WINDOWS\pss
2009-07-28 19:32:38 ----D---- C:\Program Files\Kaspersky Lab
2009-07-28 19:32:38 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
2009-07-28 19:32:08 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files
2009-07-28 18:41:51 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Adobe
2009-07-28 18:33:03 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
2009-07-28 18:33:02 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\OpenFM
2009-07-28 18:33:02 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Macromedia
2009-07-28 17:47:59 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Nowe Gadu-Gadu
2009-07-28 13:38:16 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-07-28 13:38:16 ----N---- C:\WINDOWS\system32\pxwave.dll
2009-07-28 13:38:16 ----N---- C:\WINDOWS\system32\pxsfs.dll
2009-07-28 13:38:16 ----N---- C:\WINDOWS\system32\pxmas.dll
2009-07-28 13:38:16 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-07-28 13:38:16 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-07-28 13:38:16 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-07-28 13:38:16 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-07-28 13:38:16 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-07-28 13:38:16 ----N---- C:\WINDOWS\system32\px.dll
2009-07-28 13:25:09 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Google
2009-07-28 13:24:56 ----D---- C:\Program Files\Google
2009-07-28 13:24:56 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Google
2009-07-28 13:23:03 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Mozilla
2009-07-28 12:14:31 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2009-07-28 12:14:12 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Tibia
2009-07-27 20:57:10 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Ventrilo
2009-07-27 20:28:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-07-27 20:27:56 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-07-17 12:43:54 ----D---- C:\WINDOWS\system32\PreInstall
2009-07-17 12:43:53 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-07-17 12:43:53 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-17 12:36:40 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\NFS Underground
2009-07-17 12:35:31 ----D---- C:\Program Files\Common Files\DirectX
2009-07-17 12:24:21 ----D---- C:\WINDOWS\system32\AGEIA
2009-07-17 12:24:21 ----D---- C:\Program Files\AGEIA Technologies
2009-07-17 12:24:17 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-07-17 12:24:00 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-07-17 12:23:29 ----D---- C:\NVIDIA
2009-07-17 12:19:26 ----D---- C:\WINDOWS\system32\Lang
2009-07-17 12:18:03 ----D---- C:\WINDOWS\system32\RTCOM
2009-07-17 12:17:57 ----A---- C:\WINDOWS\vncutil.exe
2009-07-17 12:17:57 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2009-07-17 12:17:57 ----A---- C:\WINDOWS\SkyTel.exe
2009-07-17 12:17:57 ----A---- C:\WINDOWS\RtlUpd.exe
2009-07-17 12:17:56 ----A---- C:\WINDOWS\system32\RtkCoInstXP.dll
2009-07-17 12:17:56 ----A---- C:\WINDOWS\RTLCPL.EXE
2009-07-17 12:17:55 ----A---- C:\WINDOWS\RtkAudioService.exe
2009-07-17 12:17:55 ----A---- C:\WINDOWS\RTHDCPL.EXE
2009-07-17 12:17:54 ----D---- C:\Program Files\Realtek
2009-07-17 12:17:54 ----A---- C:\WINDOWS\MicCal.exe
2009-07-17 12:17:54 ----A---- C:\WINDOWS\ALCWZRD.EXE
2009-07-17 12:17:54 ----A---- C:\WINDOWS\ALCMTR.EXE
2009-07-17 12:17:43 ----A---- C:\WINDOWS\RtlExUpd.dll
2009-07-17 12:10:57 ----D---- C:\Program Files\NVIDIA Corporation
2009-07-17 12:10:24 ----A---- C:\WINDOWS\system32\CapabilityTable.exe
2009-07-17 12:10:18 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-07-17 12:09:44 ----A---- C:\WINDOWS\system32\nvunrm.exe
2009-07-17 12:08:40 ----A---- C:\WINDOWS\system32\nvconrm.dll
2009-07-17 12:08:40 ----A---- C:\WINDOWS\system32\fdco1.dll
2009-07-17 12:08:40 ----A---- C:\WINDOWS\system32\bdco1.dll
2009-07-17 11:59:37 ----D---- C:\WINDOWS\Prefetch
2009-07-17 11:56:01 ----N---- C:\WINDOWS\system32\msxml6r.dll
2009-07-17 11:56:01 ----N---- C:\WINDOWS\system32\msxml6.dll
2009-07-17 11:55:55 ----N---- C:\WINDOWS\system32\smtpapi.dll
2009-07-17 11:55:55 ----N---- C:\WINDOWS\system32\rwnh.dll
2009-07-17 11:55:54 ----N---- C:\WINDOWS\system32\credssp.dll
2009-07-17 11:55:54 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2009-07-17 11:55:54 ----N---- C:\WINDOWS\system32\azroles.dll
2009-07-17 11:55:54 ----N---- C:\WINDOWS\system32\aaclient.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\mmcperf.exe
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\mmcex.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\kmsvc.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\kbdpash.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\eapsvc.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\eapqec.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\eappprxy.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\eapphost.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\eappgnui.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\eappcfg.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\eapolqec.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\dot3ui.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\dot3svc.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\dot3msm.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\dot3api.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\dimsroam.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\setupn.exe
2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\rasqec.dll
2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\qutil.dll
2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\qcliprov.dll
2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\qagentrt.dll
2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\qagent.dll
2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\onex.dll
2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\napstat.exe
2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\napmontr.dll
2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\napipsec.dll
2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\mssha.dll
2009-07-17 11:55:51 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2009-07-17 11:55:51 ----N---- C:\WINDOWS\system32\wmphoto.dll
2009-07-17 11:55:51 ----N---- C:\WINDOWS\system32\wlanapi.dll
2009-07-17 11:55:51 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2009-07-17 11:55:51 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2009-07-17 11:55:51 ----N---- C:\WINDOWS\system32\verclsid.exe
2009-07-17 11:55:51 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-07-17 11:55:51 ----N---- C:\WINDOWS\system32\tspkg.dll
2009-07-17 11:55:51 ----N---- C:\WINDOWS\system32\tsgqec.dll
2009-07-17 11:55:50 ----N---- C:\WINDOWS\system32\xmllite.dll
2009-07-17 11:55:50 ----D---- C:\WINDOWS\system32\pl-pl
2009-07-17 11:55:50 ----D---- C:\WINDOWS\system32\pl
2009-07-17 11:55:50 ----D---- C:\WINDOWS\system32\bits
2009-07-17 11:55:50 ----D---- C:\WINDOWS\l2schemas
2009-07-17 11:54:05 ----D---- C:\WINDOWS\network diagnostic
2009-07-17 11:53:34 ----A---- C:\WINDOWS\005355_.tmp
2009-07-17 11:42:05 ----D---- C:\WINDOWS\SoftwareDistribution
2009-07-17 11:41:13 ----SD---- C:\WINDOWS\system32\Microsoft
2009-07-17 11:38:16 ----N---- C:\WINDOWS\system32\comsdupd.exe
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\kbdukx.dll
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\kbdsmsno.dll
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\kbdsmsfi.dll
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\kbdno1.dll
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\kbdmlt48.dll
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\kbdmlt47.dll
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\kbdmaori.dll
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\kbdinmal.dll
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\kbdinben.dll
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\kbdinbe1.dll
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\kbdfi1.dll
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\ieencode.dll
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\httpapi.dll
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\fwcfg.dll
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\fsquirt.exe
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\fltmc.exe
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\fltlib.dll
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\extmgr.dll
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\cmsetacl.dll
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\btpanui.dll
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\bthserv.dll
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\bthci.dll
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\blastcln.exe
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\bitsprx3.dll
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\bitsprx2.dll
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\auditusr.exe
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\ati3duag.dll
2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\wmpdxm.dll
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\wmpasf.dll
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\wmp.dll
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\wmerror.dll
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\winshfhc.dll
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\w3ssl.dll
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\twext.dll
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\strmfilt.dll
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\smbinst.exe
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\slserv.exe
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\slrundll.exe
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\slgen.dll
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\slextspk.dll
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\slcoinst.dll
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\sdhcinst.dll
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\s3gnb.dll
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\powercfg.exe
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\pnrpnsp.dll
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\p2psvc.dll
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\p2pnetsh.dll
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\p2pgraph.dll
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\p2pgasvc.dll
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\p2p.dll
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\msdadiag.dll
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\mp4sdmod.dll
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\mp43dmod.dll
2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2009-07-17 11:38:13 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2009-07-17 11:38:13 ----A---- C:\WINDOWS\system32\xpob2res.dll
2009-07-17 11:38:13 ----A---- C:\WINDOWS\system32\wmsdmoe2.dll
2009-07-17 11:38:13 ----A---- C:\WINDOWS\system32\wmidx.dll
2009-07-17 11:38:13 ----A---- C:\WINDOWS\system32\MsPMSNSv.dll
2009-07-17 11:38:12 ----N---- C:\WINDOWS\system32\xmlprovi.dll
2009-07-17 11:38:12 ----N---- C:\WINDOWS\system32\xmlprov.dll
2009-07-17 11:38:12 ----N---- C:\WINDOWS\system32\wuaueng1.dll
2009-07-17 11:38:12 ----N---- C:\WINDOWS\system32\wuauclt1.exe
2009-07-17 11:38:12 ----N---- C:\WINDOWS\system32\wshbth.dll
2009-07-17 11:38:12 ----N---- C:\WINDOWS\slrundll.exe
2009-07-17 11:38:12 ----D---- C:\WINDOWS\provisioning
2009-07-17 11:38:12 ----D---- C:\WINDOWS\peernet
2009-07-17 11:38:12 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-07-17 11:38:12 ----A---- C:\WINDOWS\system32\wups.dll
2009-07-17 11:38:12 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-07-17 11:38:12 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-07-17 11:38:12 ----A---- C:\WINDOWS\system32\wscsvc.dll
2009-07-17 11:38:12 ----A---- C:\WINDOWS\system32\wscntfy.exe
2009-07-17 11:38:12 ----A---- C:\WINDOWS\system32\wmvdmoe2.dll
2009-07-17 11:38:12 ----A---- C:\WINDOWS\system32\wmspdmoe.dll
2009-07-17 11:38:12 ----A---- C:\WINDOWS\system32\wmspdmod.dll
2009-07-17 11:36:56 ----A---- C:\WINDOWS\003635_.tmp
2009-07-17 11:36:50 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-07-17 11:17:41 ----A---- C:\WINDOWS\system32\dpcdll.dll
2009-07-17 11:17:25 ----N---- C:\WINDOWS\system32\spiisupd.exe
2009-07-17 11:17:25 ----N---- C:\WINDOWS\system32\asr_pfu.exe
2009-07-17 11:17:25 ----D---- C:\WINDOWS\ServicePackFiles
2009-07-17 11:17:25 ----D---- C:\WINDOWS\ehome
2009-07-17 11:17:24 ----N---- C:\WINDOWS\system32\mssap.dll
2009-07-17 11:17:24 ----N---- C:\WINDOWS\system32\msftedit.dll
2009-07-17 11:17:24 ----N---- C:\WINDOWS\system32\hccoin.dll
2009-07-17 11:17:24 ----N---- C:\WINDOWS\system32\faxpatch.exe
2009-07-17 11:17:24 ----N---- C:\WINDOWS\system32\encdec.dll
2009-07-17 11:17:24 ----N---- C:\WINDOWS\system32\dsprpres.dll
2009-07-17 11:17:24 ----N---- C:\WINDOWS\system32\ati3d2ag.dll
2009-07-17 11:17:24 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2009-07-17 11:17:24 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2009-07-17 11:17:24 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2009-07-17 11:17:23 ----N---- C:\WINDOWS\system32\xpsp1res.dll
2009-07-17 11:17:23 ----N---- C:\WINDOWS\system32\wmvcore2.dll
2009-07-17 11:17:23 ----N---- C:\WINDOWS\system32\winbrand.dll
2009-07-17 11:17:23 ----N---- C:\WINDOWS\system32\sbeio.dll
2009-07-17 11:17:23 ----N---- C:\WINDOWS\system32\sbe.dll
2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\wsecedit.dll
2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\winhttp.dll
2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\tracerpt.exe
2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\tlntsvrp.dll
2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\tlntsvr.exe
2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\tlntsess.exe
2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\tlntadmn.exe
2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\schtasks.exe
2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\rsnotify.exe
2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\nwwks.dll
2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\mqutil.dll
2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\mqtrig.dll
2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\mqsnap.dll
2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\mqsec.dll
2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\mqrt.dll
2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\mqqm.dll
2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\mqise.dll
2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\mqad.dll
2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\gptext.dll
2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\gpresult.exe
2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\fdeploy.dll
2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\appmgr.dll
2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\appmgmts.dll
2009-07-17 11:17:17 ----A---- C:\WINDOWS\winhlp32.exe
2009-07-17 11:17:17 ----A---- C:\WINDOWS\system32\adsmsext.dll
2009-07-17 11:17:17 ----A---- C:\WINDOWS\system32\adsldpc.dll
2009-07-17 11:17:17 ----A---- C:\WINDOWS\system32\adsldp.dll
2009-07-17 11:17:17 ----A---- C:\WINDOWS\system32\6to4svc.dll
2009-07-17 11:17:17 ----A---- C:\WINDOWS\hh.exe
2009-07-17 11:17:17 ----A---- C:\WINDOWS\explorer.exe
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\ctfmon.exe
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\cscui.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\cryptui.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\cryptsvc.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\cryptdlg.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\crypt32.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\credui.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\conime.exe
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\compatui.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\cmdl32.exe
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\cmdial32.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\clusapi.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\ciodm.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\cewmdm.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\certcli.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\cdm.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\browsewm.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\browseui.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\browser.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\browselc.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\batt.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\avifil32.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\autolfn.exe
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\audiosrv.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\atl.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\at.exe
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\asferror.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\apphelp.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\alg.exe
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\ahui.exe
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\advpack.dll
2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\adsnt.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\iesetup.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\ieaksie.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\ieakeng.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\idq.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\icm32.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\hnetcfg.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\hhsetup.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\framebuf.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\fontview.exe
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\fldrclnr.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\faultrep.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\expsrv.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\eventlog.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\eudcedit.exe
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\es.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\ersvc.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\els.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dxtrans.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dxmasf.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dwwin.exe
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\duser.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dumprep.exe
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dssenh.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dsquery.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dsprop.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\ds32gt.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\drmv2clt.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\drmstor.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\drmclien.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\docprop2.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dnsapi.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dinput8.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dinput.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\digest.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dgnet.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dfsshlex.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dfrgui.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dfrgsnap.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dfrgfat.exe
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\devmgr.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\defrag.exe
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dbnmpntw.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dbnetlib.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dbmsvinn.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dbmsrpcn.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dbmsadsn.dll
2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\danim.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\msdart.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\msctfp.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\msctf.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\mscpx32r.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\msconf.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\mscms.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\mpg4dmod.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\moricons.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\mobsync.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\mindex.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\logonui.exe
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\logagent.exe
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\localui.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\lmrt.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\licmgr10.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\laprxy.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\kerberos.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\kd1394.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\ixsso.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\iuengine.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\itss.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\itircl.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\ipv6mon.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\ipv6.exe
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\ipsecsvc.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\ippromon.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\iphlpapi.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\ipconfig.exe
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\inseng.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\input.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\imm32.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\imgutil.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\imeshare.dll
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\imapi.exe
2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\ils.dll
2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\msjet40.dll
2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\msisam11.dll
2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\msimtf.dll
2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\msimg32.dll
2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\msihnd.dll
2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\msiexec.exe
2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\msieftp.dll
2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\msi.dll
2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\mshtmler.dll
2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\mshtmled.dll
2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\msexcl40.dll
2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\msexch40.dll
2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\msdxmlc.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\netplwiz.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\netman.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\netlogon.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\netdde.exe
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\netcfgx.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\netapi32.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\net1.exe
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\net.exe
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\nddenb32.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msxml3.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msxml2.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msxbde40.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msvfw32.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msvcrt.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msvcp60.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msutb.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msuni11.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\mstime.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\mstext40.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\mstask.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\MSSCP.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msrle32.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msrepl40.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msrd2x40.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msrating.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\MsPMSP.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\mspbde40.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msorcl32.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msnsspc.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msnetobj.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msltus40.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\mslbui.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msjtes40.dll
2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msjetoledb40.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\rasppp.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\rasmans.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\raschap.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\query.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\psbase.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\psapi.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\pngfilt.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\ping.exe
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\pdh.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\pautoenr.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\packager.exe
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\osk.exe
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\opengl32.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\oleprn.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\ole32.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\offfilt.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\odbctrac.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\odbcp32r.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\odbccu32.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\odbccr32.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\odbccp32.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\odbcconf.exe
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\odbcconf.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\odbcbcp.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\odbcad32.exe
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\odbc32gt.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\odbc32.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\oakley.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\ntshrui.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\ntmssvc.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\ntmsdba.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\ntmsapi.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\ntmarta.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\ntlanman.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\npptools.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\nlhtml.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\newdev.dll
2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\netshell.dll
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\shdocvw.dll
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\sfcfiles.dll
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\sfc_os.dll
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\setup.exe
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\sensapi.dll
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\sens.dll
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\secur32.dll
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\sdbinst.exe
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\scesrv.dll
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\scecli.dll
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\sccsccp.dll
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\sccbase.dll
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\runonce.exe
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\rtcshare.exe
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\rsaenh.dll
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\rpcss.dll
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\riched20.dll
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\regapi.dll
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\reg.exe
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\redir.exe
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\rdpdd.dll
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\rcimlby.exe
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\rastls.dll
2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\rassapi.dll
2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\srclient.dll
2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\spoolss.dll
2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\spider.exe
2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\snmpapi.dll
2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\smlogsvc.exe
2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\smlogcfg.dll
2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\slayerxp.dll
2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\skeys.exe
2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\sigverif.exe
2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\sigtab.dll
2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\shsvcs.dll
2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\shmgrate.exe
2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\shlwapi.dll
2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\shimgvw.dll
2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\shimeng.dll
2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\shgina.dll
2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\shfolder.dll
2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\shell32.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\wextract.exe
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\webvw.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\webclnt.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\webcheck.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\w32time.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\vssapi.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\vdmredir.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\vbscript.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\uxtheme.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\utilman.exe
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\usp10.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\url.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\ups.exe
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\upnpui.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\upnphost.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\upnp.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\umandlg.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\udhisapi.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\trkwks.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\tracert.exe
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\themeui.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\taskmgr.exe
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\tapisrv.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\tapi32.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\sxs.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\strmdll.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\stobject.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\sti_ci.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\sti.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wmstream.dll
2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wmsdmoe.dll
2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wmsdmod.dll
2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wmpui.dll
2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wmpstub.exe
2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wmpshell.dll
2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wmploc.dll
2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wmpcore.dll
2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wmpcd.dll
2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\WMNetmgr.dll
2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wmasf.dll
2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wmadmoe.dll
2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wmadmod.dll
2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wlnotify.dll
2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wldap32.dll
2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\winsta.dll
2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\winmm.dll
2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wininet.dll
2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wiaservc.dll
2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wiadss.dll
2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\zipfldr.dll
2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\xenroll.dll
2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\xactsrv.dll
2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\wzcdlg.dll
2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\wtsapi32.dll
2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\wship6.dll
2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\wow32.dll
2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\wmvdmoe.dll
2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\wmvdmod.dll
2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\WMVCore.dll
2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\wmv8dmod.dll
2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\HAL.DLL
2009-07-17 11:16:46 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-07-17 11:16:46 ----A---- C:\WINDOWS\001234_.tmp
2009-07-17 11:16:33 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-07-17 11:16:31 ----A---- C:\WINDOWS\system32\jit.dll
2009-07-17 11:16:31 ----A---- C:\WINDOWS\system32\javaee.dll
2009-07-17 11:16:31 ----A---- C:\WINDOWS\system32\dx3j.dll
2009-07-17 11:16:31 ----A---- C:\WINDOWS\setdebug.exe
2009-07-17 11:16:29 ----A---- C:\WINDOWS\system32\wjview.exe
2009-07-17 11:16:29 ----A---- C:\WINDOWS\system32\vmhelper.dll
2009-07-17 11:16:29 ----A---- C:\WINDOWS\system32\msjdbc10.dll
2009-07-17 11:16:29 ----A---- C:\WINDOWS\system32\msjava.dll
2009-07-17 11:16:29 ----A---- C:\WINDOWS\system32\msawt.dll
2009-07-17 11:16:29 ----A---- C:\WINDOWS\system32\jview.exe
2009-07-17 11:16:29 ----A---- C:\WINDOWS\system32\jdbgmgr.exe
2009-07-17 11:16:29 ----A---- C:\WINDOWS\system32\javart.dll
2009-07-17 11:16:29 ----A---- C:\WINDOWS\system32\javaprxy.dll
2009-07-17 11:16:29 ----A---- C:\WINDOWS\system32\javacypt.dll
2009-07-17 11:16:28 ----A---- C:\WINDOWS\system32\clspack.exe
2009-07-16 21:11:56 ----N---- C:\WINDOWS\system32\nvuide.exe
2009-07-16 21:11:52 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-07-16 18:56:06 ----RASH---- C:\boot.ini
2009-07-16 18:53:30 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-07-16 18:53:28 ----HD---- C:\Program Files\InstallShield Installation Information
2009-07-16 18:53:28 ----D---- C:\Program Files\AMD
2009-07-16 18:52:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-16 18:52:53 ----RSD---- C:\WINDOWS\Fonts
2009-07-16 18:52:53 ----RD---- C:\WINDOWS\Web
2009-07-16 18:52:53 ----HD---- C:\WINDOWS\inf
2009-07-16 18:52:53 ----D---- C:\WINDOWS\WinSxS
2009-07-16 18:52:53 ----D---- C:\WINDOWS\twain_32
2009-07-16 18:52:53 ----D---- C:\WINDOWS\Temp
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\wins
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\wbem
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\usmt
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\spool
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\ShellExt
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\Setup
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\ras
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\oobe
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\npp
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\mui
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\inetsrv
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\IME
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\icsxml
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\ias
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\export
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\drivers
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\dhcp
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\config
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\3com_dmi
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\3076
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\2052
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\1054
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\1045
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\1042
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\1041
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\1037
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\1033
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\1031
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\1028
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\1025
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32
2009-07-16 18:52:53 ----D---- C:\WINDOWS\system
2009-07-16 18:52:53 ----D---- C:\WINDOWS\security
2009-07-16 18:52:53 ----D---- C:\WINDOWS\Resources
2009-07-16 18:52:53 ----D---- C:\WINDOWS\repair
2009-07-16 18:52:53 ----D---- C:\WINDOWS\mui
2009-07-16 18:52:53 ----D---- C:\WINDOWS\msapps
2009-07-16 18:52:53 ----D---- C:\WINDOWS\msagent
2009-07-16 18:52:53 ----D---- C:\WINDOWS\Media
2009-07-16 18:52:53 ----D---- C:\WINDOWS\java
2009-07-16 18:52:53 ----D---- C:\WINDOWS\ime
2009-07-16 18:52:53 ----D---- C:\WINDOWS\Help
2009-07-16 18:52:53 ----D---- C:\WINDOWS\Driver Cache
2009-07-16 18:52:53 ----D---- C:\WINDOWS\Debug
2009-07-16 18:52:53 ----D---- C:\WINDOWS\Cursors
2009-07-16 18:52:53 ----D---- C:\WINDOWS\Connection Wizard
2009-07-16 18:52:53 ----D---- C:\WINDOWS\Config
2009-07-16 18:52:53 ----D---- C:\WINDOWS\AppPatch
2009-07-16 18:52:53 ----D---- C:\WINDOWS\addins
2009-07-16 18:52:53 ----D---- C:\WINDOWS
2009-07-16 18:47:25 ----A---- C:\WINDOWS\system32\fdco_l2052.dll
2009-07-16 18:47:25 ----A---- C:\WINDOWS\system32\fdco_l1046.dll
2009-07-16 18:47:25 ----A---- C:\WINDOWS\system32\fdco_l1042.dll
2009-07-16 18:47:25 ----A---- C:\WINDOWS\system32\fdco_l1041.dll
2009-07-16 18:47:25 ----A---- C:\WINDOWS\system32\fdco_l1040.dll
2009-07-16 18:47:25 ----A---- C:\WINDOWS\system32\fdco_l1036.dll
2009-07-16 18:47:25 ----A---- C:\WINDOWS\system32\fdco_l1034.dll
2009-07-16 18:47:25 ----A---- C:\WINDOWS\system32\fdco_l1031.dll
2009-07-16 18:47:25 ----A---- C:\WINDOWS\system32\fdco_l1028.dll
2009-07-16 18:47:22 ----D---- C:\WINDOWS\NV636712.TMP
2009-07-16 18:47:22 ----A---- C:\WINDOWS\system32\bdco1ins.dll
2009-07-16 18:32:09 ----A---- C:\WINDOWS\IsUninst.exe
2009-07-16 18:31:25 ----D---- C:\Program Files\Common Files\Adobe
2009-07-16 18:31:11 ----A---- C:\WINDOWS\system32\mon.txt
2009-07-16 18:29:40 ----A---- C:\WINDOWS\VSWizard.ini
2009-07-16 18:16:04 ----D---- C:\WINDOWS\nview
2009-07-16 18:11:51 ----D---- C:\Program Files\Common Files\InstallShield
2009-07-16 18:08:32 ----D---- C:\WINDOWS\RegisteredPackages
2009-07-16 18:08:13 ----A---- C:\WINDOWS\system32\wstdecod.dll
2009-07-16 18:08:13 ----A---- C:\WINDOWS\system32\psisdecd.dll
2009-07-16 18:08:13 ----A---- C:\WINDOWS\system32\msyuv.dll
2009-07-16 18:08:13 ----A---- C:\WINDOWS\system32\msvidctl.dll
2009-07-16 18:08:13 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-07-16 18:08:12 ----A---- C:\WINDOWS\system32\quartz.dll
2009-07-16 18:08:12 ----A---- C:\WINDOWS\system32\qedwipes.dll
2009-07-16 18:08:12 ----A---- C:\WINDOWS\system32\qedit.dll
2009-07-16 18:08:12 ----A---- C:\WINDOWS\system32\qdvd.dll
2009-07-16 18:08:12 ----A---- C:\WINDOWS\system32\qdv.dll
2009-07-16 18:08:12 ----A---- C:\WINDOWS\system32\qcap.dll
2009-07-16 18:08:12 ----A---- C:\WINDOWS\system32\qasf.dll
2009-07-16 18:08:12 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2009-07-16 18:08:12 ----A---- C:\WINDOWS\system32\msdmo.dll
2009-07-16 18:08:12 ----A---- C:\WINDOWS\system32\mciqtz32.dll
2009-07-16 18:08:12 ----A---- C:\WINDOWS\system32\encapi.dll
2009-07-16 18:08:12 ----A---- C:\WINDOWS\system32\devenum.dll
2009-07-16 18:08:12 ----A---- C:\WINDOWS\system32\amstream.dll
2009-07-16 18:08:11 ----A---- C:\WINDOWS\system32\dswave.dll
2009-07-16 18:08:11 ----A---- C:\WINDOWS\system32\dmusic.dll
2009-07-16 18:08:11 ----A---- C:\WINDOWS\system32\dmsynth.dll
2009-07-16 18:08:11 ----A---- C:\WINDOWS\system32\dmstyle.dll
2009-07-16 18:08:11 ----A---- C:\WINDOWS\system32\dmscript.dll
2009-07-16 18:08:11 ----A---- C:\WINDOWS\system32\dmloader.dll
2009-07-16 18:08:11 ----A---- C:\WINDOWS\system32\dmime.dll
2009-07-16 18:08:11 ----A---- C:\WINDOWS\system32\dmcompos.dll
2009-07-16 18:08:11 ----A---- C:\WINDOWS\system32\dmband.dll
2009-07-16 18:08:11 ----A---- C:\WINDOWS\system32\d3d9.dll
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dxdiag.exe
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dx8vb.dll
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dx7vb.dll
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dsound3d.dll
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dsound.dll
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dsdmoprp.dll
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dsdmo.dll
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dpwsockx.dll
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dpvvox.dll
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dpvsetup.exe
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dpvoice.dll
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dpvacm.dll
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dpnlobby.dll
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dpnet.dll
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dpnaddr.dll
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dpmodemx.dll
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dplayx.dll
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dplaysvr.exe
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\ddrawex.dll
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\ddraw.dll
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\d3dim700.dll
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\d3d8.dll
2009-07-16 18:02:44 ----A---- C:\WINDOWS\system32\h323log.txt
2009-07-16 17:58:49 ----A---- C:\WINDOWS\system32\usbui.dll
2009-07-16 17:58:05 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-07-16 17:58:04 ----D---- C:\Program Files\Common Files\ODBC
2009-07-16 17:58:04 ----A---- C:\WINDOWS\ODBCINST.INI
2009-07-16 17:58:01 ----RD---- C:\Program Files
2009-07-16 17:58:01 ----D---- C:\Program Files\Common Files\SpeechEngines
2009-07-16 17:58:01 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-07-16 17:58:01 ----D---- C:\Program Files\Common Files
2009-07-16 17:57:58 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-07-16 17:57:58 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-07-16 17:57:58 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-07-16 17:57:56 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-07-16 17:57:56 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-07-16 17:57:56 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-07-16 17:57:56 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-07-16 17:57:56 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-07-16 17:57:56 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-07-16 17:57:56 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-07-16 17:57:56 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-07-16 17:57:56 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-07-16 17:57:56 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-07-16 17:57:55 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-07-16 17:57:55 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-07-16 17:57:53 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-07-16 17:57:53 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-07-16 17:57:53 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-07-16 17:57:53 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-07-16 17:57:53 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-07-16 17:57:53 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-07-16 17:57:53 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-07-16 17:57:51 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-07-16 17:57:51 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-07-16 17:57:51 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-07-16 17:57:51 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-07-16 17:57:51 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-07-16 17:57:48 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2009-07-16 17:57:47 ----A---- C:\WINDOWS\system32\kbdycl.dll
2009-07-16 17:57:47 ----A---- C:\WINDOWS\system32\kbdsl.dll
2009-07-16 17:57:47 ----A---- C:\WINDOWS\system32\kbdro.dll
2009-07-16 17:57:47 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2009-07-16 17:57:47 ----A---- C:\WINDOWS\system32\kbdhu.dll
2009-07-16 17:57:47 ----A---- C:\WINDOWS\system32\kbdcz2.dll
2009-07-16 17:57:47 ----A---- C:\WINDOWS\system32\kbdcz1.dll
2009-07-16 17:57:47 ----A---- C:\WINDOWS\system32\kbdcz.dll
2009-07-16 17:57:47 ----A---- C:\WINDOWS\system32\kbdcr.dll
2009-07-16 17:57:47 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2009-07-16 17:57:46 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-07-16 17:57:46 ----A---- C:\WINDOWS\system32\irclass.dll
2009-07-16 17:57:46 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-07-16 17:57:46 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-07-16 17:57:46 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-07-16 17:57:43 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-07-16 17:57:43 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-07-16 17:57:43 ----A---- C:\WINDOWS\notepad.exe
2009-07-16 17:57:36 ----ASH---- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
2009-07-16 17:57:33 ----RA---- C:\WINDOWS\SET7.tmp
2009-07-16 17:57:31 ----RA---- C:\WINDOWS\SET3.tmp
2009-07-16 17:57:26 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-16 17:57:26 ----D---- C:\WINDOWS\system32\CatRoot
2009-07-16 17:57:20 ----SD---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
2009-07-16 17:57:09 ----D---- C:\Documents and Settings
2009-07-16 17:13:49 ----SHD---- C:\RECYCLER
2009-07-16 17:13:26 ----SHD---- C:\WINDOWS\Installer
2009-07-16 17:13:24 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Identities
2009-07-16 17:13:21 ----HD---- C:\Program Files\Uninstall Information
2009-07-16 17:13:17 ----SD---- C:\Documents and Settings\kretton\Dane aplikacji\Microsoft
2009-07-16 17:13:17 ----ASH---- C:\Documents and Settings\kretton\Dane aplikacji\desktop.ini
2009-07-16 17:11:18 ----SHD---- C:\System Volume Information
2009-07-16 17:11:18 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-16 17:08:38 ----D---- C:\WINDOWS\system32\xircom
2009-07-16 17:08:38 ----D---- C:\Program Files\xerox
2009-07-16 17:08:38 ----D---- C:\Program Files\microsoft frontpage
2009-07-16 17:08:24 ----A---- C:\WINDOWS\control.ini
2009-07-16 17:08:24 ----A---- C:\AUTOEXEC.BAT
2009-07-16 17:08:16 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-07-16 17:07:43 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-07-16 17:07:43 ----RD---- C:\WINDOWS\Offline Web Pages
2009-07-16 17:07:43 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-07-16 17:07:39 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-07-16 17:07:27 ----D---- C:\WINDOWS\srchasst
2009-07-16 17:07:18 ----D---- C:\WINDOWS\system32\Macromed
2009-07-16 17:07:18 ----D---- C:\WINDOWS\system32\DirectX
2009-07-16 17:07:02 ----D---- C:\Program Files\Movie Maker
2009-07-16 17:06:42 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-07-16 17:06:42 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-07-16 17:06:42 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-07-16 17:06:42 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-07-16 17:06:42 ----A---- C:\WINDOWS\system32\atrace.dll
2009-07-16 17:06:37 ----A---- C:\WINDOWS\system32\desktop.ini
2009-07-16 17:06:37 ----A---- C:\WINDOWS\desktop.ini
2009-07-16 17:06:29 ----D---- C:\WINDOWS\system32\Restore
2009-07-16 17:06:28 ----D---- C:\Program Files\Windows Media Player
2009-07-16 17:06:27 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-07-16 17:06:27 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-07-16 17:06:26 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-07-16 17:06:22 ----D---- C:\WINDOWS\PCHEALTH
2009-07-16 17:06:22 ----D---- C:\Program Files\NetMeeting
2009-07-16 17:06:22 ----A---- C:\WINDOWS\system32\acctres.dll
2009-07-16 17:06:21 ----D---- C:\Program Files\Common Files\Services
2009-07-16 17:06:19 ----A---- C:\WINDOWS\system32\inetres.dll
2009-07-16 17:06:14 ----SD---- C:\WINDOWS\Tasks
2009-07-16 17:06:14 ----D---- C:\Program Files\Outlook Express
2009-07-16 17:06:13 ----A---- C:\WINDOWS\system32\isign32.dll
2009-07-16 17:06:13 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-07-16 17:06:13 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-07-16 17:06:13 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-07-16 17:06:13 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-07-16 17:06:10 ----D---- C:\Program Files\Common Files\MSSoap
2009-07-16 17:06:05 ----D---- C:\Program Files\Common Files\System
2009-07-16 17:06:03 ----D---- C:\Program Files\Internet Explorer
2009-07-16 17:05:38 ----D---- C:\Program Files\ComPlus Applications
2009-07-16 17:05:36 ----A---- C:\WINDOWS\vbaddin.ini
2009-07-16 17:05:36 ----A---- C:\WINDOWS\vb.ini
2009-07-16 17:05:33 ----D---- C:\WINDOWS\Registration
2009-07-16 17:05:28 ----HD---- C:\Program Files\WindowsUpdate
2009-07-16 17:05:28 ----D---- C:\Program Files\Usługi online
2009-07-16 17:05:24 ----D---- C:\Program Files\Messenger
2009-07-16 17:05:18 ----D---- C:\Program Files\MSN
2009-07-16 17:05:13 ----D---- C:\Program Files\MSN Gaming Zone
2009-07-16 17:05:13 ----A---- C:\WINDOWS\system32\write.exe
2009-07-16 17:05:03 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-07-16 17:05:02 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-07-16 17:05:02 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-07-16 17:05:02 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-07-16 17:05:02 ----A---- C:\WINDOWS\system32\hticons.dll
2009-07-16 17:05:01 ----A---- C:\WINDOWS\system32\avwav.dll
2009-07-16 17:05:01 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-07-16 17:05:01 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-07-16 17:05:00 ----D---- C:\Program Files\Windows NT
2009-07-16 17:05:00 ----A---- C:\WINDOWS\system32\winchat.exe
2009-07-16 17:04:52 ----A---- C:\WINDOWS\system32\getuname.dll
2009-07-16 17:04:52 ----A---- C:\WINDOWS\system32\charmap.exe
2009-07-16 17:04:51 ----A---- C:\WINDOWS\system32\sol.exe
2009-07-16 17:04:51 ----A---- C:\WINDOWS\system32\calc.exe
2009-07-16 17:04:50 ----A---- C:\WINDOWS\system32\winmine.exe
2009-07-16 17:04:50 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-07-16 17:04:50 ----A---- C:\WINDOWS\system32\freecell.exe
2009-07-16 17:04:48 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-07-16 17:04:48 ----A---- C:\WINDOWS\system32\reset.exe
2009-07-16 17:04:48 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-07-16 17:04:47 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-07-16 17:04:47 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-07-16 17:04:47 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-07-16 17:04:47 ----A---- C:\WINDOWS\system32\tskill.exe
2009-07-16 17:04:47 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-07-16 17:04:47 ----A---- C:\WINDOWS\system32\tscon.exe
2009-07-16 17:04:47 ----A---- C:\WINDOWS\system32\shadow.exe
2009-07-16 17:04:47 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-07-16 17:04:47 ----A---- C:\WINDOWS\system32\regini.exe
2009-07-16 17:04:47 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-07-16 17:04:46 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-07-16 17:04:46 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-07-16 17:04:46 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-07-16 17:04:46 ----A---- C:\WINDOWS\system32\msg.exe
2009-07-16 17:04:46 ----A---- C:\WINDOWS\system32\logoff.exe
2009-07-16 17:04:46 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-07-16 17:04:45 ----D---- C:\WINDOWS\system32\MsDtc
2009-07-16 17:04:45 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-07-16 17:04:45 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-07-16 17:04:45 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-07-16 17:04:44 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-07-16 17:04:44 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-07-16 17:04:44 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-07-16 17:04:44 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-07-16 17:04:43 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-07-16 17:04:43 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-07-16 17:04:43 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-07-16 17:04:43 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-07-16 17:04:42 ----D---- C:\WINDOWS\system32\Com
2009-07-16 17:04:42 ----A---- C:\WINDOWS\system32\stclient.dll
2009-07-16 17:04:42 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-07-16 17:04:42 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-07-16 17:04:42 ----A---- C:\WINDOWS\system32\colbact.dll
2009-07-16 17:04:42 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-07-16 17:04:42 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-07-16 17:04:41 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-07-16 17:04:40 ----A---- C:\WINDOWS\system32\comuid.dll
2009-07-16 17:04:40 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-07-16 17:04:40 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-07-16 17:04:28 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-07-16 17:04:28 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-07-16 17:04:28 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-07-16 17:04:28 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 3 months======

2009-10-14 18:37:27 ----A---- C:\WINDOWS\system32\bscs.ini
2009-10-04 11:42:57 ----A---- C:\WINDOWS\win.ini
2009-10-04 11:42:57 ----A---- C:\WINDOWS\system.ini
2009-09-11 16:19:43 ----A---- C:\WINDOWS\system32\msv1_0.dll
2009-09-04 23:05:35 ----A---- C:\WINDOWS\system32\msasn1.dll
2009-08-13 17:24:10 ----A---- C:\WINDOWS\system32\jscript.dll
2009-08-04 22:59:38 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2009-08-04 19:29:36 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2009-07-17 11:37:09 ----RASH---- C:\NTDETECT.COM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Sterownik procesora AMD; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2005-03-09 43008]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2005-03-21 270336]
R1 klif;Klif; \??\C:\WINDOWS\system32\drivers\klif.sys []
R1 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-17 12032]
R3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-06-02 5085184]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-12-13 24592]
R3 mouhid;Sterownik myszy HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-26 12160]
R3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-02-09 6307328]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-03-22 52736]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-03-22 18944]
R3 NVR0Dev;NVR0Dev; \??\C:\WINDOWS\nvoclock.sys []
R3 usbhub;Koncentrator z obsługą USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Sterownik Miniport otwartego kontrolera hosta USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2009-10-03 34312]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2007-06-24 38920]
S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 RivaTuner32;RivaTuner32; \??\E:\regulator karty graf\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVP;Kaspersky Internet Security 7.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe [2008-02-08 227856]
R2 BlueSoleilCS;BlueSoleilCS; E:\BlueSoleil\BlueSoleilCS.exe [2009-10-03 1155180]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe [2006-03-30 143360]
R2 ForcewareWebInterface;Forceware Web Interface; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [2006-02-07 20543]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2008-06-20 65536]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-08-28 153376]
R2 KPF4;Kerio Personal Firewall 4; E:\Personal Firewall 4\kpf4ss.exe [2005-03-23 1941504]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [2006-03-30 131131]
R2 nSvcLog;ForceWare user log service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [2006-03-30 65599]
R2 nTuneService;nTune Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2007-09-04 131072]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-02-09 163908]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 BsHelpCS;BsHelpCS; E:\BlueSoleil\BsHelpCS.exe [2007-08-17 57447]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-28 182768]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------
[/log]
HIJACKTHIS:
[log]Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:55:45, on 2009-10-14
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
E:\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
E:\Personal Firewall 4\kpf4ss.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
E:\Personal Firewall 4\kpf4gui.exe
E:\BlueSoleil\BsHelpCS.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
E:\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Windows Media Player\wmplayer.exe
E:\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Livebox\SearchURLHook\SearchPageURL.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\Spybot\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\kretton\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\adobe reader\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\Livebox\SessionManager\SessionManager.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ares] "E:\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Statystyki dla ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Spybot\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Spybot\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: BlueSoleilCS - Unknown owner - E:\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - Unknown owner - E:\BlueSoleil\BsHelpCS.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - E:\Personal Firewall 4\kpf4ss.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 7871 bytes
[/log]

OTL:
[log]OTL logfile created on: 2009-10-14 19:02:58 - Run 1
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Documents and Settings\kretton\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,43 Gb Available Physical Memory | 71,56% Memory free
3,85 Gb Paging File | 3,30 Gb Available in Paging File | 85,76% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 9,51 Gb Free Space | 48,71% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 108,46 Gb Total Space | 98,87 Gb Free Space | 91,16% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KAMIL
Current User Name: kretton
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2009-10-14 19:00:17 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kretton\Pulpit\OTL.exe
PRC - [2009-10-03 14:53:53 | 01,155,180 | ---- | M] () -- E:\BlueSoleil\BlueSoleilCS.exe
PRC - [2009-08-28 18:28:58 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009-08-28 18:28:58 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009-08-24 22:23:38 | 00,908,280 | ---- | M] (Mozilla Corporation) -- E:\Mozilla Firefox\firefox.exe
PRC - [2009-07-28 13:25:07 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009-05-21 08:01:02 | 17,881,600 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2009-02-09 13:18:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe
PRC - [2008-06-20 12:08:08 | 00,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
PRC - [2008-04-14 22:51:52 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmplayer.exe
PRC - [2008-04-14 22:51:18 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2008-02-08 18:36:14 | 00,227,856 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
PRC - [2007-09-04 19:25:44 | 00,131,072 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
PRC - [2007-08-17 15:58:08 | 00,057,447 | ---- | M] () -- E:\BlueSoleil\BsHelpCS.exe
PRC - [2006-03-30 14:58:14 | 00,143,360 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
PRC - [2006-03-30 14:54:48 | 00,131,131 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
PRC - [2006-03-30 14:54:18 | 00,065,599 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
PRC - [2006-02-07 00:13:32 | 00,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
PRC - [2005-03-23 16:27:18 | 01,941,504 | ---- | M] (Kerio Technologies) -- E:\Personal Firewall 4\kpf4ss.exe
PRC - [2005-03-23 16:24:34 | 02,899,968 | ---- | M] (Kerio Technologies) -- E:\Personal Firewall 4\kpf4gui.exe
PRC - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-10-03 14:53:53 | 01,155,180 | ---- | M] () -- E:\BlueSoleil\BlueSoleilCS.exe -- (BlueSoleilCS [Auto | Running])
SRV - [2009-08-28 18:28:58 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2009-07-28 13:25:05 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2009-02-09 13:18:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2008-06-20 12:08:08 | 00,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC [Auto | Running])
SRV - [2008-04-14 22:50:46 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008-02-08 18:36:14 | 00,227,856 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe -- (AVP [Auto | Running])
SRV - [2007-09-04 19:25:44 | 00,131,072 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService [Auto | Running])
SRV - [2007-08-17 15:58:08 | 00,057,447 | ---- | M] () -- E:\BlueSoleil\BsHelpCS.exe -- (BsHelpCS [On_Demand | Running])
SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006-03-30 14:58:14 | 00,143,360 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM) [Auto | Running])
SRV - [2006-03-30 14:54:48 | 00,131,131 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp [Auto | Running])
SRV - [2006-03-30 14:54:18 | 00,065,599 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog [Auto | Running])
SRV - [2006-02-07 00:13:32 | 00,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface [Auto | Running])
SRV - [2005-03-23 16:27:18 | 01,941,504 | ---- | M] (Kerio Technologies) -- E:\Personal Firewall 4\kpf4ss.exe -- (KPF4 [Auto | Running])
SRV - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Auto | Running])
SRV - [2004-07-15 01:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-10-03 14:53:53 | 00,034,312 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\blueletaudio.sys -- (BlueletAudio [On_Demand | Stopped])
DRV - [2009-08-22 20:25:00 | 00,009,088 | ---- | M] () -- E:\regulator karty graf\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys -- (RivaTuner32 [On_Demand | Stopped])
DRV - [2009-07-28 21:11:29 | 00,112,144 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1 [Boot | Running])
DRV - [2009-06-02 12:02:46 | 05,085,184 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2009-04-28 22:20:06 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2009-02-09 13:18:00 | 06,307,328 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2008-08-05 14:10:12 | 01,684,736 | ---- | M] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys -- (Ambfilt [On_Demand | Stopped])
DRV - [2008-04-13 22:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008-04-13 22:06:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2007-12-28 19:51:04 | 00,195,344 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys -- (klif [System | Running])
DRV - [2007-12-13 13:28:40 | 00,024,592 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\DRIVERS\klim5.sys -- (klim5 [On_Demand | Running])
DRV - [2007-09-04 19:26:32 | 00,029,696 | ---- | M] (NVidia Corp.) -- C:\WINDOWS\nvoclock.sys -- (NVR0Dev [On_Demand | Running])
DRV - [2007-06-24 21:56:54 | 00,038,920 | ---- | M] (IVT Corporation.) -- C:\WINDOWS\System32\Drivers\btcusb.sys -- (Btcsrusb [On_Demand | Stopped])
DRV - [2007-03-05 20:59:04 | 00,018,320 | ---- | M] (IVT Corporation.) -- C:\WINDOWS\System32\DRIVERS\btnetdrv.sys -- (BT [On_Demand | Running])
DRV - [2007-03-05 20:56:18 | 00,035,600 | ---- | M] (IVT Corporation.) -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr [Boot | Running])
DRV - [2007-03-05 20:55:12 | 00,020,880 | ---- | M] (IVT Corporation.) -- C:\WINDOWS\System32\Drivers\vbtenum.sys -- (BTHidEnum [Boot | Running])
DRV - [2007-03-05 20:53:18 | 00,044,304 | ---- | M] (IVT Corporation.) -- C:\WINDOWS\System32\Drivers\VcommMgr.sys -- (VcommMgr [On_Demand | Running])
DRV - [2007-03-05 20:52:18 | 00,034,448 | ---- | M] (IVT Corporation.) -- C:\WINDOWS\System32\DRIVERS\VComm.sys -- (VComm [On_Demand | Running])
DRV - [2006-04-24 11:52:28 | 00,100,736 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nvata.sys -- (nvata [Boot | Running])
DRV - [2006-03-22 08:24:02 | 00,018,944 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nvnetbus.sys -- (nvnetbus [On_Demand | Running])
DRV - [2006-03-22 08:24:00 | 00,052,736 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\NVENETFD.sys -- (NVENETFD [On_Demand | Running])
DRV - [2006-03-01 19:53:54 | 00,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCANDIS5.SYS -- (PCANDIS5 [On_Demand | Stopped])
DRV - [2006-01-04 09:41:48 | 01,389,056 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\Monfilt.sys -- (Monfilt [On_Demand | Stopped])
DRV - [2005-03-21 15:39:16 | 00,270,336 | ---- | M] (Kerio Technologies) -- C:\WINDOWS\system32\drivers\fwdrv.sys -- (fwdrv [System | Running])
DRV - [2005-03-09 15:53:00 | 00,043,008 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\System32\DRIVERS\AmdK8.sys -- (AmdK8 [System | Running])
DRV - [2003-09-23 11:38:34 | 00,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCAMPR5.SYS -- (PCAMPR5 [On_Demand | Stopped])
DRV - [2001-08-17 23:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1229272821-299502267-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1229272821-299502267-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1229272821-299502267-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-1229272821-299502267-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1229272821-299502267-839522115-1003\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Livebox\SearchURLHook\SearchPageURL.dll ()
IE - HKU\S-1-5-21-1229272821-299502267-839522115-1003\S-1-5-21-1229272821-299502267-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-08-28 18:28:59 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: E:\Mozilla Firefox\components [2009-09-18 18:06:03 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: E:\Mozilla Firefox\plugins [2009-09-21 17:50:12 | 00,000,000 | ---D | M]

[2009-07-28 13:23:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Extensions
[2009-09-18 17:05:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-10-14 15:28:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Profiles\vakzeyrg.Speedo\extensions
[2009-09-18 18:09:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Profiles\vakzeyrg.Speedo\extensions\info@djzig.com
[2009-09-18 18:09:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Profiles\vakzeyrg.Speedo\extensions\info@djzig.com\chrome\global\extensions
[2009-09-18 18:09:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Profiles\vakzeyrg.Speedo\extensions\info@djzig.com\chrome\global\extensions\chatzilla
[2009-09-18 18:09:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Profiles\vakzeyrg.Speedo\extensions\info@djzig.com\chrome\global\extensions\Console2
[2009-09-18 18:09:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Profiles\vakzeyrg.Speedo\extensions\info@djzig.com\chrome\global\extensions\downthemall
[2009-09-18 18:09:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Profiles\vakzeyrg.Speedo\extensions\info@djzig.com\chrome\global\extensions\emusic
[2009-09-18 18:09:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Profiles\vakzeyrg.Speedo\extensions\info@djzig.com\chrome\global\extensions\fullerscreen
[2009-09-18 18:09:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Profiles\vakzeyrg.Speedo\extensions\info@djzig.com\chrome\global\extensions\sage
[2009-09-18 18:09:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Profiles\vakzeyrg.Speedo\extensions\info@djzig.com\chrome\global\extensions\toolkit
[2009-09-18 18:09:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Profiles\vakzeyrg.Speedo\extensions\info@djzig.com\chrome\global\extensions\webdeveloper
[2009-09-18 18:09:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Profiles\vakzeyrg.Speedo\extensions\info@djzig.com\chrome\mozapps\extensions

O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - E:\Spybot\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\kretton\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - No CLSID value found.
O3 - HKU\S-1-5-21-1229272821-299502267-839522115-1003\..\Toolbar\ShellBrowser: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - No CLSID value found.
O3 - HKU\S-1-5-21-1229272821-299502267-839522115-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] E:\adobe reader\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\Livebox\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-1229272821-299502267-839522115-1003..\Run: [ares] E:\Ares\Ares.exe (Ares Development Group)
O4 - HKU\S-1-5-21-1229272821-299502267-839522115-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1229272821-299502267-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm ()
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Statystyki dla ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll (Kaspersky Lab)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Spybot\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\nvappfilter.dll (NVIDIA)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\System32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-07-16 17:08:24 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[6 C:\WINDOWS\*.tmp files]
[2009-09-21 17:48:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
[2009-10-03 14:25:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kretton\Ustawienia lokalne\Dane aplikacji\bluesoleil
[2009-09-21 17:48:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kretton\Ustawienia lokalne\Dane aplikacji\Microsoft Help
[2009-09-20 15:47:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kretton\Ustawienia lokalne\Dane aplikacji\NVIDIA Corporation
[2009-09-18 15:50:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kretton\Ustawienia lokalne\Dane aplikacji\Stardock
[2009-09-27 13:10:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kretton\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files
[2009-09-21 17:49:58 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2009-09-30 17:04:38 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\France Telecom
[2009-09-30 17:16:21 | 00,000,000 | ---D | C] -- C:\Program Files\Livebox
[2009-09-21 17:48:17 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2009-09-21 15:32:14 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2009-09-21 17:49:58 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2009-09-21 17:50:11 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2009-09-21 17:49:44 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2009-09-20 15:46:15 | 00,000,000 | ---D | C] -- C:\Program Files\NVIDIA nTune Performance Application
[2009-10-14 19:01:32 | 00,000,000 | ---D | C] -- C:\_OTL
[2009-10-14 19:00:15 | 00,521,216 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\kretton\Pulpit\OTL.exe
[2009-10-14 18:59:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kretton\Pulpit\otl_0.55
[2009-10-14 18:55:36 | 00,396,288 | ---- | C] (Trend Micro Inc.) -- C:\HijackThis.exe
[2009-10-14 18:55:18 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\kretton\Pulpit\HJTInstall.exe
[2009-10-13 23:02:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kretton\Pulpit\JDownloader 0.8.9
[2009-10-03 14:52:46 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009-10-03 14:25:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kretton\Moje dokumenty\Bluetooth
[2009-10-03 14:03:31 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kswdmcap.ax
[2009-10-03 14:03:31 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kstvtune.ax
[2009-10-03 14:03:31 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\vidcap.ax
[2009-10-03 14:03:29 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\vfwwdm32.dll
[2009-10-03 14:03:26 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ksxbar.ax
[2009-09-30 17:16:58 | 00,065,536 | ---- | C] (France Telecom SA) -- C:\WINDOWS\System32\Autodial2000.dll
[2009-09-30 17:16:52 | 00,094,208 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\w32n50.dll
[2009-09-30 17:16:52 | 00,034,688 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\pcampr5.sys
[2009-09-30 17:16:52 | 00,032,128 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\pcandis5.sys
[2009-09-30 17:04:38 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atl71.dll
[2009-09-27 13:10:40 | 00,000,000 | --SD | C] -- C:\Documents and Settings\kretton\Moje dokumenty\Moje wideo
[2009-09-27 12:51:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kretton\Moje dokumenty\filmik
[2009-09-21 19:24:29 | 00,000,000 | -H-D | C] -- C:\BJPrinter
[2009-09-21 19:22:52 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys
[2009-09-21 19:22:52 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2009-09-21 17:48:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2009-09-21 17:48:05 | 00,000,000 | RH-D | C] -- C:\MSOCache
[2009-09-20 16:50:58 | 25,198,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009-09-20 14:43:51 | 02,841,613 | ---- | C] (Igor Pavlov) -- C:\Documents and Settings\kretton\Pulpit\RivaTuner 2.24c.exe
[2009-09-18 18:40:13 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpns.dll
[2009-09-18 18:07:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kretton\Moje dokumenty\Pobieranie
[2009-09-18 16:54:10 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\triedit.dll
[2009-09-18 16:54:05 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx
[2009-09-18 16:53:58 | 01,315,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoe.dll
[2009-09-18 15:50:58 | 00,000,000 | --SD | C] -- C:\Documents and Settings\kretton\Moje dokumenty\Moja muzyka
[2009-09-18 15:50:56 | 00,000,000 | --SD | C] -- C:\Documents and Settings\kretton\Moje dokumenty\Moje obrazy
[2009-09-18 15:44:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\BricoPacks
[2009-09-18 14:53:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kretton\Pulpit\GTA

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[1 C:\WINDOWS\System32\*.tmp files]
[6 C:\WINDOWS\*.tmp files]
[2009-10-14 19:04:32 | 00,381,728 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009-10-14 19:03:23 | 00,000,032 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2009-10-14 19:00:17 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kretton\Pulpit\OTL.exe
[2009-10-14 18:59:39 | 00,662,048 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2009-10-14 18:59:31 | 00,146,982 | ---- | M] () -- C:\Documents and Settings\kretton\Pulpit\otl_0.55.tar.gz
[2009-10-14 18:55:36 | 00,396,288 | ---- | M] (Trend Micro Inc.) -- C:\HijackThis.exe
[2009-10-14 18:55:36 | 00,000,291 | ---- | M] () -- C:\Documents and Settings\kretton\Pulpit\HijackThis.lnk
[2009-10-14 18:55:21 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\kretton\Pulpit\HJTInstall.exe
[2009-10-14 18:50:02 | 00,001,943 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009-10-14 18:42:33 | 00,230,637 | ---- | M] () -- C:\WINDOWS\System32\drivers\fwdrv.err
[2009-10-14 18:37:37 | 00,004,334 | ---- | M] () -- C:\WINDOWS\System32\LOCALSERVICE.INI
[2009-10-14 18:37:27 | 00,000,912 | ---- | M] () -- C:\WINDOWS\System32\bscs.ini
[2009-10-14 18:37:20 | 00,210,919 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009-10-14 18:37:17 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-10-14 18:37:15 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-10-14 17:48:27 | 00,064,940 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
[2009-10-14 13:43:35 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009-10-13 22:42:52 | 00,013,824 | ---- | M] () -- C:\Documents and Settings\kretton\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-10-11 19:40:11 | 00,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009-10-10 19:49:02 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-10-07 21:54:52 | 00,000,097 | ---- | M] () -- C:\WINDOWS\System32\LOCALDEVICE.INI
[2009-10-04 20:34:24 | 00,002,235 | ---- | M] () -- C:\Documents and Settings\kretton\Moje dokumenty\Dokument.rtf
[2009-10-04 20:25:32 | 00,000,122 | ---- | M] () -- C:\WINDOWS\System32\REMOTEDEVICE.INI
[2009-10-04 11:42:57 | 00,000,594 | ---- | M] () -- C:\WINDOWS\win.ini
[2009-10-04 11:42:57 | 00,000,277 | ---- | M] () -- C:\WINDOWS\system.ini
[2009-10-04 11:42:57 | 00,000,211 | RHS- | M] () -- C:\boot.ini
[2009-10-03 14:54:57 | 00,001,246 | ---- | M] () -- C:\WINDOWS\System32\SHORTCUT.INI
[2009-10-03 14:53:53 | 00,034,312 | ---- | M] () -- C:\WINDOWS\System32\drivers\blueletaudio.sys
[2009-10-03 14:53:16 | 00,000,032 | ---- | M] () -- C:\WINDOWS\0
[2009-10-03 14:53:16 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\BSPRINT.INI
[2009-10-03 14:22:20 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\0
[2009-10-02 20:01:57 | 25,198,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009-10-01 15:55:19 | 00,000,923 | ---- | M] () -- C:\Documents and Settings\kretton\Pulpit\Muza.lnk
[2009-09-27 20:47:17 | 00,028,160 | ---- | M] () -- C:\Documents and Settings\kretton\Moje dokumenty\Natasha Bedingfield - Soulmate.doc
[2009-09-27 18:50:10 | 16,318,672 | ---- | M] () -- C:\Documents and Settings\kretton\Moje dokumenty\Speedo1.wmv
[2009-09-27 11:29:56 | 20,382,208 | ---- | M] () -- C:\WINDOWS\System32\crashlog.tar
[2009-09-25 07:37:34 | 00,669,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wininet.dll
[2009-09-25 07:37:34 | 00,669,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2009-09-25 07:37:33 | 01,509,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shdocvw.dll
[2009-09-25 07:37:33 | 01,509,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll
[2009-09-25 07:37:33 | 00,627,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\urlmon.dll
[2009-09-25 07:37:33 | 00,627,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2009-09-25 07:37:32 | 03,091,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll
[2009-09-25 07:37:32 | 03,091,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2009-09-25 07:37:30 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2009-09-25 07:37:30 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll
[2009-09-25 07:20:34 | 00,370,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2009-09-22 16:58:36 | 00,107,547 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2009-09-21 21:03:33 | 00,025,136 | ---- | M] () -- C:\Documents and Settings\kretton\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-09-21 20:45:27 | 00,142,032 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-09-20 20:06:13 | 00,196,732 | ---- | M] () -- C:\Documents and Settings\kretton\Pulpit\GG pion.exe
[2009-09-20 14:44:30 | 02,841,613 | ---- | M] (Igor Pavlov) -- C:\Documents and Settings\kretton\Pulpit\RivaTuner 2.24c.exe
[2009-09-18 18:39:43 | 00,921,416 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009-09-18 18:39:43 | 00,436,322 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2009-09-18 18:39:43 | 00,380,486 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009-09-18 18:39:43 | 00,067,298 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2009-09-18 18:39:43 | 00,052,900 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009-09-18 17:46:01 | 00,001,197 | ---- | M] () -- C:\Documents and Settings\kretton\Pulpit\Moje dokumenty.lnk
[2009-09-18 15:47:59 | 00,001,701 | ---- | M] () -- C:\WINDOWS\BricoPackFoldersDelete.cmd
[2009-09-18 15:47:58 | 00,041,824 | ---- | M] () -- C:\WINDOWS\BricoPackUninst.cmd
[2009-09-18 15:47:57 | 00,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\uxtheme.dll
[2009-09-18 15:46:17 | 03,932,214 | ---- | M] () -- C:\WINDOWS\BricoPack Wallpaper.bmp

[color=#E56717]========== Files - No Company Name ==========[/color]
[2009-10-14 18:59:31 | 00,146,982 | ---- | C] () -- C:\Documents and Settings\kretton\Pulpit\otl_0.55.tar.gz
[2009-10-14 18:55:36 | 00,000,291 | ---- | C] () -- C:\Documents and Settings\kretton\Pulpit\HijackThis.lnk
[2009-10-14 17:44:48 | 00,001,943 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009-10-04 14:33:26 | 00,002,235 | ---- | C] () -- C:\Documents and Settings\kretton\Moje dokumenty\Dokument.rtf
[2009-10-03 14:54:57 | 00,001,246 | ---- | C] () -- C:\WINDOWS\System32\SHORTCUT.INI
[2009-10-03 14:54:23 | 00,000,122 | ---- | C] () -- C:\WINDOWS\System32\REMOTEDEVICE.INI
[2009-10-03 14:54:20 | 00,004,334 | ---- | C] () -- C:\WINDOWS\System32\LOCALSERVICE.INI
[2009-10-03 14:54:18 | 00,000,097 | ---- | C] () -- C:\WINDOWS\System32\LOCALDEVICE.INI
[2009-10-03 14:53:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\BSPRINT.INI
[2009-10-03 14:22:20 | 00,000,032 | ---- | C] () -- C:\WINDOWS\0
[2009-10-03 14:22:20 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\0
[2009-10-01 15:55:19 | 00,000,923 | ---- | C] () -- C:\Documents and Settings\kretton\Pulpit\Muza.lnk
[2009-09-27 20:47:02 | 00,028,160 | ---- | C] () -- C:\Documents and Settings\kretton\Moje dokumenty\Natasha Bedingfield - Soulmate.doc
[2009-09-27 18:47:18 | 16,318,672 | ---- | C] () -- C:\Documents and Settings\kretton\Moje dokumenty\Speedo1.wmv
[2009-09-27 11:29:52 | 20,382,208 | ---- | C] () -- C:\WINDOWS\System32\crashlog.tar
[2009-09-21 19:24:22 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS5y.DLL
[2009-09-20 20:06:59 | 00,196,732 | ---- | C] () -- C:\Documents and Settings\kretton\Pulpit\GG pion.exe
[2009-09-18 15:47:58 | 00,041,824 | ---- | C] () -- C:\WINDOWS\BricoPackUninst.cmd
[2009-09-18 15:46:17 | 03,932,214 | ---- | C] () -- C:\WINDOWS\BricoPack Wallpaper.bmp
[2009-09-18 15:44:29 | 00,001,701 | ---- | C] () -- C:\WINDOWS\BricoPackFoldersDelete.cmd
[2009-09-05 19:24:29 | 00,000,132 | ---- | C] () -- C:\Documents and Settings\kretton\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2009-09-02 22:08:18 | 00,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-08-30 22:58:30 | 00,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009-08-08 20:50:14 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-08-02 13:38:20 | 00,129,536 | ---- | C] () -- C:\WINDOWS\inout2.dll
[2009-07-17 11:49:05 | 00,025,136 | ---- | C] () -- C:\Documents and Settings\kretton\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-07-16 21:08:52 | 00,013,824 | ---- | C] () -- C:\Documents and Settings\kretton\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-07-16 18:29:40 | 00,000,087 | ---- | C] () -- C:\WINDOWS\VSWizard.ini
[2009-07-16 18:08:58 | 05,333,584 | -H-- | C] () -- C:\Documents and Settings\kretton\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-07-16 18:08:13 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009-07-16 17:57:36 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
[2009-07-16 17:13:17 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\kretton\Dane aplikacji\desktop.ini
[2009-02-09 13:18:00 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009-02-09 13:18:00 | 01,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009-02-09 13:18:00 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009-02-09 13:18:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008-10-07 09:13:30 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 09:13:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007-09-14 10:34:20 | 00,000,912 | ---- | C] () -- C:\WINDOWS\System32\bscs.ini
[2007-08-17 15:59:36 | 00,278,647 | ---- | C] () -- C:\WINDOWS\System32\outlookAddin.dll
[2007-08-17 15:59:14 | 00,528,485 | ---- | C] () -- C:\WINDOWS\System32\BSShell.dll
[2007-08-17 15:57:54 | 00,077,923 | ---- | C] () -- C:\WINDOWS\System32\Bs2Res.dll
[2007-07-30 09:32:16 | 16,326,769 | ---- | C] () -- C:\WINDOWS\System32\BsLangInDepRes.dll
[2007-06-24 21:56:34 | 00,034,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\blueletaudio.sys
[2007-03-19 10:59:18 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\BsVistaCommon.dll
[2007-03-12 12:01:30 | 00,217,088 | ---- | C] () -- C:\WINDOWS\NVGfxOgl.dll
[2001-07-22 00:16:20 | 00,000,594 | ---- | C] () -- C:\WINDOWS\win.ini
[2001-07-22 00:15:52 | 00,000,277 | ---- | C] () -- C:\WINDOWS\system.ini

[color=#E56717]========== LOP Check ==========[/color]

[2009-09-21 17:48:17 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji
[2009-08-28 21:12:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Azureus
[2009-07-17 12:36:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NFS Underground
[2009-07-28 18:33:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2009-08-22 20:02:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-07-16 17:57:36 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji
[2009-10-14 18:45:59 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\kretton\Dane aplikacji
[2009-07-30 20:27:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\Ahead
[2009-09-02 22:09:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\Azureus
[2009-09-02 20:19:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\Nowe Gadu-Gadu
[2009-07-28 18:33:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\OpenFM
[2009-08-02 13:29:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\Remere's Map Editor
[2009-08-06 13:46:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\Tibia
[2009-07-28 19:45:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\Ventrilo
[2009-09-24 17:44:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\Vso
[2009-07-16 17:11:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji
[2009-07-16 17:11:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji
[2001-07-22 00:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009-10-14 18:37:17 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 230 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:4EE74317
< End of report >
[/log]

Psycholandia
komentarz
komentarz

Daj loga z OTL.

Gość
komentarz
komentarz

Loga już wkleiłem wyżej =)

Psycholandia
komentarz
komentarz

W okienko OTL wklej poniższy skrypt i klik na Run Fix:

[code]:Processes
explorer.exe

:OTL
O3 - HKLM\..\Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - No CLSID value found.
O3 - HKU\S-1-5-21-1229272821-299502267-839522115-1003\..\Toolbar\ShellBrowser: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - No CLSID value found.

:Files
C:\WINDOWS\0
C:\WINDOWS\System32\0

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]

Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware)

Gość
komentarz
komentarz

wzielem run fix, resetnał sie komp. Włączył pokazał się raport z otl potem niebieski ekran: ZRZYCANIE PAMIĘCI coś tam i znów sie zresetował :D

log malware:

[log]Malwarebytes' Anti-Malware 1.41
Wersja bazy definicji: 2775
Windows 5.1.2600 Dodatek Service Pack 3

2009-10-14 19:24:38
mbam-log-2009-10-14 (19-24-35).txt

Typ skanowania: Szybkie skanowanie
Przeskanowane obiekty: 89174
Upłynęło: 3 minute(s), 20 second(s)

Zainfekowane procesy w pamięci: 0
Zainfekowane moduły pamięci: 0
Zainfekowane klucze rejestru: 2
Zainfekowane wartości rejestru: 1
Zainfekowane pliki rejestru: 0
Zainfekowane foldery: 0
Zainfekowane pliki: 0

Zainfekowane procesy w pamięci:
(Nie wykryto groźnych plików)

Zainfekowane moduły pamięci:
(Nie wykryto groźnych plików)

Zainfekowane klucze rejestru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37b85a29-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{37b85a2b-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> No action taken.

Zainfekowane wartości rejestru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{37b85a29-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> No action taken.

Zainfekowane pliki rejestru:
(Nie wykryto groźnych plików)

Zainfekowane foldery:
(Nie wykryto groźnych plików)

Zainfekowane pliki:
(Nie wykryto groźnych plików)
[/log]

Psycholandia
komentarz
komentarz

Problem nadal występuje?

Gość
komentarz
komentarz (edytowane)

Narazie jest super dzięki bardzo jak możesz to jeszcze powiedz mi co z tych moge wyłączyć żeby nic się z systemem nie stało.[img]http://img42.imageshack.us/img42/5913/beztytuusck.png[/img]

Psycholandia
komentarz
komentarz

Zostaw tylko Avp i RTHDCPL resztę odznacz

Gość
komentarz
komentarz

No i znowu wirusy... Tym razem jakiś adrevolver, zedo i mediaplex :/

Poleććie mi jakiegoś dobrego firewalla (mam kerio po wersji darmowej teraz już mniej daje niż wcześniej) a antywirusa mam kaspersky 9... Skanuje malware i spybotem. Czyszcze cc cleanerem. Poleććie mi jakieś programy do ochrony...

Psycholandia
komentarz
komentarz

Daj ponownie loga z OTL.
Firewall darmowy i dobry to Outpost albo ZoneAlarm.

Gość
komentarz
komentarz

Malware spy bot mi usunął all ale co z tego jak za 2h bede znów mieć wirusy :/

Psycholandia
komentarz
komentarz

Podłącz pendriva/mp3 czy inne urządzenie przenośne do komputera, każde po kolei i uruchom ten program, na chwilę znikną ikony, ale po usunięciu wirusów znów się pojawią: [url="http://www.programosy.pl/program,flash-desinfector.html"]Flash Desinfector[/url]
Wykonaj: http://support.microsoft.com/kb/310405/pl
Daj loga z OTL, zobaczymy co się dzieje.

Gość
komentarz
komentarz (edytowane)

Chciałem ściągnąć ten program ale kasperski znalazł wirusa akceptować?

[url="http://img248.imageshack.us/img248/6641/kis.png"]KLIK[/url]

A apropo drugiego to co to jest te przywracanie systemu?

Psycholandia
komentarz
komentarz

Zezwól.
O przywracaniu poczytasz np. tu: [b][url="http://www.centrumxp.pl/WindowsXP/970,1,Przywracanie_systemu.aspx"]KLIK[/url][/b]

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.