Gość utworzono 14 października 2009 utworzono 14 października 2009 (edytowane) Cześć mam problem, jakiś wirus podmienił mi kilka plików m.in w WMP i IE. Oto skany: RSIT: [log]Logfile of random's system information tool 1.06 (written by random/random) Run by kretton at 2009-10-14 18:54:21 Microsoft Windows XP Professional Dodatek Service Pack 3 System drive C: has 10 GB (49%) free of 20 GB Total RAM: 2047 MB (73% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:54:23, on 2009-10-14 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe E:\BlueSoleil\BlueSoleilCS.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe C:\Program Files\Java\jre6\bin\jqs.exe E:\Personal Firewall 4\kpf4ss.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe E:\Personal Firewall 4\kpf4gui.exe E:\BlueSoleil\BsHelpCS.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe E:\Personal Firewall 4\kpf4gui.exe C:\Program Files\Windows Media Player\wmplayer.exe E:\Mozilla Firefox\firefox.exe C:\Documents and Settings\kretton\Pulpit\RSIT.exe C:\Program Files\trend micro\kretton.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Livebox\SearchURLHook\SearchPageURL.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\Spybot\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\kretton\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file) O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\adobe reader\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\Livebox\SessionManager\SessionManager.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ares] "E:\Ares\Ares.exe" -h O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Statystyki dla ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Spybot\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Spybot\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe O23 - Service: BlueSoleilCS - Unknown owner - E:\BlueSoleil\BlueSoleilCS.exe O23 - Service: BsHelpCS - Unknown owner - E:\BlueSoleil\BsHelpCS.exe O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - E:\Personal Firewall 4\kpf4ss.exe O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 7912 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - E:\Spybot\SDHelper.dll [2008-09-15 1562960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-07-28 256112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-12 762864] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-07-28 458736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-08-28 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-08-28 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}] IEPluginBHO Class - C:\Documents and Settings\kretton\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll [2009-07-27 42088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-07-28 256112] {37B85A29-692B-4205-9CAD-2626E4993404} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-05-21 17881600] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-02-09 13680640] "nwiz"=nwiz.exe /install [] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-02-09 86016] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe [2008-02-08 227856] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-08-28 149280] "Adobe Reader Speed Launcher"=E:\adobe reader\Reader\Reader_sl.exe [2009-02-27 35696] "ORAHSSSessionManager"=C:\Program Files\Livebox\SessionManager\SessionManager.exe [2008-06-10 107248] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "ares"=E:\Ares\Ares.exe [2009-02-03 1004544] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-28 39408] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate] E:\allplayer\ALLUpdate.exe [2009-06-04 869888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares] E:\Ares\Ares.exe [2009-02-03 1004544] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare] E:\BearShare\BearShare.exe /pause [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [2005-10-28 94208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray] E:\BlueSoleil\BtTray.exe [2009-10-03 258134] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Quick Search Box] C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe /autorun [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIDIA nTune] C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2007-09-04 81920] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Odkurzacz-MCD] F:\Odkurzacz\odk_mcd.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] E:\Spybot\TeaTimer.exe [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-28 39408] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] E:\Winamp\winampa.exe [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2008-02-08 219664] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe"="C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server" "E:\Gadu-Gadu\gg.exe"="E:\Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu" "E:\BearShare\BearShare.exe"="E:\BearShare\BearShare.exe:*:Enabled:BearShare" "C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files\Kaspersky Internet Security 7.0.1.325\Polish\setup.exe"="C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files\Kaspersky Internet Security 7.0.1.325\Polish\setup.exe:*:Enabled:Kaspersky Internet Security 7.0 Setup" "E:\Personal Firewall 4\kpf4gui.exe"="E:\Personal Firewall 4\kpf4gui.exe:*:Enabled:Kerio Personal Firewall 4 - GUI" "E:\Personal Firewall 4\kpf4ss.exe"="E:\Personal Firewall 4\kpf4ss.exe:*:Enabled:Kerio Personal Firewall 4 - Service" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe"="C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe:*:enabled:CSS" "E:\Ares\Ares.exe"="E:\Ares\Ares.exe:*:Disabled:Ares p2p for windows" "E:\Nowe Gadu-Gadu\gg.exe"="E:\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu" "E:\BlueSoleil\BlueSoleilCS.exe"="E:\BlueSoleil\BlueSoleilCS.exe:*:Enabled:BlueSoleilCS" "C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary" "C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" ======List of files/folders created in the last 3 months====== 2009-10-14 17:48:12 ----HDC---- C:\WINDOWS\$NtUninstallKB974455$ 2009-10-14 17:48:07 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$ 2009-10-14 17:46:40 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$ 2009-10-14 17:46:36 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$ 2009-10-14 17:46:27 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$ 2009-10-14 17:46:09 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$ 2009-10-14 17:45:54 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$ 2009-10-14 17:44:58 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$ 2009-10-14 17:44:51 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$ 2009-10-14 17:44:48 ----A---- C:\WINDOWS\imsins.BAK 2009-10-14 17:44:45 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$ 2009-10-03 14:54:57 ----A---- C:\WINDOWS\system32\SHORTCUT.INI 2009-10-03 14:54:23 ----A---- C:\WINDOWS\system32\REMOTEDEVICE.INI 2009-10-03 14:54:20 ----A---- C:\WINDOWS\system32\LOCALSERVICE.INI 2009-10-03 14:54:18 ----A---- C:\WINDOWS\system32\LOCALDEVICE.INI 2009-10-03 14:53:16 ----A---- C:\WINDOWS\system32\BSPRINT.INI 2009-10-03 14:52:46 ----SHD---- C:\Config.Msi 2009-09-30 17:16:58 ----A---- C:\WINDOWS\system32\Autodial2000.dll 2009-09-30 17:16:52 ----A---- C:\WINDOWS\system32\w32n50.dll 2009-09-30 17:16:21 ----D---- C:\Program Files\Livebox 2009-09-30 17:04:38 ----N---- C:\WINDOWS\system32\atl71.dll 2009-09-30 17:04:38 ----D---- C:\Program Files\Common Files\France Telecom 2009-09-22 17:06:15 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$ 2009-09-21 19:24:29 ----HD---- C:\BJPrinter 2009-09-21 19:24:22 ----A---- C:\WINDOWS\system32\CNMVS5y.DLL 2009-09-21 19:24:22 ----A---- C:\WINDOWS\system32\CNMLM5y.DLL 2009-09-21 17:50:11 ----D---- C:\Program Files\Microsoft Works 2009-09-21 17:49:58 ----D---- C:\Program Files\Microsoft Visual Studio 2009-09-21 17:49:58 ----D---- C:\Program Files\Common Files\DESIGNER 2009-09-21 17:49:44 ----D---- C:\Program Files\Microsoft.NET 2009-09-21 17:48:32 ----D---- C:\WINDOWS\SHELLNEW 2009-09-21 17:48:17 ----D---- C:\Program Files\Microsoft Office 2009-09-21 17:48:17 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help 2009-09-21 17:48:05 ----RHD---- C:\MSOCache 2009-09-21 15:32:14 ----D---- C:\Program Files\Microsoft Silverlight 2009-09-20 16:50:58 ----A---- C:\WINDOWS\system32\MRT.exe 2009-09-20 15:46:15 ----D---- C:\Program Files\NVIDIA nTune Performance Application 2009-09-18 18:40:53 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$ 2009-09-18 18:40:49 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$ 2009-09-18 18:40:45 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$ 2009-09-18 18:40:40 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$ 2009-09-18 18:40:35 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$ 2009-09-18 18:40:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$ 2009-09-18 18:40:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$ 2009-09-18 18:40:20 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$ 2009-09-18 18:40:15 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$ 2009-09-18 18:40:13 ----A---- C:\WINDOWS\system32\wmpns.dll 2009-09-18 18:40:08 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$ 2009-09-18 18:40:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$ 2009-09-18 18:38:56 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$ 2009-09-18 18:38:49 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$ 2009-09-18 15:47:58 ----A---- C:\WINDOWS\BricoPackUninst.cmd 2009-09-18 15:44:29 ----A---- C:\WINDOWS\BricoPackUninst.txt 2009-09-18 15:44:29 ----A---- C:\WINDOWS\BricoPackFoldersDelete.cmd 2009-09-18 15:44:05 ----D---- C:\WINDOWS\BricoPacks 2009-09-08 19:40:13 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe 2009-09-05 19:22:44 ----RSD---- C:\WINDOWS\assembly 2009-09-05 19:22:44 ----D---- C:\WINDOWS\Microsoft.NET 2009-09-05 19:22:42 ----D---- C:\WINDOWS\system32\URTTemp 2009-09-04 21:17:10 ----SHD---- C:\WINDOWS\CSC 2009-09-03 15:43:24 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Media Player Classic 2009-09-03 15:42:37 ----A---- C:\WINDOWS\system32\rmoc3260.dll 2009-09-03 15:42:37 ----A---- C:\WINDOWS\system32\pndx5032.dll 2009-09-03 15:42:37 ----A---- C:\WINDOWS\system32\pndx5016.dll 2009-09-03 15:42:36 ----N---- C:\WINDOWS\system32\msvcr71.dll 2009-09-03 15:42:36 ----N---- C:\WINDOWS\system32\msvcp71.dll 2009-09-03 15:42:36 ----A---- C:\WINDOWS\system32\pncrt.dll 2009-09-03 15:42:35 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Real 2009-09-03 15:42:35 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Real 2009-09-02 22:08:18 ----A---- C:\WINDOWS\system32\xvidcore.dll 2009-09-02 22:08:18 ----A---- C:\WINDOWS\system32\iconv.dll 2009-09-02 22:08:16 ----D---- C:\Program Files\NAPI-PROJEKT 2009-09-01 19:27:22 ----D---- C:\Program Files\trend micro 2009-09-01 19:27:21 ----D---- C:\rsit 2009-08-30 23:20:13 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Vso 2009-08-30 23:13:36 ----D---- C:\Program Files\Jasc Software Inc 2009-08-30 22:58:30 ----A---- C:\WINDOWS\PhotoSnapViewer.INI 2009-08-29 17:03:48 ----D---- C:\WINDOWS\Minidump 2009-08-28 21:12:44 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Azureus 2009-08-28 21:12:42 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Azureus 2009-08-28 18:29:27 ----D---- C:\WINDOWS\Sun 2009-08-28 18:29:09 ----A---- C:\WINDOWS\system32\javaws.exe 2009-08-28 18:29:09 ----A---- C:\WINDOWS\system32\javaw.exe 2009-08-28 18:29:09 ----A---- C:\WINDOWS\system32\java.exe 2009-08-28 18:29:09 ----A---- C:\WINDOWS\system32\deploytk.dll 2009-08-28 18:28:56 ----D---- C:\Program Files\Java 2009-08-28 18:27:12 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Sun 2009-08-27 19:34:02 ----A---- C:\WINDOWS\system32\CmdLineExt.dll 2009-08-26 10:40:13 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy 2009-08-08 20:50:14 ----A---- C:\WINDOWS\NeroDigital.ini 2009-08-02 13:38:20 ----A---- C:\WINDOWS\inout2.dll 2009-08-02 13:29:31 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Remere's Map Editor 2009-07-30 20:27:13 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Ahead 2009-07-30 20:26:13 ----D---- C:\Program Files\Common Files\Ahead 2009-07-29 14:14:11 ----HDC---- C:\WINDOWS\$NtUninstallKB972260$ 2009-07-29 14:07:26 ----D---- C:\WINDOWS\system32\appmgmt 2009-07-28 21:47:06 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2009-07-28 21:47:02 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2009-07-28 21:46:56 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2009-07-28 21:46:52 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2009-07-28 21:46:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2009-07-28 21:46:43 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$ 2009-07-28 21:46:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$ 2009-07-28 21:46:25 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2009-07-28 21:46:20 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$ 2009-07-28 21:46:15 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$ 2009-07-28 21:46:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$ 2009-07-28 21:45:57 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$ 2009-07-28 21:45:50 ----HDC---- C:\WINDOWS\$NtUninstallKB969897$ 2009-07-28 21:45:45 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$ 2009-07-28 21:45:40 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$ 2009-07-28 21:45:34 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$ 2009-07-28 21:45:28 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$ 2009-07-28 21:45:16 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2009-07-28 21:45:11 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$ 2009-07-28 21:45:06 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$ 2009-07-28 21:44:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$ 2009-07-28 21:44:42 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2009-07-28 21:44:35 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$ 2009-07-28 21:44:30 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$ 2009-07-28 21:44:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$ 2009-07-28 21:44:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2009-07-28 21:44:15 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$ 2009-07-28 21:44:11 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$ 2009-07-28 21:44:06 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$ 2009-07-28 21:44:02 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$ 2009-07-28 21:43:57 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2009-07-28 21:43:52 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$ 2009-07-28 21:43:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2009-07-28 21:43:35 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2009-07-28 19:51:33 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Help 2009-07-28 19:44:03 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\WinRAR 2009-07-28 19:36:44 ----D---- C:\WINDOWS\pss 2009-07-28 19:32:38 ----D---- C:\Program Files\Kaspersky Lab 2009-07-28 19:32:38 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab 2009-07-28 19:32:08 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files 2009-07-28 18:41:51 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Adobe 2009-07-28 18:33:03 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM 2009-07-28 18:33:02 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\OpenFM 2009-07-28 18:33:02 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Macromedia 2009-07-28 17:47:59 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Nowe Gadu-Gadu 2009-07-28 13:38:16 ----N---- C:\WINDOWS\system32\vxblock.dll 2009-07-28 13:38:16 ----N---- C:\WINDOWS\system32\pxwave.dll 2009-07-28 13:38:16 ----N---- C:\WINDOWS\system32\pxsfs.dll 2009-07-28 13:38:16 ----N---- C:\WINDOWS\system32\pxmas.dll 2009-07-28 13:38:16 ----N---- C:\WINDOWS\system32\pxinsa64.exe 2009-07-28 13:38:16 ----N---- C:\WINDOWS\system32\pxhpinst.exe 2009-07-28 13:38:16 ----N---- C:\WINDOWS\system32\pxdrv.dll 2009-07-28 13:38:16 ----N---- C:\WINDOWS\system32\pxcpya64.exe 2009-07-28 13:38:16 ----N---- C:\WINDOWS\system32\pxafs.dll 2009-07-28 13:38:16 ----N---- C:\WINDOWS\system32\px.dll 2009-07-28 13:25:09 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Google 2009-07-28 13:24:56 ----D---- C:\Program Files\Google 2009-07-28 13:24:56 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Google 2009-07-28 13:23:03 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Mozilla 2009-07-28 12:14:31 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2009-07-28 12:14:12 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Tibia 2009-07-27 20:57:10 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Ventrilo 2009-07-27 20:28:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2009-07-27 20:27:56 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2009-07-17 12:43:54 ----D---- C:\WINDOWS\system32\PreInstall 2009-07-17 12:43:53 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$ 2009-07-17 12:43:53 ----HD---- C:\WINDOWS\$hf_mig$ 2009-07-17 12:36:40 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\NFS Underground 2009-07-17 12:35:31 ----D---- C:\Program Files\Common Files\DirectX 2009-07-17 12:24:21 ----D---- C:\WINDOWS\system32\AGEIA 2009-07-17 12:24:21 ----D---- C:\Program Files\AGEIA Technologies 2009-07-17 12:24:17 ----D---- C:\Program Files\Common Files\Wise Installation Wizard 2009-07-17 12:24:00 ----A---- C:\WINDOWS\system32\nvudisp.exe 2009-07-17 12:23:29 ----D---- C:\NVIDIA 2009-07-17 12:19:26 ----D---- C:\WINDOWS\system32\Lang 2009-07-17 12:18:03 ----D---- C:\WINDOWS\system32\RTCOM 2009-07-17 12:17:57 ----A---- C:\WINDOWS\vncutil.exe 2009-07-17 12:17:57 ----A---- C:\WINDOWS\SOUNDMAN.EXE 2009-07-17 12:17:57 ----A---- C:\WINDOWS\SkyTel.exe 2009-07-17 12:17:57 ----A---- C:\WINDOWS\RtlUpd.exe 2009-07-17 12:17:56 ----A---- C:\WINDOWS\system32\RtkCoInstXP.dll 2009-07-17 12:17:56 ----A---- C:\WINDOWS\RTLCPL.EXE 2009-07-17 12:17:55 ----A---- C:\WINDOWS\RtkAudioService.exe 2009-07-17 12:17:55 ----A---- C:\WINDOWS\RTHDCPL.EXE 2009-07-17 12:17:54 ----D---- C:\Program Files\Realtek 2009-07-17 12:17:54 ----A---- C:\WINDOWS\MicCal.exe 2009-07-17 12:17:54 ----A---- C:\WINDOWS\ALCWZRD.EXE 2009-07-17 12:17:54 ----A---- C:\WINDOWS\ALCMTR.EXE 2009-07-17 12:17:43 ----A---- C:\WINDOWS\RtlExUpd.dll 2009-07-17 12:10:57 ----D---- C:\Program Files\NVIDIA Corporation 2009-07-17 12:10:24 ----A---- C:\WINDOWS\system32\CapabilityTable.exe 2009-07-17 12:10:18 ----D---- C:\WINDOWS\system32\SoftwareDistribution 2009-07-17 12:09:44 ----A---- C:\WINDOWS\system32\nvunrm.exe 2009-07-17 12:08:40 ----A---- C:\WINDOWS\system32\nvconrm.dll 2009-07-17 12:08:40 ----A---- C:\WINDOWS\system32\fdco1.dll 2009-07-17 12:08:40 ----A---- C:\WINDOWS\system32\bdco1.dll 2009-07-17 11:59:37 ----D---- C:\WINDOWS\Prefetch 2009-07-17 11:56:01 ----N---- C:\WINDOWS\system32\msxml6r.dll 2009-07-17 11:56:01 ----N---- C:\WINDOWS\system32\msxml6.dll 2009-07-17 11:55:55 ----N---- C:\WINDOWS\system32\smtpapi.dll 2009-07-17 11:55:55 ----N---- C:\WINDOWS\system32\rwnh.dll 2009-07-17 11:55:54 ----N---- C:\WINDOWS\system32\credssp.dll 2009-07-17 11:55:54 ----N---- C:\WINDOWS\system32\bitsprx4.dll 2009-07-17 11:55:54 ----N---- C:\WINDOWS\system32\azroles.dll 2009-07-17 11:55:54 ----N---- C:\WINDOWS\system32\aaclient.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\mmcperf.exe 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\mmcex.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\l2gpstore.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\kmsvc.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\kbdpash.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\kbdnepr.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\kbdiultn.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\kbdbhc.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\eapsvc.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\eapqec.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\eappprxy.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\eapphost.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\eappgnui.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\eappcfg.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\eapp3hst.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\eapolqec.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\dot3ui.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\dot3svc.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\dot3msm.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\dot3dlg.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\dot3cfg.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\dot3api.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\dimsroam.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\dimsntfy.dll 2009-07-17 11:55:53 ----N---- C:\WINDOWS\system32\dhcpqec.dll 2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\setupn.exe 2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\rhttpaa.dll 2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\rasqec.dll 2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\qutil.dll 2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\qcliprov.dll 2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\qagentrt.dll 2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\qagent.dll 2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\photometadatahandler.dll 2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\onex.dll 2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\napstat.exe 2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\napmontr.dll 2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\napipsec.dll 2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\msshavmsg.dll 2009-07-17 11:55:52 ----N---- C:\WINDOWS\system32\mssha.dll 2009-07-17 11:55:51 ----N---- C:\WINDOWS\system32\xpsp3res.dll 2009-07-17 11:55:51 ----N---- C:\WINDOWS\system32\wmphoto.dll 2009-07-17 11:55:51 ----N---- C:\WINDOWS\system32\wlanapi.dll 2009-07-17 11:55:51 ----N---- C:\WINDOWS\system32\windowscodecsext.dll 2009-07-17 11:55:51 ----N---- C:\WINDOWS\system32\windowscodecs.dll 2009-07-17 11:55:51 ----N---- C:\WINDOWS\system32\verclsid.exe 2009-07-17 11:55:51 ----N---- C:\WINDOWS\system32\tzchange.exe 2009-07-17 11:55:51 ----N---- C:\WINDOWS\system32\tspkg.dll 2009-07-17 11:55:51 ----N---- C:\WINDOWS\system32\tsgqec.dll 2009-07-17 11:55:50 ----N---- C:\WINDOWS\system32\xmllite.dll 2009-07-17 11:55:50 ----D---- C:\WINDOWS\system32\pl-pl 2009-07-17 11:55:50 ----D---- C:\WINDOWS\system32\pl 2009-07-17 11:55:50 ----D---- C:\WINDOWS\system32\bits 2009-07-17 11:55:50 ----D---- C:\WINDOWS\l2schemas 2009-07-17 11:54:05 ----D---- C:\WINDOWS\network diagnostic 2009-07-17 11:53:34 ----A---- C:\WINDOWS\005355_.tmp 2009-07-17 11:42:05 ----D---- C:\WINDOWS\SoftwareDistribution 2009-07-17 11:41:13 ----SD---- C:\WINDOWS\system32\Microsoft 2009-07-17 11:38:16 ----N---- C:\WINDOWS\system32\comsdupd.exe 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\kbdukx.dll 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\kbdsmsno.dll 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\kbdsmsfi.dll 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\kbdno1.dll 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\kbdmlt48.dll 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\kbdmlt47.dll 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\kbdmaori.dll 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\kbdinmal.dll 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\kbdinben.dll 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\kbdinbe1.dll 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\kbdfi1.dll 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\ieencode.dll 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\httpapi.dll 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\hsfcisp2.dll 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\fwcfg.dll 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\fsquirt.exe 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\fltmc.exe 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\fltlib.dll 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\extmgr.dll 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\cmsetacl.dll 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\btpanui.dll 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\bthserv.dll 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\bthci.dll 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\blastcln.exe 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\bitsprx3.dll 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\bitsprx2.dll 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\auditusr.exe 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\ativvaxx.dll 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\ativtmxx.dll 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\ati3duag.dll 2009-07-17 11:38:14 ----N---- C:\WINDOWS\system32\ati2cqag.dll 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\wmpdxm.dll 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\wmpasf.dll 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\wmp.dll 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\wmerror.dll 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\winshfhc.dll 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\w3ssl.dll 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\twext.dll 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\strmfilt.dll 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\smbinst.exe 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\slserv.exe 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\slrundll.exe 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\slgen.dll 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\slextspk.dll 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\slcoinst.dll 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\sdhcinst.dll 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\s3gnb.dll 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\powercfg.exe 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\pnrpnsp.dll 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\p2psvc.dll 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\p2pnetsh.dll 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\p2pgraph.dll 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\p2pgasvc.dll 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\p2p.dll 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\mtxparhd.dll 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\msdadiag.dll 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\mp4sdmod.dll 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\mp43dmod.dll 2009-07-17 11:38:13 ----N---- C:\WINDOWS\system32\mdmxsdk.dll 2009-07-17 11:38:13 ----A---- C:\WINDOWS\system32\xpsp2res.dll 2009-07-17 11:38:13 ----A---- C:\WINDOWS\system32\xpob2res.dll 2009-07-17 11:38:13 ----A---- C:\WINDOWS\system32\wmsdmoe2.dll 2009-07-17 11:38:13 ----A---- C:\WINDOWS\system32\wmidx.dll 2009-07-17 11:38:13 ----A---- C:\WINDOWS\system32\MsPMSNSv.dll 2009-07-17 11:38:12 ----N---- C:\WINDOWS\system32\xmlprovi.dll 2009-07-17 11:38:12 ----N---- C:\WINDOWS\system32\xmlprov.dll 2009-07-17 11:38:12 ----N---- C:\WINDOWS\system32\wuaueng1.dll 2009-07-17 11:38:12 ----N---- C:\WINDOWS\system32\wuauclt1.exe 2009-07-17 11:38:12 ----N---- C:\WINDOWS\system32\wshbth.dll 2009-07-17 11:38:12 ----N---- C:\WINDOWS\slrundll.exe 2009-07-17 11:38:12 ----D---- C:\WINDOWS\provisioning 2009-07-17 11:38:12 ----D---- C:\WINDOWS\peernet 2009-07-17 11:38:12 ----A---- C:\WINDOWS\system32\wuweb.dll 2009-07-17 11:38:12 ----A---- C:\WINDOWS\system32\wups.dll 2009-07-17 11:38:12 ----A---- C:\WINDOWS\system32\wucltui.dll 2009-07-17 11:38:12 ----A---- C:\WINDOWS\system32\wuapi.dll 2009-07-17 11:38:12 ----A---- C:\WINDOWS\system32\wscsvc.dll 2009-07-17 11:38:12 ----A---- C:\WINDOWS\system32\wscntfy.exe 2009-07-17 11:38:12 ----A---- C:\WINDOWS\system32\wmvdmoe2.dll 2009-07-17 11:38:12 ----A---- C:\WINDOWS\system32\wmspdmoe.dll 2009-07-17 11:38:12 ----A---- C:\WINDOWS\system32\wmspdmod.dll 2009-07-17 11:36:56 ----A---- C:\WINDOWS\003635_.tmp 2009-07-17 11:36:50 ----A---- C:\WINDOWS\system32\spupdsvc.exe 2009-07-17 11:17:41 ----A---- C:\WINDOWS\system32\dpcdll.dll 2009-07-17 11:17:25 ----N---- C:\WINDOWS\system32\spiisupd.exe 2009-07-17 11:17:25 ----N---- C:\WINDOWS\system32\asr_pfu.exe 2009-07-17 11:17:25 ----D---- C:\WINDOWS\ServicePackFiles 2009-07-17 11:17:25 ----D---- C:\WINDOWS\ehome 2009-07-17 11:17:24 ----N---- C:\WINDOWS\system32\mssap.dll 2009-07-17 11:17:24 ----N---- C:\WINDOWS\system32\msftedit.dll 2009-07-17 11:17:24 ----N---- C:\WINDOWS\system32\hccoin.dll 2009-07-17 11:17:24 ----N---- C:\WINDOWS\system32\faxpatch.exe 2009-07-17 11:17:24 ----N---- C:\WINDOWS\system32\encdec.dll 2009-07-17 11:17:24 ----N---- C:\WINDOWS\system32\dsprpres.dll 2009-07-17 11:17:24 ----N---- C:\WINDOWS\system32\ati3d2ag.dll 2009-07-17 11:17:24 ----N---- C:\WINDOWS\system32\ati3d1ag.dll 2009-07-17 11:17:24 ----N---- C:\WINDOWS\system32\ati2dvag.dll 2009-07-17 11:17:24 ----N---- C:\WINDOWS\system32\ati2dvaa.dll 2009-07-17 11:17:23 ----N---- C:\WINDOWS\system32\xpsp1res.dll 2009-07-17 11:17:23 ----N---- C:\WINDOWS\system32\wmvcore2.dll 2009-07-17 11:17:23 ----N---- C:\WINDOWS\system32\winbrand.dll 2009-07-17 11:17:23 ----N---- C:\WINDOWS\system32\sbeio.dll 2009-07-17 11:17:23 ----N---- C:\WINDOWS\system32\sbe.dll 2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\wsecedit.dll 2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\winhttp.dll 2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\tracerpt.exe 2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\tlntsvrp.dll 2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\tlntsvr.exe 2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\tlntsess.exe 2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\tlntadmn.exe 2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\schtasks.exe 2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\rsnotify.exe 2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\nwwks.dll 2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\mqutil.dll 2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\mqtrig.dll 2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\mqsnap.dll 2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\mqsec.dll 2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\mqrt.dll 2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\mqqm.dll 2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\mqise.dll 2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\mqad.dll 2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\gptext.dll 2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\gpresult.exe 2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\fdeploy.dll 2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\appmgr.dll 2009-07-17 11:17:23 ----A---- C:\WINDOWS\system32\appmgmts.dll 2009-07-17 11:17:17 ----A---- C:\WINDOWS\winhlp32.exe 2009-07-17 11:17:17 ----A---- C:\WINDOWS\system32\adsmsext.dll 2009-07-17 11:17:17 ----A---- C:\WINDOWS\system32\adsldpc.dll 2009-07-17 11:17:17 ----A---- C:\WINDOWS\system32\adsldp.dll 2009-07-17 11:17:17 ----A---- C:\WINDOWS\system32\6to4svc.dll 2009-07-17 11:17:17 ----A---- C:\WINDOWS\hh.exe 2009-07-17 11:17:17 ----A---- C:\WINDOWS\explorer.exe 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\ctfmon.exe 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\cscui.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\cryptui.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\cryptsvc.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\cryptdlg.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\crypt32.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\credui.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\conime.exe 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\comsvcs.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\compatui.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\cmdl32.exe 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\cmdial32.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\clusapi.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\clipbrd.exe 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\ciodm.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\cfgbkend.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\cewmdm.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\certcli.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\cdm.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\catsrvut.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\browsewm.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\browseui.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\browser.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\browselc.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\batt.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\avifil32.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\autolfn.exe 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\audiosrv.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\atl.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\at.exe 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\asferror.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\apphelp.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\alg.exe 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\ahui.exe 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\advpack.dll 2009-07-17 11:17:16 ----A---- C:\WINDOWS\system32\adsnt.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\iesetup.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\iepeers.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\iedkcs32.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\ieaksie.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\ieakeng.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\ie4uinit.exe 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\idq.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\icm32.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\icaapi.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\hnetcfg.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\hhsetup.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\framebuf.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\fontview.exe 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\fldrclnr.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\faultrep.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\expsrv.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\eventlog.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\eudcedit.exe 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\es.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\ersvc.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\els.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dxtrans.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dxtmsft.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dxmasf.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dwwin.exe 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\duser.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dumprep.exe 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dssenh.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dsquery.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dsprop.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\ds32gt.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\drmv2clt.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\drmstor.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\drmclien.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\docprop2.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dnsapi.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dinput8.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dinput.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\digest.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dgnet.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dfsshlex.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dfrgui.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dfrgsnap.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dfrgntfs.exe 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dfrgfat.exe 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\devmgr.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\defrag.exe 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dbnmpntw.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dbnetlib.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dbmsvinn.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dbmsrpcn.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\dbmsadsn.dll 2009-07-17 11:17:15 ----A---- C:\WINDOWS\system32\danim.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\msdtcprx.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\msdart.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\msctfp.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\msctf.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\mscpx32r.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\msconf.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\mscms.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\mplay32.exe 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\mpg4dmod.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\moricons.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\mobsync.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\mnmdd.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\mmcndmgr.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\mindex.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\logonui.exe 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\logagent.exe 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\localui.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\lmrt.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\licwmi.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\licmgr10.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\laprxy.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\kerberos.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\kd1394.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\ixsso.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\iuengine.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\itss.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\itircl.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\ipv6mon.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\ipv6.exe 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\ipsecsvc.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\ippromon.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\ipnathlp.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\iphlpapi.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\ipconfig.exe 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\inseng.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\input.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\inetcomm.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\imm32.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\imgutil.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\imeshare.dll 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\imapi.exe 2009-07-17 11:17:14 ----A---- C:\WINDOWS\system32\ils.dll 2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\msjet40.dll 2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\msisam11.dll 2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\msimtf.dll 2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\msimg32.dll 2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\msihnd.dll 2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\msiexec.exe 2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\msieftp.dll 2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\msi.dll 2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\mshtmler.dll 2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\mshtmled.dll 2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\mshtml.dll 2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\msexcl40.dll 2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\msexch40.dll 2009-07-17 11:17:13 ----A---- C:\WINDOWS\system32\msdxmlc.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\netplwiz.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\netman.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\netlogon.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\netdde.exe 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\netcfgx.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\netapi32.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\net1.exe 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\net.exe 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\nddenb32.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\ncobjapi.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msxml3.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msxml2.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msxbde40.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msvfw32.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msvcrt.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msvcp60.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msutb.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msuni11.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\mstscax.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\mstsc.exe 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\mstinit.exe 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\mstime.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\mstext40.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\mstask.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\MSSCP.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msrle32.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msrepl40.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msrd2x40.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msrating.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\MsPMSP.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\mspbde40.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\mspaint.exe 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msorcl32.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msoert2.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msoeacct.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msnsspc.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msnetobj.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msltus40.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\mslbui.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msjtes40.dll 2009-07-17 11:17:12 ----A---- C:\WINDOWS\system32\msjetoledb40.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\rasppp.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\rasmans.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\raschap.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\query.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\qmgrprxy.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\qmgr.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\psbase.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\psapi.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\pngfilt.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\ping.exe 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\pdh.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\pautoenr.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\packager.exe 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\osk.exe 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\opengl32.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\oleprn.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\ole32.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\offfilt.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\odbctrac.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\odbcp32r.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\odbccu32.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\odbccr32.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\odbccp32.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\odbcconf.exe 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\odbcconf.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\odbcbcp.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\odbcad32.exe 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\odbc32gt.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\odbc32.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\oakley.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\ntshrui.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\ntmssvc.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\ntmsdba.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\ntmsapi.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\ntmarta.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\ntlanman.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\npptools.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\nmmkcert.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\nlhtml.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\newdev.dll 2009-07-17 11:17:11 ----A---- C:\WINDOWS\system32\netshell.dll 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\shdocvw.dll 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\sfcfiles.dll 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\sfc_os.dll 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\setup.exe 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\sensapi.dll 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\sens.dll 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\secur32.dll 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\sdbinst.exe 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\schedsvc.dll 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\scesrv.dll 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\scecli.dll 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\sccsccp.dll 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\sccbase.dll 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\runonce.exe 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\rtcshare.exe 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\rsaenh.dll 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\rpcss.dll 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\rpcrt4.dll 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\riched20.dll 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\remotepg.dll 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\regapi.dll 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\reg.exe 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\redir.exe 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\rdsaddin.exe 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\rdpwsx.dll 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\rdpsnd.dll 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\rdpdd.dll 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\rdpclip.exe 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\rdchost.dll 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\rcimlby.exe 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\rastls.dll 2009-07-17 11:17:10 ----A---- C:\WINDOWS\system32\rassapi.dll 2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\srsvc.dll 2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\srrstr.dll 2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\srclient.dll 2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\sqlsrv32.dll 2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\spoolss.dll 2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\spider.exe 2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\snmpapi.dll 2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\smlogsvc.exe 2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\smlogcfg.dll 2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\slayerxp.dll 2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\skeys.exe 2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\sigverif.exe 2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\sigtab.dll 2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\shsvcs.dll 2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\shmgrate.exe 2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\shlwapi.dll 2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\shimgvw.dll 2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\shimeng.dll 2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\shgina.dll 2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\shfolder.dll 2009-07-17 11:17:09 ----A---- C:\WINDOWS\system32\shell32.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\wextract.exe 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\webvw.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\webclnt.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\webcheck.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\w32time.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\vssapi.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\vdmredir.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\vbscript.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\uxtheme.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\utilman.exe 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\usp10.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\urlmon.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\url.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\ups.exe 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\upnpui.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\upnphost.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\upnp.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\umpnpmgr.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\umandlg.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\udhisapi.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\tscupgrd.exe 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\tscfgwmi.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\trkwks.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\tracert.exe 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\themeui.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\termsrv.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\taskmgr.exe 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\tapisrv.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\tapi32.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\sxs.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\strmdll.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\stobject.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\sti_ci.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\sti.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\ssdpsrv.dll 2009-07-17 11:17:08 ----A---- C:\WINDOWS\system32\ssdpapi.dll 2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wmstream.dll 2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wmsdmoe.dll 2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wmsdmod.dll 2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wmpui.dll 2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wmpstub.exe 2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wmpshell.dll 2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wmploc.dll 2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wmpcore.dll 2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wmpcd.dll 2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\WMNetmgr.dll 2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wmasf.dll 2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wmadmoe.dll 2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wmadmod.dll 2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wlnotify.dll 2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wldap32.dll 2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\winsta.dll 2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\winmm.dll 2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wininet.dll 2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wiaservc.dll 2009-07-17 11:17:07 ----A---- C:\WINDOWS\system32\wiadss.dll 2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\zipfldr.dll 2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\xenroll.dll 2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\xactsrv.dll 2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\wzcdlg.dll 2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\wuauserv.dll 2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\wuaueng.dll 2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\wuauclt.exe 2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\wtsapi32.dll 2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\wsnmp32.dll 2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\wship6.dll 2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\wow32.dll 2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\wmvdmoe.dll 2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\wmvdmod.dll 2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\WMVCore.dll 2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\wmv8dmod.dll 2009-07-17 11:17:06 ----A---- C:\WINDOWS\system32\HAL.DLL 2009-07-17 11:16:46 ----N---- C:\WINDOWS\system32\spmsg.dll 2009-07-17 11:16:46 ----A---- C:\WINDOWS\001234_.tmp 2009-07-17 11:16:33 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$ 2009-07-17 11:16:31 ----A---- C:\WINDOWS\system32\jit.dll 2009-07-17 11:16:31 ----A---- C:\WINDOWS\system32\javaee.dll 2009-07-17 11:16:31 ----A---- C:\WINDOWS\system32\dx3j.dll 2009-07-17 11:16:31 ----A---- C:\WINDOWS\setdebug.exe 2009-07-17 11:16:29 ----A---- C:\WINDOWS\system32\wjview.exe 2009-07-17 11:16:29 ----A---- C:\WINDOWS\system32\vmhelper.dll 2009-07-17 11:16:29 ----A---- C:\WINDOWS\system32\msjdbc10.dll 2009-07-17 11:16:29 ----A---- C:\WINDOWS\system32\msjava.dll 2009-07-17 11:16:29 ----A---- C:\WINDOWS\system32\msawt.dll 2009-07-17 11:16:29 ----A---- C:\WINDOWS\system32\jview.exe 2009-07-17 11:16:29 ----A---- C:\WINDOWS\system32\jdbgmgr.exe 2009-07-17 11:16:29 ----A---- C:\WINDOWS\system32\javart.dll 2009-07-17 11:16:29 ----A---- C:\WINDOWS\system32\javaprxy.dll 2009-07-17 11:16:29 ----A---- C:\WINDOWS\system32\javacypt.dll 2009-07-17 11:16:28 ----A---- C:\WINDOWS\system32\clspack.exe 2009-07-16 21:11:56 ----N---- C:\WINDOWS\system32\nvuide.exe 2009-07-16 21:11:52 ----A---- C:\WINDOWS\system32\NVUNINST.EXE 2009-07-16 18:56:06 ----RASH---- C:\boot.ini 2009-07-16 18:53:30 ----D---- C:\WINDOWS\system32\ReinstallBackups 2009-07-16 18:53:28 ----HD---- C:\Program Files\InstallShield Installation Information 2009-07-16 18:53:28 ----D---- C:\Program Files\AMD 2009-07-16 18:52:53 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-07-16 18:52:53 ----RSD---- C:\WINDOWS\Fonts 2009-07-16 18:52:53 ----RD---- C:\WINDOWS\Web 2009-07-16 18:52:53 ----HD---- C:\WINDOWS\inf 2009-07-16 18:52:53 ----D---- C:\WINDOWS\WinSxS 2009-07-16 18:52:53 ----D---- C:\WINDOWS\twain_32 2009-07-16 18:52:53 ----D---- C:\WINDOWS\Temp 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\wins 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\wbem 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\usmt 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\spool 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\ShellExt 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\Setup 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\ras 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\oobe 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\npp 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\mui 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\inetsrv 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\IME 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\icsxml 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\ias 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\export 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\drivers 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\dhcp 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\config 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\3com_dmi 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\3076 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\2052 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\1054 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\1045 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\1042 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\1041 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\1037 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\1033 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\1031 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\1028 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32\1025 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system32 2009-07-16 18:52:53 ----D---- C:\WINDOWS\system 2009-07-16 18:52:53 ----D---- C:\WINDOWS\security 2009-07-16 18:52:53 ----D---- C:\WINDOWS\Resources 2009-07-16 18:52:53 ----D---- C:\WINDOWS\repair 2009-07-16 18:52:53 ----D---- C:\WINDOWS\mui 2009-07-16 18:52:53 ----D---- C:\WINDOWS\msapps 2009-07-16 18:52:53 ----D---- C:\WINDOWS\msagent 2009-07-16 18:52:53 ----D---- C:\WINDOWS\Media 2009-07-16 18:52:53 ----D---- C:\WINDOWS\java 2009-07-16 18:52:53 ----D---- C:\WINDOWS\ime 2009-07-16 18:52:53 ----D---- C:\WINDOWS\Help 2009-07-16 18:52:53 ----D---- C:\WINDOWS\Driver Cache 2009-07-16 18:52:53 ----D---- C:\WINDOWS\Debug 2009-07-16 18:52:53 ----D---- C:\WINDOWS\Cursors 2009-07-16 18:52:53 ----D---- C:\WINDOWS\Connection Wizard 2009-07-16 18:52:53 ----D---- C:\WINDOWS\Config 2009-07-16 18:52:53 ----D---- C:\WINDOWS\AppPatch 2009-07-16 18:52:53 ----D---- C:\WINDOWS\addins 2009-07-16 18:52:53 ----D---- C:\WINDOWS 2009-07-16 18:47:25 ----A---- C:\WINDOWS\system32\fdco_l2052.dll 2009-07-16 18:47:25 ----A---- C:\WINDOWS\system32\fdco_l1046.dll 2009-07-16 18:47:25 ----A---- C:\WINDOWS\system32\fdco_l1042.dll 2009-07-16 18:47:25 ----A---- C:\WINDOWS\system32\fdco_l1041.dll 2009-07-16 18:47:25 ----A---- C:\WINDOWS\system32\fdco_l1040.dll 2009-07-16 18:47:25 ----A---- C:\WINDOWS\system32\fdco_l1036.dll 2009-07-16 18:47:25 ----A---- C:\WINDOWS\system32\fdco_l1034.dll 2009-07-16 18:47:25 ----A---- C:\WINDOWS\system32\fdco_l1031.dll 2009-07-16 18:47:25 ----A---- C:\WINDOWS\system32\fdco_l1028.dll 2009-07-16 18:47:22 ----D---- C:\WINDOWS\NV636712.TMP 2009-07-16 18:47:22 ----A---- C:\WINDOWS\system32\bdco1ins.dll 2009-07-16 18:32:09 ----A---- C:\WINDOWS\IsUninst.exe 2009-07-16 18:31:25 ----D---- C:\Program Files\Common Files\Adobe 2009-07-16 18:31:11 ----A---- C:\WINDOWS\system32\mon.txt 2009-07-16 18:29:40 ----A---- C:\WINDOWS\VSWizard.ini 2009-07-16 18:16:04 ----D---- C:\WINDOWS\nview 2009-07-16 18:11:51 ----D---- C:\Program Files\Common Files\InstallShield 2009-07-16 18:08:32 ----D---- C:\WINDOWS\RegisteredPackages 2009-07-16 18:08:13 ----A---- C:\WINDOWS\system32\wstdecod.dll 2009-07-16 18:08:13 ----A---- C:\WINDOWS\system32\psisdecd.dll 2009-07-16 18:08:13 ----A---- C:\WINDOWS\system32\msyuv.dll 2009-07-16 18:08:13 ----A---- C:\WINDOWS\system32\msvidctl.dll 2009-07-16 18:08:13 ----A---- C:\WINDOWS\system32\ksuser.dll 2009-07-16 18:08:12 ----A---- C:\WINDOWS\system32\quartz.dll 2009-07-16 18:08:12 ----A---- C:\WINDOWS\system32\qedwipes.dll 2009-07-16 18:08:12 ----A---- C:\WINDOWS\system32\qedit.dll 2009-07-16 18:08:12 ----A---- C:\WINDOWS\system32\qdvd.dll 2009-07-16 18:08:12 ----A---- C:\WINDOWS\system32\qdv.dll 2009-07-16 18:08:12 ----A---- C:\WINDOWS\system32\qcap.dll 2009-07-16 18:08:12 ----A---- C:\WINDOWS\system32\qasf.dll 2009-07-16 18:08:12 ----A---- C:\WINDOWS\system32\mswebdvd.dll 2009-07-16 18:08:12 ----A---- C:\WINDOWS\system32\msdmo.dll 2009-07-16 18:08:12 ----A---- C:\WINDOWS\system32\mciqtz32.dll 2009-07-16 18:08:12 ----A---- C:\WINDOWS\system32\encapi.dll 2009-07-16 18:08:12 ----A---- C:\WINDOWS\system32\devenum.dll 2009-07-16 18:08:12 ----A---- C:\WINDOWS\system32\amstream.dll 2009-07-16 18:08:11 ----A---- C:\WINDOWS\system32\dswave.dll 2009-07-16 18:08:11 ----A---- C:\WINDOWS\system32\dmusic.dll 2009-07-16 18:08:11 ----A---- C:\WINDOWS\system32\dmsynth.dll 2009-07-16 18:08:11 ----A---- C:\WINDOWS\system32\dmstyle.dll 2009-07-16 18:08:11 ----A---- C:\WINDOWS\system32\dmscript.dll 2009-07-16 18:08:11 ----A---- C:\WINDOWS\system32\dmloader.dll 2009-07-16 18:08:11 ----A---- C:\WINDOWS\system32\dmime.dll 2009-07-16 18:08:11 ----A---- C:\WINDOWS\system32\dmcompos.dll 2009-07-16 18:08:11 ----A---- C:\WINDOWS\system32\dmband.dll 2009-07-16 18:08:11 ----A---- C:\WINDOWS\system32\d3d9.dll 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dxdllreg.exe 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dxdiagn.dll 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dxdiag.exe 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dx8vb.dll 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dx7vb.dll 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dsound3d.dll 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dsound.dll 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dsdmoprp.dll 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dsdmo.dll 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dpwsockx.dll 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dpvvox.dll 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dpvsetup.exe 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dpvoice.dll 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dpvacm.dll 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dpnsvr.exe 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dpnlobby.dll 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dpnhupnp.dll 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dpnhpast.dll 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dpnet.dll 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dpnaddr.dll 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dpmodemx.dll 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dplayx.dll 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\dplaysvr.exe 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\ddrawex.dll 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\ddraw.dll 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\d3dim700.dll 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\d3d8thk.dll 2009-07-16 18:08:10 ----A---- C:\WINDOWS\system32\d3d8.dll 2009-07-16 18:02:44 ----A---- C:\WINDOWS\system32\h323log.txt 2009-07-16 17:58:49 ----A---- C:\WINDOWS\system32\usbui.dll 2009-07-16 17:58:05 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-07-16 17:58:04 ----D---- C:\Program Files\Common Files\ODBC 2009-07-16 17:58:04 ----A---- C:\WINDOWS\ODBCINST.INI 2009-07-16 17:58:01 ----RD---- C:\Program Files 2009-07-16 17:58:01 ----D---- C:\Program Files\Common Files\SpeechEngines 2009-07-16 17:58:01 ----D---- C:\Program Files\Common Files\Microsoft Shared 2009-07-16 17:58:01 ----D---- C:\Program Files\Common Files 2009-07-16 17:57:58 ----RA---- C:\WINDOWS\system32\kbdtuq.dll 2009-07-16 17:57:58 ----RA---- C:\WINDOWS\system32\kbdtuf.dll 2009-07-16 17:57:58 ----RA---- C:\WINDOWS\system32\kbdazel.dll 2009-07-16 17:57:56 ----RA---- C:\WINDOWS\system32\kbdycc.dll 2009-07-16 17:57:56 ----RA---- C:\WINDOWS\system32\kbduzb.dll 2009-07-16 17:57:56 ----RA---- C:\WINDOWS\system32\kbdur.dll 2009-07-16 17:57:56 ----RA---- C:\WINDOWS\system32\kbdtat.dll 2009-07-16 17:57:56 ----RA---- C:\WINDOWS\system32\kbdru1.dll 2009-07-16 17:57:56 ----RA---- C:\WINDOWS\system32\kbdru.dll 2009-07-16 17:57:56 ----RA---- C:\WINDOWS\system32\kbdmon.dll 2009-07-16 17:57:56 ----RA---- C:\WINDOWS\system32\kbdkyr.dll 2009-07-16 17:57:56 ----RA---- C:\WINDOWS\system32\kbdkaz.dll 2009-07-16 17:57:56 ----RA---- C:\WINDOWS\system32\kbdaze.dll 2009-07-16 17:57:55 ----RA---- C:\WINDOWS\system32\kbdbu.dll 2009-07-16 17:57:55 ----RA---- C:\WINDOWS\system32\kbdblr.dll 2009-07-16 17:57:53 ----RA---- C:\WINDOWS\system32\kbdhept.dll 2009-07-16 17:57:53 ----RA---- C:\WINDOWS\system32\kbdhela3.dll 2009-07-16 17:57:53 ----RA---- C:\WINDOWS\system32\kbdhela2.dll 2009-07-16 17:57:53 ----RA---- C:\WINDOWS\system32\kbdhe319.dll 2009-07-16 17:57:53 ----RA---- C:\WINDOWS\system32\kbdhe220.dll 2009-07-16 17:57:53 ----RA---- C:\WINDOWS\system32\kbdhe.dll 2009-07-16 17:57:53 ----RA---- C:\WINDOWS\system32\kbdgkl.dll 2009-07-16 17:57:51 ----RA---- C:\WINDOWS\system32\kbdlv1.dll 2009-07-16 17:57:51 ----RA---- C:\WINDOWS\system32\kbdlv.dll 2009-07-16 17:57:51 ----RA---- C:\WINDOWS\system32\kbdlt1.dll 2009-07-16 17:57:51 ----RA---- C:\WINDOWS\system32\kbdlt.dll 2009-07-16 17:57:51 ----RA---- C:\WINDOWS\system32\kbdest.dll 2009-07-16 17:57:48 ----A---- C:\WINDOWS\system32\kbdsl1.dll 2009-07-16 17:57:47 ----A---- C:\WINDOWS\system32\kbdycl.dll 2009-07-16 17:57:47 ----A---- C:\WINDOWS\system32\kbdsl.dll 2009-07-16 17:57:47 ----A---- C:\WINDOWS\system32\kbdro.dll 2009-07-16 17:57:47 ----A---- C:\WINDOWS\system32\kbdhu1.dll 2009-07-16 17:57:47 ----A---- C:\WINDOWS\system32\kbdhu.dll 2009-07-16 17:57:47 ----A---- C:\WINDOWS\system32\kbdcz2.dll 2009-07-16 17:57:47 ----A---- C:\WINDOWS\system32\kbdcz1.dll 2009-07-16 17:57:47 ----A---- C:\WINDOWS\system32\kbdcz.dll 2009-07-16 17:57:47 ----A---- C:\WINDOWS\system32\kbdcr.dll 2009-07-16 17:57:47 ----A---- C:\WINDOWS\system32\KBDAL.DLL 2009-07-16 17:57:46 ----A---- C:\WINDOWS\system32\spxcoins.dll 2009-07-16 17:57:46 ----A---- C:\WINDOWS\system32\irclass.dll 2009-07-16 17:57:46 ----A---- C:\WINDOWS\system32\EqnClass.Dll 2009-07-16 17:57:46 ----A---- C:\WINDOWS\system32\dgsetup.dll 2009-07-16 17:57:46 ----A---- C:\WINDOWS\system32\dgrpsetu.dll 2009-07-16 17:57:43 ----N---- C:\WINDOWS\system32\CONFIG.TMP 2009-07-16 17:57:43 ----A---- C:\WINDOWS\TASKMAN.EXE 2009-07-16 17:57:43 ----A---- C:\WINDOWS\notepad.exe 2009-07-16 17:57:36 ----ASH---- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini 2009-07-16 17:57:33 ----RA---- C:\WINDOWS\SET7.tmp 2009-07-16 17:57:31 ----RA---- C:\WINDOWS\SET3.tmp 2009-07-16 17:57:26 ----D---- C:\WINDOWS\system32\CatRoot2 2009-07-16 17:57:26 ----D---- C:\WINDOWS\system32\CatRoot 2009-07-16 17:57:20 ----SD---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft 2009-07-16 17:57:09 ----D---- C:\Documents and Settings 2009-07-16 17:13:49 ----SHD---- C:\RECYCLER 2009-07-16 17:13:26 ----SHD---- C:\WINDOWS\Installer 2009-07-16 17:13:24 ----D---- C:\Documents and Settings\kretton\Dane aplikacji\Identities 2009-07-16 17:13:21 ----HD---- C:\Program Files\Uninstall Information 2009-07-16 17:13:17 ----SD---- C:\Documents and Settings\kretton\Dane aplikacji\Microsoft 2009-07-16 17:13:17 ----ASH---- C:\Documents and Settings\kretton\Dane aplikacji\desktop.ini 2009-07-16 17:11:18 ----SHD---- C:\System Volume Information 2009-07-16 17:11:18 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-07-16 17:08:38 ----D---- C:\WINDOWS\system32\xircom 2009-07-16 17:08:38 ----D---- C:\Program Files\xerox 2009-07-16 17:08:38 ----D---- C:\Program Files\microsoft frontpage 2009-07-16 17:08:24 ----A---- C:\WINDOWS\control.ini 2009-07-16 17:08:24 ----A---- C:\AUTOEXEC.BAT 2009-07-16 17:08:16 ----A---- C:\WINDOWS\system32\mapi32.dll 2009-07-16 17:07:43 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-07-16 17:07:43 ----RD---- C:\WINDOWS\Offline Web Pages 2009-07-16 17:07:43 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest 2009-07-16 17:07:39 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest 2009-07-16 17:07:27 ----D---- C:\WINDOWS\srchasst 2009-07-16 17:07:18 ----D---- C:\WINDOWS\system32\Macromed 2009-07-16 17:07:18 ----D---- C:\WINDOWS\system32\DirectX 2009-07-16 17:07:02 ----D---- C:\Program Files\Movie Maker 2009-07-16 17:06:42 ----A---- C:\WINDOWS\system32\safrslv.dll 2009-07-16 17:06:42 ----A---- C:\WINDOWS\system32\safrdm.dll 2009-07-16 17:06:42 ----A---- C:\WINDOWS\system32\safrcdlg.dll 2009-07-16 17:06:42 ----A---- C:\WINDOWS\system32\racpldlg.dll 2009-07-16 17:06:42 ----A---- C:\WINDOWS\system32\atrace.dll 2009-07-16 17:06:37 ----A---- C:\WINDOWS\system32\desktop.ini 2009-07-16 17:06:37 ----A---- C:\WINDOWS\desktop.ini 2009-07-16 17:06:29 ----D---- C:\WINDOWS\system32\Restore 2009-07-16 17:06:28 ----D---- C:\Program Files\Windows Media Player 2009-07-16 17:06:27 ----A---- C:\WINDOWS\system32\nmevtmsg.dll 2009-07-16 17:06:27 ----A---- C:\WINDOWS\system32\isrdbg32.dll 2009-07-16 17:06:26 ----A---- C:\WINDOWS\system32\mnmsrvc.exe 2009-07-16 17:06:22 ----D---- C:\WINDOWS\PCHEALTH 2009-07-16 17:06:22 ----D---- C:\Program Files\NetMeeting 2009-07-16 17:06:22 ----A---- C:\WINDOWS\system32\acctres.dll 2009-07-16 17:06:21 ----D---- C:\Program Files\Common Files\Services 2009-07-16 17:06:19 ----A---- C:\WINDOWS\system32\inetres.dll 2009-07-16 17:06:14 ----SD---- C:\WINDOWS\Tasks 2009-07-16 17:06:14 ----D---- C:\Program Files\Outlook Express 2009-07-16 17:06:13 ----A---- C:\WINDOWS\system32\isign32.dll 2009-07-16 17:06:13 ----A---- C:\WINDOWS\system32\inetcfg.dll 2009-07-16 17:06:13 ----A---- C:\WINDOWS\system32\icwphbk.dll 2009-07-16 17:06:13 ----A---- C:\WINDOWS\system32\icwdial.dll 2009-07-16 17:06:13 ----A---- C:\WINDOWS\system32\icfgnt5.dll 2009-07-16 17:06:10 ----D---- C:\Program Files\Common Files\MSSoap 2009-07-16 17:06:05 ----D---- C:\Program Files\Common Files\System 2009-07-16 17:06:03 ----D---- C:\Program Files\Internet Explorer 2009-07-16 17:05:38 ----D---- C:\Program Files\ComPlus Applications 2009-07-16 17:05:36 ----A---- C:\WINDOWS\vbaddin.ini 2009-07-16 17:05:36 ----A---- C:\WINDOWS\vb.ini 2009-07-16 17:05:33 ----D---- C:\WINDOWS\Registration 2009-07-16 17:05:28 ----HD---- C:\Program Files\WindowsUpdate 2009-07-16 17:05:28 ----D---- C:\Program Files\Usługi online 2009-07-16 17:05:24 ----D---- C:\Program Files\Messenger 2009-07-16 17:05:18 ----D---- C:\Program Files\MSN 2009-07-16 17:05:13 ----D---- C:\Program Files\MSN Gaming Zone 2009-07-16 17:05:13 ----A---- C:\WINDOWS\system32\write.exe 2009-07-16 17:05:03 ----A---- C:\WINDOWS\system32\accwiz.exe 2009-07-16 17:05:02 ----A---- C:\WINDOWS\system32\sndvol32.exe 2009-07-16 17:05:02 ----A---- C:\WINDOWS\system32\sndrec32.exe 2009-07-16 17:05:02 ----A---- C:\WINDOWS\system32\hypertrm.dll 2009-07-16 17:05:02 ----A---- C:\WINDOWS\system32\hticons.dll 2009-07-16 17:05:01 ----A---- C:\WINDOWS\system32\avwav.dll 2009-07-16 17:05:01 ----A---- C:\WINDOWS\system32\avtapi.dll 2009-07-16 17:05:01 ----A---- C:\WINDOWS\system32\avmeter.dll 2009-07-16 17:05:00 ----D---- C:\Program Files\Windows NT 2009-07-16 17:05:00 ----A---- C:\WINDOWS\system32\winchat.exe 2009-07-16 17:04:52 ----A---- C:\WINDOWS\system32\getuname.dll 2009-07-16 17:04:52 ----A---- C:\WINDOWS\system32\charmap.exe 2009-07-16 17:04:51 ----A---- C:\WINDOWS\system32\sol.exe 2009-07-16 17:04:51 ----A---- C:\WINDOWS\system32\calc.exe 2009-07-16 17:04:50 ----A---- C:\WINDOWS\system32\winmine.exe 2009-07-16 17:04:50 ----A---- C:\WINDOWS\system32\mshearts.exe 2009-07-16 17:04:50 ----A---- C:\WINDOWS\system32\freecell.exe 2009-07-16 17:04:48 ----A---- C:\WINDOWS\system32\sessmgr.exe 2009-07-16 17:04:48 ----A---- C:\WINDOWS\system32\reset.exe 2009-07-16 17:04:48 ----A---- C:\WINDOWS\system32\rdshost.exe 2009-07-16 17:04:47 ----A---- C:\WINDOWS\system32\usrlogon.cmd 2009-07-16 17:04:47 ----A---- C:\WINDOWS\system32\tsshutdn.exe 2009-07-16 17:04:47 ----A---- C:\WINDOWS\system32\tslabels.ini 2009-07-16 17:04:47 ----A---- C:\WINDOWS\system32\tskill.exe 2009-07-16 17:04:47 ----A---- C:\WINDOWS\system32\tsdiscon.exe 2009-07-16 17:04:47 ----A---- C:\WINDOWS\system32\tscon.exe 2009-07-16 17:04:47 ----A---- C:\WINDOWS\system32\shadow.exe 2009-07-16 17:04:47 ----A---- C:\WINDOWS\system32\rwinsta.exe 2009-07-16 17:04:47 ----A---- C:\WINDOWS\system32\regini.exe 2009-07-16 17:04:47 ----A---- C:\WINDOWS\system32\rdpcfgex.dll 2009-07-16 17:04:46 ----A---- C:\WINDOWS\system32\qwinsta.exe 2009-07-16 17:04:46 ----A---- C:\WINDOWS\system32\qprocess.exe 2009-07-16 17:04:46 ----A---- C:\WINDOWS\system32\qappsrv.exe 2009-07-16 17:04:46 ----A---- C:\WINDOWS\system32\msg.exe 2009-07-16 17:04:46 ----A---- C:\WINDOWS\system32\logoff.exe 2009-07-16 17:04:46 ----A---- C:\WINDOWS\system32\cdmodem.dll 2009-07-16 17:04:45 ----D---- C:\WINDOWS\system32\MsDtc 2009-07-16 17:04:45 ----A---- C:\WINDOWS\system32\mtxoci.dll 2009-07-16 17:04:45 ----A---- C:\WINDOWS\system32\msdtcuiu.dll 2009-07-16 17:04:45 ----A---- C:\WINDOWS\system32\msdtctm.dll 2009-07-16 17:04:44 ----A---- C:\WINDOWS\system32\xolehlp.dll 2009-07-16 17:04:44 ----A---- C:\WINDOWS\system32\msdtcprf.ini 2009-07-16 17:04:44 ----A---- C:\WINDOWS\system32\msdtclog.dll 2009-07-16 17:04:44 ----A---- C:\WINDOWS\system32\msdtc.exe 2009-07-16 17:04:43 ----A---- C:\WINDOWS\system32\mtxlegih.dll 2009-07-16 17:04:43 ----A---- C:\WINDOWS\system32\mtxex.dll 2009-07-16 17:04:43 ----A---- C:\WINDOWS\system32\mtxdm.dll 2009-07-16 17:04:43 ----A---- C:\WINDOWS\system32\dcomcnfg.exe 2009-07-16 17:04:42 ----D---- C:\WINDOWS\system32\Com 2009-07-16 17:04:42 ----A---- C:\WINDOWS\system32\stclient.dll 2009-07-16 17:04:42 ----A---- C:\WINDOWS\system32\comrepl.dll 2009-07-16 17:04:42 ----A---- C:\WINDOWS\system32\comaddin.dll 2009-07-16 17:04:42 ----A---- C:\WINDOWS\system32\colbact.dll 2009-07-16 17:04:42 ----A---- C:\WINDOWS\system32\clbcatex.dll 2009-07-16 17:04:42 ----A---- C:\WINDOWS\system32\catsrvps.dll 2009-07-16 17:04:41 ----A---- C:\WINDOWS\system32\catsrv.dll 2009-07-16 17:04:40 ----A---- C:\WINDOWS\system32\comuid.dll 2009-07-16 17:04:40 ----A---- C:\WINDOWS\system32\comsnap.dll 2009-07-16 17:04:40 ----A---- C:\WINDOWS\system32\clbcatq.dll 2009-07-16 17:04:28 ----A---- C:\WINDOWS\system32\wmimgmt.msc 2009-07-16 17:04:28 ----A---- C:\WINDOWS\system32\servdeps.dll 2009-07-16 17:04:28 ----A---- C:\WINDOWS\system32\mmfutil.dll 2009-07-16 17:04:28 ----A---- C:\WINDOWS\system32\cmprops.dll ======List of files/folders modified in the last 3 months====== 2009-10-14 18:37:27 ----A---- C:\WINDOWS\system32\bscs.ini 2009-10-04 11:42:57 ----A---- C:\WINDOWS\win.ini 2009-10-04 11:42:57 ----A---- C:\WINDOWS\system.ini 2009-09-11 16:19:43 ----A---- C:\WINDOWS\system32\msv1_0.dll 2009-09-04 23:05:35 ----A---- C:\WINDOWS\system32\msasn1.dll 2009-08-13 17:24:10 ----A---- C:\WINDOWS\system32\jscript.dll 2009-08-04 22:59:38 ----A---- C:\WINDOWS\system32\ntoskrnl.exe 2009-08-04 19:29:36 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe 2009-07-17 11:37:09 ----RASH---- C:\NTDETECT.COM ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK8;Sterownik procesora AMD; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2005-03-09 43008] R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2005-03-21 270336] R1 klif;Klif; \??\C:\WINDOWS\system32\drivers\klif.sys [] R1 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-17 12032] R3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-14 60800] R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320] R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-06-02 5085184] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-12-13 24592] R3 mouhid;Sterownik myszy HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-26 12160] R3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-14 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-02-09 6307328] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-03-22 52736] R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-03-22 18944] R3 NVR0Dev;NVR0Dev; \??\C:\WINDOWS\nvoclock.sys [] R3 usbhub;Koncentrator z obsługą USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520] R3 usbohci;Sterownik Miniport otwartego kontrolera hosta USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-14 17152] R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448] R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304] S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [] S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [] S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736] S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2009-10-03 34312] S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2007-06-24 38920] S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024] S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504] S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248] S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880] S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS [] S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] S3 RivaTuner32;RivaTuner32; \??\E:\regulator karty graf\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys [] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232] S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856] S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200] S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AVP;Kaspersky Internet Security 7.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe [2008-02-08 227856] R2 BlueSoleilCS;BlueSoleilCS; E:\BlueSoleil\BlueSoleilCS.exe [2009-10-03 1155180] R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe [2006-03-30 143360] R2 ForcewareWebInterface;Forceware Web Interface; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [2006-02-07 20543] R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2008-06-20 65536] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-08-28 153376] R2 KPF4;Kerio Personal Firewall 4; E:\Personal Firewall 4\kpf4ss.exe [2005-03-23 1941504] R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [2006-03-30 131131] R2 nSvcLog;ForceWare user log service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [2006-03-30 65599] R2 nTuneService;nTune Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2007-09-04 131072] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-02-09 163908] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] R3 BsHelpCS;BsHelpCS; E:\BlueSoleil\BsHelpCS.exe [2007-08-17 57447] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-28 182768] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] -----------------EOF----------------- [/log] HIJACKTHIS: [log]Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:55:45, on 2009-10-14 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe E:\BlueSoleil\BlueSoleilCS.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe C:\Program Files\Java\jre6\bin\jqs.exe E:\Personal Firewall 4\kpf4ss.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe E:\Personal Firewall 4\kpf4gui.exe E:\BlueSoleil\BsHelpCS.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe E:\Personal Firewall 4\kpf4gui.exe C:\Program Files\Windows Media Player\wmplayer.exe E:\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Livebox\SearchURLHook\SearchPageURL.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\Spybot\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\kretton\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file) O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\adobe reader\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\Livebox\SessionManager\SessionManager.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ares] "E:\Ares\Ares.exe" -h O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Statystyki dla ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Spybot\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Spybot\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe O23 - Service: BlueSoleilCS - Unknown owner - E:\BlueSoleil\BlueSoleilCS.exe O23 - Service: BsHelpCS - Unknown owner - E:\BlueSoleil\BsHelpCS.exe O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - E:\Personal Firewall 4\kpf4ss.exe O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 7871 bytes [/log] OTL: [log]OTL logfile created on: 2009-10-14 19:02:58 - Run 1 OTL by OldTimer - Version 3.0.21.0 Folder = C:\Documents and Settings\kretton\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,43 Gb Available Physical Memory | 71,56% Memory free 3,85 Gb Paging File | 3,30 Gb Available in Paging File | 85,76% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 19,53 Gb Total Space | 9,51 Gb Free Space | 48,71% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 108,46 Gb Total Space | 98,87 Gb Free Space | 91,16% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: KAMIL Current User Name: kretton Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2009-10-14 19:00:17 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kretton\Pulpit\OTL.exe PRC - [2009-10-03 14:53:53 | 01,155,180 | ---- | M] () -- E:\BlueSoleil\BlueSoleilCS.exe PRC - [2009-08-28 18:28:58 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2009-08-28 18:28:58 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe PRC - [2009-08-24 22:23:38 | 00,908,280 | ---- | M] (Mozilla Corporation) -- E:\Mozilla Firefox\firefox.exe PRC - [2009-07-28 13:25:07 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2009-05-21 08:01:02 | 17,881,600 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE PRC - [2009-02-09 13:18:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe PRC - [2008-06-20 12:08:08 | 00,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe PRC - [2008-04-14 22:51:52 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmplayer.exe PRC - [2008-04-14 22:51:18 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE PRC - [2008-02-08 18:36:14 | 00,227,856 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe PRC - [2007-09-04 19:25:44 | 00,131,072 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe PRC - [2007-08-17 15:58:08 | 00,057,447 | ---- | M] () -- E:\BlueSoleil\BsHelpCS.exe PRC - [2006-03-30 14:58:14 | 00,143,360 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe PRC - [2006-03-30 14:54:48 | 00,131,131 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe PRC - [2006-03-30 14:54:18 | 00,065,599 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe PRC - [2006-02-07 00:13:32 | 00,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe PRC - [2005-03-23 16:27:18 | 01,941,504 | ---- | M] (Kerio Technologies) -- E:\Personal Firewall 4\kpf4ss.exe PRC - [2005-03-23 16:24:34 | 02,899,968 | ---- | M] (Kerio Technologies) -- E:\Personal Firewall 4\kpf4gui.exe PRC - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-10-03 14:53:53 | 01,155,180 | ---- | M] () -- E:\BlueSoleil\BlueSoleilCS.exe -- (BlueSoleilCS [Auto | Running]) SRV - [2009-08-28 18:28:58 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running]) SRV - [2009-07-28 13:25:05 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped]) SRV - [2009-02-09 13:18:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running]) SRV - [2008-06-20 12:08:08 | 00,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC [Auto | Running]) SRV - [2008-04-14 22:50:46 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2008-02-08 18:36:14 | 00,227,856 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe -- (AVP [Auto | Running]) SRV - [2007-09-04 19:25:44 | 00,131,072 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService [Auto | Running]) SRV - [2007-08-17 15:58:08 | 00,057,447 | ---- | M] () -- E:\BlueSoleil\BsHelpCS.exe -- (BsHelpCS [On_Demand | Running]) SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped]) SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped]) SRV - [2006-03-30 14:58:14 | 00,143,360 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM) [Auto | Running]) SRV - [2006-03-30 14:54:48 | 00,131,131 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp [Auto | Running]) SRV - [2006-03-30 14:54:18 | 00,065,599 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog [Auto | Running]) SRV - [2006-02-07 00:13:32 | 00,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface [Auto | Running]) SRV - [2005-03-23 16:27:18 | 01,941,504 | ---- | M] (Kerio Technologies) -- E:\Personal Firewall 4\kpf4ss.exe -- (KPF4 [Auto | Running]) SRV - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Auto | Running]) SRV - [2004-07-15 01:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped]) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009-10-03 14:53:53 | 00,034,312 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\blueletaudio.sys -- (BlueletAudio [On_Demand | Stopped]) DRV - [2009-08-22 20:25:00 | 00,009,088 | ---- | M] () -- E:\regulator karty graf\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys -- (RivaTuner32 [On_Demand | Stopped]) DRV - [2009-07-28 21:11:29 | 00,112,144 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1 [Boot | Running]) DRV - [2009-06-02 12:02:46 | 05,085,184 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running]) DRV - [2009-04-28 22:20:06 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running]) DRV - [2009-02-09 13:18:00 | 06,307,328 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running]) DRV - [2008-08-05 14:10:12 | 01,684,736 | ---- | M] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys -- (Ambfilt [On_Demand | Stopped]) DRV - [2008-04-13 22:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2008-04-13 22:06:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running]) DRV - [2007-12-28 19:51:04 | 00,195,344 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys -- (klif [System | Running]) DRV - [2007-12-13 13:28:40 | 00,024,592 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\DRIVERS\klim5.sys -- (klim5 [On_Demand | Running]) DRV - [2007-09-04 19:26:32 | 00,029,696 | ---- | M] (NVidia Corp.) -- C:\WINDOWS\nvoclock.sys -- (NVR0Dev [On_Demand | Running]) DRV - [2007-06-24 21:56:54 | 00,038,920 | ---- | M] (IVT Corporation.) -- C:\WINDOWS\System32\Drivers\btcusb.sys -- (Btcsrusb [On_Demand | Stopped]) DRV - [2007-03-05 20:59:04 | 00,018,320 | ---- | M] (IVT Corporation.) -- C:\WINDOWS\System32\DRIVERS\btnetdrv.sys -- (BT [On_Demand | Running]) DRV - [2007-03-05 20:56:18 | 00,035,600 | ---- | M] (IVT Corporation.) -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr [Boot | Running]) DRV - [2007-03-05 20:55:12 | 00,020,880 | ---- | M] (IVT Corporation.) -- C:\WINDOWS\System32\Drivers\vbtenum.sys -- (BTHidEnum [Boot | Running]) DRV - [2007-03-05 20:53:18 | 00,044,304 | ---- | M] (IVT Corporation.) -- C:\WINDOWS\System32\Drivers\VcommMgr.sys -- (VcommMgr [On_Demand | Running]) DRV - [2007-03-05 20:52:18 | 00,034,448 | ---- | M] (IVT Corporation.) -- C:\WINDOWS\System32\DRIVERS\VComm.sys -- (VComm [On_Demand | Running]) DRV - [2006-04-24 11:52:28 | 00,100,736 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nvata.sys -- (nvata [Boot | Running]) DRV - [2006-03-22 08:24:02 | 00,018,944 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nvnetbus.sys -- (nvnetbus [On_Demand | Running]) DRV - [2006-03-22 08:24:00 | 00,052,736 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\NVENETFD.sys -- (NVENETFD [On_Demand | Running]) DRV - [2006-03-01 19:53:54 | 00,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCANDIS5.SYS -- (PCANDIS5 [On_Demand | Stopped]) DRV - [2006-01-04 09:41:48 | 01,389,056 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\Monfilt.sys -- (Monfilt [On_Demand | Stopped]) DRV - [2005-03-21 15:39:16 | 00,270,336 | ---- | M] (Kerio Technologies) -- C:\WINDOWS\system32\drivers\fwdrv.sys -- (fwdrv [System | Running]) DRV - [2005-03-09 15:53:00 | 00,043,008 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\System32\DRIVERS\AmdK8.sys -- (AmdK8 [System | Running]) DRV - [2003-09-23 11:38:34 | 00,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCAMPR5.SYS -- (PCAMPR5 [On_Demand | Stopped]) DRV - [2001-08-17 23:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1229272821-299502267-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\S-1-5-21-1229272821-299502267-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1229272821-299502267-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-1229272821-299502267-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-1229272821-299502267-839522115-1003\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Livebox\SearchURLHook\SearchPageURL.dll () IE - HKU\S-1-5-21-1229272821-299502267-839522115-1003\S-1-5-21-1229272821-299502267-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-08-28 18:28:59 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: E:\Mozilla Firefox\components [2009-09-18 18:06:03 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: E:\Mozilla Firefox\plugins [2009-09-21 17:50:12 | 00,000,000 | ---D | M] [2009-07-28 13:23:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Extensions [2009-09-18 17:05:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-10-14 15:28:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Profiles\vakzeyrg.Speedo\extensions [2009-09-18 18:09:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Profiles\vakzeyrg.Speedo\extensions\info@djzig.com [2009-09-18 18:09:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Profiles\vakzeyrg.Speedo\extensions\info@djzig.com\chrome\global\extensions [2009-09-18 18:09:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Profiles\vakzeyrg.Speedo\extensions\info@djzig.com\chrome\global\extensions\chatzilla [2009-09-18 18:09:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Profiles\vakzeyrg.Speedo\extensions\info@djzig.com\chrome\global\extensions\Console2 [2009-09-18 18:09:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Profiles\vakzeyrg.Speedo\extensions\info@djzig.com\chrome\global\extensions\downthemall [2009-09-18 18:09:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Profiles\vakzeyrg.Speedo\extensions\info@djzig.com\chrome\global\extensions\emusic [2009-09-18 18:09:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Profiles\vakzeyrg.Speedo\extensions\info@djzig.com\chrome\global\extensions\fullerscreen [2009-09-18 18:09:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Profiles\vakzeyrg.Speedo\extensions\info@djzig.com\chrome\global\extensions\sage [2009-09-18 18:09:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Profiles\vakzeyrg.Speedo\extensions\info@djzig.com\chrome\global\extensions\toolkit [2009-09-18 18:09:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Profiles\vakzeyrg.Speedo\extensions\info@djzig.com\chrome\global\extensions\webdeveloper [2009-09-18 18:09:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\mozilla\Profiles\vakzeyrg.Speedo\extensions\info@djzig.com\chrome\mozapps\extensions O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - E:\Spybot\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.) O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\kretton\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - No CLSID value found. O3 - HKU\S-1-5-21-1229272821-299502267-839522115-1003\..\Toolbar\ShellBrowser: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - No CLSID value found. O3 - HKU\S-1-5-21-1229272821-299502267-839522115-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] E:\adobe reader\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\Livebox\SessionManager\SessionManager.exe (France Telecom SA) O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKU\S-1-5-21-1229272821-299502267-839522115-1003..\Run: [ares] E:\Ares\Ares.exe (Ares Development Group) O4 - HKU\S-1-5-21-1229272821-299502267-839522115-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1229272821-299502267-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm () O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Statystyki dla ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll (Kaspersky Lab) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Spybot\SDHelper.dll (Safer Networking Limited) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\nvappfilter.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\nvappfilter.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\nvappfilter.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\nvappfilter.dll (NVIDIA) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll (Kaspersky Lab) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\System32\klogon.dll (Kaspersky Lab) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-07-16 17:08:24 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [6 C:\WINDOWS\*.tmp files] [2009-09-21 17:48:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help [2009-10-03 14:25:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kretton\Ustawienia lokalne\Dane aplikacji\bluesoleil [2009-09-21 17:48:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kretton\Ustawienia lokalne\Dane aplikacji\Microsoft Help [2009-09-20 15:47:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kretton\Ustawienia lokalne\Dane aplikacji\NVIDIA Corporation [2009-09-18 15:50:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kretton\Ustawienia lokalne\Dane aplikacji\Stardock [2009-09-27 13:10:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kretton\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files [2009-09-21 17:49:58 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2009-09-30 17:04:38 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\France Telecom [2009-09-30 17:16:21 | 00,000,000 | ---D | C] -- C:\Program Files\Livebox [2009-09-21 17:48:17 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2009-09-21 15:32:14 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2009-09-21 17:49:58 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio [2009-09-21 17:50:11 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Works [2009-09-21 17:49:44 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2009-09-20 15:46:15 | 00,000,000 | ---D | C] -- C:\Program Files\NVIDIA nTune Performance Application [2009-10-14 19:01:32 | 00,000,000 | ---D | C] -- C:\_OTL [2009-10-14 19:00:15 | 00,521,216 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\kretton\Pulpit\OTL.exe [2009-10-14 18:59:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kretton\Pulpit\otl_0.55 [2009-10-14 18:55:36 | 00,396,288 | ---- | C] (Trend Micro Inc.) -- C:\HijackThis.exe [2009-10-14 18:55:18 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\kretton\Pulpit\HJTInstall.exe [2009-10-13 23:02:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kretton\Pulpit\JDownloader 0.8.9 [2009-10-03 14:52:46 | 00,000,000 | -HSD | C] -- C:\Config.Msi [2009-10-03 14:25:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kretton\Moje dokumenty\Bluetooth [2009-10-03 14:03:31 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kswdmcap.ax [2009-10-03 14:03:31 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kstvtune.ax [2009-10-03 14:03:31 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\vidcap.ax [2009-10-03 14:03:29 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\vfwwdm32.dll [2009-10-03 14:03:26 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ksxbar.ax [2009-09-30 17:16:58 | 00,065,536 | ---- | C] (France Telecom SA) -- C:\WINDOWS\System32\Autodial2000.dll [2009-09-30 17:16:52 | 00,094,208 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\w32n50.dll [2009-09-30 17:16:52 | 00,034,688 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\pcampr5.sys [2009-09-30 17:16:52 | 00,032,128 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\pcandis5.sys [2009-09-30 17:04:38 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atl71.dll [2009-09-27 13:10:40 | 00,000,000 | --SD | C] -- C:\Documents and Settings\kretton\Moje dokumenty\Moje wideo [2009-09-27 12:51:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kretton\Moje dokumenty\filmik [2009-09-21 19:24:29 | 00,000,000 | -H-D | C] -- C:\BJPrinter [2009-09-21 19:22:52 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys [2009-09-21 19:22:52 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys [2009-09-21 17:48:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW [2009-09-21 17:48:05 | 00,000,000 | RH-D | C] -- C:\MSOCache [2009-09-20 16:50:58 | 25,198,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe [2009-09-20 14:43:51 | 02,841,613 | ---- | C] (Igor Pavlov) -- C:\Documents and Settings\kretton\Pulpit\RivaTuner 2.24c.exe [2009-09-18 18:40:13 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpns.dll [2009-09-18 18:07:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kretton\Moje dokumenty\Pobieranie [2009-09-18 16:54:10 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\triedit.dll [2009-09-18 16:54:05 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx [2009-09-18 16:53:58 | 01,315,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoe.dll [2009-09-18 15:50:58 | 00,000,000 | --SD | C] -- C:\Documents and Settings\kretton\Moje dokumenty\Moja muzyka [2009-09-18 15:50:56 | 00,000,000 | --SD | C] -- C:\Documents and Settings\kretton\Moje dokumenty\Moje obrazy [2009-09-18 15:44:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\BricoPacks [2009-09-18 14:53:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kretton\Pulpit\GTA [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [1 C:\WINDOWS\System32\*.tmp files] [6 C:\WINDOWS\*.tmp files] [2009-10-14 19:04:32 | 00,381,728 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat [2009-10-14 19:03:23 | 00,000,032 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx [2009-10-14 19:00:17 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kretton\Pulpit\OTL.exe [2009-10-14 18:59:39 | 00,662,048 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat [2009-10-14 18:59:31 | 00,146,982 | ---- | M] () -- C:\Documents and Settings\kretton\Pulpit\otl_0.55.tar.gz [2009-10-14 18:55:36 | 00,396,288 | ---- | M] (Trend Micro Inc.) -- C:\HijackThis.exe [2009-10-14 18:55:36 | 00,000,291 | ---- | M] () -- C:\Documents and Settings\kretton\Pulpit\HijackThis.lnk [2009-10-14 18:55:21 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\kretton\Pulpit\HJTInstall.exe [2009-10-14 18:50:02 | 00,001,943 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2009-10-14 18:42:33 | 00,230,637 | ---- | M] () -- C:\WINDOWS\System32\drivers\fwdrv.err [2009-10-14 18:37:37 | 00,004,334 | ---- | M] () -- C:\WINDOWS\System32\LOCALSERVICE.INI [2009-10-14 18:37:27 | 00,000,912 | ---- | M] () -- C:\WINDOWS\System32\bscs.ini [2009-10-14 18:37:20 | 00,210,919 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2009-10-14 18:37:17 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-10-14 18:37:15 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-10-14 17:48:27 | 00,064,940 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx [2009-10-14 13:43:35 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009-10-13 22:42:52 | 00,013,824 | ---- | M] () -- C:\Documents and Settings\kretton\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-10-11 19:40:11 | 00,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI [2009-10-10 19:49:02 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-10-07 21:54:52 | 00,000,097 | ---- | M] () -- C:\WINDOWS\System32\LOCALDEVICE.INI [2009-10-04 20:34:24 | 00,002,235 | ---- | M] () -- C:\Documents and Settings\kretton\Moje dokumenty\Dokument.rtf [2009-10-04 20:25:32 | 00,000,122 | ---- | M] () -- C:\WINDOWS\System32\REMOTEDEVICE.INI [2009-10-04 11:42:57 | 00,000,594 | ---- | M] () -- C:\WINDOWS\win.ini [2009-10-04 11:42:57 | 00,000,277 | ---- | M] () -- C:\WINDOWS\system.ini [2009-10-04 11:42:57 | 00,000,211 | RHS- | M] () -- C:\boot.ini [2009-10-03 14:54:57 | 00,001,246 | ---- | M] () -- C:\WINDOWS\System32\SHORTCUT.INI [2009-10-03 14:53:53 | 00,034,312 | ---- | M] () -- C:\WINDOWS\System32\drivers\blueletaudio.sys [2009-10-03 14:53:16 | 00,000,032 | ---- | M] () -- C:\WINDOWS\0 [2009-10-03 14:53:16 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\BSPRINT.INI [2009-10-03 14:22:20 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\0 [2009-10-02 20:01:57 | 25,198,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe [2009-10-01 15:55:19 | 00,000,923 | ---- | M] () -- C:\Documents and Settings\kretton\Pulpit\Muza.lnk [2009-09-27 20:47:17 | 00,028,160 | ---- | M] () -- C:\Documents and Settings\kretton\Moje dokumenty\Natasha Bedingfield - Soulmate.doc [2009-09-27 18:50:10 | 16,318,672 | ---- | M] () -- C:\Documents and Settings\kretton\Moje dokumenty\Speedo1.wmv [2009-09-27 11:29:56 | 20,382,208 | ---- | M] () -- C:\WINDOWS\System32\crashlog.tar [2009-09-25 07:37:34 | 00,669,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wininet.dll [2009-09-25 07:37:34 | 00,669,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll [2009-09-25 07:37:33 | 01,509,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shdocvw.dll [2009-09-25 07:37:33 | 01,509,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll [2009-09-25 07:37:33 | 00,627,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\urlmon.dll [2009-09-25 07:37:33 | 00,627,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll [2009-09-25 07:37:32 | 03,091,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll [2009-09-25 07:37:32 | 03,091,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll [2009-09-25 07:37:30 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll [2009-09-25 07:37:30 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll [2009-09-25 07:20:34 | 00,370,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec [2009-09-22 16:58:36 | 00,107,547 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat [2009-09-21 21:03:33 | 00,025,136 | ---- | M] () -- C:\Documents and Settings\kretton\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-09-21 20:45:27 | 00,142,032 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-09-20 20:06:13 | 00,196,732 | ---- | M] () -- C:\Documents and Settings\kretton\Pulpit\GG pion.exe [2009-09-20 14:44:30 | 02,841,613 | ---- | M] (Igor Pavlov) -- C:\Documents and Settings\kretton\Pulpit\RivaTuner 2.24c.exe [2009-09-18 18:39:43 | 00,921,416 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009-09-18 18:39:43 | 00,436,322 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2009-09-18 18:39:43 | 00,380,486 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2009-09-18 18:39:43 | 00,067,298 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2009-09-18 18:39:43 | 00,052,900 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2009-09-18 17:46:01 | 00,001,197 | ---- | M] () -- C:\Documents and Settings\kretton\Pulpit\Moje dokumenty.lnk [2009-09-18 15:47:59 | 00,001,701 | ---- | M] () -- C:\WINDOWS\BricoPackFoldersDelete.cmd [2009-09-18 15:47:58 | 00,041,824 | ---- | M] () -- C:\WINDOWS\BricoPackUninst.cmd [2009-09-18 15:47:57 | 00,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\uxtheme.dll [2009-09-18 15:46:17 | 03,932,214 | ---- | M] () -- C:\WINDOWS\BricoPack Wallpaper.bmp [color=#E56717]========== Files - No Company Name ==========[/color] [2009-10-14 18:59:31 | 00,146,982 | ---- | C] () -- C:\Documents and Settings\kretton\Pulpit\otl_0.55.tar.gz [2009-10-14 18:55:36 | 00,000,291 | ---- | C] () -- C:\Documents and Settings\kretton\Pulpit\HijackThis.lnk [2009-10-14 17:44:48 | 00,001,943 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2009-10-04 14:33:26 | 00,002,235 | ---- | C] () -- C:\Documents and Settings\kretton\Moje dokumenty\Dokument.rtf [2009-10-03 14:54:57 | 00,001,246 | ---- | C] () -- C:\WINDOWS\System32\SHORTCUT.INI [2009-10-03 14:54:23 | 00,000,122 | ---- | C] () -- C:\WINDOWS\System32\REMOTEDEVICE.INI [2009-10-03 14:54:20 | 00,004,334 | ---- | C] () -- C:\WINDOWS\System32\LOCALSERVICE.INI [2009-10-03 14:54:18 | 00,000,097 | ---- | C] () -- C:\WINDOWS\System32\LOCALDEVICE.INI [2009-10-03 14:53:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\BSPRINT.INI [2009-10-03 14:22:20 | 00,000,032 | ---- | C] () -- C:\WINDOWS\0 [2009-10-03 14:22:20 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\0 [2009-10-01 15:55:19 | 00,000,923 | ---- | C] () -- C:\Documents and Settings\kretton\Pulpit\Muza.lnk [2009-09-27 20:47:02 | 00,028,160 | ---- | C] () -- C:\Documents and Settings\kretton\Moje dokumenty\Natasha Bedingfield - Soulmate.doc [2009-09-27 18:47:18 | 16,318,672 | ---- | C] () -- C:\Documents and Settings\kretton\Moje dokumenty\Speedo1.wmv [2009-09-27 11:29:52 | 20,382,208 | ---- | C] () -- C:\WINDOWS\System32\crashlog.tar [2009-09-21 19:24:22 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS5y.DLL [2009-09-20 20:06:59 | 00,196,732 | ---- | C] () -- C:\Documents and Settings\kretton\Pulpit\GG pion.exe [2009-09-18 15:47:58 | 00,041,824 | ---- | C] () -- C:\WINDOWS\BricoPackUninst.cmd [2009-09-18 15:46:17 | 03,932,214 | ---- | C] () -- C:\WINDOWS\BricoPack Wallpaper.bmp [2009-09-18 15:44:29 | 00,001,701 | ---- | C] () -- C:\WINDOWS\BricoPackFoldersDelete.cmd [2009-09-05 19:24:29 | 00,000,132 | ---- | C] () -- C:\Documents and Settings\kretton\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2009-09-02 22:08:18 | 00,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-08-30 22:58:30 | 00,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2009-08-08 20:50:14 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-08-02 13:38:20 | 00,129,536 | ---- | C] () -- C:\WINDOWS\inout2.dll [2009-07-17 11:49:05 | 00,025,136 | ---- | C] () -- C:\Documents and Settings\kretton\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-07-16 21:08:52 | 00,013,824 | ---- | C] () -- C:\Documents and Settings\kretton\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-07-16 18:29:40 | 00,000,087 | ---- | C] () -- C:\WINDOWS\VSWizard.ini [2009-07-16 18:08:58 | 05,333,584 | -H-- | C] () -- C:\Documents and Settings\kretton\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-07-16 18:08:13 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2009-07-16 17:57:36 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini [2009-07-16 17:13:17 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\kretton\Dane aplikacji\desktop.ini [2009-02-09 13:18:00 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2009-02-09 13:18:00 | 01,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2009-02-09 13:18:00 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2009-02-09 13:18:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2008-10-07 09:13:30 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2008-10-07 09:13:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2007-09-14 10:34:20 | 00,000,912 | ---- | C] () -- C:\WINDOWS\System32\bscs.ini [2007-08-17 15:59:36 | 00,278,647 | ---- | C] () -- C:\WINDOWS\System32\outlookAddin.dll [2007-08-17 15:59:14 | 00,528,485 | ---- | C] () -- C:\WINDOWS\System32\BSShell.dll [2007-08-17 15:57:54 | 00,077,923 | ---- | C] () -- C:\WINDOWS\System32\Bs2Res.dll [2007-07-30 09:32:16 | 16,326,769 | ---- | C] () -- C:\WINDOWS\System32\BsLangInDepRes.dll [2007-06-24 21:56:34 | 00,034,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\blueletaudio.sys [2007-03-19 10:59:18 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\BsVistaCommon.dll [2007-03-12 12:01:30 | 00,217,088 | ---- | C] () -- C:\WINDOWS\NVGfxOgl.dll [2001-07-22 00:16:20 | 00,000,594 | ---- | C] () -- C:\WINDOWS\win.ini [2001-07-22 00:15:52 | 00,000,277 | ---- | C] () -- C:\WINDOWS\system.ini [color=#E56717]========== LOP Check ==========[/color] [2009-09-21 17:48:17 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji [2009-08-28 21:12:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Azureus [2009-07-17 12:36:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NFS Underground [2009-07-28 18:33:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2009-08-22 20:02:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2009-07-16 17:57:36 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji [2009-10-14 18:45:59 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\kretton\Dane aplikacji [2009-07-30 20:27:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\Ahead [2009-09-02 22:09:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\Azureus [2009-09-02 20:19:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\Nowe Gadu-Gadu [2009-07-28 18:33:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\OpenFM [2009-08-02 13:29:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\Remere's Map Editor [2009-08-06 13:46:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\Tibia [2009-07-28 19:45:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\Ventrilo [2009-09-24 17:44:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kretton\Dane aplikacji\Vso [2009-07-16 17:11:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji [2009-07-16 17:11:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji [2001-07-22 00:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini [2009-10-14 18:37:17 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 230 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:4EE74317 < End of report > [/log]
Psycholandia komentarz 14 października 2009 komentarz 14 października 2009 W okienko OTL wklej poniższy skrypt i klik na Run Fix: [code]:Processes explorer.exe :OTL O3 - HKLM\..\Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - No CLSID value found. O3 - HKU\S-1-5-21-1229272821-299502267-839522115-1003\..\Toolbar\ShellBrowser: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - No CLSID value found. :Files C:\WINDOWS\0 C:\WINDOWS\System32\0 :Commands [emptytemp] [start explorer] [Reboot][/code] Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware)
Gość komentarz 14 października 2009 komentarz 14 października 2009 wzielem run fix, resetnał sie komp. Włączył pokazał się raport z otl potem niebieski ekran: ZRZYCANIE PAMIĘCI coś tam i znów sie zresetował log malware: [log]Malwarebytes' Anti-Malware 1.41 Wersja bazy definicji: 2775 Windows 5.1.2600 Dodatek Service Pack 3 2009-10-14 19:24:38 mbam-log-2009-10-14 (19-24-35).txt Typ skanowania: Szybkie skanowanie Przeskanowane obiekty: 89174 Upłynęło: 3 minute(s), 20 second(s) Zainfekowane procesy w pamięci: 0 Zainfekowane moduły pamięci: 0 Zainfekowane klucze rejestru: 2 Zainfekowane wartości rejestru: 1 Zainfekowane pliki rejestru: 0 Zainfekowane foldery: 0 Zainfekowane pliki: 0 Zainfekowane procesy w pamięci: (Nie wykryto groźnych plików) Zainfekowane moduły pamięci: (Nie wykryto groźnych plików) Zainfekowane klucze rejestru: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37b85a29-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{37b85a2b-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> No action taken. Zainfekowane wartości rejestru: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{37b85a29-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> No action taken. Zainfekowane pliki rejestru: (Nie wykryto groźnych plików) Zainfekowane foldery: (Nie wykryto groźnych plików) Zainfekowane pliki: (Nie wykryto groźnych plików) [/log]
Gość komentarz 14 października 2009 komentarz 14 października 2009 (edytowane) Narazie jest super dzięki bardzo jak możesz to jeszcze powiedz mi co z tych moge wyłączyć żeby nic się z systemem nie stało.[img]http://img42.imageshack.us/img42/5913/beztytuusck.png[/img]
Psycholandia komentarz 14 października 2009 komentarz 14 października 2009 Zostaw tylko Avp i RTHDCPL resztę odznacz
Gość komentarz 22 października 2009 komentarz 22 października 2009 No i znowu wirusy... Tym razem jakiś adrevolver, zedo i mediaplex :/ Poleććie mi jakiegoś dobrego firewalla (mam kerio po wersji darmowej teraz już mniej daje niż wcześniej) a antywirusa mam kaspersky 9... Skanuje malware i spybotem. Czyszcze cc cleanerem. Poleććie mi jakieś programy do ochrony...
Psycholandia komentarz 22 października 2009 komentarz 22 października 2009 Daj ponownie loga z OTL. Firewall darmowy i dobry to Outpost albo ZoneAlarm.
Gość komentarz 22 października 2009 komentarz 22 października 2009 Malware spy bot mi usunął all ale co z tego jak za 2h bede znów mieć wirusy :/
Psycholandia komentarz 22 października 2009 komentarz 22 października 2009 Podłącz pendriva/mp3 czy inne urządzenie przenośne do komputera, każde po kolei i uruchom ten program, na chwilę znikną ikony, ale po usunięciu wirusów znów się pojawią: [url="http://www.programosy.pl/program,flash-desinfector.html"]Flash Desinfector[/url] Wykonaj: http://support.microsoft.com/kb/310405/pl Daj loga z OTL, zobaczymy co się dzieje.
Gość komentarz 29 października 2009 komentarz 29 października 2009 (edytowane) Chciałem ściągnąć ten program ale kasperski znalazł wirusa akceptować? [url="http://img248.imageshack.us/img248/6641/kis.png"]KLIK[/url] A apropo drugiego to co to jest te przywracanie systemu?
Psycholandia komentarz 29 października 2009 komentarz 29 października 2009 Zezwól. O przywracaniu poczytasz np. tu: [b][url="http://www.centrumxp.pl/WindowsXP/970,1,Przywracanie_systemu.aspx"]KLIK[/url][/b]
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.