x-kom hosting

Zablokowany menedżer zadań

DawidG3
utworzono
utworzono

Cześć!
Proszę o pomoc, mój kuzyn dorwał się do kompa i ściągnął jakiś syf. Nie działa mi menedżer zadań, a nowa "tapeta" wygląda tak:
[URL=http://ifotos.pl/img/rqehqe.JPG]Zobacz[/URL]



Poniżej podaję logi z programów:


[b]OTL[/b]
[log]OTL logfile created on: 2009-12-01 15:13:59 - Run 2
OTL by OldTimer - Version 3.1.11.4 Folder = C:\Documents and Settings\Dawid\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1023,48 Mb Total Physical Memory | 523,22 Mb Available Physical Memory | 51,12% Memory free
2,40 Gb Paging File | 1,87 Gb Available in Paging File | 77,76% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18,99 Gb Total Space | 0,94 Gb Free Space | 4,96% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 20,01 Gb Total Space | 11,57 Gb Free Space | 57,81% Space Free | Partition Type: NTFS
Drive I: | 129,03 Gb Total Space | 92,75 Gb Free Space | 71,88% Space Free | Partition Type: NTFS

Computer Name: FLATRON
Current User Name: Dawid
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2009-12-01 15:03:51 | 00,535,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dawid\Pulpit\OTL.exe
PRC - [2009-11-30 21:16:28 | 01,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2009-11-30 21:16:25 | 00,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2009-11-30 21:16:25 | 00,502,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2009-11-30 21:16:24 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2009-11-30 21:16:20 | 02,020,120 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2009-11-30 21:16:18 | 02,304,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgfws9.exe
PRC - [2009-11-30 21:16:14 | 00,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2009-11-30 21:16:13 | 00,827,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2009-11-30 21:16:12 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2009-11-30 21:16:09 | 00,592,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2009-11-30 21:16:07 | 05,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2009-11-20 19:01:18 | 00,832,296 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2009-02-25 22:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2008-04-15 13:00:00 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-15 13:00:00 | 00,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-15 13:00:00 | 00,216,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\osk.exe
PRC - [2008-04-15 13:00:00 | 00,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-15 13:00:00 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-15 13:00:00 | 00,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-15 13:00:00 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2008-04-15 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-15 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-15 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-15 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-15 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-15 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-15 13:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2008-04-15 13:00:00 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-15 13:00:00 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msswchx.exe
PRC - [2008-04-15 13:00:00 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2007-03-21 19:57:56 | 00,516,096 | ---- | M] (Locktime Software) -- C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
PRC - [2004-09-29 12:14:36 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2009-12-01 15:03:51 | 00,535,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dawid\Pulpit\OTL.exe
MOD - [2008-04-15 13:00:00 | 08,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-15 13:00:00 | 01,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-15 13:00:00 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2008-04-15 13:00:00 | 01,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-15 13:00:00 | 00,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-15 13:00:00 | 00,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-15 13:00:00 | 00,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-15 13:00:00 | 00,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-15 13:00:00 | 00,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-15 13:00:00 | 00,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-15 13:00:00 | 00,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-15 13:00:00 | 00,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-15 13:00:00 | 00,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-15 13:00:00 | 00,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-15 13:00:00 | 00,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-15 13:00:00 | 00,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2008-04-15 13:00:00 | 00,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-15 13:00:00 | 00,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-15 13:00:00 | 00,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-15 13:00:00 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-15 13:00:00 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-15 13:00:00 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-15 13:00:00 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-11-30 21:16:18 | 02,304,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgfws9.exe -- (avgfws9)
SRV - [2009-11-30 21:16:14 | 00,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2009-11-30 21:16:12 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009-11-30 21:16:07 | 05,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2009-02-25 22:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2009-02-25 15:15:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2007-03-21 19:57:56 | 00,516,096 | ---- | M] (Locktime Software) -- C:\Program Files\NetLimiter 2 Pro\nlsvc.exe -- (nlsvc)
SRV - [2005-11-14 01:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004-09-29 12:14:36 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2003-07-28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-11-30 21:17:06 | 00,025,608 | ---- | M] (AVG Technologies ) -- C:\WINDOWS\System32\Drivers\AVGIDSxx.sys -- (AVGIDSErHrxpx)
DRV - [2009-11-30 21:17:04 | 00,161,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2009-11-30 21:17:03 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2009-11-30 21:16:50 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009-11-30 21:16:48 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009-11-30 21:16:11 | 00,122,376 | ---- | M] (AVG Technologies ) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys -- (AVGIDSDriverxpx)
DRV - [2009-11-30 21:16:10 | 00,030,216 | ---- | M] (AVG Technologies ) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys -- (AVGIDSFilterxpx)
DRV - [2009-11-30 21:16:09 | 00,025,736 | ---- | M] (AVG Technologies ) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys -- (AVGIDSShimxpx)
DRV - [2009-11-30 21:15:42 | 00,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2009-11-30 21:15:42 | 00,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2009-11-25 16:44:55 | 00,691,696 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-07-09 09:06:10 | 00,119,798 | ---- | M] (SP) -- C:\WINDOWS\system32\drivers\SPCA561.SYS -- (CA561) ICatch (VI)
DRV - [2009-02-25 23:58:57 | 03,565,568 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008-04-15 13:00:00 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008-04-15 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2008-04-14 01:15:30 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007-04-23 12:03:04 | 00,082,200 | ---- | M] (Locktime Software) -- C:\WINDOWS\system32\drivers\nltdi.sys -- (nltdi)
DRV - [2005-03-08 05:43:27 | 00,021,744 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2005-03-08 05:43:26 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2005-03-08 05:43:25 | 00,051,120 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2004-01-08 11:37:02 | 00,812,416 | ---- | M] (C-Media Inc) -- C:\WINDOWS\system32\drivers\cmuda.sys -- (cmuda)
DRV - [2002-06-13 10:37:16 | 00,045,568 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1757981266-1592454029-1644491937-1003\S-1-5-21-1757981266-1592454029-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: (742 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (FG2CatchUrl) - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll (FlashGet)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1757981266-1592454029-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-1757981266-1592454029-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKU\S-1-5-21-1757981266-1592454029-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\S-1-5-21-1757981266-1592454029-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm ()
O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm ()
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.100
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-11-23 20:52:40 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009-09-19 19:35:59 | 00,000,000 | ---- | M] () - H:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009-11-23 18:51:45 | 00,000,000 | RHSD | M] - H:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009-11-23 18:51:48 | 00,000,000 | RHSD | M] - I:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009-11-23 20:51:46 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2009-12-01 15:03:51 | 00,535,552 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dawid\Pulpit\OTL.exe
[2009-12-01 14:54:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009-11-30 21:17:32 | 00,000,000 | -H-D | C] -- C:\$AVG
[2009-11-30 21:17:08 | 00,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009-11-30 21:17:06 | 00,025,608 | ---- | C] (AVG Technologies ) -- C:\WINDOWS\System32\drivers\AVGIDSxx.sys
[2009-11-30 21:17:04 | 00,161,800 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2009-11-30 21:17:02 | 00,360,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009-11-30 21:16:49 | 00,333,192 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009-11-30 21:16:48 | 00,028,424 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009-11-30 21:16:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2009-11-30 21:15:42 | 00,050,968 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgfwdx.dll
[2009-11-30 21:15:42 | 00,030,104 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgfwdx.sys
[2009-11-30 21:15:42 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2009-11-30 21:15:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9
[2009-11-30 20:42:26 | 00,000,000 | ---D | C] -- C:\Program Files\AdvancedVirusRemover
[2009-11-30 20:36:49 | 00,000,000 | ---D | C] -- C:\Program Files\PDFtoPNG
[2009-11-29 19:21:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\.gstreamer-0.10
[2009-11-29 18:24:51 | 00,048,128 | ---- | C] (PixArt Imaging Incorporation) -- C:\WINDOWS\System32\Remove.exe
[2009-11-29 18:24:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\PixArt
[2009-11-29 18:24:40 | 00,000,000 | ---D | C] -- C:\Program Files\PC Camera
[2009-11-29 18:24:40 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PAC207
[2009-11-29 18:11:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\EffectResources
[2009-11-29 18:11:15 | 00,102,400 | ---- | C] (www.zsmc.com.cn) -- C:\WINDOWS\ZS211Cap.exe
[2009-11-29 18:11:15 | 00,081,920 | ---- | C] (zsmc) -- C:\WINDOWS\System32\ZS211sti.dll
[2009-11-29 18:11:15 | 00,057,344 | ---- | C] (ZSMC) -- C:\WINDOWS\Sti211.exe
[2009-11-29 18:11:14 | 00,391,836 | ---- | C] (ZSMC Corporation) -- C:\WINDOWS\System32\drivers\ZS211.sys
[2009-11-29 18:11:14 | 00,172,115 | ---- | C] (ZSMC) -- C:\WINDOWS\System32\ZS211Prp.Ax
[2009-11-29 18:11:14 | 00,049,152 | ---- | C] (ZSMCSNAP) -- C:\WINDOWS\ZSSnp211.exe
[2009-11-29 18:11:14 | 00,000,000 | ---D | C] -- C:\Program Files\Vimicro
[2009-11-29 18:11:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\CatRoot
[2009-11-29 18:02:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\skypePM
[2009-11-29 17:59:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Skype
[2009-11-29 17:58:17 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2009-11-29 17:56:22 | 00,000,000 | R--D | C] -- C:\Program Files\Skype
[2009-11-29 17:55:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype
[2009-11-29 15:22:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Mozilla
[2009-11-28 23:14:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2009-11-28 23:14:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\OpenFM
[2009-11-28 23:07:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Gadu-Gadu 10
[2009-11-28 09:49:31 | 00,000,000 | ---D | C] -- C:\Program Files\AMT
[2009-11-28 09:19:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Macromedia
[2009-11-28 09:19:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Adobe
[2009-11-27 21:28:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Dev-Cpp
[2009-11-27 21:27:51 | 00,000,000 | ---D | C] -- C:\Dev-Cpp
[2009-11-26 21:32:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Gadu-Gadu
[2009-11-26 21:18:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Nero
[2009-11-24 19:29:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Locktime
[2009-11-24 19:27:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Locktime
[2009-11-24 19:27:05 | 00,000,000 | ---D | C] -- C:\Program Files\NetLimiter 2 Pro
[2009-11-24 19:21:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Gadu-Gadu
[2009-11-24 19:21:37 | 00,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu
[2009-11-24 18:46:20 | 00,000,000 | R--D | C] -- C:\Nowy folder
[2009-11-24 18:41:06 | 00,000,000 | ---D | C] -- C:\Program Files\Winamp
[2009-11-24 18:41:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Winamp
[2009-11-24 18:16:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009-11-24 18:10:52 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2009-11-24 18:10:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2009-11-24 18:10:20 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2009-11-24 18:10:20 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2009-11-24 18:07:49 | 00,000,000 | RH-D | C] -- C:\MSOCache
[2009-11-24 18:06:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2009-11-24 18:06:08 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar
[2009-11-24 18:06:02 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2009-11-24 18:01:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\DAEMON Tools Lite
[2009-11-24 17:57:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\HP
[2009-11-24 17:56:34 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2009-11-24 17:53:12 | 00,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2009-11-24 17:51:25 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2009-11-24 17:46:22 | 00,000,000 | ---D | C] -- C:\Program Files\HP
[2009-11-24 17:45:09 | 00,000,000 | -H-D | C] -- C:\Config.Msi
[2009-11-24 17:43:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\HP
[2009-11-24 17:15:29 | 00,000,000 | R--D | C] -- C:\Downloads
[2009-11-24 17:12:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\BITS
[2009-11-24 17:12:22 | 00,000,000 | ---D | C] -- C:\profiles
[2009-11-24 17:12:04 | 00,000,000 | ---D | C] -- C:\Program Files\FlashGet Network
[2009-11-23 21:40:02 | 00,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\RTL8139.sys
[2009-11-23 21:37:38 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2009-11-23 21:37:36 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2009-11-23 21:37:31 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2009-11-23 21:37:30 | 00,000,000 | R--D | C] -- C:\Program Files
[2009-11-23 21:37:30 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2009-11-23 21:37:30 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files
[2009-11-23 21:36:32 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start
[2009-11-23 21:36:32 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty
[2009-11-23 21:36:32 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Szablony
[2009-11-23 21:36:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Ulubione
[2009-11-23 21:36:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Pulpit
[2009-11-23 21:36:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2009-11-23 21:36:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2009-11-23 21:36:03 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
[2009-11-23 21:36:03 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji
[2009-11-23 21:35:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings
[2009-11-23 21:35:26 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2009-11-23 21:30:13 | 00,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2009-11-23 21:25:16 | 00,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2009-11-23 21:25:12 | 00,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm
[2009-11-23 21:25:12 | 00,118,784 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2009-11-23 21:25:11 | 00,217,088 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2009-11-23 21:25:10 | 00,685,056 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx.dll
[2009-11-23 21:25:10 | 00,090,112 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll
[2009-11-23 21:25:05 | 00,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-pl
[2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\pl
[2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\mui
[2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\ime
[2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1045
[2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2009-11-23 21:24:25 | 00,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2009-11-23 21:24:25 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2009-11-23 21:24:25 | 00,000,000 | R--D | C] -- C:\WINDOWS\Web
[2009-11-23 21:24:25 | 00,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\system32
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\system
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\security
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\repair
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\Media
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\java
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\Help
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\Config
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\addins
[2009-11-23 21:23:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Media Player Classic
[2009-11-23 21:16:34 | 00,000,000 | ---D | C] -- C:\ATI
[2009-11-23 21:16:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Ustawienia lokalne\Dane aplikacji\Opera
[2009-11-23 21:16:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Opera
[2009-11-23 21:16:16 | 00,000,000 | ---D | C] -- C:\Program Files\Opera
[2009-11-23 21:11:28 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2009-11-23 21:10:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2009-11-23 21:07:30 | 00,045,568 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\R8139n51.sys
[2009-11-23 21:07:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2009-11-23 21:07:10 | 00,000,000 | ---D | C] -- C:\Program Files\Intel
[2009-11-23 21:06:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2009-11-23 21:06:20 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2009-11-23 21:06:09 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2009-11-23 21:05:11 | 01,454,080 | ---- | C] (C-Media Electronics Inc.) -- C:\WINDOWS\System\SmWizard.exe
[2009-11-23 21:05:11 | 00,032,768 | ---- | C] (C-Media Corporation) -- C:\WINDOWS\System32\udaprop.dll
[2009-11-23 21:05:10 | 02,453,504 | ---- | C] (C-Media Corporation) -- C:\WINDOWS\System\cmicnfg.cpl
[2009-11-23 21:05:10 | 00,917,504 | ---- | C] (C-Media Electronics Inc.) -- C:\WINDOWS\System\cmids3d.dll
[2009-11-23 21:05:10 | 00,812,416 | ---- | C] (C-Media Inc) -- C:\WINDOWS\System32\drivers\cmuda.sys
[2009-11-23 21:05:10 | 00,151,552 | ---- | C] (C-Media) -- C:\WINDOWS\System32\cmuda.dll
[2009-11-23 21:05:09 | 00,000,000 | ---D | C] -- C:\Program Files\C-Media 3D Audio
[2009-11-23 21:03:43 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009-11-23 21:03:31 | 00,000,000 | ---D | C] -- C:\Program Files\Ninja
[2009-11-23 21:02:28 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Dawid\UserData
[2009-11-23 21:00:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Identities
[2009-11-23 21:00:24 | 00,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2009-11-23 21:00:19 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Dawid\Moje dokumenty\Moja muzyka
[2009-11-23 21:00:18 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Dawid\Moje dokumenty\Moje obrazy
[2009-11-23 21:00:11 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Microsoft
[2009-11-23 21:00:11 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Dawid\Cookies
[2009-11-23 21:00:11 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Dawid\SendTo
[2009-11-23 21:00:11 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Dawid\Recent
[2009-11-23 21:00:11 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji
[2009-11-23 21:00:11 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Dawid\Ulubione
[2009-11-23 21:00:11 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Dawid\Moje dokumenty
[2009-11-23 21:00:11 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Dawid\Menu Start
[2009-11-23 21:00:11 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Dawid\Szablony
[2009-11-23 21:00:11 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Dawid\PrintHood
[2009-11-23 21:00:11 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Dawid\NetHood
[2009-11-23 21:00:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Pulpit
[2009-11-23 21:00:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-11-23 21:00:10 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Dawid\Ustawienia lokalne
[2009-11-23 20:59:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2009-11-23 20:59:14 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2009-11-23 20:59:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009-11-23 20:56:37 | 00,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2009-11-23 20:56:37 | 00,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2009-11-23 20:56:37 | 00,029,184 | ---- | C] (RICOH Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2009-11-23 20:54:54 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2009-11-23 20:54:54 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2009-11-23 20:54:54 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2009-11-23 20:54:09 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2009-11-23 20:53:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2009-11-23 20:53:22 | 00,000,000 | ---D | C] -- C:\Program Files\xerox
[2009-11-23 20:53:22 | 00,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2009-11-23 20:50:50 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2009-11-23 20:50:34 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2009-11-23 20:50:34 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2009-11-23 20:50:17 | 00,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2009-11-23 20:50:10 | 00,000,000 | ---D | C] -- C:\Program Files\Usługi online
[2009-11-23 20:49:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2009-11-23 20:49:25 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2009-11-23 20:49:21 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2009-11-23 20:49:20 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2009-11-23 20:49:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2009-11-23 20:49:07 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2009-11-23 20:48:53 | 00,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2009-11-23 20:48:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2009-11-23 20:48:17 | 00,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2009-11-23 20:48:14 | 00,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2009-11-23 20:48:05 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2009-11-23 20:48:02 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2009-11-23 20:48:01 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy
[2009-11-23 20:46:49 | 00,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2009-11-23 20:46:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2009-11-23 20:46:23 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka
[2009-11-23 20:46:23 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2009-11-23 20:46:12 | 00,000,000 | ---D | C] -- C:\Program Files\Messenger
[2009-11-23 20:46:04 | 00,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2009-11-23 20:45:17 | 00,283,136 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2009-11-23 20:45:16 | 00,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2009-11-23 20:45:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2009-11-23 20:45:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2009-11-23 20:44:49 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2009-12-01 15:09:22 | 00,084,352 | ---- | M] () -- C:\Documents and Settings\Dawid\Pulpit\p.JPG
[2009-12-01 15:06:22 | 00,781,909 | ---- | M] () -- C:\Documents and Settings\Dawid\Pulpit\RSIT.exe
[2009-12-01 15:03:51 | 00,535,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dawid\Pulpit\OTL.exe
[2009-12-01 15:03:40 | 45,983,486 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009-12-01 15:02:30 | 00,106,272 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009-12-01 15:00:15 | 01,835,008 | -H-- | M] () -- C:\Documents and Settings\Dawid\NTUSER.DAT
[2009-12-01 14:58:03 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-12-01 14:57:55 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-12-01 14:56:19 | 00,000,188 | -HS- | M] () -- C:\Documents and Settings\Dawid\ntuser.ini
[2009-12-01 14:56:14 | 06,291,456 | -H-- | M] () -- C:\Documents and Settings\Dawid\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-12-01 14:55:25 | 00,000,958 | ---- | M] () -- C:\WINDOWS\win.ini
[2009-12-01 14:55:25 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009-12-01 14:55:25 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2009-11-30 21:28:12 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\41.exe
[2009-11-30 21:28:08 | 00,000,741 | ---- | M] () -- C:\WINDOWS\System32\critical_warning.html
[2009-11-30 21:17:09 | 00,001,511 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AVG 9.0.lnk
[2009-11-30 21:17:08 | 00,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009-11-30 21:17:06 | 00,025,608 | ---- | M] (AVG Technologies ) -- C:\WINDOWS\System32\drivers\AVGIDSxx.sys
[2009-11-30 21:17:04 | 00,161,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2009-11-30 21:17:03 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009-11-30 21:16:50 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009-11-30 21:16:48 | 00,544,112 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavifw.avm
[2009-11-30 21:16:48 | 00,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2009-11-30 21:16:48 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009-11-30 21:16:40 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009-11-30 21:16:40 | 00,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009-11-30 21:15:42 | 00,050,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgfwdx.dll
[2009-11-30 21:15:42 | 00,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgfwdx.sys
[2009-11-30 21:02:19 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18467.exe
[2009-11-30 20:44:53 | 00,128,616 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\46C-1-001.png
[2009-11-30 20:42:08 | 00,022,528 | ---- | M] () -- C:\WINDOWS\System32\winhelper86.dll
[2009-11-30 19:41:52 | 00,118,784 | ---- | M] () -- C:\Documents and Settings\Dawid\Pulpit\Nowy Dokument programu Microsoft Word.doc
[2009-11-30 19:07:06 | 00,052,224 | ---- | M] () -- C:\Documents and Settings\Dawid\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-11-29 18:02:06 | 00,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009-11-29 13:01:59 | 00,020,992 | ---- | M] () -- C:\Documents and Settings\Dawid\Pulpit\Nowy Dokument programu Microsoft Word (2).doc
[2009-11-25 16:44:55 | 00,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-11-24 19:29:51 | 00,017,464 | ---- | M] () -- C:\Documents and Settings\Dawid\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-11-24 19:26:12 | 00,113,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-11-24 18:13:25 | 00,000,421 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2009-11-24 17:58:08 | 00,113,547 | ---- | M] () -- C:\WINDOWS\hpoins07.dat
[2009-11-23 21:41:41 | 00,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2009-11-23 21:31:00 | 00,000,486 | ---- | M] () -- C:\WINDOWS\System\CmiCnfg.ini
[2009-11-23 21:26:43 | 00,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
[2009-11-23 21:16:00 | 00,866,660 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009-11-23 21:16:00 | 00,448,348 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2009-11-23 21:16:00 | 00,392,432 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009-11-23 21:16:00 | 00,074,450 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2009-11-23 21:16:00 | 00,058,732 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009-11-23 21:05:13 | 00,000,092 | ---- | M] () -- C:\WINDOWS\CMISETUP.INI
[2009-11-23 21:05:13 | 00,000,026 | ---- | M] () -- C:\WINDOWS\CMCDPLAY.INI
[2009-11-23 21:05:11 | 00,000,000 | ---- | M] () -- C:\WINDOWS\Wininit.ini
[2009-11-23 21:00:08 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-11-23 20:58:57 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2009-11-23 20:57:38 | 00,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009-11-23 20:52:40 | 00,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009-11-23 20:52:40 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009-11-23 20:52:40 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2009-11-23 20:52:40 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2009-11-23 20:52:40 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009-11-23 20:52:40 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009-11-23 20:52:29 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009-11-23 20:52:28 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009-11-23 20:52:28 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009-11-23 20:52:08 | 00,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2009-11-23 20:50:34 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009-11-23 20:50:34 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009-11-23 20:50:25 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009-11-23 20:50:25 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2009-11-23 20:50:25 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009-11-23 20:50:25 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009-11-23 20:50:25 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009-11-23 20:50:25 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009-11-23 20:47:04 | 00,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009-11-23 20:46:45 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2009-11-23 20:46:45 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2009-11-09 19:00:00 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2009-11-09 19:00:00 | 00,085,504 | ---- | M] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-11-09 19:00:00 | 00,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.ini
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2009-12-01 15:09:20 | 00,084,352 | ---- | C] () -- C:\Documents and Settings\Dawid\Pulpit\p.JPG
[2009-12-01 15:06:18 | 00,781,909 | ---- | C] () -- C:\Documents and Settings\Dawid\Pulpit\RSIT.exe
[2009-11-30 21:17:09 | 00,001,511 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AVG 9.0.lnk
[2009-11-30 21:16:48 | 00,544,112 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavifw.avm
[2009-11-30 21:16:48 | 00,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2009-11-30 21:16:40 | 45,983,486 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009-11-30 21:16:40 | 06,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009-11-30 21:16:40 | 00,492,629 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009-11-30 21:16:40 | 00,106,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009-11-30 21:02:19 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\18467.exe
[2009-11-30 20:44:12 | 00,128,616 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\46C-1-001.png
[2009-11-30 20:42:20 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\41.exe
[2009-11-30 20:42:08 | 00,022,528 | ---- | C] () -- C:\WINDOWS\System32\winhelper86.dll
[2009-11-30 20:42:02 | 00,000,741 | ---- | C] () -- C:\WINDOWS\System32\critical_warning.html
[2009-11-29 18:24:51 | 00,000,631 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini
[2009-11-29 18:11:15 | 00,049,152 | ---- | C] () -- C:\WINDOWS\Domino.exe
[2009-11-29 18:02:06 | 00,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009-11-29 12:48:11 | 00,020,992 | ---- | C] () -- C:\Documents and Settings\Dawid\Pulpit\Nowy Dokument programu Microsoft Word (2).doc
[2009-11-28 09:55:53 | 00,118,784 | ---- | C] () -- C:\Documents and Settings\Dawid\Pulpit\Nowy Dokument programu Microsoft Word.doc
[2009-11-24 18:46:01 | 00,052,224 | ---- | C] () -- C:\Documents and Settings\Dawid\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-11-24 18:13:24 | 00,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-11-24 18:01:41 | 00,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-11-24 17:44:06 | 00,000,726 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log
[2009-11-24 17:44:04 | 00,113,547 | ---- | C] () -- C:\WINDOWS\hpoins07.dat
[2009-11-24 17:44:04 | 00,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat
[2009-11-23 21:41:41 | 00,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2009-11-23 21:37:33 | 01,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2009-11-23 21:37:33 | 00,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2009-11-23 21:37:32 | 00,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2009-11-23 21:37:32 | 00,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2009-11-23 21:37:26 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2009-11-23 21:37:26 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2009-11-23 21:37:22 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2009-11-23 21:37:22 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2009-11-23 21:37:22 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2009-11-23 21:37:22 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2009-11-23 21:37:22 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2009-11-23 21:37:22 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2009-11-23 21:37:12 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2009-11-23 21:37:12 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2009-11-23 21:37:12 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2009-11-23 21:37:12 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2009-11-23 21:37:12 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2009-11-23 21:37:12 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2009-11-23 21:37:08 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2009-11-23 21:37:08 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2009-11-23 21:37:08 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2009-11-23 21:37:08 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2009-11-23 21:37:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2009-11-23 21:37:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2009-11-23 21:37:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2009-11-23 21:37:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2009-11-23 21:37:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2009-11-23 21:37:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2009-11-23 21:37:07 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2009-11-23 21:37:07 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2009-11-23 21:37:07 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2009-11-23 21:37:07 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2009-11-23 21:37:07 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2009-11-23 21:37:07 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2009-11-23 21:37:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2009-11-23 21:37:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2009-11-23 21:36:57 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2009-11-23 21:36:57 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2009-11-23 21:36:57 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2009-11-23 21:36:57 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2009-11-23 21:36:57 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2009-11-23 21:36:57 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2009-11-23 21:36:49 | 00,001,734 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2009-11-23 21:36:32 | 00,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2009-11-23 21:36:32 | 00,105,628 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2009-11-23 21:36:32 | 00,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2009-11-23 21:36:32 | 00,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2009-11-23 21:36:32 | 00,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2009-11-23 21:36:32 | 00,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2009-11-23 21:36:31 | 00,808,524 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2009-11-23 21:36:31 | 00,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2009-11-23 21:36:31 | 00,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2009-11-23 21:36:31 | 00,033,765 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2009-11-23 21:36:31 | 00,016,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2009-11-23 21:36:31 | 00,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2009-11-23 21:36:31 | 00,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2009-11-23 21:36:31 | 00,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2009-11-23 21:36:30 | 02,033,887 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2009-11-23 21:36:30 | 01,246,357 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2009-11-23 21:36:30 | 00,634,012 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2009-11-23 21:35:26 | 00,113,376 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-11-23 21:34:43 | 00,000,211 | -HS- | C] () -- C:\boot.ini
[2009-11-23 21:34:37 | 00,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2009-11-23 21:26:43 | 00,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009-11-23 21:25:14 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009-11-23 21:25:12 | 00,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml
[2009-11-23 21:25:11 | 00,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-11-23 21:25:11 | 00,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-11-23 21:25:10 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009-11-23 21:25:07 | 00,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-11-23 21:25:07 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-11-23 21:18:15 | 00,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-11-23 21:17:27 | 00,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009-11-23 21:05:13 | 00,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2009-11-23 21:05:13 | 00,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2009-11-23 21:05:11 | 00,000,486 | ---- | C] () -- C:\WINDOWS\System\CmiCnfg.ini
[2009-11-23 21:05:11 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2009-11-23 21:05:10 | 00,233,472 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe
[2009-11-23 21:05:10 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2009-11-23 21:05:09 | 00,266,240 | ---- | C] () -- C:\WINDOWS\CMIUninstall.exe
[2009-11-23 21:05:09 | 00,225,280 | ---- | C] () -- C:\WINDOWS\CmiRmRedundDir.exe
[2009-11-23 21:05:09 | 00,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
[2009-11-23 21:00:13 | 00,000,188 | -HS- | C] () -- C:\Documents and Settings\Dawid\ntuser.ini
[2009-11-23 21:00:10 | 01,835,008 | -H-- | C] () -- C:\Documents and Settings\Dawid\NTUSER.DAT
[2009-11-23 20:58:57 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2009-11-23 20:57:38 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009-11-23 20:57:29 | 00,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2009-11-23 20:56:27 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2009-11-23 20:56:27 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2009-11-23 20:56:24 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2009-11-23 20:55:45 | 00,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2009-11-23 20:55:44 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2009-11-23 20:55:30 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2009-11-23 20:55:26 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2009-11-23 20:55:23 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2009-11-23 20:55:12 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2009-11-23 20:55:05 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2009-11-23 20:54:59 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2009-11-23 20:54:13 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2009-11-23 20:54:08 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2009-11-23 20:54:08 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2009-11-23 20:54:08 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2009-11-23 20:54:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2009-11-23 20:54:07 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2009-11-23 20:54:07 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2009-11-23 20:54:07 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2009-11-23 20:54:07 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2009-11-23 20:54:07 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2009-11-23 20:54:06 | 00,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2009-11-23 20:54:06 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2009-11-23 20:54:06 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2009-11-23 20:54:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2009-11-23 20:54:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2009-11-23 20:54:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2009-11-23 20:54:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2009-11-23 20:54:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2009-11-23 20:54:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2009-11-23 20:54:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2009-11-23 20:54:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2009-11-23 20:54:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2009-11-23 20:54:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2009-11-23 20:54:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2009-11-23 20:54:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2009-11-23 20:54:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2009-11-23 20:54:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2009-11-23 20:54:04 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2009-11-23 20:54:04 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2009-11-23 20:54:04 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2009-11-23 20:54:04 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2009-11-23 20:54:03 | 00,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2009-11-23 20:54:03 | 00,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2009-11-23 20:54:03 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2009-11-23 20:54:03 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2009-11-23 20:54:03 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2009-11-23 20:54:03 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2009-11-23 20:54:02 | 00,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2009-11-23 20:54:02 | 00,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2009-11-23 20:54:02 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2009-11-23 20:54:02 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2009-11-23 20:54:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2009-11-23 20:54:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2009-11-23 20:54:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2009-11-23 20:54:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2009-11-23 20:54:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2009-11-23 20:54:00 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2009-11-23 20:53:59 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2009-11-23 20:53:59 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2009-11-23 20:53:59 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2009-11-23 20:53:59 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2009-11-23 20:53:59 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2009-11-23 20:53:59 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2009-11-23 20:53:58 | 00,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2009-11-23 20:53:58 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2009-11-23 20:53:58 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2009-11-23 20:53:58 | 00,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2009-11-23 20:53:58 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2009-11-23 20:53:58 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2009-11-23 20:53:57 | 00,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2009-11-23 20:53:56 | 00,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2009-11-23 20:52:40 | 00,002,596 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2009-11-23 20:52:40 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2009-11-23 20:52:40 | 00,000,000 | RHS- | C] () -- C:\IO.SYS
[2009-11-23 20:52:40 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2009-11-23 20:52:40 | 00,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2009-11-23 20:52:28 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2009-11-23 20:52:28 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2009-11-23 20:52:26 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2009-11-23 20:50:34 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009-11-23 20:50:34 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009-11-23 20:50:25 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009-11-23 20:50:25 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2009-11-23 20:50:25 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009-11-23 20:50:25 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009-11-23 20:50:25 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009-11-23 20:50:25 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009-11-23 20:49:57 | 04,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2009-11-23 20:49:41 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2009-11-23 20:49:41 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2009-11-23 20:49:29 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2009-11-23 20:48:24 | 00,380,416 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2009-11-23 20:47:04 | 00,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009-11-23 20:45:40 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Stiuk z Santa Fe.bmp
[2009-11-23 20:45:40 | 00,026,680 | ---- | C] () -- C:\WINDOWS\Wachlarze.bmp
[2009-11-23 20:45:40 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Indiański pled.bmp
[2009-11-23 20:45:39 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Pod mikroskopem.bmp
[2009-11-23 20:45:39 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Nefryt.bmp
[2009-11-23 20:45:39 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp
[2009-11-23 20:45:39 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Na rybkach.bmp
[2009-11-23 20:45:38 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Bąbelki.bmp
[2009-11-23 20:45:38 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Kawa.bmp
[2009-11-23 20:45:38 | 00,016,730 | ---- | C] () -- C:\WINDOWS\Puch.bmp
[2009-11-23 20:45:38 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Niebieska koronka 16.bmp
[2009-11-23 20:45:37 | 00,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2009-11-23 20:45:36 | 00,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2009-11-23 20:45:36 | 00,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2009-11-23 20:45:36 | 00,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2009-11-23 20:45:36 | 00,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2009-11-23 20:45:36 | 00,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2009-11-23 20:45:32 | 00,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2009-11-23 20:45:32 | 00,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2009-11-23 20:45:30 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2009-11-23 20:45:30 | 00,001,225 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2009-11-23 20:45:28 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2009-11-23 20:45:18 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2007-06-29 11:07:36 | 00,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP207.ini
[2001-07-06 15:30:02 | 00,003,234 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI

[color=#E56717]========== LOP Check ==========[/color]

[2009-11-30 21:15:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9
[2009-11-25 16:44:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2009-11-24 19:27:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Locktime
[2009-11-29 19:40:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2009-12-01 14:55:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dawid\Dane aplikacji\BITS
[2009-11-24 18:07:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dawid\Dane aplikacji\DAEMON Tools Lite
[2009-11-27 21:38:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dawid\Dane aplikacji\Dev-Cpp
[2009-11-26 21:32:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dawid\Dane aplikacji\Gadu-Gadu
[2009-11-28 23:10:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dawid\Dane aplikacji\Gadu-Gadu 10
[2009-11-24 19:29:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dawid\Dane aplikacji\Locktime
[2009-11-28 23:14:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dawid\Dane aplikacji\OpenFM
[2009-11-23 21:16:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dawid\Dane aplikacji\Opera

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2009-11-23 20:52:40 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009-12-01 14:55:25 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2008-04-15 13:00:00 | 00,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2009-11-23 20:52:40 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009-11-28 10:19:30 | 00,045,547 | ---- | M] () -- C:\hookapiA.log
[2009-11-23 20:52:40 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2009-11-23 20:52:40 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008-04-15 13:00:00 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-04-15 13:00:00 | 00,251,152 | RHS- | M] () -- C:\ntldr
[2009-12-01 14:57:46 | 16,106,12736 | -HS- | M] () -- C:\pagefile.sys
< End of report >
[/log]


[b]RIST[/b]
[log]Logfile of random's system information tool 1.06 (written by random/random)
Run by Dawid at 2009-12-01 15:20:08
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive C: has 964 MB (5%) free of 19 GB
Total RAM: 1023 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:20:23, on 2009-12-01
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AVG\AVG9\avgfws9.exe
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\osk.exe
C:\WINDOWS\system32\MSSWCHX.EXE
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\sol.exe
C:\Documents and Settings\Dawid\Pulpit\RSIT.exe
C:\Program Files\trend micro\Dawid.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 4440 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}]
FG2CatchUrl - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll [2008-08-19 104016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2009-11-30 2020120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced Virus Remover]
C:\Program Files\AdvancedVirusRemover\AVR.exe [2009-11-30 980992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cmaudio]
RunDll32 cmicnfg.cpl,CMICtrlWnd []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-15 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet]
C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe [2008-08-19 1795656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu]
C:\Program Files\Gadu-Gadu\gg.exe [2008-03-20 2127296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-05-11 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-04-21 24264488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2005-05-11 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^ninja.lnk]
C:\PROGRA~1\Ninja\ninja.exe [2009-11-23 764416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-02-25 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-11-30 12464]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149
"NoSetActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSetActiveDesktop"=
"NoActiveDesktopChanges"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\AVG\AVG9\avgam.exe"="C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG9\avgdiagex.exe"="C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2009-12-01 15:20:09 ----D---- C:\Program Files\trend micro
2009-12-01 15:20:08 ----D---- C:\rsit
2009-12-01 14:54:29 ----D---- C:\WINDOWS\pss
2009-11-30 21:17:32 ----HD---- C:\$AVG
2009-11-30 21:17:08 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-11-30 21:15:42 ----D---- C:\Program Files\AVG
2009-11-30 21:15:42 ----A---- C:\WINDOWS\system32\avgfwdx.dll
2009-11-30 21:15:25 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\avg9
2009-11-30 21:02:19 ----A---- C:\WINDOWS\system32\18467.exe
2009-11-30 20:42:26 ----D---- C:\Program Files\AdvancedVirusRemover
2009-11-30 20:42:20 ----A---- C:\WINDOWS\system32\41.exe
2009-11-30 20:42:08 ----A---- C:\WINDOWS\system32\winhelper86.dll
2009-11-30 20:36:49 ----D---- C:\Program Files\PDFtoPNG
2009-11-29 18:39:44 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2009-11-29 18:24:51 ----A---- C:\WINDOWS\system32\Remover.ini
2009-11-29 18:24:51 ----A---- C:\WINDOWS\system32\Remove.exe
2009-11-29 18:24:41 ----D---- C:\WINDOWS\PixArt
2009-11-29 18:24:40 ----D---- C:\Program Files\PC Camera
2009-11-29 18:24:40 ----D---- C:\Program Files\Common Files\PAC207
2009-11-29 18:11:17 ----D---- C:\WINDOWS\EffectResources
2009-11-29 18:11:17 ----A---- C:\WINDOWS\vidcap32.Exe
2009-11-29 18:11:15 ----A---- C:\WINDOWS\ZS211Cap.exe
2009-11-29 18:11:15 ----A---- C:\WINDOWS\system32\ZS211sti.dll
2009-11-29 18:11:15 ----A---- C:\WINDOWS\Sti211.exe
2009-11-29 18:11:15 ----A---- C:\WINDOWS\Domino.exe
2009-11-29 18:11:15 ----A---- C:\WINDOWS\amcap.exe
2009-11-29 18:11:14 ----D---- C:\WINDOWS\CatRoot
2009-11-29 18:11:14 ----D---- C:\Program Files\Vimicro
2009-11-29 18:11:14 ----A---- C:\WINDOWS\ZSSnp211.exe
2009-11-29 18:02:01 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\skypePM
2009-11-29 17:59:50 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Skype
2009-11-29 17:58:17 ----D---- C:\Program Files\Common Files\Skype
2009-11-29 17:56:22 ----RD---- C:\Program Files\Skype
2009-11-29 17:55:21 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Skype
2009-11-29 15:22:41 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Mozilla
2009-11-28 23:14:57 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
2009-11-28 23:14:54 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\OpenFM
2009-11-28 23:07:05 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Gadu-Gadu 10
2009-11-28 09:49:31 ----D---- C:\Program Files\AMT
2009-11-28 09:19:15 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Macromedia
2009-11-28 09:19:14 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Adobe
2009-11-27 21:28:56 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Dev-Cpp
2009-11-27 21:27:51 ----D---- C:\Dev-Cpp
2009-11-26 21:32:57 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Gadu-Gadu
2009-11-26 21:18:22 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Nero
2009-11-24 19:29:53 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Locktime
2009-11-24 19:27:29 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Locktime
2009-11-24 19:27:05 ----D---- C:\Program Files\NetLimiter 2 Pro
2009-11-24 19:21:37 ----D---- C:\Program Files\Gadu-Gadu
2009-11-24 18:46:20 ----RD---- C:\Nowy folder
2009-11-24 18:41:06 ----D---- C:\Program Files\Winamp
2009-11-24 18:41:06 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Winamp
2009-11-24 18:16:11 ----D---- C:\WINDOWS\system32\appmgmt
2009-11-24 18:13:24 ----A---- C:\WINDOWS\ODBC.INI
2009-11-24 18:13:02 ----A---- C:\WINDOWS\system32\mdimon.dll
2009-11-24 18:10:52 ----D---- C:\Program Files\Common Files\DESIGNER
2009-11-24 18:10:22 ----D---- C:\WINDOWS\SHELLNEW
2009-11-24 18:10:20 ----D---- C:\Program Files\Microsoft.NET
2009-11-24 18:10:20 ----D---- C:\Program Files\Microsoft Office
2009-11-24 18:07:49 ----RHD---- C:\MSOCache
2009-11-24 18:06:12 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
2009-11-24 18:06:08 ----D---- C:\Program Files\DAEMON Tools Toolbar
2009-11-24 18:06:02 ----D---- C:\Program Files\DAEMON Tools Lite
2009-11-24 18:01:26 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\DAEMON Tools Lite
2009-11-24 17:57:03 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\HP
2009-11-24 17:56:34 ----D---- C:\Program Files\Common Files\HP
2009-11-24 17:53:12 ----D---- C:\Program Files\Hewlett-Packard
2009-11-24 17:51:25 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2009-11-24 17:48:47 ----A---- C:\WINDOWS\system32\HPZisn12.dll
2009-11-24 17:48:47 ----A---- C:\WINDOWS\system32\HPZipt12.dll
2009-11-24 17:48:47 ----A---- C:\WINDOWS\system32\HPZipr12.dll
2009-11-24 17:48:47 ----A---- C:\WINDOWS\system32\HPZipm12.exe
2009-11-24 17:48:47 ----A---- C:\WINDOWS\system32\HPZinw12.exe
2009-11-24 17:48:47 ----A---- C:\WINDOWS\system32\HPZidr12.dll
2009-11-24 17:46:22 ----D---- C:\Program Files\HP
2009-11-24 17:45:09 ----HD---- C:\Config.Msi
2009-11-24 17:43:49 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\HP
2009-11-24 17:15:29 ----RD---- C:\Downloads
2009-11-24 17:12:29 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\BITS
2009-11-24 17:12:22 ----D---- C:\profiles
2009-11-24 17:12:04 ----D---- C:\Program Files\FlashGet Network
2009-11-23 21:42:44 ----A---- C:\WINDOWS\system32\h323log.txt
2009-11-23 21:39:32 ----A---- C:\WINDOWS\system32\usbui.dll
2009-11-23 21:37:38 ----SHD---- C:\WINDOWS\Installer
2009-11-23 21:37:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-11-23 21:37:36 ----D---- C:\Program Files\Common Files\ODBC
2009-11-23 21:37:36 ----A---- C:\WINDOWS\ODBCINST.INI
2009-11-23 21:37:31 ----D---- C:\Program Files\Common Files\SpeechEngines
2009-11-23 21:37:30 ----RD---- C:\Program Files
2009-11-23 21:37:30 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-11-23 21:37:30 ----D---- C:\Program Files\Common Files
2009-11-23 21:37:22 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-11-23 21:37:22 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-11-23 21:37:22 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-11-23 21:37:13 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-11-23 21:37:13 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-11-23 21:37:13 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-11-23 21:37:13 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-11-23 21:37:13 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-11-23 21:37:13 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-11-23 21:37:13 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-11-23 21:37:13 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-11-23 21:37:13 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-11-23 21:37:13 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-11-23 21:37:13 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-11-23 21:37:13 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-11-23 21:37:09 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-11-23 21:37:09 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-11-23 21:37:09 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-11-23 21:37:08 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-11-23 21:37:08 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-11-23 21:37:08 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-11-23 21:37:08 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-11-23 21:37:07 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-11-23 21:37:07 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-11-23 21:37:07 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-11-23 21:37:07 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-11-23 21:37:07 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-11-23 21:36:58 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2009-11-23 21:36:58 ----A---- C:\WINDOWS\system32\kbdsl.dll
2009-11-23 21:36:58 ----A---- C:\WINDOWS\system32\kbdro.dll
2009-11-23 21:36:58 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2009-11-23 21:36:58 ----A---- C:\WINDOWS\system32\kbdhu.dll
2009-11-23 21:36:58 ----A---- C:\WINDOWS\system32\kbdcz2.dll
2009-11-23 21:36:57 ----A---- C:\WINDOWS\system32\kbdycl.dll
2009-11-23 21:36:57 ----A---- C:\WINDOWS\system32\kbdcz1.dll
2009-11-23 21:36:57 ----A---- C:\WINDOWS\system32\kbdcz.dll
2009-11-23 21:36:57 ----A---- C:\WINDOWS\system32\kbdcr.dll
2009-11-23 21:36:57 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2009-11-23 21:36:54 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-11-23 21:36:54 ----A---- C:\WINDOWS\system32\irclass.dll
2009-11-23 21:36:54 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-11-23 21:36:54 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-11-23 21:36:51 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-11-23 21:36:49 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-11-23 21:36:49 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-11-23 21:36:48 ----A---- C:\WINDOWS\system32\batt.dll
2009-11-23 21:36:48 ----A---- C:\WINDOWS\NOTEPAD.EXE
2009-11-23 21:36:46 ----A---- C:\WINDOWS\system32\storprop.dll
2009-11-23 21:36:32 ----ASH---- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
2009-11-23 21:36:27 ----RA---- C:\WINDOWS\SET8.tmp
2009-11-23 21:36:20 ----RA---- C:\WINDOWS\SET4.tmp
2009-11-23 21:36:18 ----RA---- C:\WINDOWS\SET3.tmp
2009-11-23 21:36:09 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-23 21:36:09 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-23 21:36:03 ----SD---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
2009-11-23 21:35:33 ----A---- C:\WINDOWS\setuplog.txt
2009-11-23 21:35:27 ----D---- C:\Documents and Settings
2009-11-23 21:35:26 ----SHD---- C:\System Volume Information
2009-11-23 21:34:43 ----SH---- C:\boot.ini
2009-11-23 21:30:13 ----D---- C:\Program Files\7-Zip
2009-11-23 21:25:16 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-11-23 21:25:16 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-11-23 21:25:16 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-11-23 21:25:16 ----A---- C:\WINDOWS\system32\pncrt.dll
2009-11-23 21:25:14 ----A---- C:\WINDOWS\avisplitter.ini
2009-11-23 21:25:11 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2009-11-23 21:25:11 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2009-11-23 21:25:11 ----A---- C:\WINDOWS\system32\xvidcore.dll
2009-11-23 21:25:10 ----A---- C:\WINDOWS\system32\qt-dx331.dll
2009-11-23 21:25:10 ----A---- C:\WINDOWS\system32\dpl100.dll
2009-11-23 21:25:10 ----A---- C:\WINDOWS\system32\divx.dll
2009-11-23 21:25:07 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2009-11-23 21:25:07 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2009-11-23 21:25:05 ----D---- C:\Program Files\K-Lite Codec Pack
2009-11-23 21:24:26 ----D---- C:\WINDOWS\WinSxS
2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\usmt
2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\pl-pl
2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\pl
2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\inetsrv
2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\IME
2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\3com_dmi
2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\3076
2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\2052
2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\1054
2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\1045
2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\1042
2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\1041
2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\1037
2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\1033
2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\1031
2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\1028
2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\1025
2009-11-23 21:24:26 ----D---- C:\WINDOWS\PeerNet
2009-11-23 21:24:26 ----D---- C:\WINDOWS\pchealth
2009-11-23 21:24:26 ----D---- C:\WINDOWS\Network Diagnostic
2009-11-23 21:24:26 ----D---- C:\WINDOWS\mui
2009-11-23 21:24:26 ----D---- C:\WINDOWS\L2Schemas
2009-11-23 21:24:26 ----D---- C:\WINDOWS\ime
2009-11-23 21:24:26 ----D---- C:\WINDOWS\ehome
2009-11-23 21:24:25 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-11-23 21:24:25 ----RSD---- C:\WINDOWS\Fonts
2009-11-23 21:24:25 ----RD---- C:\WINDOWS\Web
2009-11-23 21:24:25 ----HD---- C:\WINDOWS\inf
2009-11-23 21:24:25 ----D---- C:\WINDOWS\twain_32
2009-11-23 21:24:25 ----D---- C:\WINDOWS\Temp
2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\wins
2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\wbem
2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\spool
2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\ShellExt
2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\Setup
2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\ras
2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\oobe
2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\npp
2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\mui
2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\icsxml
2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\ias
2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\export
2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\drivers
2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\dhcp
2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\config
2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32
2009-11-23 21:24:25 ----D---- C:\WINDOWS\system
2009-11-23 21:24:25 ----D---- C:\WINDOWS\security
2009-11-23 21:24:25 ----D---- C:\WINDOWS\Resources
2009-11-23 21:24:25 ----D---- C:\WINDOWS\repair
2009-11-23 21:24:25 ----D---- C:\WINDOWS\Provisioning
2009-11-23 21:24:25 ----D---- C:\WINDOWS\msapps
2009-11-23 21:24:25 ----D---- C:\WINDOWS\msagent
2009-11-23 21:24:25 ----D---- C:\WINDOWS\Media
2009-11-23 21:24:25 ----D---- C:\WINDOWS\java
2009-11-23 21:24:25 ----D---- C:\WINDOWS\Help
2009-11-23 21:24:25 ----D---- C:\WINDOWS\Driver Cache
2009-11-23 21:24:25 ----D---- C:\WINDOWS\Debug
2009-11-23 21:24:25 ----D---- C:\WINDOWS\Cursors
2009-11-23 21:24:25 ----D---- C:\WINDOWS\Connection Wizard
2009-11-23 21:24:25 ----D---- C:\WINDOWS\Config
2009-11-23 21:24:25 ----D---- C:\WINDOWS\AppPatch
2009-11-23 21:24:25 ----D---- C:\WINDOWS\addins
2009-11-23 21:24:25 ----D---- C:\WINDOWS
2009-11-23 21:23:32 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Media Player Classic
2009-11-23 21:18:15 ----A---- C:\WINDOWS\system32\unrar.dll
2009-11-23 21:18:06 ----A---- C:\WINDOWS\system32\msvcr71.dll
2009-11-23 21:18:06 ----A---- C:\WINDOWS\system32\msvcp71.dll
2009-11-23 21:17:27 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2009-11-23 21:16:34 ----D---- C:\ATI
2009-11-23 21:16:30 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Opera
2009-11-23 21:16:16 ----D---- C:\Program Files\Opera
2009-11-23 21:11:28 ----RSD---- C:\WINDOWS\assembly
2009-11-23 21:10:25 ----D---- C:\WINDOWS\Microsoft.NET
2009-11-23 21:07:30 ----D---- C:\WINDOWS\OPTIONS
2009-11-23 21:07:10 ----D---- C:\Program Files\Intel
2009-11-23 21:06:25 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-11-23 21:06:20 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-23 21:06:09 ----D---- C:\Program Files\Common Files\InstallShield
2009-11-23 21:05:22 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-11-23 21:05:13 ----A---- C:\WINDOWS\CMISETUP.INI
2009-11-23 21:05:13 ----A---- C:\WINDOWS\CMCDPLAY.INI
2009-11-23 21:05:11 ----A---- C:\WINDOWS\Wininit.ini
2009-11-23 21:05:11 ----A---- C:\WINDOWS\system32\udaprop.dll
2009-11-23 21:05:10 ----A---- C:\WINDOWS\system32\cmuda.dll
2009-11-23 21:05:10 ----A---- C:\WINDOWS\system32\cmirmdrv.exe
2009-11-23 21:05:10 ----A---- C:\WINDOWS\system32\cmirmdrv.dll
2009-11-23 21:05:09 ----D---- C:\Program Files\C-Media 3D Audio
2009-11-23 21:05:09 ----A---- C:\WINDOWS\system32\Audio3D.dll
2009-11-23 21:05:09 ----A---- C:\WINDOWS\system32\a3d.dll
2009-11-23 21:05:09 ----A---- C:\WINDOWS\CMIUninstall.exe
2009-11-23 21:05:09 ----A---- C:\WINDOWS\CmiRmRedundDir.exe
2009-11-23 21:05:09 ----A---- C:\WINDOWS\CMIRmDriver.dll
2009-11-23 21:04:57 ----A---- C:\WINDOWS\IsUninst.exe
2009-11-23 21:03:43 ----SHD---- C:\RECYCLER
2009-11-23 21:03:31 ----D---- C:\Program Files\Ninja
2009-11-23 21:00:27 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Identities
2009-11-23 21:00:24 ----HD---- C:\Program Files\Uninstall Information
2009-11-23 21:00:12 ----ASH---- C:\Documents and Settings\Dawid\Dane aplikacji\desktop.ini
2009-11-23 21:00:11 ----SD---- C:\Documents and Settings\Dawid\Dane aplikacji\Microsoft
2009-11-23 20:59:26 ----D---- C:\WINDOWS\SoftwareDistribution
2009-11-23 20:59:14 ----SD---- C:\WINDOWS\system32\Microsoft
2009-11-23 20:59:14 ----D---- C:\WINDOWS\Prefetch
2009-11-23 20:59:13 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-23 20:53:22 ----D---- C:\WINDOWS\system32\xircom
2009-11-23 20:53:22 ----D---- C:\Program Files\xerox
2009-11-23 20:53:22 ----D---- C:\Program Files\microsoft frontpage
2009-11-23 20:52:40 ----A---- C:\WINDOWS\control.ini
2009-11-23 20:52:40 ----A---- C:\AUTOEXEC.BAT
2009-11-23 20:52:17 ----A---- C:\WINDOWS\OEWABLog.txt
2009-11-23 20:52:08 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-11-23 20:50:34 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-11-23 20:50:34 ----RD---- C:\WINDOWS\Offline Web Pages
2009-11-23 20:50:34 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-11-23 20:50:25 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-11-23 20:50:17 ----HD---- C:\Program Files\WindowsUpdate
2009-11-23 20:50:10 ----D---- C:\Program Files\Usługi online
2009-11-23 20:49:49 ----D---- C:\WINDOWS\system32\DirectX
2009-11-23 20:49:43 ----A---- C:\WINDOWS\system32\atrace.dll
2009-11-23 20:49:40 ----A---- C:\WINDOWS\system32\desktop.ini
2009-11-23 20:49:40 ----A---- C:\WINDOWS\desktop.ini
2009-11-23 20:49:27 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-11-23 20:49:25 ----D---- C:\Program Files\Common Files\Services
2009-11-23 20:49:25 ----A---- C:\WINDOWS\system32\acctres.dll
2009-11-23 20:49:21 ----SD---- C:\WINDOWS\Tasks
2009-11-23 20:49:21 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-11-23 20:49:20 ----D---- C:\Program Files\Common Files\MSSoap
2009-11-23 20:49:10 ----D---- C:\WINDOWS\srchasst
2009-11-23 20:49:07 ----D---- C:\WINDOWS\system32\Macromed
2009-11-23 20:48:58 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-11-23 20:48:58 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-11-23 20:48:58 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-11-23 20:48:57 ----A---- C:\WINDOWS\system32\wups.dll
2009-11-23 20:48:57 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-11-23 20:48:57 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-11-23 20:48:57 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-11-23 20:48:57 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-11-23 20:48:57 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-11-23 20:48:57 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2009-11-23 20:48:57 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-11-23 20:48:56 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-11-23 20:48:56 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-11-23 20:48:56 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-11-23 20:48:53 ----D---- C:\Program Files\Movie Maker
2009-11-23 20:48:28 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-11-23 20:48:28 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-11-23 20:48:28 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-11-23 20:48:26 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-11-23 20:48:23 ----A---- C:\WINDOWS\system32\fltMc.exe
2009-11-23 20:48:23 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-11-23 20:48:22 ----D---- C:\WINDOWS\system32\Restore
2009-11-23 20:48:22 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-11-23 20:48:22 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-11-23 20:48:22 ----A---- C:\WINDOWS\system32\srclient.dll
2009-11-23 20:48:22 ----A---- C:\WINDOWS\system32\ils.dll
2009-11-23 20:48:21 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-11-23 20:48:21 ----A---- C:\WINDOWS\system32\msconf.dll
2009-11-23 20:48:21 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-11-23 20:48:21 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-11-23 20:48:21 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-11-23 20:48:17 ----D---- C:\Program Files\NetMeeting
2009-11-23 20:48:17 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-11-23 20:48:17 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-11-23 20:48:16 ----A---- C:\WINDOWS\system32\inetres.dll
2009-11-23 20:48:16 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-11-23 20:48:14 ----D---- C:\Program Files\Outlook Express
2009-11-23 20:48:14 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-11-23 20:48:14 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-11-23 20:48:14 ----A---- C:\WINDOWS\system32\mstask.dll
2009-11-23 20:48:13 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-11-23 20:48:13 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-11-23 20:48:12 ----A---- C:\WINDOWS\system32\isign32.dll
2009-11-23 20:48:12 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-11-23 20:48:05 ----D---- C:\Program Files\Common Files\System
2009-11-23 20:48:02 ----D---- C:\Program Files\Internet Explorer
2009-11-23 20:46:49 ----D---- C:\Program Files\ComPlus Applications
2009-11-23 20:46:45 ----A---- C:\WINDOWS\vbaddin.ini
2009-11-23 20:46:45 ----A---- C:\WINDOWS\vb.ini
2009-11-23 20:46:37 ----D---- C:\WINDOWS\Registration
2009-11-23 20:46:23 ----D---- C:\Program Files\Windows Media Player
2009-11-23 20:46:12 ----D---- C:\Program Files\Messenger
2009-11-23 20:46:04 ----D---- C:\Program Files\MSN Gaming Zone
2009-11-23 20:46:04 ----A---- C:\WINDOWS\system32\write.exe
2009-11-23 20:45:51 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-11-23 20:45:51 ----A---- C:\WINDOWS\system32\hticons.dll
2009-11-23 20:45:51 ----A---- C:\WINDOWS\system32\avwav.dll
2009-11-23 20:45:51 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-11-23 20:45:51 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-11-23 20:45:50 ----A---- C:\WINDOWS\system32\winchat.exe
2009-11-23 20:45:32 ----A---- C:\WINDOWS\system32\getuname.dll
2009-11-23 20:45:32 ----A---- C:\WINDOWS\system32\charmap.exe
2009-11-23 20:45:32 ----A---- C:\WINDOWS\system32\calc.exe
2009-11-23 20:45:31 ----A---- C:\WINDOWS\system32\winmine.exe
2009-11-23 20:45:31 ----A---- C:\WINDOWS\system32\sol.exe
2009-11-23 20:45:31 ----A---- C:\WINDOWS\system32\reset.exe
2009-11-23 20:45:31 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-11-23 20:45:31 ----A---- C:\WINDOWS\system32\freecell.exe
2009-11-23 20:45:30 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-11-23 20:45:30 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-11-23 20:45:30 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-11-23 20:45:30 ----A---- C:\WINDOWS\system32\tskill.exe
2009-11-23 20:45:30 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-11-23 20:45:30 ----A---- C:\WINDOWS\system32\tscon.exe
2009-11-23 20:45:30 ----A---- C:\WINDOWS\system32\shadow.exe
2009-11-23 20:45:29 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-11-23 20:45:29 ----A---- C:\WINDOWS\system32\regini.exe
2009-11-23 20:45:29 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-11-23 20:45:29 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-11-23 20:45:29 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-11-23 20:45:29 ----A---- C:\WINDOWS\system32\msg.exe
2009-11-23 20:45:29 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-11-23 20:45:29 ----A---- C:\WINDOWS\system32\logoff.exe
2009-11-23 20:45:29 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-11-23 20:45:18 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-11-23 20:45:17 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-11-23 20:45:17 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-11-23 20:45:17 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-11-23 20:45:16 ----D---- C:\Program Files\Windows NT
2009-11-23 20:45:16 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-11-23 20:45:16 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-11-23 20:45:15 ----A---- C:\WINDOWS\system32\spider.exe
2009-11-23 20:45:15 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-11-23 20:45:14 ----A---- C:\WINDOWS\system32\tsgqec.dll
2009-11-23 20:45:14 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-11-23 20:45:13 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2009-11-23 20:45:13 ----A---- C:\WINDOWS\system32\aaclient.dll
2009-11-23 20:45:12 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-11-23 20:45:12 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-11-23 20:45:12 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-11-23 20:45:12 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-11-23 20:45:12 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-11-23 20:45:12 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-11-23 20:45:12 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-11-23 20:45:12 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-11-23 20:45:11 ----D---- C:\WINDOWS\system32\MsDtc
2009-11-23 20:45:11 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-11-23 20:45:11 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-11-23 20:45:11 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-11-23 20:45:11 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-11-23 20:45:11 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-11-23 20:45:11 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-11-23 20:45:11 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-11-23 20:45:11 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-11-23 20:45:10 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-11-23 20:45:10 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-11-23 20:45:10 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-11-23 20:45:10 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-11-23 20:45:10 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-11-23 20:45:09 ----D---- C:\WINDOWS\system32\Com
2009-11-23 20:45:09 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-11-23 20:45:09 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-11-23 20:45:09 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-11-23 20:45:09 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-11-23 20:45:08 ----A---- C:\WINDOWS\system32\stclient.dll
2009-11-23 20:45:08 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-11-23 20:45:08 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-11-23 20:45:08 ----A---- C:\WINDOWS\system32\colbact.dll
2009-11-23 20:45:08 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-11-23 20:45:08 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-11-23 20:45:08 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-11-23 20:45:08 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-11-23 20:45:07 ----A---- C:\WINDOWS\system32\comuid.dll
2009-11-23 20:45:07 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-11-23 20:45:07 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-11-23 20:45:07 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-11-23 20:44:57 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-11-23 20:44:56 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-11-23 20:44:56 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-11-23 20:44:56 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 1 months======

2009-12-01 14:55:25 ----A---- C:\WINDOWS\win.ini
2009-12-01 14:55:25 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-11-30 333192]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-11-30 28424]
R1 AvgTdiX;AVG Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-11-30 360584]
R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-15 40448]
R1 nltdi;nltdi; \??\C:\WINDOWS\system32\drivers\nltdi.sys []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-25 3565568]
R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-11-30 30104]
R3 AVGIDSDriverxpx;AVG9IDSDriver; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys []
R3 AVGIDSFilterxpx;AVG9IDSFilter; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys []
R3 AVGIDSShimxpx;AVG9IDSShim; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys []
R3 CA561;ICatch (VI) PC Camera; C:\WINDOWS\System32\Drivers\SPCA561.SYS [2009-07-09 119798]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2004-01-08 812416]
R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-15 10368]
R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-15 12160]
R3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\system32\DRIVERS\R8139n51.SYS [2002-06-13 45568]
R3 usbehci;Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-15 30208]
R3 usbhub;Koncentrator z obsługą USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 a49m86qr;a49m86qr; C:\WINDOWS\system32\drivers\a49m86qr.sys []
S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-11-30 30104]
S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NLNdisMP;NLNdisMP; C:\WINDOWS\system32\DRIVERS\nlndis.sys []
S3 NLNdisPT;NetLimiter Ndis Protocol Service; C:\WINDOWS\system32\DRIVERS\nlndis.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-02-25 602112]
R2 avg9emc;AVG E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2009-11-30 906520]
R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2009-11-30 285392]
R2 avgfws9;AVG Firewall; C:\Program Files\AVG\AVG9\avgfws9.exe [2009-11-30 2304192]
R2 AVGIDSAgent;AVG9IDSAgent; C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2009-11-30 5832712]
R2 nlsvc;NetLimiter; C:\Program Files\NetLimiter 2 Pro\nlsvc.exe [2007-03-21 516096]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-02-25 593920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------[/log]


[b]GMER[/b]
[log]GMER 1.0.15.15252 - http://www.gmer.net
Rootkit scan 2009-12-01 15:54:43
Windows 5.1.2600 Dodatek Service Pack 3
Running: 4to4lkip.exe; Driver: C:\DOCUME~1\Dawid\USTAWI~1\Temp\uxldypow.sys


---- System - GMER 1.0.15 ----

SSDT spik.sys ZwCreateKey [0xF771B0E0]
SSDT spik.sys ZwEnumerateKey [0xF7733DA4]
SSDT spik.sys ZwEnumerateValueKey [0xF7734132]
SSDT spik.sys ZwOpenKey [0xF771B0C0]
SSDT \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies ) ZwOpenProcess [0xF7AFF470]
SSDT spik.sys ZwQueryKey [0xF773420A]
SSDT spik.sys ZwQueryValueKey [0xF773408A]
SSDT spik.sys ZwSetValueKey [0xF773429C]
SSDT \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies ) ZwTerminateProcess [0xF7AFF520]
SSDT \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies ) ZwTerminateThread [0xF7AFF5C0]
SSDT \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies ) ZwWriteVirtualMemory [0xF7AFF660]

INT 0x62 ? 8676EBF8
INT 0x63 ? 863BAD68
INT 0x73 ? 863BAD68
INT 0x82 ? 8676EBF8
INT 0xB4 ? 863BAD68

---- Kernel code sections - GMER 1.0.15 ----

? spik.sys Nie można odnaleźć określonego pliku. !
.text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xF6B6C000, 0x1C5D58, 0xE8000020]
.text USBPORT.SYS!DllUnload F6B4B8AC 5 Bytes JMP 863BA348
.text a49m86qr.SYS F69EC386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...]
.text a49m86qr.SYS F69EC3AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text a49m86qr.SYS F69EC3C4 3 Bytes [00, 80, 02]
.text a49m86qr.SYS F69EC3C9 1 Byte [30]
.text a49m86qr.SYS F69EC3C9 11 Bytes [30, 00, 00, 00, 5E, 02, 00, ...] {XOR [EAX], AL; ADD [EAX], AL; POP ESI; ADD AL, [EAX]; ADD [EAX], AL; ADD [EAX], AL}
.text ...

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 867DC2D8
IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F7746DDC] spik.sys
IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F7746E30] spik.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F771C042] spik.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F771C13E] spik.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F771C0C0] spik.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F771C800] spik.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F771C6D6] spik.sys
IAT \SystemRoot\system32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 863BA448
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F772BB90] spik.sys
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!RtlInitUnicodeString] 8800001C
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!swprintf] 001CBA86
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeSetEvent] C61AEB00
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoCreateSymbolicLink] 001C8986
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoGetConfigurationInformation] 86C61200
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoDeleteSymbolicLink] 00001C8B
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!MmFreeMappingAddress] 96868801
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoFreeErrorLogEntry] 8800001C
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoDisconnectInterrupt] 001CB286
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!MmUnmapIoSpace] 88968B00
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!ObReferenceObjectByPointer] 8900001C
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IofCompleteRequest] 001CA496
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!RtlCompareUnicodeString] C6168B00
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IofCallDriver] 001CC186
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!MmAllocateMappingAddress] 428A0A00
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoAllocateErrorLogEntry] C286880C
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoConnectInterrupt] 8B00001C
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoDetachDevice] 24A48DFA
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeWaitForSingleObject] 00000000
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeInitializeEvent] 4B8BDF8B
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeCancelTimer] 8D3F0304
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!RtlAnsiStringToUnicodeString] CB033043
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!RtlInitAnsiString] 0673C13B
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoBuildDeviceIoControlRequest] C13B0003
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoQueueWorkItem] 8366FA72
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!MmMapIoSpace] 75000E7B
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoInvalidateDeviceRelations] 0B7D80E3
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoReportDetectedDevice] 307B8D00
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoReportResourceForDetection] 00AA840F
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!RtlxAnsiStringToUnicodeSize] 83660000
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!NlsMbCodePageTag] 6A000E7A
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!PoRequestPowerIrp] C6647400
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeInsertByKeyDeviceQueue] 001CC386
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!PoRegisterDeviceForIdleDetection] 4F8B0200
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!sprintf] 968D5140
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!MmMapLockedPagesSpecifyCache] 00001C98
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!ObfDereferenceObject] 22F6E852
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoGetAttachedDeviceReference] 478B0000
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoInvalidateDeviceState] 50016A40
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!ZwClose] 1CB48E8D
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!ObReferenceObjectByHandle] E8510000
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!ZwCreateDirectoryObject] 000022E4
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoBuildSynchronousFsdRequest] 6A18538B
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!PoStartNextPowerIrp] 868D5200
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoCreateDevice] 00001CA0
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!RtlCopyUnicodeString] 22D2E850
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoAllocateDriverObjectExtension] 4B8B0000
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!RtlQueryRegistryValues] 51016A18
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!ZwOpenKey] 1CBC968D
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!RtlFreeUnicodeString] E8520000
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoStartTimer] 000022C0
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeInitializeTimer] 8A05478A
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoInitializeTimer] 001CC38E
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeInitializeDpc] 30C48300
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeInitializeSpinLock] 1CC58688
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoInitializeIrp] 80E90000
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!ZwCreateKey] C6000000
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!RtlAppendUnicodeStringToString] 001CC386
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!RtlIntegerToUnicodeString] 438B0100
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!ZwSetValueKey] 8E8D5018
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeInsertQueueDpc] 00001C98
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KefAcquireSpinLockAtDpcLevel] 2292E851
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoStartPacket] 538B0000
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KefReleaseSpinLockFromDpcLevel] 52016A18
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoBuildAsynchronousFsdRequest] 1CB4868D
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoFreeMdl] E8500000
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!MmUnlockPages] 00002280
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoWriteErrorLogEntry] 8A05478A
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeRemoveByKeyDeviceQueue] 001CC38E
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!MmMapLockedPagesWithReservedMapping] 18C48300
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!MmUnmapReservedMapping] 1CC58688
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeSynchronizeExecution] 43EB0000
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoStartNextPacket] 320C538A
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeBugCheckEx] 88F93BC0
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeRemoveDeviceQueue] 001CC396
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeSetTimer] F6317300
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!_allmul] 74070647
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!MmProbeAndLockPages] 75C0841A
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!_except_handler3] 05578A0B
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!PoSetPowerState] 968801B0
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoOpenDeviceRegistryKey] 00001CC5
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!RtlWriteRegistryValue] 57B60F66
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!RtlDeleteRegistryValue] 533B6604
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!_aulldiv] 03087408
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!strstr] 72F93B3F
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!_strupr] 8A09EBDA
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeQuerySystemTime] 86880547
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoWMIRegistrationControl] 00001CC5
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeTickCount] 88084B8A
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoAttachDeviceToDeviceStack] 001CC68E
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoDeleteDevice] 40578B00
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!ExAllocatePoolWithTag] 8D52006A
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoAllocateWorkItem] 001CC886
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoAllocateIrp] 11E85000
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoAllocateMdl] 8B000022
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!MmBuildMdlForNonPagedPool] 001CC08E
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!MmLockPagableDataSection] C4968B00
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoGetDriverObjectExtension] 8900001C
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!MmUnlockPagableImageSection] 001CCC8E
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!ExFreePoolWithTag] D0968900
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoFreeIrp] 8B00001C
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoFreeWorkItem] 016A4047
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!InitSafeBootMode] D4C68150
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!RtlCompareMemory] 5600001C
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!PoCallDriver] 0021E7E8
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!memmove] 18C48300
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!MmHighestUserAddress] 5D5B5E5F
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[HAL.dll!KfAcquireSpinLock] 18C4830E
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[HAL.dll!READ_PORT_UCHAR] 1C959E88
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[HAL.dll!KeGetCurrentIrql] 9E880000
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[HAL.dll!KfRaiseIrql] 00001CB1
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[HAL.dll!KfLowerIrql] 0E798366
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[HAL.dll!HalGetInterruptVector] 74AAB000
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[HAL.dll!HalTranslateBusAddress] 8986C636
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[HAL.dll!KeStallExecutionProcessor] 1A00001C
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[HAL.dll!KfReleaseSpinLock] 1C8B86C6
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] C6020000
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[HAL.dll!READ_PORT_USHORT] 001C9686
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 86C60200
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[HAL.dll!WRITE_PORT_UCHAR] 00001CB2
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[WMILIB.SYS!WmiSystemControl] 8800001C
IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[WMILIB.SYS!WmiCompleteRequest] 001CB99E

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8676D1F8

AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.sys (IDS Application Activity Monitor Filter Driver./AVG Technologies )

Device \Driver\sptd \Device\732003306 spik.sys

AttachedDevice \Driver\Tcpip \Device\Ip nltdi.sys (NetLimiter Driver/Locktime Software)
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\NetBT \Device\NetBT_Tcpip_{82ADE926-1A99-40BF-9166-EA330CE884DD} 8640B1F8
Device \Driver\PCI_PNP3306 \Device\00000043 spik.sys
Device \Driver\usbuhci \Device\USBPDO-0 863B91F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon 867DA1F8
Device \Driver\dmio \Device\DmControl\DmConfig 867DA1F8
Device \Driver\dmio \Device\DmControl\DmPnP 867DA1F8
Device \Driver\dmio \Device\DmControl\DmInfo 867DA1F8
Device \Driver\usbuhci \Device\USBPDO-1 863B91F8
Device \Driver\usbuhci \Device\USBPDO-2 863B91F8
Device \Driver\usbehci \Device\USBPDO-3 863E9500

AttachedDevice \Driver\Tcpip \Device\Tcp nltdi.sys (NetLimiter Driver/Locktime Software)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\Ftdisk \Device\HarddiskVolume1 8676F1F8
Device \Driver\Cdrom \Device\CdRom0 8654C1F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 8676F1F8
Device \Driver\USBSTOR \Device\00000065 86411500
Device \Driver\Ftdisk \Device\HarddiskVolume3 8676F1F8
Device \Driver\Cdrom \Device\CdRom1 8654C1F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F766EB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [F766EB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F766EB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e [F766EB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\USBSTOR \Device\00000067 86411500
Device \Driver\NetBT \Device\NetBt_Wins_Export 8640B1F8
Device \Driver\NetBT \Device\NetbiosSmb 8640B1F8

AttachedDevice \Driver\Tcpip \Device\Udp nltdi.sys (NetLimiter Driver/Locktime Software)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp nltdi.sys (NetLimiter Driver/Locktime Software)

Device \Driver\usbuhci \Device\USBFDO-0 863B91F8
Device \Driver\usbuhci \Device\USBFDO-1 863B91F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 861BC500
Device \Driver\usbuhci \Device\USBFDO-2 863B91F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 861BC500
Device \Driver\usbehci \Device\USBFDO-3 863E9500
Device \Driver\Ftdisk \Device\FtControl 8676F1F8
Device \Driver\a49m86qr \Device\Scsi\a49m86qr1 8654B1F8
Device \Driver\a49m86qr \Device\Scsi\a49m86qr1Port2Path0Target0Lun0 8654B1F8
Device \FileSystem\Cdfs \Cdfs 861D3500

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xF6 0x52 0x56 0xC1 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x7D 0x5E 0xBD 0xEE ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x0E 0x9F 0x75 0x01 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xF6 0x52 0x56 0xC1 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x7D 0x5E 0xBD 0xEE ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x0E 0x9F 0x75 0x01 ...

---- EOF - GMER 1.0.15 ----[/log]

[log]GMER 1.0.15.15252 - http://www.gmer.net
Rootkit scan 2009-12-01 15:57:32
Windows 5.1.2600 Dodatek Service Pack 3
Running: 4to4lkip.exe; Driver: C:\DOCUME~1\Dawid\USTAWI~1\Temp\uxldypow.sys


---- Services - GMER 1.0.15 ----

Service .NET CLR Data
Service .NET CLR Networking
Service .NET Data Provider for Oracle
Service .NET Data Provider for SqlServer
Service .NETFramework
Service [DISABLED] Abiosdsk
Service [DISABLED] abp480n5
Service C:\WINDOWS\system32\DRIVERS\ACPI.sys (Sterownik ACPI dla systemu NT/Microsoft Corporation) [BOOT] ACPI
Service (Sterownik kontrolera osadzonego interfejsu ACPI/Microsoft Corporation) [DISABLED] ACPIEC
Service [DISABLED] adpu160m
Service C:\WINDOWS\system32\drivers\aec.sys (Microsoft Acoustic Echo Canceller/Microsoft Corporation) [MANUAL] aec
Service C:\WINDOWS\System32\drivers\afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation) [SYSTEM] AFD
Service C:\WINDOWS\system32\DRIVERS\agp440.sys (440 NT AGP Filter/Microsoft Corporation) [BOOT] agp440
Service [DISABLED] Aha154x
Service [DISABLED] aic78u2
Service [DISABLED] aic78xx
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Alerter
Service C:\WINDOWS\System32\alg.exe (Application Layer Gateway Service/Microsoft Corporation) [MANUAL] ALG
Service [DISABLED] AliIde
Service [DISABLED] amsint
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] AppMgmt
Service [DISABLED] asc
Service [DISABLED] asc3350p
Service [DISABLED] asc3550
Service ASP.NET
Service ASP.NET_2.0.50727
Service C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft ASP.NET State Server/Microsoft Corporation) [MANUAL] aspnet_state
Service C:\WINDOWS\system32\DRIVERS\asyncmac.sys (MS Remote Access serial network driver/Microsoft Corporation) [MANUAL] AsyncMac
Service C:\WINDOWS\system32\DRIVERS\atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation) [BOOT] atapi
Service [DISABLED] Atdisk
Service C:\WINDOWS\system32\Ati2evxx.exe (ATI External Event Utility EXE Module/ATI Technologies Inc.) [AUTO] Ati HotKey Poller
Service C:\WINDOWS\system32\ati2sgag.exe [AUTO] ATI Smart
Service C:\WINDOWS\system32\DRIVERS\ati2mtag.sys (ATI Radeon WindowsNT Miniport Driver/ATI Technologies Inc.) [MANUAL] ati2mtag
Service Atierecord
Service C:\WINDOWS\system32\DRIVERS\atmarpc.sys (IP/ATM Arp Client/Microsoft Corporation) [MANUAL] Atmarpc
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] AudioSrv
Service C:\WINDOWS\system32\DRIVERS\audstub.sys (AudStub Driver/Microsoft Corporation) [MANUAL] audstub
Service AVG
Service C:\Program Files\AVG\AVG9\avgemc.exe (AVG E-Mail Scanner/AVG Technologies CZ, s.r.o.) [AUTO] avg9emc
Service C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Watchdog Service/AVG Technologies CZ, s.r.o.) [AUTO] avg9wd
Service C:\WINDOWS\system32\DRIVERS\avgfwdx.sys (AVG Firewall intermediate miniport driver/AVG Technologies CZ, s.r.o.) [MANUAL] Avgfwdx
Service C:\WINDOWS\system32\DRIVERS\avgfwdx.sys (AVG Firewall intermediate miniport driver/AVG Technologies CZ, s.r.o.) [MANUAL] Avgfwfd
Service C:\Program Files\AVG\AVG9\avgfws9.exe (AVG Firewall Service/AVG Technologies CZ, s.r.o.) [AUTO] avgfws9
Service C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG IDS application/AVG Technologies CZ, s.r.o.) [AUTO] AVGIDSAgent
Service C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys (IDS Application Activity Monitor Driver./AVG Technologies ) [MANUAL] AVGIDSDriverxpx
Service C:\WINDOWS\System32\Drivers\AVGIDSxx.sys (IDS Application Activity Monitor Helper Driver./AVG Technologies ) [BOOT] AVGIDSErHrxpx
Service C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys (IDS Application Activity Monitor Filter Driver./AVG Technologies ) [MANUAL] AVGIDSFilterxpx
Service C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies ) [MANUAL] AVGIDSShimxpx
Service C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG AVI Loader Driver/AVG Technologies CZ, s.r.o.) [SYSTEM] AvgLdx86
Service C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Resident Shield Minifilter Driver/AVG Technologies CZ, s.r.o.) [SYSTEM] AvgMfx86
Service C:\WINDOWS\System32\Drivers\avgrkx86.sys (AVG Anti-Rootkit Driver/AVG Technologies CZ, s.r.o.) [BOOT] AvgRkx86
Service C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) [SYSTEM] AvgTdiX
Service BattC
Service (BEEP Driver/Microsoft Corporation) [SYSTEM] Beep
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] BITS
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Browser
Service C:\WINDOWS\System32\Drivers\SPCA561.SYS (Universal Serial Bus Camera Driver/SP) [MANUAL] CA561
Service (CardBus/PCMCIA IDE Miniport Driver/Microsoft Corporation) [DISABLED] cbidf2k
Service C:\WINDOWS\system32\DRIVERS\CCDECODE.sys (WDM Closed Caption VBI Codec/Microsoft Corporation) [MANUAL] CCDECODE
Service [DISABLED] cd20xrnt
Service (CD-ROM Audio Filter Driver/Microsoft Corporation) [SYSTEM] Cdaudio
Service (CD-ROM File System Driver/Microsoft Corporation) [DISABLED] Cdfs
Service C:\WINDOWS\system32\DRIVERS\cdrom.sys (SCSI CD-ROM Driver/Microsoft Corporation) [SYSTEM] Cdrom
Service [SYSTEM] Changer
Service C:\WINDOWS\system32\cisvc.exe (Content Index service/Microsoft Corporation) [MANUAL] CiSvc
Service C:\WINDOWS\system32\clipsrv.exe (Windows NT DDE Server/Microsoft Corporation) [DISABLED] ClipSrv
Service C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (.NET Runtime Optimization Service/Microsoft Corporation) [MANUAL] clr_optimization_v2.0.50727_32
Service [DISABLED] CmdIde
Service C:\WINDOWS\system32\drivers\cmuda.sys (C-Media Audio WDM Driver/C-Media Inc) [MANUAL] cmuda
Service C:\WINDOWS\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] COMSysApp
Service ContentFilter
Service ContentIndex
Service [DISABLED] Cpqarray
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] CryptSvc
Service [DISABLED] dac2w2k
Service [DISABLED] dac960nt
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] DcomLaunch
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Dhcp
Service C:\WINDOWS\system32\DRIVERS\disk.sys (PnP Disk Driver/Microsoft Corporation) [BOOT] Disk
Service C:\WINDOWS\System32\dmadmin.exe (Proces usługi Menedżera dysków logicznych/Microsoft Corp., Veritas Software) [MANUAL] dmadmin
Service C:\WINDOWS\System32\drivers\dmboot.sys (Sterownik uruchamiania Menedżera dysków NT/Microsoft Corp., Veritas Software) [DISABLED] dmboot
Service C:\WINDOWS\System32\drivers\dmio.sys (Sterownik We/Wy menedżera dysków NT/Microsoft Corp., Veritas Software) [BOOT] dmio
Service C:\WINDOWS\System32\drivers\dmload.sys (NT Disk Manager Startup Driver/Microsoft Corp., Veritas Software.) [BOOT] dmload
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] dmserver
Service C:\WINDOWS\system32\drivers\DMusic.sys (Microsoft Kernel DLS Synthesizer/Microsoft Corporation) [MANUAL] DMusic
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Dnscache
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Dot3svc
Service [DISABLED] dpti2o
Service C:\WINDOWS\system32\drivers\drmkaud.sys (Microsoft Kernel DRM Audio Descrambler Filter/Microsoft Corporation) [MANUAL] drmkaud
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] EapHost
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] ERSvc
Service C:\WINDOWS\system32\services.exe (Usługi i aplikacja Kontroler/Microsoft Corporation) [AUTO] Eventlog
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] EventSystem
Service (Fast FAT File System Driver/Microsoft Corporation) [DISABLED] Fastfat
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] FastUserSwitchingCompatibility
Service C:\WINDOWS\system32\DRIVERS\fdc.sys (Floppy Disk Controller Driver/Microsoft Corporation) [MANUAL] Fdc
Service (Sterownik kryptografii FIPS/Microsoft Corporation) [SYSTEM] Fips
Service (Floppy Driver/Microsoft Corporation) [SYSTEM] Flpydisk
Service C:\WINDOWS\system32\DRIVERS\fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) [BOOT] FltMgr
Service (File System Recognizer Driver/Microsoft Corporation) [SYSTEM] Fs_Rec
Service C:\WINDOWS\system32\DRIVERS\ftdisk.sys (Sterownik dysku FT/Microsoft Corporation) [BOOT] Ftdisk
Service C:\WINDOWS\system32\DRIVERS\gameenum.sys (Game Port Enumerator/Microsoft Corporation) [MANUAL] gameenum
Service C:\WINDOWS\system32\DRIVERS\msgpc.sys (MS General Packet Classifier/Microsoft Corporation) [MANUAL] Gpc
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] helpsvc
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] HidServ
Service C:\WINDOWS\system32\DRIVERS\hidusb.sys (USB Miniport Driver for Input Devices/Microsoft Corporation) [MANUAL] hidusb
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] hkmsvc
Service [DISABLED] hpn
Service C:\WINDOWS\system32\DRIVERS\HPZid412.sys (IEEE-1284.4-1999 Driver (Windows 2000)/HP) [MANUAL] HPZid412
Service C:\WINDOWS\system32\DRIVERS\HPZipr12.sys (IEEE-1284.4-1999 Print Class Driver/HP) [MANUAL] HPZipr12
Service C:\WINDOWS\system32\DRIVERS\HPZius12.sys (1284.4<->Usb Datalink Driver (Windows 2000)/HP) [MANUAL] HPZius12
Service C:\WINDOWS\System32\Drivers\HTTP.sys (HTTP Protocol Stack/Microsoft Corporation) [MANUAL] HTTP
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] HTTPFilter
Service [SYSTEM] i2omgmt
Service [DISABLED] i2omp
Service C:\WINDOWS\system32\DRIVERS\i8042prt.sys (Sterownik portu i8042/Microsoft Corporation) [SYSTEM] i8042prt
Service C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (IDriverT Module/Macrovision Corporation) [MANUAL] IDriverT
Service C:\WINDOWS\system32\DRIVERS\imapi.sys (IMAPI Kernel Driver/Microsoft Corporation) [SYSTEM] Imapi
Service C:\WINDOWS\system32\imapi.exe (Image Mastering API/Microsoft Corporation) [MANUAL] ImapiService
Service inetaccs
Service [DISABLED] ini910u
Service Inport
Service C:\WINDOWS\system32\DRIVERS\intelide.sys (Sterownik Intel PCI IDE/Microsoft Corporation) [BOOT] IntelIde
Service C:\WINDOWS\system32\DRIVERS\intelppm.sys (Sterownik urządzenia procesora/Microsoft Corporation) [SYSTEM] intelppm
Service C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys (IPv6 Windows Firewall Driver/Microsoft Corporation) [MANUAL] Ip6Fw
Service C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys (IP FILTER DRIVER/Microsoft Corporation) [MANUAL] IpFilterDriver
Service C:\WINDOWS\system32\DRIVERS\ipinip.sys (IP in IP Encapsulation Driver/Microsoft Corporation) [MANUAL] IpInIp
Service C:\WINDOWS\system32\DRIVERS\ipnat.sys (IP Network Address Translator/Microsoft Corporation) [MANUAL] IpNat
Service C:\WINDOWS\system32\DRIVERS\ipsec.sys (IPSec Driver/Microsoft Corporation) [SYSTEM] IPSec
Service C:\WINDOWS\system32\DRIVERS\irenum.sys (Infra-Red Bus Enumerator/Microsoft Corporation) [MANUAL] IRENUM
Service ISAPISearch
Service C:\WINDOWS\system32\DRIVERS\isapnp.sys (Sterownik magistrali ISA PNP/Microsoft Corporation) [BOOT] isapnp
Service C:\WINDOWS\system32\DRIVERS\kbdclass.sys (Sterownik klasy klawiatury/Microsoft Corporation) [SYSTEM] Kbdclass
Service C:\WINDOWS\system32\drivers\kmixer.sys (Kernel Mode Audio Mixer/Microsoft Corporation) [MANUAL] kmixer
Service (Kernel Security Support Provider Interface/Microsoft Corporation) [BOOT] KSecDD
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] LanmanServer
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] lanmanworkstation
Service [SYSTEM] lbrtfdc
Service ldap
Service LicenseService
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] LmHosts
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Messenger
Service (Frame buffer simulator/Microsoft Corporation) [SYSTEM] mnmdd
Service C:\WINDOWS\system32\mnmsrvc.exe (Zdalne udostępnianie pulpitu NetMeeting/Microsoft Corporation) [MANUAL] mnmsrvc
Service (Sterownik modemu/Microsoft Corporation) [MANUAL] Modem
Service C:\WINDOWS\system32\DRIVERS\mouclass.sys (Sterownik klasy myszy/Microsoft Corporation) [SYSTEM] Mouclass
Service C:\WINDOWS\system32\DRIVERS\mouhid.sys (Sterownik filtru myszy HID/Microsoft Corporation) [MANUAL] mouhid
Service (Mount Manager/Microsoft Corporation) [BOOT] MountMgr
Service [DISABLED] mraid35x
Service C:\WINDOWS\system32\DRIVERS\mrxdav.sys (Windows NT WebDav Minirdr/Microsoft Corporation) [MANUAL] MRxDAV
Service C:\WINDOWS\system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation) [SYSTEM] MRxSmb
Service C:\WINDOWS\system32\msdtc.exe (MS DTC console program/Microsoft Corporation) [MANUAL] MSDTC
Service (Mailslot driver/Microsoft Corporation) [SYSTEM] Msfs
Service C:\WINDOWS\system32\msiexec.exe (Windows® installer/Microsoft Corporation) [MANUAL] MSIServer
Service C:\WINDOWS\system32\drivers\MSKSSRV.sys (MS KS Server/Microsoft Corporation) [MANUAL] MSKSSRV
Service C:\WINDOWS\system32\drivers\MSPCLOCK.sys (MS Proxy Clock/Microsoft Corporation) [MANUAL] MSPCLOCK
Service C:\WINDOWS\system32\drivers\MSPQM.sys (MS Proxy Quality Manager/Microsoft Corporation) [MANUAL] MSPQM
Service C:\WINDOWS\system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) [MANUAL] mssmbios
Service C:\WINDOWS\system32\drivers\MSTEE.sys (WDM Tee/Communication Transform Filter /Microsoft Corporation) [MANUAL] MSTEE
Service (Multiple UNC Provider driver/Microsoft Corporation) [BOOT] Mup
Service C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys (WDM NABTS/FEC VBI Codec/Microsoft Corporation) [MANUAL] NABTSFEC
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] napagent
Service (NDIS 5.1 wrapper driver/Microsoft Corporation) [BOOT] NDIS
Service C:\WINDOWS\system32\DRIVERS\NdisIP.sys (Microsoft IP Driver/Microsoft Corporation) [MANUAL] NdisIP
Service C:\WINDOWS\system32\DRIVERS\ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation) [MANUAL] NdisTapi
Service C:\WINDOWS\system32\DRIVERS\ndisuio.sys (NDIS User mode I/O Driver/Microsoft Corporation) [MANUAL] Ndisuio
Service C:\WINDOWS\system32\DRIVERS\ndiswan.sys (MS PPP Framing Driver (Strong Encryption)/Microsoft Corporation) [MANUAL] NdisWan
Service (NDIS Proxy/Microsoft Corporation) [MANUAL] NDProxy
Service C:\WINDOWS\system32\DRIVERS\netbios.sys (NetBIOS interface driver/Microsoft Corporation) [SYSTEM] NetBIOS
Service C:\WINDOWS\system32\DRIVERS\netbt.sys (MBT Transport driver/Microsoft Corporation) [SYSTEM] NetBT
Service C:\WINDOWS\system32\netdde.exe (DDE sieci - komunikacja DDE/Microsoft Corporation) [DISABLED] NetDDE
Service C:\WINDOWS\system32\netdde.exe (DDE sieci - komunikacja DDE/Microsoft Corporation) [DISABLED] NetDDEdsdm
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [MANUAL] Netlogon
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Netman
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Nla
Service system32\DRIVERS\nlndis.sys [MANUAL] NLNdisMP
Service system32\DRIVERS\nlndis.sys [MANUAL] NLNdisPT
Service C:\Program Files\NetLimiter 2 Pro\nlsvc.exe (NetLimiter 2 service/Locktime Software) [AUTO] nlsvc
Service C:\WINDOWS\system32\drivers\nltdi.sys (NetLimiter Driver/Locktime Software) [SYSTEM] nltdi
Service (NPFS Driver/Microsoft Corporation) [SYSTEM] Npfs
Service (NT File System Driver/Microsoft Corporation) [DISABLED] Ntfs
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [MANUAL] NtLmSsp
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] NtmsSvc
Service (NULL Driver/Microsoft Corporation) [SYSTEM] Null
Service C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys (NWLINK2 Traffic Filter Driver/Microsoft Corporation) [MANUAL] NwlnkFlt
Service C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys (NWLINK2 Forwarder Driver/Microsoft Corporation) [MANUAL] NwlnkFwd
Service C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Office Source Engine/Microsoft Corporation) [MANUAL] ose
Service C:\WINDOWS\system32\DRIVERS\parport.sys (Sterownik portu równoległego/Microsoft Corporation) [MANUAL] Parport
Service (Partition Manager/Microsoft Corporation) [BOOT] PartMgr
Service (VDM Parallel Driver/Microsoft Corporation) [AUTO] ParVdm
Service C:\WINDOWS\system32\DRIVERS\pci.sys (Licznik NT Plug and Play PCI/Microsoft Corporation) [BOOT] PCI
Service [SYSTEM] PCIDump
Service C:\WINDOWS\system32\DRIVERS\pciide.sys (Rodzajowy sterownik magistrali PCI IDE/Microsoft Corporation) [BOOT] PCIIde
Service (Sterownik magistrali PCMCIA/Microsoft Corporation) [DISABLED] Pcmcia
Service [MANUAL] PDCOMP
Service [MANUAL] PDFRAME
Service [MANUAL] PDRELI
Service [MANUAL] PDRFRAME
Service [DISABLED] perc2
Service [DISABLED] perc2hib
Service PerfDisk
Service PerfNet
Service PerfOS
Service PerfProc
Service C:\WINDOWS\system32\services.exe (Usługi i aplikacja Kontroler/Microsoft Corporation) [AUTO] PlugPlay
Service C:\WINDOWS\system32\HPZipm12.exe (PML Driver/HP) [AUTO] Pml Driver HPZ12
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] PolicyAgent
Service C:\WINDOWS\system32\DRIVERS\raspptp.sys (Peer-to-Peer Tunneling Protocol/Microsoft Corporation) [MANUAL] PptpMiniport
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] ProtectedStorage
Service C:\WINDOWS\system32\DRIVERS\psched.sys (MS QoS Packet Scheduler/Microsoft Corporation) [MANUAL] PSched
Service C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) [MANUAL] Ptilink
Service [DISABLED] ql1080
Service [DISABLED] Ql10wnt
Service [DISABLED] ql12160
Service [DISABLED] ql1240
Service [DISABLED] ql1280
Service C:\WINDOWS\system32\DRIVERS\rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation) [SYSTEM] RasAcd
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] RasAuto
Service C:\WINDOWS\system32\DRIVERS\rasl2tp.sys (RAS L2TP mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Rasl2tp
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] RasMan
Service C:\WINDOWS\system32\DRIVERS\raspppoe.sys (RAS PPPoE mini-port/call-manager driver/Microsoft Corporation) [MANUAL] RasPppoe
Service C:\WINDOWS\system32\DRIVERS\raspti.sys (PTI DirectParallel(R) mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Raspti
Service C:\WINDOWS\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation) [SYSTEM] Rdbss
Service C:\WINDOWS\System32\DRIVERS\RDPCDD.sys (RDP Miniport/Microsoft Corporation) [SYSTEM] RDPCDD
Service RDPDD
Service C:\WINDOWS\system32\DRIVERS\rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation) [MANUAL] rdpdr
Service RDPNP
Service (RDP Terminal Stack Driver (US/Canada Only, Not for Export)/Microsoft Corporation) [MANUAL] RDPWD
Service C:\WINDOWS\system32\sessmgr.exe (Menedżer sesji pomocy pulpitu zdalnego Microsoft®/Microsoft Corporation) [MANUAL] RDSessMgr
Service C:\WINDOWS\system32\DRIVERS\redbook.sys (Sterownik filtru audio Redbook/Microsoft Corporation) [SYSTEM] redbook
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] RemoteAccess
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] RemoteRegistry
Service C:\WINDOWS\system32\locator.exe (Rpc Locator/Microsoft Corporation) [MANUAL] RpcLocator
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] RpcSs
Service C:\WINDOWS\system32\rsvp.exe (Microsoft RSVP/Microsoft Corporation) [MANUAL] RSVP
Service C:\WINDOWS\system32\DRIVERS\R8139n51.SYS (Realtek RTL8139/810x Family NDIS 5.1 Drv/Realtek Semiconductor Corporation) [MANUAL] rtl8139
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] SamSs
Service C:\WINDOWS\System32\SCardSvr.exe (Smart Card Resource Management Server/Microsoft Corporation) [MANUAL] SCardSvr
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Schedule
Service C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [MANUAL] Secdrv
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] seclogon
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] SENS
Service C:\WINDOWS\system32\DRIVERS\serenum.sys (Serial Port Enumerator/Microsoft Corporation) [MANUAL] serenum
Service C:\WINDOWS\system32\DRIVERS\serial.sys (Sterownik urządzenia szeregowego/Microsoft Corporation) [SYSTEM] Serial
Service (SCSI Floppy Driver/Microsoft Corporation) [SYSTEM] Sfloppy
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] SharedAccess
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] ShellHWDetection
Service [DISABLED] Simbad
Service C:\WINDOWS\system32\DRIVERS\SLIP.sys (Microsoft Slip Deframing Filter Minidriver/Microsoft Corporation) [MANUAL] SLIP
Service [DISABLED] Sparrow
Service C:\WINDOWS\system32\drivers\splitter.sys (Microsoft Kernel Audio Splitter/Microsoft Corporation) [MANUAL] splitter
Service C:\WINDOWS\system32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) [AUTO] Spooler
Service C:\WINDOWS\System32\Drivers\sptd.sys [BOOT] sptd
Service C:\WINDOWS\system32\DRIVERS\sr.sys (Sterownik filtru systemu plików Przywracania systemu/Microsoft Corporation) [BOOT] sr
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] srservice
Service C:\WINDOWS\system32\DRIVERS\srv.sys (Server driver/Microsoft Corporation) [MANUAL] Srv
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] SSDPSRV
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] stisvc
Service C:\WINDOWS\system32\DRIVERS\StreamIP.sys (Microsoft IP Test Driver/Microsoft Corporation) [MANUAL] streamip
Service C:\WINDOWS\system32\DRIVERS\swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation) [MANUAL] swenum
Service C:\WINDOWS\system32\drivers\swmidi.sys (Microsoft GS Wavetable Synthesizer/Microsoft Corporation) [MANUAL] swmidi
Service C:\WINDOWS\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] SwPrv
Service [DISABLED] symc810
Service [DISABLED] symc8xx
Service [DISABLED] sym_hi
Service [DISABLED] sym_u3
Service C:\WINDOWS\system32\drivers\sysaudio.sys (System Audio WDM Filter/Microsoft Corporation) [MANUAL] sysaudio
Service C:\WINDOWS\system32\smlogsvc.exe (Usługa dzienników wydajności i alertów/Microsoft Corporation) [MANUAL] SysmonLog
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] TapiSrv
Service C:\WINDOWS\system32\DRIVERS\tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation) [SYSTEM] Tcpip
Service (Named Pipe Transport Driver/Microsoft Corporation) [MANUAL] TDPIPE
Service (TCP Transport Driver/Microsoft Corporation) [MANUAL] TDTCP
Service C:\WINDOWS\system32\DRIVERS\termdd.sys (Terminal Server Driver/Microsoft Corporation) [SYSTEM] TermDD
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] TermService
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Themes
Service C:\WINDOWS\system32\tlntsvr.exe (Usługa Telnet/Microsoft Corporation) [DISABLED] TlntSvr
Service [DISABLED] TosIde
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] TrkWks
Service TSDDD
Service (UDF File System Driver/Microsoft Corporation) [DISABLED] Udfs
Service [DISABLED] ultra
Service C:\WINDOWS\system32\DRIVERS\update.sys (Update Driver/Microsoft Corporation) [MANUAL] Update
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] upnphost
Service C:\WINDOWS\System32\ups.exe (UPS Service/Microsoft Corporation) [MANUAL] UPS
Service C:\WINDOWS\system32\DRIVERS\usbccgp.sys (USB Common Class Generic Parent Driver/Microsoft Corporation) [MANUAL] usbccgp
Service C:\WINDOWS\system32\DRIVERS\usbehci.sys (EHCI eUSB Miniport Driver/Microsoft Corporation) [MANUAL] usbehci
Service C:\WINDOWS\system32\DRIVERS\usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) [MANUAL] usbhub
Service C:\WINDOWS\system32\DRIVERS\usbprint.sys (USB Printer driver/Microsoft Corporation) [MANUAL] usbprint
Service C:\WINDOWS\system32\DRIVERS\usbscan.sys (USB Scanner Driver/Microsoft Corporation) [MANUAL] usbscan
Service C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation) [MANUAL] USBSTOR
Service C:\WINDOWS\system32\DRIVERS\usbuhci.sys (UHCI USB Miniport Driver/Microsoft Corporation) [MANUAL] usbuhci
Service C:\WINDOWS\System32\drivers\vga.sys (VGA/Super VGA Video Driver/Microsoft Corporation) [SYSTEM] VgaSave
Service [DISABLED] ViaIde
Service (Sterownik kopiowania woluminów w tle/Microsoft Corporation) [BOOT] VolSnap
Service C:\WINDOWS\System32\vssvc.exe (Usługa kopiowania woluminów w tle Microsoft®/Microsoft Corporation) [MANUAL] VSS
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] W32Time
Service W3SVC
Service C:\WINDOWS\system32\DRIVERS\wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation) [MANUAL] Wanarp
Service [MANUAL] WDICA
Service C:\WINDOWS\system32\drivers\wdmaud.sys (MMSYSTEM Wave/Midi API mapper/Microsoft Corporation) [MANUAL] wdmaud
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] WebClient
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] winmgmt
Service [MANUAL] Winsock
Service WinSock2
Service WinTrust
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] WmdmPmSN
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Wmi
Service WmiApRpl
Service C:\WINDOWS\system32\wbem\wmiapsrv.exe (Usługa karty wydajności WMI/Microsoft Corporation) [MANUAL] WmiApSrv
Service (Winsock2 IFS Layer/Microsoft Corporation) [SYSTEM] WS2IFSL
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] wscsvc
Service C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS (WDM WST Codec Driver/Microsoft Corporation) [MANUAL] WSTCODEC
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] wuauserv
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] WZCSVC
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] xmlprov
Service {21D10148-B2EF-4767-9B5F-18C02ECBC83D}
Service {82ADE926-1A99-40BF-9166-EA330CE884DD}

---- EOF - GMER 1.0.15 ----[/log]


[b]Catchme[/b]
[log]catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-01 15:58:35
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
"h0"=dword:00000000
"hdf12"=hex:f6,52,56,c1,da,20,d6,4e,a9,f2,4a,2e,73,e3,11,d3,33,83,9b,72,76,..
"p0"="C:\Program Files\DAEMON Tools Lite\"
"u0"=hex:d4,c3,97,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]
"hdf12"=hex:7d,5e,bd,ee,6c,52,04,e7,65,b3,e8,6d,02,26,13,7a,29,bd,a1,d7,86,..
"a0"=hex:20,01,00,00,3f,05,4b,1a,82,98,d7,4f,9b,06,cd,c6,01,65,95,60,a1,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]
"hdf12"=hex:0e,9f,75,01,e7,8d,be,a2,e5,21,a1,f4,ec,07,9e,b8,57,6b,ff,aa,f8,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
"h0"=dword:00000000
"hdf12"=hex:f6,52,56,c1,da,20,d6,4e,a9,f2,4a,2e,73,e3,11,d3,33,83,9b,72,76,..
"p0"="C:\Program Files\DAEMON Tools Lite\"
"u0"=hex:d4,c3,97,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]
"hdf12"=hex:7d,5e,bd,ee,6c,52,04,e7,65,b3,e8,6d,02,26,13,7a,29,bd,a1,d7,86,..
"a0"=hex:20,01,00,00,3f,05,4b,1a,82,98,d7,4f,9b,06,cd,c6,01,65,95,60,a1,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]
"hdf12"=hex:0e,9f,75,01,e7,8d,be,a2,e5,21,a1,f4,ec,07,9e,b8,57,6b,ff,aa,f8,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0[/log]


[b]DDS[/b]
[log]
DDS (Ver_09-12-01.01) - NTFSx86
Run by Dawid at 16:02:33,85 on 2009-12-01
Internet Explorer: 6.0.2900.5512
Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.1023.531 [GMT 1:00]

AV: AVG Internet Security *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *enabled* {8decf618-9569-4340-b34a-d78d28969b66}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AVG\AVG9\avgfws9.exe
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\osk.exe
C:\WINDOWS\system32\MSSWCHX.EXE
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\sol.exe
C:\Documents and Settings\Dawid\Pulpit\dds.pif

============== Pseudo HJT Report ===============

BHO: FG2CatchUrl: {1f364306-aa45-47b5-9f9d-39a8b94e7ef1} - c:\program files\flashget network\flashget universal\comdlls\bhoCATCH.dll
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-explorer: NoSetActiveDesktop = 1 (0x1)
uPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
uPolicies-system: DisableTaskMgr = 1 (0x1)
mPolicies-explorer: NoSetActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
IE: &Download All by FlashGet - c:\program files\flashget network\flashget universal\comdlls\Bhoall.htm
IE: &Download by FlashGet - c:\program files\flashget network\flashget universal\comdlls\Bholink.htm
IE: E&ksport do programu Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
Notify: avgrsstarter - avgrsstx.dll

============= SERVICES / DRIVERS ===============

R0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSxx.sys [2009-11-30 25608]
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2009-11-30 161800]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-11-30 333192]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-11-30 28424]
R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-11-30 360584]
R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [2007-4-23 82200]
R2 avg9emc;AVG E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2009-11-30 906520]
R2 avg9wd;AVG WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2009-11-30 285392]
R2 avgfws9;AVG Firewall;c:\program files\avg\avg9\avgfws9.exe [2009-11-30 2304192]
R2 AVGIDSAgent;AVG9IDSAgent;c:\program files\avg\avg9\identity protection\agent\bin\AVGIDSAgent.exe [2009-11-30 5832712]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2009-11-30 30104]
R3 AVGIDSDriverxpx;AVG9IDSDriver;c:\program files\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSDriver.sys [2009-11-30 122376]
R3 AVGIDSFilterxpx;AVG9IDSFilter;c:\program files\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSFilter.sys [2009-11-30 30216]
R3 AVGIDSShimxpx;AVG9IDSShim;c:\program files\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSShim.sys [2009-11-30 25736]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2009-11-30 30104]
S3 NLNdisMP;NLNdisMP;c:\windows\system32\drivers\nlndis.sys --> c:\windows\system32\drivers\nlndis.sys [?]
S3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\drivers\nlndis.sys --> c:\windows\system32\drivers\nlndis.sys [?]

=============== Created Last 30 ================

2009-12-01 14:20:09 0 d-----w- c:\program files\trend micro
2009-12-01 13:54:29 0 d-----w- c:\windows\pss
2009-11-30 20:17:32 0 d--h--w- C:\$AVG
2009-11-30 20:17:08 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2009-11-30 20:17:06 25608 ----a-w- c:\windows\system32\drivers\AVGIDSxx.sys
2009-11-30 20:17:04 161800 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2009-11-30 20:17:02 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-11-30 20:16:49 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-11-30 20:16:40 0 d-----w- c:\windows\system32\drivers\Avg
2009-11-30 20:15:42 50968 ----a-w- c:\windows\system32\avgfwdx.dll
2009-11-30 20:15:42 30104 ----a-w- c:\windows\system32\drivers\avgfwdx.sys
2009-11-30 20:15:42 0 d-----w- c:\program files\AVG
2009-11-30 20:15:25 0 d-----w- c:\docume~1\alluse~1\daneap~1\avg9
2009-11-30 20:02:19 0 ----a-w- c:\windows\system32\18467.exe
2009-11-30 19:42:26 0 d-----w- c:\program files\AdvancedVirusRemover
2009-11-30 19:42:20 0 ----a-w- c:\windows\system32\41.exe
2009-11-30 19:42:08 22528 ----a-w- c:\windows\system32\winhelper86.dll
2009-11-30 19:42:02 741 ----a-w- c:\windows\system32\critical_warning.html
2009-11-30 19:36:49 0 d-----w- c:\program files\PDFtoPNG
2009-11-29 18:21:37 0 d-----w- c:\documents and settings\dawid\.gstreamer-0.10
2009-11-29 17:39:47 91648 -c--a-w- c:\windows\system32\dllcache\kswdmcap.ax
2009-11-29 17:39:47 91648 ----a-w- c:\windows\system32\kswdmcap.ax
2009-11-29 17:39:47 28672 -c--a-w- c:\windows\system32\dllcache\vidcap.ax
2009-11-29 17:39:47 28672 ----a-w- c:\windows\system32\vidcap.ax
2009-11-29 17:39:45 61952 -c--a-w- c:\windows\system32\dllcache\kstvtune.ax
2009-11-29 17:39:45 61952 ----a-w- c:\windows\system32\kstvtune.ax
2009-11-29 17:39:44 54784 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2009-11-29 17:39:44 54784 ----a-w- c:\windows\system32\vfwwdm32.dll
2009-11-29 17:39:38 43008 -c--a-w- c:\windows\system32\dllcache\ksxbar.ax
2009-11-29 17:39:38 43008 ----a-w- c:\windows\system32\ksxbar.ax
2009-11-29 17:24:51 631 ----a-w- c:\windows\system32\Remover.ini
2009-11-29 17:24:51 48128 ----a-w- c:\windows\system32\Remove.exe
2009-11-29 17:24:41 0 d-----w- c:\windows\PixArt
2009-11-29 17:24:40 0 d-----w- c:\program files\PC Camera
2009-11-29 17:24:40 0 d-----w- c:\program files\common files\PAC207
2009-11-29 17:11:17 307200 ----a-w- c:\windows\vidcap32.Exe
2009-11-29 17:11:17 0 d-----w- c:\windows\EffectResources
2009-11-29 17:11:15 81920 ----a-w- c:\windows\system32\ZS211sti.dll
2009-11-29 17:11:15 57344 ----a-w- c:\windows\Sti211.exe
2009-11-29 17:11:15 49152 ----a-w- c:\windows\Domino.exe
2009-11-29 17:11:15 172032 ----a-w- c:\windows\amcap.exe
2009-11-29 17:11:15 102400 ----a-w- c:\windows\ZS211Cap.exe
2009-11-29 17:11:14 49152 ----a-w- c:\windows\ZSSnp211.exe
2009-11-29 17:11:14 391836 ----a-w- c:\windows\system32\drivers\ZS211.sys
2009-11-29 17:11:14 172115 ----a-w- c:\windows\system32\ZS211Prp.Ax
2009-11-29 17:11:14 0 d-----w- c:\windows\CatRoot
2009-11-29 17:11:14 0 d-----w- c:\program files\Vimicro
2009-11-29 17:02:06 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-11-29 16:56:22 0 d-----r- c:\program files\Skype
2009-11-28 22:14:57 0 d-----w- c:\docume~1\alluse~1\daneap~1\OpenFM
2009-11-28 22:14:54 0 d-----w- c:\docume~1\dawid\daneap~1\OpenFM
2009-11-28 22:07:05 0 d-----w- c:\docume~1\dawid\daneap~1\Gadu-Gadu 10
2009-11-28 08:49:31 0 d-----w- c:\program files\AMT
2009-11-27 20:28:56 0 d-----w- c:\docume~1\dawid\daneap~1\Dev-Cpp
2009-11-27 20:27:51 0 d-----w- C:\Dev-Cpp
2009-11-26 20:32:57 0 d-----w- c:\docume~1\dawid\daneap~1\Gadu-Gadu
2009-11-24 18:29:53 0 d-----w- c:\docume~1\dawid\daneap~1\Locktime
2009-11-24 18:27:29 0 d-----w- c:\docume~1\alluse~1\daneap~1\Locktime
2009-11-24 18:27:05 0 d-----w- c:\program files\NetLimiter 2 Pro
2009-11-24 18:21:55 0 d-----w- c:\documents and settings\dawid\Gadu-Gadu
2009-11-24 18:21:37 0 d-----w- c:\program files\Gadu-Gadu
2009-11-24 17:46:20 0 d-----r- C:\Nowy folder
2009-11-24 17:16:11 0 d-----w- c:\windows\system32\appmgmt
2009-11-24 17:13:24 421 ----a-w- c:\windows\ODBC.INI
2009-11-24 17:13:02 17920 ----a-w- c:\windows\system32\mdimon.dll
2009-11-24 17:10:22 0 d-----w- c:\windows\SHELLNEW
2009-11-24 17:06:12 0 d-----w- c:\docume~1\alluse~1\daneap~1\DAEMON Tools Lite
2009-11-24 17:06:08 0 d-----w- c:\program files\DAEMON Tools Toolbar
2009-11-24 17:06:02 0 d-----w- c:\program files\DAEMON Tools Lite
2009-11-24 17:01:41 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-24 17:01:26 0 d-----w- c:\docume~1\dawid\daneap~1\DAEMON Tools Lite
2009-11-24 16:56:34 0 d-----w- c:\program files\common files\HP
2009-11-24 16:51:25 0 d-----w- c:\program files\common files\Hewlett-Packard
2009-11-24 16:50:52 16496 ----a-r- c:\windows\system32\drivers\HPZipr12.sys
2009-11-24 16:50:49 51120 ----a-r- c:\windows\system32\drivers\HPZid412.sys
2009-11-24 16:49:58 21744 ----a-r- c:\windows\system32\drivers\HPZius12.sys
2009-11-24 16:49:37 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-11-24 16:49:37 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-11-24 16:48:47 94208 ----a-w- c:\windows\system32\HPZipt12.dll
2009-11-24 16:48:47 69632 ----a-w- c:\windows\system32\HPZipm12.exe
2009-11-24 16:48:47 61440 ----a-w- c:\windows\system32\HPZinw12.exe
2009-11-24 16:48:47 57344 ----a-w- c:\windows\system32\HPZisn12.dll
2009-11-24 16:48:47 278584 ----a-w- c:\windows\system32\HPZidr12.dll
2009-11-24 16:48:47 204800 ----a-w- c:\windows\system32\HPZipr12.dll
2009-11-24 16:46:22 0 d-----w- c:\program files\HP
2009-11-24 16:46:15 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-11-24 16:46:15 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-11-24 16:46:10 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2009-11-24 16:46:10 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-11-24 16:44:04 21124 ------w- c:\windows\hpomdl07.dat
2009-11-24 16:44:04 113547 ----a-w- c:\windows\hpoins07.dat
2009-11-24 16:15:29 0 d-----r- C:\Downloads
2009-11-24 16:12:29 0 d-----w- c:\docume~1\dawid\daneap~1\BITS
2009-11-24 16:12:22 0 d-----w- C:\profiles
2009-11-24 16:12:04 0 d-----w- c:\program files\FlashGet Network
2009-11-23 20:37:36 0 d-----w- c:\program files\common files\ODBC
2009-11-23 20:37:31 0 d-----w- c:\program files\common files\SpeechEngines
2009-11-23 20:36:32 0 d--h--w- c:\documents and settings\all users\Szablony
2009-11-23 20:36:32 0 d-----w- c:\documents and settings\all users\Ulubione
2009-11-23 20:36:32 0 d-----w- c:\documents and settings\all users\Pulpit
2009-11-23 20:36:32 0 d-----r- c:\documents and settings\all users\Menu Start
2009-11-23 20:36:32 0 d-----r- c:\documents and settings\all users\Dokumenty
2009-11-23 20:36:03 0 d--h--r- c:\documents and settings\all users\Dane aplikacji
2009-11-23 20:25:05 0 d-----w- c:\program files\K-Lite Codec Pack
2009-11-23 20:05:09 0 d-----w- c:\program files\C-Media 3D Audio
2009-11-23 20:03:31 0 d-----w- c:\program files\Ninja
2009-11-23 19:50:50 0 d-sh--w- c:\documents and settings\all users\DRM
2009-11-23 19:50:17 0 d--h--w- c:\program files\WindowsUpdate
2009-11-23 19:50:10 0 d-----w- c:\program files\Usługi online
2009-11-23 19:49:20 0 d-----w- c:\program files\common files\MSSoap
2009-11-23 19:46:12 0 d-----w- c:\program files\Messenger
2009-11-23 19:46:04 0 d-----w- c:\program files\MSN Gaming Zone
2009-11-23 19:45:16 0 d-----w- c:\program files\Windows NT

==================== Find3M ====================

2009-11-23 20:16:00 74450 ----a-w- c:\windows\system32\perfc015.dat
2009-11-23 20:16:00 448348 ----a-w- c:\windows\system32\perfh015.dat
2009-11-23 19:47:04 21856 ----a-w- c:\windows\system32\emptyregdb.dat
2009-11-09 18:00:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll

============= FINISH: 16:03:21,15 ===============
[/log]

[log]
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 2009-11-23 20:57:31
System Uptime: 2009-12-01 14:57:04 (2 hours ago)

Motherboard: | | P4I45PE.
Processor: Intel(R) Celeron(R) CPU 2.40GHz | FC-478 | 2398/100mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 19 GiB total, 0,937 GiB free.
D: is CDROM ()
G: is CDROM ()
H: is FIXED (NTFS) - 20 GiB total, 11,568 GiB free.
I: is FIXED (NTFS) - 129 GiB total, 92,749 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1: 2009-11-23 21:00:55 - Punkt kontrolny systemu
RP2: 2009-11-23 21:07:29 - Installed RTLSetup for Realtek RTL8139/810x Family NIC 3.00
RP3: 2009-11-23 21:16:14 - Installed Opera 10.00.
RP4: 2009-11-24 17:31:49 - Installed NetLimiter 3
RP5: 2009-11-24 18:01:38 - SPTD setup V1.58
RP6: 2009-11-24 18:09:55 - Zainstalowano: Microsoft Office Professional Edition 2003
RP7: 2009-11-24 18:15:37 - Removed NetLimiter 3
RP8: 2009-11-25 16:44:54 - SPTD setup V1.62
RP9: 2009-11-25 22:23:29 - Installed PC Inspector File Recovery
RP10: 2009-11-25 22:34:13 - Removed PC Inspector File Recovery
RP11: 2009-11-27 19:50:50 - Removed Opera 10.00.
RP12: 2009-11-27 19:51:22 - Installed Opera 10.10.
RP13: 2009-11-28 20:13:47 - Punkt kontrolny systemu
RP14: 2009-11-29 18:11:12 - Zainstalowane USB PC Camera (ZS211)
RP15: 2009-11-29 18:24:17 - Installed USB PC CAMERA P227
RP16: 2009-11-29 18:39:32 - Aktualizuj do niepodpisanego sterownika
RP17: 2009-11-30 20:00:34 - Punkt kontrolny systemu
RP18: 2009-11-30 21:15:22 - Installed AVG 9.0
RP19: 2009-11-30 21:31:33 - Avg8 Update
RP20: 2009-11-30 21:31:56 - Avg8 Update

==== Installed Programs ======================

1500
1500_Help
1500Trb
7-Zip 4.65
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
AiO_Scan
AiOSoftware
ATI Display Driver
AVG 9.0
BufferChm
C-Media 3D Audio
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
DAEMON Tools Toolbar
Destinations
Dev-C++ 5 beta 9 release (4.9.9.2)
DeviceManagementQFolder
DocProc
eSupportQFolder
Fax
FlashGet 2.0
Gadu-Gadu 7.7
HijackThis 2.0.2
HP Image Zone Express
HP Imaging Device Functions 5.3
HP PSC & OfficeJet 5.3.B
HP Software Update
HP Solution Center & Imaging Support Tools 5.3
HPProductAssistant
K-Lite Mega Codec Pack 5.4.4
Microsoft .NET Framework 2.0
Microsoft Office Professional Edition 2003
Microsoft Visual C++ 2005 Redistributable
NetLimiter 2 Pro (remove only)
NewCopy
Opera 10.10
PDF to PNG Converter
ProductContext
Readme
RTLSetup for Realtek RTL8139/810x Family NIC 3.00
Scan
ScannerCopy
Skype™ 4.0
SolutionCenter
Status
TrayApp
Unload
USB PC Camera (ZS211)
USB PC CAMERA P227
WebFldrs XP
WebReg
Winamp

==== Event Viewer Messages From Past Week ========

2009-11-24 19:16:15, informacje: Windows File Protection [64002] - Podjęto próbę zamiany chronionego pliku systemowego c:\windows\system32\apphelp.dll. Dla zachowania stabilności systemu została przywrócona wersja oryginalna pliku. Wersja złego pliku: 5.1.2600.5512.

==== End Of File ===========================
[/log]

Gość
komentarz
komentarz (edytowane)

Miałem to samo ale nie tak fajna tapetke
sciagnij te programy i przeskanuj kompa http://www.idg.pl/ftp/pc_897/Anti.Trojan.5.5.420.html
http://www.pctools.com/pl/spyware-doctor/

Gość
komentarz
komentarz

Na tą infekcję to tylko ComboFix:
http://www.forumpc.pl/index.php?showtopic=120614&st=0&p=837303&fromsearch=1&#entry837303

Użyj go i wklej loga.

DawidG3
komentarz
komentarz

Log z programu [b]SDFix[/b]: [url]http://wklej.org/id/221438/[/url]

Nowy log z programu [b]RIST[/b]: [url]http://wklej.org/id/221444/[/url]

Nowy log z programu [b]OTL[/b]: [url]http://wklej.org/id/221453/[/url]
Nowy drugi log z programu [b]OTL[/b]: [url]http://wklej.org/id/221460/[/url]

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.