DawidG3 utworzono 1 grudnia 2009 utworzono 1 grudnia 2009 Cześć! Proszę o pomoc, mój kuzyn dorwał się do kompa i ściągnął jakiś syf. Nie działa mi menedżer zadań, a nowa "tapeta" wygląda tak: [URL=http://ifotos.pl/img/rqehqe.JPG]Zobacz[/URL] Poniżej podaję logi z programów: [b]OTL[/b] [log]OTL logfile created on: 2009-12-01 15:13:59 - Run 2 OTL by OldTimer - Version 3.1.11.4 Folder = C:\Documents and Settings\Dawid\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1023,48 Mb Total Physical Memory | 523,22 Mb Available Physical Memory | 51,12% Memory free 2,40 Gb Paging File | 1,87 Gb Available in Paging File | 77,76% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 18,99 Gb Total Space | 0,94 Gb Free Space | 4,96% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded Drive H: | 20,01 Gb Total Space | 11,57 Gb Free Space | 57,81% Space Free | Partition Type: NTFS Drive I: | 129,03 Gb Total Space | 92,75 Gb Free Space | 71,88% Space Free | Partition Type: NTFS Computer Name: FLATRON Current User Name: Dawid Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 30 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2009-12-01 15:03:51 | 00,535,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dawid\Pulpit\OTL.exe PRC - [2009-11-30 21:16:28 | 01,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe PRC - [2009-11-30 21:16:25 | 00,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe PRC - [2009-11-30 21:16:25 | 00,502,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe PRC - [2009-11-30 21:16:24 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe PRC - [2009-11-30 21:16:20 | 02,020,120 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe PRC - [2009-11-30 21:16:18 | 02,304,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgfws9.exe PRC - [2009-11-30 21:16:14 | 00,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe PRC - [2009-11-30 21:16:13 | 00,827,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe PRC - [2009-11-30 21:16:12 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe PRC - [2009-11-30 21:16:09 | 00,592,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe PRC - [2009-11-30 21:16:07 | 05,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe PRC - [2009-11-20 19:01:18 | 00,832,296 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2009-02-25 22:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2008-04-15 13:00:00 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-15 13:00:00 | 00,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-15 13:00:00 | 00,216,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\osk.exe PRC - [2008-04-15 13:00:00 | 00,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-04-15 13:00:00 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2008-04-15 13:00:00 | 00,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-15 13:00:00 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2008-04-15 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-15 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-15 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-15 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-15 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2008-04-15 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-15 13:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2008-04-15 13:00:00 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-15 13:00:00 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msswchx.exe PRC - [2008-04-15 13:00:00 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2007-03-21 19:57:56 | 00,516,096 | ---- | M] (Locktime Software) -- C:\Program Files\NetLimiter 2 Pro\nlsvc.exe PRC - [2004-09-29 12:14:36 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2009-12-01 15:03:51 | 00,535,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dawid\Pulpit\OTL.exe MOD - [2008-04-15 13:00:00 | 08,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2008-04-15 13:00:00 | 01,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2008-04-15 13:00:00 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2008-04-15 13:00:00 | 01,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2008-04-15 13:00:00 | 00,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-15 13:00:00 | 00,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-04-15 13:00:00 | 00,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2008-04-15 13:00:00 | 00,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2008-04-15 13:00:00 | 00,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-15 13:00:00 | 00,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-15 13:00:00 | 00,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2008-04-15 13:00:00 | 00,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-15 13:00:00 | 00,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-04-15 13:00:00 | 00,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-15 13:00:00 | 00,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-15 13:00:00 | 00,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll MOD - [2008-04-15 13:00:00 | 00,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-15 13:00:00 | 00,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-15 13:00:00 | 00,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-15 13:00:00 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2008-04-15 13:00:00 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-15 13:00:00 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-15 13:00:00 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-11-30 21:16:18 | 02,304,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgfws9.exe -- (avgfws9) SRV - [2009-11-30 21:16:14 | 00,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc) SRV - [2009-11-30 21:16:12 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd) SRV - [2009-11-30 21:16:07 | 05,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2009-02-25 22:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller) SRV - [2009-02-25 15:15:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart) SRV - [2007-03-21 19:57:56 | 00,516,096 | ---- | M] (Locktime Software) -- C:\Program Files\NetLimiter 2 Pro\nlsvc.exe -- (nlsvc) SRV - [2005-11-14 01:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2004-09-29 12:14:36 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) SRV - [2003-07-28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009-11-30 21:17:06 | 00,025,608 | ---- | M] (AVG Technologies ) -- C:\WINDOWS\System32\Drivers\AVGIDSxx.sys -- (AVGIDSErHrxpx) DRV - [2009-11-30 21:17:04 | 00,161,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86) DRV - [2009-11-30 21:17:03 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX) DRV - [2009-11-30 21:16:50 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86) DRV - [2009-11-30 21:16:48 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86) DRV - [2009-11-30 21:16:11 | 00,122,376 | ---- | M] (AVG Technologies ) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys -- (AVGIDSDriverxpx) DRV - [2009-11-30 21:16:10 | 00,030,216 | ---- | M] (AVG Technologies ) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys -- (AVGIDSFilterxpx) DRV - [2009-11-30 21:16:09 | 00,025,736 | ---- | M] (AVG Technologies ) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys -- (AVGIDSShimxpx) DRV - [2009-11-30 21:15:42 | 00,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd) DRV - [2009-11-30 21:15:42 | 00,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx) DRV - [2009-11-25 16:44:55 | 00,691,696 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-07-09 09:06:10 | 00,119,798 | ---- | M] (SP) -- C:\WINDOWS\system32\drivers\SPCA561.SYS -- (CA561) ICatch (VI) DRV - [2009-02-25 23:58:57 | 03,565,568 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2008-04-15 13:00:00 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2008-04-15 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) DRV - [2008-04-14 01:15:30 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2007-04-23 12:03:04 | 00,082,200 | ---- | M] (Locktime Software) -- C:\WINDOWS\system32\drivers\nltdi.sys -- (nltdi) DRV - [2005-03-08 05:43:27 | 00,021,744 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12) DRV - [2005-03-08 05:43:26 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12) DRV - [2005-03-08 05:43:25 | 00,051,120 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412) DRV - [2004-01-08 11:37:02 | 00,812,416 | ---- | M] (C-Media Inc) -- C:\WINDOWS\system32\drivers\cmuda.sys -- (cmuda) DRV - [2002-06-13 10:37:16 | 00,045,568 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1757981266-1592454029-1644491937-1003\S-1-5-21-1757981266-1592454029-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: (742 bytes) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (FG2CatchUrl) - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll (FlashGet) O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1757981266-1592454029-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-21-1757981266-1592454029-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1 O7 - HKU\S-1-5-21-1757981266-1592454029-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O7 - HKU\S-1-5-21-1757981266-1592454029-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm () O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm () O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.100 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-11-23 20:52:40 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009-09-19 19:35:59 | 00,000,000 | ---- | M] () - H:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009-11-23 18:51:45 | 00,000,000 | RHSD | M] - H:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2009-11-23 18:51:48 | 00,000,000 | RHSD | M] - I:\autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (*) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2009-11-23 20:51:46 | 00,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-12-01 15:03:51 | 00,535,552 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dawid\Pulpit\OTL.exe [2009-12-01 14:54:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss [2009-11-30 21:17:32 | 00,000,000 | -H-D | C] -- C:\$AVG [2009-11-30 21:17:08 | 00,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll [2009-11-30 21:17:06 | 00,025,608 | ---- | C] (AVG Technologies ) -- C:\WINDOWS\System32\drivers\AVGIDSxx.sys [2009-11-30 21:17:04 | 00,161,800 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys [2009-11-30 21:17:02 | 00,360,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys [2009-11-30 21:16:49 | 00,333,192 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys [2009-11-30 21:16:48 | 00,028,424 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys [2009-11-30 21:16:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg [2009-11-30 21:15:42 | 00,050,968 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgfwdx.dll [2009-11-30 21:15:42 | 00,030,104 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgfwdx.sys [2009-11-30 21:15:42 | 00,000,000 | ---D | C] -- C:\Program Files\AVG [2009-11-30 21:15:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9 [2009-11-30 20:42:26 | 00,000,000 | ---D | C] -- C:\Program Files\AdvancedVirusRemover [2009-11-30 20:36:49 | 00,000,000 | ---D | C] -- C:\Program Files\PDFtoPNG [2009-11-29 19:21:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\.gstreamer-0.10 [2009-11-29 18:24:51 | 00,048,128 | ---- | C] (PixArt Imaging Incorporation) -- C:\WINDOWS\System32\Remove.exe [2009-11-29 18:24:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\PixArt [2009-11-29 18:24:40 | 00,000,000 | ---D | C] -- C:\Program Files\PC Camera [2009-11-29 18:24:40 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PAC207 [2009-11-29 18:11:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\EffectResources [2009-11-29 18:11:15 | 00,102,400 | ---- | C] (www.zsmc.com.cn) -- C:\WINDOWS\ZS211Cap.exe [2009-11-29 18:11:15 | 00,081,920 | ---- | C] (zsmc) -- C:\WINDOWS\System32\ZS211sti.dll [2009-11-29 18:11:15 | 00,057,344 | ---- | C] (ZSMC) -- C:\WINDOWS\Sti211.exe [2009-11-29 18:11:14 | 00,391,836 | ---- | C] (ZSMC Corporation) -- C:\WINDOWS\System32\drivers\ZS211.sys [2009-11-29 18:11:14 | 00,172,115 | ---- | C] (ZSMC) -- C:\WINDOWS\System32\ZS211Prp.Ax [2009-11-29 18:11:14 | 00,049,152 | ---- | C] (ZSMCSNAP) -- C:\WINDOWS\ZSSnp211.exe [2009-11-29 18:11:14 | 00,000,000 | ---D | C] -- C:\Program Files\Vimicro [2009-11-29 18:11:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\CatRoot [2009-11-29 18:02:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\skypePM [2009-11-29 17:59:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Skype [2009-11-29 17:58:17 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2009-11-29 17:56:22 | 00,000,000 | R--D | C] -- C:\Program Files\Skype [2009-11-29 17:55:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype [2009-11-29 15:22:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Mozilla [2009-11-28 23:14:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2009-11-28 23:14:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\OpenFM [2009-11-28 23:07:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Gadu-Gadu 10 [2009-11-28 09:49:31 | 00,000,000 | ---D | C] -- C:\Program Files\AMT [2009-11-28 09:19:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Macromedia [2009-11-28 09:19:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Adobe [2009-11-27 21:28:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Dev-Cpp [2009-11-27 21:27:51 | 00,000,000 | ---D | C] -- C:\Dev-Cpp [2009-11-26 21:32:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Gadu-Gadu [2009-11-26 21:18:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Nero [2009-11-24 19:29:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Locktime [2009-11-24 19:27:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Locktime [2009-11-24 19:27:05 | 00,000,000 | ---D | C] -- C:\Program Files\NetLimiter 2 Pro [2009-11-24 19:21:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Gadu-Gadu [2009-11-24 19:21:37 | 00,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu [2009-11-24 18:46:20 | 00,000,000 | R--D | C] -- C:\Nowy folder [2009-11-24 18:41:06 | 00,000,000 | ---D | C] -- C:\Program Files\Winamp [2009-11-24 18:41:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Winamp [2009-11-24 18:16:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt [2009-11-24 18:10:52 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2009-11-24 18:10:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW [2009-11-24 18:10:20 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2009-11-24 18:10:20 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2009-11-24 18:07:49 | 00,000,000 | RH-D | C] -- C:\MSOCache [2009-11-24 18:06:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-11-24 18:06:08 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar [2009-11-24 18:06:02 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite [2009-11-24 18:01:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\DAEMON Tools Lite [2009-11-24 17:57:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\HP [2009-11-24 17:56:34 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\HP [2009-11-24 17:53:12 | 00,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard [2009-11-24 17:51:25 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard [2009-11-24 17:46:22 | 00,000,000 | ---D | C] -- C:\Program Files\HP [2009-11-24 17:45:09 | 00,000,000 | -H-D | C] -- C:\Config.Msi [2009-11-24 17:43:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\HP [2009-11-24 17:15:29 | 00,000,000 | R--D | C] -- C:\Downloads [2009-11-24 17:12:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\BITS [2009-11-24 17:12:22 | 00,000,000 | ---D | C] -- C:\profiles [2009-11-24 17:12:04 | 00,000,000 | ---D | C] -- C:\Program Files\FlashGet Network [2009-11-23 21:40:02 | 00,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\RTL8139.sys [2009-11-23 21:37:38 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer [2009-11-23 21:37:36 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC [2009-11-23 21:37:31 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines [2009-11-23 21:37:30 | 00,000,000 | R--D | C] -- C:\Program Files [2009-11-23 21:37:30 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared [2009-11-23 21:37:30 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files [2009-11-23 21:36:32 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start [2009-11-23 21:36:32 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty [2009-11-23 21:36:32 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Szablony [2009-11-23 21:36:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Ulubione [2009-11-23 21:36:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Pulpit [2009-11-23 21:36:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2 [2009-11-23 21:36:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot [2009-11-23 21:36:03 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft [2009-11-23 21:36:03 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji [2009-11-23 21:35:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings [2009-11-23 21:35:26 | 00,000,000 | -HSD | C] -- C:\System Volume Information [2009-11-23 21:30:13 | 00,000,000 | ---D | C] -- C:\Program Files\7-Zip [2009-11-23 21:25:16 | 00,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll [2009-11-23 21:25:12 | 00,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm [2009-11-23 21:25:12 | 00,118,784 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm [2009-11-23 21:25:11 | 00,217,088 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll [2009-11-23 21:25:10 | 00,685,056 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx.dll [2009-11-23 21:25:10 | 00,090,112 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll [2009-11-23 21:25:05 | 00,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack [2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\WinSxS [2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt [2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-pl [2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\pl [2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\PeerNet [2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\pchealth [2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic [2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\mui [2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas [2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv [2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IME [2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\ime [2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\ehome [2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi [2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3076 [2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\2052 [2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1054 [2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1045 [2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1042 [2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1041 [2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1037 [2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1033 [2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1031 [2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1028 [2009-11-23 21:24:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1025 [2009-11-23 21:24:25 | 00,000,000 | R-SD | C] -- C:\WINDOWS\Fonts [2009-11-23 21:24:25 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache [2009-11-23 21:24:25 | 00,000,000 | R--D | C] -- C:\WINDOWS\Web [2009-11-23 21:24:25 | 00,000,000 | -H-D | C] -- C:\WINDOWS\inf [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wins [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\twain_32 [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\Temp [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\system32 [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\system [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\spool [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\security [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\Resources [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\repair [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ras [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\Provisioning [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\npp [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\mui [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\msapps [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\msagent [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\Media [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\java [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ias [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\Help [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\export [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\Debug [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cursors [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\config [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\Config [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\AppPatch [2009-11-23 21:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\addins [2009-11-23 21:23:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Media Player Classic [2009-11-23 21:16:34 | 00,000,000 | ---D | C] -- C:\ATI [2009-11-23 21:16:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Ustawienia lokalne\Dane aplikacji\Opera [2009-11-23 21:16:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Opera [2009-11-23 21:16:16 | 00,000,000 | ---D | C] -- C:\Program Files\Opera [2009-11-23 21:11:28 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly [2009-11-23 21:10:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET [2009-11-23 21:07:30 | 00,045,568 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\R8139n51.sys [2009-11-23 21:07:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS [2009-11-23 21:07:10 | 00,000,000 | ---D | C] -- C:\Program Files\Intel [2009-11-23 21:06:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups [2009-11-23 21:06:20 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2009-11-23 21:06:09 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2009-11-23 21:05:11 | 01,454,080 | ---- | C] (C-Media Electronics Inc.) -- C:\WINDOWS\System\SmWizard.exe [2009-11-23 21:05:11 | 00,032,768 | ---- | C] (C-Media Corporation) -- C:\WINDOWS\System32\udaprop.dll [2009-11-23 21:05:10 | 02,453,504 | ---- | C] (C-Media Corporation) -- C:\WINDOWS\System\cmicnfg.cpl [2009-11-23 21:05:10 | 00,917,504 | ---- | C] (C-Media Electronics Inc.) -- C:\WINDOWS\System\cmids3d.dll [2009-11-23 21:05:10 | 00,812,416 | ---- | C] (C-Media Inc) -- C:\WINDOWS\System32\drivers\cmuda.sys [2009-11-23 21:05:10 | 00,151,552 | ---- | C] (C-Media) -- C:\WINDOWS\System32\cmuda.dll [2009-11-23 21:05:09 | 00,000,000 | ---D | C] -- C:\Program Files\C-Media 3D Audio [2009-11-23 21:03:43 | 00,000,000 | -HSD | C] -- C:\RECYCLER [2009-11-23 21:03:31 | 00,000,000 | ---D | C] -- C:\Program Files\Ninja [2009-11-23 21:02:28 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Dawid\UserData [2009-11-23 21:00:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Identities [2009-11-23 21:00:24 | 00,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information [2009-11-23 21:00:19 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Dawid\Moje dokumenty\Moja muzyka [2009-11-23 21:00:18 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Dawid\Moje dokumenty\Moje obrazy [2009-11-23 21:00:11 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Microsoft [2009-11-23 21:00:11 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Dawid\Cookies [2009-11-23 21:00:11 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Dawid\SendTo [2009-11-23 21:00:11 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Dawid\Recent [2009-11-23 21:00:11 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji [2009-11-23 21:00:11 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Dawid\Ulubione [2009-11-23 21:00:11 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Dawid\Moje dokumenty [2009-11-23 21:00:11 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Dawid\Menu Start [2009-11-23 21:00:11 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Dawid\Szablony [2009-11-23 21:00:11 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Dawid\PrintHood [2009-11-23 21:00:11 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Dawid\NetHood [2009-11-23 21:00:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Pulpit [2009-11-23 21:00:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Ustawienia lokalne\Dane aplikacji\Microsoft [2009-11-23 21:00:10 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Dawid\Ustawienia lokalne [2009-11-23 20:59:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution [2009-11-23 20:59:14 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft [2009-11-23 20:59:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2009-11-23 20:56:37 | 00,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll [2009-11-23 20:56:37 | 00,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll [2009-11-23 20:56:37 | 00,029,184 | ---- | C] (RICOH Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll [2009-11-23 20:54:54 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll [2009-11-23 20:54:54 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll [2009-11-23 20:54:54 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll [2009-11-23 20:54:09 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys [2009-11-23 20:53:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom [2009-11-23 20:53:22 | 00,000,000 | ---D | C] -- C:\Program Files\xerox [2009-11-23 20:53:22 | 00,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage [2009-11-23 20:50:50 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM [2009-11-23 20:50:34 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files [2009-11-23 20:50:34 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages [2009-11-23 20:50:17 | 00,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate [2009-11-23 20:50:10 | 00,000,000 | ---D | C] -- C:\Program Files\Usługi online [2009-11-23 20:49:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX [2009-11-23 20:49:25 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Services [2009-11-23 20:49:21 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks [2009-11-23 20:49:20 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap [2009-11-23 20:49:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst [2009-11-23 20:49:07 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed [2009-11-23 20:48:53 | 00,000,000 | ---D | C] -- C:\Program Files\Movie Maker [2009-11-23 20:48:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore [2009-11-23 20:48:17 | 00,000,000 | ---D | C] -- C:\Program Files\NetMeeting [2009-11-23 20:48:14 | 00,000,000 | ---D | C] -- C:\Program Files\Outlook Express [2009-11-23 20:48:05 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\System [2009-11-23 20:48:02 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Explorer [2009-11-23 20:48:01 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy [2009-11-23 20:46:49 | 00,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications [2009-11-23 20:46:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration [2009-11-23 20:46:23 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka [2009-11-23 20:46:23 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Player [2009-11-23 20:46:12 | 00,000,000 | ---D | C] -- C:\Program Files\Messenger [2009-11-23 20:46:04 | 00,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone [2009-11-23 20:45:17 | 00,283,136 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe [2009-11-23 20:45:16 | 00,000,000 | ---D | C] -- C:\Program Files\Windows NT [2009-11-23 20:45:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc [2009-11-23 20:45:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Com [2009-11-23 20:44:49 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2009-12-01 15:09:22 | 00,084,352 | ---- | M] () -- C:\Documents and Settings\Dawid\Pulpit\p.JPG [2009-12-01 15:06:22 | 00,781,909 | ---- | M] () -- C:\Documents and Settings\Dawid\Pulpit\RSIT.exe [2009-12-01 15:03:51 | 00,535,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dawid\Pulpit\OTL.exe [2009-12-01 15:03:40 | 45,983,486 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2009-12-01 15:02:30 | 00,106,272 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg [2009-12-01 15:00:15 | 01,835,008 | -H-- | M] () -- C:\Documents and Settings\Dawid\NTUSER.DAT [2009-12-01 14:58:03 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-12-01 14:57:55 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-12-01 14:56:19 | 00,000,188 | -HS- | M] () -- C:\Documents and Settings\Dawid\ntuser.ini [2009-12-01 14:56:14 | 06,291,456 | -H-- | M] () -- C:\Documents and Settings\Dawid\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-12-01 14:55:25 | 00,000,958 | ---- | M] () -- C:\WINDOWS\win.ini [2009-12-01 14:55:25 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2009-12-01 14:55:25 | 00,000,211 | -HS- | M] () -- C:\boot.ini [2009-11-30 21:28:12 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\41.exe [2009-11-30 21:28:08 | 00,000,741 | ---- | M] () -- C:\WINDOWS\System32\critical_warning.html [2009-11-30 21:17:09 | 00,001,511 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AVG 9.0.lnk [2009-11-30 21:17:08 | 00,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll [2009-11-30 21:17:06 | 00,025,608 | ---- | M] (AVG Technologies ) -- C:\WINDOWS\System32\drivers\AVGIDSxx.sys [2009-11-30 21:17:04 | 00,161,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys [2009-11-30 21:17:03 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys [2009-11-30 21:16:50 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys [2009-11-30 21:16:48 | 00,544,112 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavifw.avm [2009-11-30 21:16:48 | 00,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm [2009-11-30 21:16:48 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys [2009-11-30 21:16:40 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg [2009-11-30 21:16:40 | 00,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg [2009-11-30 21:15:42 | 00,050,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgfwdx.dll [2009-11-30 21:15:42 | 00,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgfwdx.sys [2009-11-30 21:02:19 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18467.exe [2009-11-30 20:44:53 | 00,128,616 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\46C-1-001.png [2009-11-30 20:42:08 | 00,022,528 | ---- | M] () -- C:\WINDOWS\System32\winhelper86.dll [2009-11-30 19:41:52 | 00,118,784 | ---- | M] () -- C:\Documents and Settings\Dawid\Pulpit\Nowy Dokument programu Microsoft Word.doc [2009-11-30 19:07:06 | 00,052,224 | ---- | M] () -- C:\Documents and Settings\Dawid\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-11-29 18:02:06 | 00,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat [2009-11-29 13:01:59 | 00,020,992 | ---- | M] () -- C:\Documents and Settings\Dawid\Pulpit\Nowy Dokument programu Microsoft Word (2).doc [2009-11-25 16:44:55 | 00,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-11-24 19:29:51 | 00,017,464 | ---- | M] () -- C:\Documents and Settings\Dawid\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-11-24 19:26:12 | 00,113,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-11-24 18:13:25 | 00,000,421 | ---- | M] () -- C:\WINDOWS\ODBC.INI [2009-11-24 17:58:08 | 00,113,547 | ---- | M] () -- C:\WINDOWS\hpoins07.dat [2009-11-23 21:41:41 | 00,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF [2009-11-23 21:31:00 | 00,000,486 | ---- | M] () -- C:\WINDOWS\System\CmiCnfg.ini [2009-11-23 21:26:43 | 00,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin [2009-11-23 21:16:00 | 00,866,660 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009-11-23 21:16:00 | 00,448,348 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2009-11-23 21:16:00 | 00,392,432 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2009-11-23 21:16:00 | 00,074,450 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2009-11-23 21:16:00 | 00,058,732 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2009-11-23 21:05:13 | 00,000,092 | ---- | M] () -- C:\WINDOWS\CMISETUP.INI [2009-11-23 21:05:13 | 00,000,026 | ---- | M] () -- C:\WINDOWS\CMCDPLAY.INI [2009-11-23 21:05:11 | 00,000,000 | ---- | M] () -- C:\WINDOWS\Wininit.ini [2009-11-23 21:00:08 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-11-23 20:58:57 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD [2009-11-23 20:57:38 | 00,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2009-11-23 20:52:40 | 00,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2009-11-23 20:52:40 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2009-11-23 20:52:40 | 00,000,000 | RHS- | M] () -- C:\IO.SYS [2009-11-23 20:52:40 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini [2009-11-23 20:52:40 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS [2009-11-23 20:52:40 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2009-11-23 20:52:29 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2009-11-23 20:52:28 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2009-11-23 20:52:28 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2009-11-23 20:52:08 | 00,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2009-11-23 20:50:34 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2009-11-23 20:50:34 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest [2009-11-23 20:50:25 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2009-11-23 20:50:25 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest [2009-11-23 20:50:25 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2009-11-23 20:50:25 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2009-11-23 20:50:25 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2009-11-23 20:50:25 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2009-11-23 20:47:04 | 00,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2009-11-23 20:46:45 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini [2009-11-23 20:46:45 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini [2009-11-09 19:00:00 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll [2009-11-09 19:00:00 | 00,085,504 | ---- | M] () -- C:\WINDOWS\System32\ff_vfw.dll [2009-11-09 19:00:00 | 00,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.ini [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2009-12-01 15:09:20 | 00,084,352 | ---- | C] () -- C:\Documents and Settings\Dawid\Pulpit\p.JPG [2009-12-01 15:06:18 | 00,781,909 | ---- | C] () -- C:\Documents and Settings\Dawid\Pulpit\RSIT.exe [2009-11-30 21:17:09 | 00,001,511 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AVG 9.0.lnk [2009-11-30 21:16:48 | 00,544,112 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavifw.avm [2009-11-30 21:16:48 | 00,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm [2009-11-30 21:16:40 | 45,983,486 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2009-11-30 21:16:40 | 06,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg [2009-11-30 21:16:40 | 00,492,629 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg [2009-11-30 21:16:40 | 00,106,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg [2009-11-30 21:02:19 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\18467.exe [2009-11-30 20:44:12 | 00,128,616 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\46C-1-001.png [2009-11-30 20:42:20 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\41.exe [2009-11-30 20:42:08 | 00,022,528 | ---- | C] () -- C:\WINDOWS\System32\winhelper86.dll [2009-11-30 20:42:02 | 00,000,741 | ---- | C] () -- C:\WINDOWS\System32\critical_warning.html [2009-11-29 18:24:51 | 00,000,631 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini [2009-11-29 18:11:15 | 00,049,152 | ---- | C] () -- C:\WINDOWS\Domino.exe [2009-11-29 18:02:06 | 00,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2009-11-29 12:48:11 | 00,020,992 | ---- | C] () -- C:\Documents and Settings\Dawid\Pulpit\Nowy Dokument programu Microsoft Word (2).doc [2009-11-28 09:55:53 | 00,118,784 | ---- | C] () -- C:\Documents and Settings\Dawid\Pulpit\Nowy Dokument programu Microsoft Word.doc [2009-11-24 18:46:01 | 00,052,224 | ---- | C] () -- C:\Documents and Settings\Dawid\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-11-24 18:13:24 | 00,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009-11-24 18:01:41 | 00,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-11-24 17:44:06 | 00,000,726 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2009-11-24 17:44:04 | 00,113,547 | ---- | C] () -- C:\WINDOWS\hpoins07.dat [2009-11-24 17:44:04 | 00,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat [2009-11-23 21:41:41 | 00,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF [2009-11-23 21:37:33 | 01,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd [2009-11-23 21:37:33 | 00,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf [2009-11-23 21:37:32 | 00,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa [2009-11-23 21:37:32 | 00,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa [2009-11-23 21:37:26 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls [2009-11-23 21:37:26 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls [2009-11-23 21:37:22 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls [2009-11-23 21:37:22 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls [2009-11-23 21:37:22 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls [2009-11-23 21:37:22 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls [2009-11-23 21:37:22 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls [2009-11-23 21:37:22 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls [2009-11-23 21:37:12 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls [2009-11-23 21:37:12 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS [2009-11-23 21:37:12 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls [2009-11-23 21:37:12 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls [2009-11-23 21:37:12 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls [2009-11-23 21:37:12 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls [2009-11-23 21:37:08 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls [2009-11-23 21:37:08 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls [2009-11-23 21:37:08 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls [2009-11-23 21:37:08 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls [2009-11-23 21:37:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls [2009-11-23 21:37:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls [2009-11-23 21:37:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls [2009-11-23 21:37:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS [2009-11-23 21:37:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls [2009-11-23 21:37:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls [2009-11-23 21:37:07 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls [2009-11-23 21:37:07 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls [2009-11-23 21:37:07 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls [2009-11-23 21:37:07 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls [2009-11-23 21:37:07 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls [2009-11-23 21:37:07 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS [2009-11-23 21:37:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls [2009-11-23 21:37:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls [2009-11-23 21:36:57 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls [2009-11-23 21:36:57 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls [2009-11-23 21:36:57 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls [2009-11-23 21:36:57 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls [2009-11-23 21:36:57 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls [2009-11-23 21:36:57 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls [2009-11-23 21:36:49 | 00,001,734 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT [2009-11-23 21:36:32 | 00,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat [2009-11-23 21:36:32 | 00,105,628 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat [2009-11-23 21:36:32 | 00,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat [2009-11-23 21:36:32 | 00,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT [2009-11-23 21:36:32 | 00,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT [2009-11-23 21:36:32 | 00,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT [2009-11-23 21:36:31 | 00,808,524 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT [2009-11-23 21:36:31 | 00,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2009-11-23 21:36:31 | 00,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT [2009-11-23 21:36:31 | 00,033,765 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT [2009-11-23 21:36:31 | 00,016,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT [2009-11-23 21:36:31 | 00,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT [2009-11-23 21:36:31 | 00,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT [2009-11-23 21:36:31 | 00,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat [2009-11-23 21:36:30 | 02,033,887 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT [2009-11-23 21:36:30 | 01,246,357 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT [2009-11-23 21:36:30 | 00,634,012 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT [2009-11-23 21:35:26 | 00,113,376 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-11-23 21:34:43 | 00,000,211 | -HS- | C] () -- C:\boot.ini [2009-11-23 21:34:37 | 00,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf [2009-11-23 21:26:43 | 00,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2009-11-23 21:25:14 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2009-11-23 21:25:12 | 00,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml [2009-11-23 21:25:11 | 00,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-11-23 21:25:11 | 00,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009-11-23 21:25:10 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009-11-23 21:25:07 | 00,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009-11-23 21:25:07 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009-11-23 21:18:15 | 00,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-11-23 21:17:27 | 00,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe [2009-11-23 21:05:13 | 00,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI [2009-11-23 21:05:13 | 00,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI [2009-11-23 21:05:11 | 00,000,486 | ---- | C] () -- C:\WINDOWS\System\CmiCnfg.ini [2009-11-23 21:05:11 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Wininit.ini [2009-11-23 21:05:10 | 00,233,472 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe [2009-11-23 21:05:10 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll [2009-11-23 21:05:09 | 00,266,240 | ---- | C] () -- C:\WINDOWS\CMIUninstall.exe [2009-11-23 21:05:09 | 00,225,280 | ---- | C] () -- C:\WINDOWS\CmiRmRedundDir.exe [2009-11-23 21:05:09 | 00,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll [2009-11-23 21:00:13 | 00,000,188 | -HS- | C] () -- C:\Documents and Settings\Dawid\ntuser.ini [2009-11-23 21:00:10 | 01,835,008 | -H-- | C] () -- C:\Documents and Settings\Dawid\NTUSER.DAT [2009-11-23 20:58:57 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD [2009-11-23 20:57:38 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2009-11-23 20:57:29 | 00,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls [2009-11-23 20:56:27 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls [2009-11-23 20:56:27 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls [2009-11-23 20:56:24 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll [2009-11-23 20:55:45 | 00,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls [2009-11-23 20:55:44 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex [2009-11-23 20:55:30 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe [2009-11-23 20:55:26 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe [2009-11-23 20:55:23 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex [2009-11-23 20:55:12 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll [2009-11-23 20:55:05 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex [2009-11-23 20:54:59 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll [2009-11-23 20:54:13 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll [2009-11-23 20:54:08 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls [2009-11-23 20:54:08 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls [2009-11-23 20:54:08 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls [2009-11-23 20:54:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls [2009-11-23 20:54:07 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls [2009-11-23 20:54:07 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls [2009-11-23 20:54:07 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls [2009-11-23 20:54:07 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls [2009-11-23 20:54:07 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls [2009-11-23 20:54:06 | 00,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls [2009-11-23 20:54:06 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls [2009-11-23 20:54:06 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls [2009-11-23 20:54:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls [2009-11-23 20:54:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls [2009-11-23 20:54:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls [2009-11-23 20:54:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls [2009-11-23 20:54:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls [2009-11-23 20:54:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls [2009-11-23 20:54:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls [2009-11-23 20:54:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls [2009-11-23 20:54:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls [2009-11-23 20:54:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls [2009-11-23 20:54:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls [2009-11-23 20:54:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls [2009-11-23 20:54:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls [2009-11-23 20:54:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls [2009-11-23 20:54:04 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls [2009-11-23 20:54:04 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls [2009-11-23 20:54:04 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls [2009-11-23 20:54:04 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls [2009-11-23 20:54:03 | 00,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls [2009-11-23 20:54:03 | 00,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls [2009-11-23 20:54:03 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls [2009-11-23 20:54:03 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls [2009-11-23 20:54:03 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls [2009-11-23 20:54:03 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls [2009-11-23 20:54:02 | 00,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls [2009-11-23 20:54:02 | 00,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls [2009-11-23 20:54:02 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls [2009-11-23 20:54:02 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls [2009-11-23 20:54:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls [2009-11-23 20:54:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls [2009-11-23 20:54:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls [2009-11-23 20:54:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls [2009-11-23 20:54:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls [2009-11-23 20:54:00 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls [2009-11-23 20:53:59 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls [2009-11-23 20:53:59 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls [2009-11-23 20:53:59 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls [2009-11-23 20:53:59 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls [2009-11-23 20:53:59 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls [2009-11-23 20:53:59 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls [2009-11-23 20:53:58 | 00,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls [2009-11-23 20:53:58 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls [2009-11-23 20:53:58 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls [2009-11-23 20:53:58 | 00,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls [2009-11-23 20:53:58 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls [2009-11-23 20:53:58 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls [2009-11-23 20:53:57 | 00,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls [2009-11-23 20:53:56 | 00,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls [2009-11-23 20:52:40 | 00,002,596 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT [2009-11-23 20:52:40 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2009-11-23 20:52:40 | 00,000,000 | RHS- | C] () -- C:\IO.SYS [2009-11-23 20:52:40 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS [2009-11-23 20:52:40 | 00,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT [2009-11-23 20:52:28 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb [2009-11-23 20:52:28 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb [2009-11-23 20:52:26 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx [2009-11-23 20:50:34 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2009-11-23 20:50:34 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2009-11-23 20:50:25 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2009-11-23 20:50:25 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest [2009-11-23 20:50:25 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2009-11-23 20:50:25 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2009-11-23 20:50:25 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2009-11-23 20:50:25 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2009-11-23 20:49:57 | 04,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex [2009-11-23 20:49:41 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp [2009-11-23 20:49:41 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp [2009-11-23 20:49:29 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf [2009-11-23 20:48:24 | 00,380,416 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll [2009-11-23 20:47:04 | 00,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2009-11-23 20:45:40 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Stiuk z Santa Fe.bmp [2009-11-23 20:45:40 | 00,026,680 | ---- | C] () -- C:\WINDOWS\Wachlarze.bmp [2009-11-23 20:45:40 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Indiański pled.bmp [2009-11-23 20:45:39 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Pod mikroskopem.bmp [2009-11-23 20:45:39 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Nefryt.bmp [2009-11-23 20:45:39 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp [2009-11-23 20:45:39 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Na rybkach.bmp [2009-11-23 20:45:38 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Bąbelki.bmp [2009-11-23 20:45:38 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Kawa.bmp [2009-11-23 20:45:38 | 00,016,730 | ---- | C] () -- C:\WINDOWS\Puch.bmp [2009-11-23 20:45:38 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Niebieska koronka 16.bmp [2009-11-23 20:45:37 | 00,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce [2009-11-23 20:45:36 | 00,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce [2009-11-23 20:45:36 | 00,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce [2009-11-23 20:45:36 | 00,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce [2009-11-23 20:45:36 | 00,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce [2009-11-23 20:45:36 | 00,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce [2009-11-23 20:45:32 | 00,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce [2009-11-23 20:45:32 | 00,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce [2009-11-23 20:45:30 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h [2009-11-23 20:45:30 | 00,001,225 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd [2009-11-23 20:45:28 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h [2009-11-23 20:45:18 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc [2007-06-29 11:07:36 | 00,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP207.ini [2001-07-06 15:30:02 | 00,003,234 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI [color=#E56717]========== LOP Check ==========[/color] [2009-11-30 21:15:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9 [2009-11-25 16:44:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-11-24 19:27:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Locktime [2009-11-29 19:40:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2009-12-01 14:55:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dawid\Dane aplikacji\BITS [2009-11-24 18:07:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dawid\Dane aplikacji\DAEMON Tools Lite [2009-11-27 21:38:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dawid\Dane aplikacji\Dev-Cpp [2009-11-26 21:32:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dawid\Dane aplikacji\Gadu-Gadu [2009-11-28 23:10:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dawid\Dane aplikacji\Gadu-Gadu 10 [2009-11-24 19:29:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dawid\Dane aplikacji\Locktime [2009-11-28 23:14:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dawid\Dane aplikacji\OpenFM [2009-11-23 21:16:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dawid\Dane aplikacji\Opera [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-11-23 20:52:40 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2009-12-01 14:55:25 | 00,000,211 | -HS- | M] () -- C:\boot.ini [2008-04-15 13:00:00 | 00,004,952 | RHS- | M] () -- C:\Bootfont.bin [2009-11-23 20:52:40 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS [2009-11-28 10:19:30 | 00,045,547 | ---- | M] () -- C:\hookapiA.log [2009-11-23 20:52:40 | 00,000,000 | RHS- | M] () -- C:\IO.SYS [2009-11-23 20:52:40 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008-04-15 13:00:00 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008-04-15 13:00:00 | 00,251,152 | RHS- | M] () -- C:\ntldr [2009-12-01 14:57:46 | 16,106,12736 | -HS- | M] () -- C:\pagefile.sys < End of report > [/log] [b]RIST[/b] [log]Logfile of random's system information tool 1.06 (written by random/random) Run by Dawid at 2009-12-01 15:20:08 Microsoft Windows XP Professional Dodatek Service Pack 3 System drive C: has 964 MB (5%) free of 19 GB Total RAM: 1023 MB (55% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:20:23, on 2009-12-01 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files\AVG\AVG9\avgfws9.exe C:\Program Files\NetLimiter 2 Pro\nlsvc.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG9\avgemc.exe C:\Program Files\AVG\AVG9\avgam.exe C:\Program Files\Opera\opera.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\osk.exe C:\WINDOWS\system32\MSSWCHX.EXE C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\sol.exe C:\Documents and Settings\Dawid\Pulpit\RSIT.exe C:\Program Files\trend micro\Dawid.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 4440 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}] FG2CatchUrl - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll [2008-08-19 104016] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2009-11-30 2020120] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced Virus Remover] C:\Program Files\AdvancedVirusRemover\AVR.exe [2009-11-30 980992] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe [2008-04-15 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet] C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe [2008-08-19 1795656] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe [2008-03-20 2127296] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-05-11 49152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2009-04-21 24264488] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk] C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2005-05-11 282624] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^ninja.lnk] C:\PROGRA~1\Ninja\ninja.exe [2009-11-23 764416] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2009-02-25 155648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter] C:\WINDOWS\system32\avgrsstx.dll [2009-11-30 12464] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=149 "NoSetActiveDesktop"=1 "NoActiveDesktopChanges"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoSetActiveDesktop"= "NoActiveDesktopChanges"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2" "C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate" "C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx" "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe" "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe" "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe" "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe" "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe" "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe" "C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser" "C:\Program Files\AVG\AVG9\avgam.exe"="C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe" "C:\Program Files\AVG\AVG9\avgdiagex.exe"="C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe" "C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe" "C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe" "C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" ======List of files/folders created in the last 1 months====== 2009-12-01 15:20:09 ----D---- C:\Program Files\trend micro 2009-12-01 15:20:08 ----D---- C:\rsit 2009-12-01 14:54:29 ----D---- C:\WINDOWS\pss 2009-11-30 21:17:32 ----HD---- C:\$AVG 2009-11-30 21:17:08 ----A---- C:\WINDOWS\system32\avgrsstx.dll 2009-11-30 21:15:42 ----D---- C:\Program Files\AVG 2009-11-30 21:15:42 ----A---- C:\WINDOWS\system32\avgfwdx.dll 2009-11-30 21:15:25 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\avg9 2009-11-30 21:02:19 ----A---- C:\WINDOWS\system32\18467.exe 2009-11-30 20:42:26 ----D---- C:\Program Files\AdvancedVirusRemover 2009-11-30 20:42:20 ----A---- C:\WINDOWS\system32\41.exe 2009-11-30 20:42:08 ----A---- C:\WINDOWS\system32\winhelper86.dll 2009-11-30 20:36:49 ----D---- C:\Program Files\PDFtoPNG 2009-11-29 18:39:44 ----A---- C:\WINDOWS\system32\vfwwdm32.dll 2009-11-29 18:24:51 ----A---- C:\WINDOWS\system32\Remover.ini 2009-11-29 18:24:51 ----A---- C:\WINDOWS\system32\Remove.exe 2009-11-29 18:24:41 ----D---- C:\WINDOWS\PixArt 2009-11-29 18:24:40 ----D---- C:\Program Files\PC Camera 2009-11-29 18:24:40 ----D---- C:\Program Files\Common Files\PAC207 2009-11-29 18:11:17 ----D---- C:\WINDOWS\EffectResources 2009-11-29 18:11:17 ----A---- C:\WINDOWS\vidcap32.Exe 2009-11-29 18:11:15 ----A---- C:\WINDOWS\ZS211Cap.exe 2009-11-29 18:11:15 ----A---- C:\WINDOWS\system32\ZS211sti.dll 2009-11-29 18:11:15 ----A---- C:\WINDOWS\Sti211.exe 2009-11-29 18:11:15 ----A---- C:\WINDOWS\Domino.exe 2009-11-29 18:11:15 ----A---- C:\WINDOWS\amcap.exe 2009-11-29 18:11:14 ----D---- C:\WINDOWS\CatRoot 2009-11-29 18:11:14 ----D---- C:\Program Files\Vimicro 2009-11-29 18:11:14 ----A---- C:\WINDOWS\ZSSnp211.exe 2009-11-29 18:02:01 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\skypePM 2009-11-29 17:59:50 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Skype 2009-11-29 17:58:17 ----D---- C:\Program Files\Common Files\Skype 2009-11-29 17:56:22 ----RD---- C:\Program Files\Skype 2009-11-29 17:55:21 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Skype 2009-11-29 15:22:41 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Mozilla 2009-11-28 23:14:57 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM 2009-11-28 23:14:54 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\OpenFM 2009-11-28 23:07:05 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Gadu-Gadu 10 2009-11-28 09:49:31 ----D---- C:\Program Files\AMT 2009-11-28 09:19:15 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Macromedia 2009-11-28 09:19:14 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Adobe 2009-11-27 21:28:56 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Dev-Cpp 2009-11-27 21:27:51 ----D---- C:\Dev-Cpp 2009-11-26 21:32:57 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Gadu-Gadu 2009-11-26 21:18:22 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Nero 2009-11-24 19:29:53 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Locktime 2009-11-24 19:27:29 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Locktime 2009-11-24 19:27:05 ----D---- C:\Program Files\NetLimiter 2 Pro 2009-11-24 19:21:37 ----D---- C:\Program Files\Gadu-Gadu 2009-11-24 18:46:20 ----RD---- C:\Nowy folder 2009-11-24 18:41:06 ----D---- C:\Program Files\Winamp 2009-11-24 18:41:06 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Winamp 2009-11-24 18:16:11 ----D---- C:\WINDOWS\system32\appmgmt 2009-11-24 18:13:24 ----A---- C:\WINDOWS\ODBC.INI 2009-11-24 18:13:02 ----A---- C:\WINDOWS\system32\mdimon.dll 2009-11-24 18:10:52 ----D---- C:\Program Files\Common Files\DESIGNER 2009-11-24 18:10:22 ----D---- C:\WINDOWS\SHELLNEW 2009-11-24 18:10:20 ----D---- C:\Program Files\Microsoft.NET 2009-11-24 18:10:20 ----D---- C:\Program Files\Microsoft Office 2009-11-24 18:07:49 ----RHD---- C:\MSOCache 2009-11-24 18:06:12 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite 2009-11-24 18:06:08 ----D---- C:\Program Files\DAEMON Tools Toolbar 2009-11-24 18:06:02 ----D---- C:\Program Files\DAEMON Tools Lite 2009-11-24 18:01:26 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\DAEMON Tools Lite 2009-11-24 17:57:03 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\HP 2009-11-24 17:56:34 ----D---- C:\Program Files\Common Files\HP 2009-11-24 17:53:12 ----D---- C:\Program Files\Hewlett-Packard 2009-11-24 17:51:25 ----D---- C:\Program Files\Common Files\Hewlett-Packard 2009-11-24 17:48:47 ----A---- C:\WINDOWS\system32\HPZisn12.dll 2009-11-24 17:48:47 ----A---- C:\WINDOWS\system32\HPZipt12.dll 2009-11-24 17:48:47 ----A---- C:\WINDOWS\system32\HPZipr12.dll 2009-11-24 17:48:47 ----A---- C:\WINDOWS\system32\HPZipm12.exe 2009-11-24 17:48:47 ----A---- C:\WINDOWS\system32\HPZinw12.exe 2009-11-24 17:48:47 ----A---- C:\WINDOWS\system32\HPZidr12.dll 2009-11-24 17:46:22 ----D---- C:\Program Files\HP 2009-11-24 17:45:09 ----HD---- C:\Config.Msi 2009-11-24 17:43:49 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\HP 2009-11-24 17:15:29 ----RD---- C:\Downloads 2009-11-24 17:12:29 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\BITS 2009-11-24 17:12:22 ----D---- C:\profiles 2009-11-24 17:12:04 ----D---- C:\Program Files\FlashGet Network 2009-11-23 21:42:44 ----A---- C:\WINDOWS\system32\h323log.txt 2009-11-23 21:39:32 ----A---- C:\WINDOWS\system32\usbui.dll 2009-11-23 21:37:38 ----SHD---- C:\WINDOWS\Installer 2009-11-23 21:37:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-11-23 21:37:36 ----D---- C:\Program Files\Common Files\ODBC 2009-11-23 21:37:36 ----A---- C:\WINDOWS\ODBCINST.INI 2009-11-23 21:37:31 ----D---- C:\Program Files\Common Files\SpeechEngines 2009-11-23 21:37:30 ----RD---- C:\Program Files 2009-11-23 21:37:30 ----D---- C:\Program Files\Common Files\Microsoft Shared 2009-11-23 21:37:30 ----D---- C:\Program Files\Common Files 2009-11-23 21:37:22 ----RA---- C:\WINDOWS\system32\kbdtuq.dll 2009-11-23 21:37:22 ----RA---- C:\WINDOWS\system32\kbdtuf.dll 2009-11-23 21:37:22 ----RA---- C:\WINDOWS\system32\kbdazel.dll 2009-11-23 21:37:13 ----RA---- C:\WINDOWS\system32\kbdycc.dll 2009-11-23 21:37:13 ----RA---- C:\WINDOWS\system32\kbduzb.dll 2009-11-23 21:37:13 ----RA---- C:\WINDOWS\system32\kbdur.dll 2009-11-23 21:37:13 ----RA---- C:\WINDOWS\system32\kbdtat.dll 2009-11-23 21:37:13 ----RA---- C:\WINDOWS\system32\kbdru1.dll 2009-11-23 21:37:13 ----RA---- C:\WINDOWS\system32\kbdru.dll 2009-11-23 21:37:13 ----RA---- C:\WINDOWS\system32\kbdmon.dll 2009-11-23 21:37:13 ----RA---- C:\WINDOWS\system32\kbdkyr.dll 2009-11-23 21:37:13 ----RA---- C:\WINDOWS\system32\kbdkaz.dll 2009-11-23 21:37:13 ----RA---- C:\WINDOWS\system32\kbdbu.dll 2009-11-23 21:37:13 ----RA---- C:\WINDOWS\system32\kbdblr.dll 2009-11-23 21:37:13 ----RA---- C:\WINDOWS\system32\kbdaze.dll 2009-11-23 21:37:09 ----RA---- C:\WINDOWS\system32\kbdhept.dll 2009-11-23 21:37:09 ----RA---- C:\WINDOWS\system32\kbdhela3.dll 2009-11-23 21:37:09 ----RA---- C:\WINDOWS\system32\kbdhela2.dll 2009-11-23 21:37:08 ----RA---- C:\WINDOWS\system32\kbdhe319.dll 2009-11-23 21:37:08 ----RA---- C:\WINDOWS\system32\kbdhe220.dll 2009-11-23 21:37:08 ----RA---- C:\WINDOWS\system32\kbdhe.dll 2009-11-23 21:37:08 ----RA---- C:\WINDOWS\system32\kbdgkl.dll 2009-11-23 21:37:07 ----RA---- C:\WINDOWS\system32\kbdlv1.dll 2009-11-23 21:37:07 ----RA---- C:\WINDOWS\system32\kbdlv.dll 2009-11-23 21:37:07 ----RA---- C:\WINDOWS\system32\kbdlt1.dll 2009-11-23 21:37:07 ----RA---- C:\WINDOWS\system32\kbdlt.dll 2009-11-23 21:37:07 ----RA---- C:\WINDOWS\system32\kbdest.dll 2009-11-23 21:36:58 ----A---- C:\WINDOWS\system32\kbdsl1.dll 2009-11-23 21:36:58 ----A---- C:\WINDOWS\system32\kbdsl.dll 2009-11-23 21:36:58 ----A---- C:\WINDOWS\system32\kbdro.dll 2009-11-23 21:36:58 ----A---- C:\WINDOWS\system32\kbdhu1.dll 2009-11-23 21:36:58 ----A---- C:\WINDOWS\system32\kbdhu.dll 2009-11-23 21:36:58 ----A---- C:\WINDOWS\system32\kbdcz2.dll 2009-11-23 21:36:57 ----A---- C:\WINDOWS\system32\kbdycl.dll 2009-11-23 21:36:57 ----A---- C:\WINDOWS\system32\kbdcz1.dll 2009-11-23 21:36:57 ----A---- C:\WINDOWS\system32\kbdcz.dll 2009-11-23 21:36:57 ----A---- C:\WINDOWS\system32\kbdcr.dll 2009-11-23 21:36:57 ----A---- C:\WINDOWS\system32\KBDAL.DLL 2009-11-23 21:36:54 ----A---- C:\WINDOWS\system32\spxcoins.dll 2009-11-23 21:36:54 ----A---- C:\WINDOWS\system32\irclass.dll 2009-11-23 21:36:54 ----A---- C:\WINDOWS\system32\dgsetup.dll 2009-11-23 21:36:54 ----A---- C:\WINDOWS\system32\dgrpsetu.dll 2009-11-23 21:36:51 ----A---- C:\WINDOWS\system32\EqnClass.Dll 2009-11-23 21:36:49 ----N---- C:\WINDOWS\system32\CONFIG.TMP 2009-11-23 21:36:49 ----A---- C:\WINDOWS\TASKMAN.EXE 2009-11-23 21:36:48 ----A---- C:\WINDOWS\system32\batt.dll 2009-11-23 21:36:48 ----A---- C:\WINDOWS\NOTEPAD.EXE 2009-11-23 21:36:46 ----A---- C:\WINDOWS\system32\storprop.dll 2009-11-23 21:36:32 ----ASH---- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini 2009-11-23 21:36:27 ----RA---- C:\WINDOWS\SET8.tmp 2009-11-23 21:36:20 ----RA---- C:\WINDOWS\SET4.tmp 2009-11-23 21:36:18 ----RA---- C:\WINDOWS\SET3.tmp 2009-11-23 21:36:09 ----D---- C:\WINDOWS\system32\CatRoot2 2009-11-23 21:36:09 ----D---- C:\WINDOWS\system32\CatRoot 2009-11-23 21:36:03 ----SD---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft 2009-11-23 21:35:33 ----A---- C:\WINDOWS\setuplog.txt 2009-11-23 21:35:27 ----D---- C:\Documents and Settings 2009-11-23 21:35:26 ----SHD---- C:\System Volume Information 2009-11-23 21:34:43 ----SH---- C:\boot.ini 2009-11-23 21:30:13 ----D---- C:\Program Files\7-Zip 2009-11-23 21:25:16 ----A---- C:\WINDOWS\system32\rmoc3260.dll 2009-11-23 21:25:16 ----A---- C:\WINDOWS\system32\pndx5032.dll 2009-11-23 21:25:16 ----A---- C:\WINDOWS\system32\pndx5016.dll 2009-11-23 21:25:16 ----A---- C:\WINDOWS\system32\pncrt.dll 2009-11-23 21:25:14 ----A---- C:\WINDOWS\avisplitter.ini 2009-11-23 21:25:11 ----A---- C:\WINDOWS\system32\yv12vfw.dll 2009-11-23 21:25:11 ----A---- C:\WINDOWS\system32\xvidvfw.dll 2009-11-23 21:25:11 ----A---- C:\WINDOWS\system32\xvidcore.dll 2009-11-23 21:25:10 ----A---- C:\WINDOWS\system32\qt-dx331.dll 2009-11-23 21:25:10 ----A---- C:\WINDOWS\system32\dpl100.dll 2009-11-23 21:25:10 ----A---- C:\WINDOWS\system32\divx.dll 2009-11-23 21:25:07 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest 2009-11-23 21:25:07 ----A---- C:\WINDOWS\system32\ff_vfw.dll 2009-11-23 21:25:05 ----D---- C:\Program Files\K-Lite Codec Pack 2009-11-23 21:24:26 ----D---- C:\WINDOWS\WinSxS 2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\usmt 2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\pl-pl 2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\pl 2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\inetsrv 2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\IME 2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\3com_dmi 2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\3076 2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\2052 2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\1054 2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\1045 2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\1042 2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\1041 2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\1037 2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\1033 2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\1031 2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\1028 2009-11-23 21:24:26 ----D---- C:\WINDOWS\system32\1025 2009-11-23 21:24:26 ----D---- C:\WINDOWS\PeerNet 2009-11-23 21:24:26 ----D---- C:\WINDOWS\pchealth 2009-11-23 21:24:26 ----D---- C:\WINDOWS\Network Diagnostic 2009-11-23 21:24:26 ----D---- C:\WINDOWS\mui 2009-11-23 21:24:26 ----D---- C:\WINDOWS\L2Schemas 2009-11-23 21:24:26 ----D---- C:\WINDOWS\ime 2009-11-23 21:24:26 ----D---- C:\WINDOWS\ehome 2009-11-23 21:24:25 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-11-23 21:24:25 ----RSD---- C:\WINDOWS\Fonts 2009-11-23 21:24:25 ----RD---- C:\WINDOWS\Web 2009-11-23 21:24:25 ----HD---- C:\WINDOWS\inf 2009-11-23 21:24:25 ----D---- C:\WINDOWS\twain_32 2009-11-23 21:24:25 ----D---- C:\WINDOWS\Temp 2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\wins 2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\wbem 2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\spool 2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\ShellExt 2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\Setup 2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\ras 2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\oobe 2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\npp 2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\mui 2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\icsxml 2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\ias 2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\export 2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\drivers 2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\dhcp 2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32\config 2009-11-23 21:24:25 ----D---- C:\WINDOWS\system32 2009-11-23 21:24:25 ----D---- C:\WINDOWS\system 2009-11-23 21:24:25 ----D---- C:\WINDOWS\security 2009-11-23 21:24:25 ----D---- C:\WINDOWS\Resources 2009-11-23 21:24:25 ----D---- C:\WINDOWS\repair 2009-11-23 21:24:25 ----D---- C:\WINDOWS\Provisioning 2009-11-23 21:24:25 ----D---- C:\WINDOWS\msapps 2009-11-23 21:24:25 ----D---- C:\WINDOWS\msagent 2009-11-23 21:24:25 ----D---- C:\WINDOWS\Media 2009-11-23 21:24:25 ----D---- C:\WINDOWS\java 2009-11-23 21:24:25 ----D---- C:\WINDOWS\Help 2009-11-23 21:24:25 ----D---- C:\WINDOWS\Driver Cache 2009-11-23 21:24:25 ----D---- C:\WINDOWS\Debug 2009-11-23 21:24:25 ----D---- C:\WINDOWS\Cursors 2009-11-23 21:24:25 ----D---- C:\WINDOWS\Connection Wizard 2009-11-23 21:24:25 ----D---- C:\WINDOWS\Config 2009-11-23 21:24:25 ----D---- C:\WINDOWS\AppPatch 2009-11-23 21:24:25 ----D---- C:\WINDOWS\addins 2009-11-23 21:24:25 ----D---- C:\WINDOWS 2009-11-23 21:23:32 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Media Player Classic 2009-11-23 21:18:15 ----A---- C:\WINDOWS\system32\unrar.dll 2009-11-23 21:18:06 ----A---- C:\WINDOWS\system32\msvcr71.dll 2009-11-23 21:18:06 ----A---- C:\WINDOWS\system32\msvcp71.dll 2009-11-23 21:17:27 ----N---- C:\WINDOWS\system32\ati2sgag.exe 2009-11-23 21:16:34 ----D---- C:\ATI 2009-11-23 21:16:30 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Opera 2009-11-23 21:16:16 ----D---- C:\Program Files\Opera 2009-11-23 21:11:28 ----RSD---- C:\WINDOWS\assembly 2009-11-23 21:10:25 ----D---- C:\WINDOWS\Microsoft.NET 2009-11-23 21:07:30 ----D---- C:\WINDOWS\OPTIONS 2009-11-23 21:07:10 ----D---- C:\Program Files\Intel 2009-11-23 21:06:25 ----D---- C:\WINDOWS\system32\ReinstallBackups 2009-11-23 21:06:20 ----HD---- C:\Program Files\InstallShield Installation Information 2009-11-23 21:06:09 ----D---- C:\Program Files\Common Files\InstallShield 2009-11-23 21:05:22 ----A---- C:\WINDOWS\system32\ksuser.dll 2009-11-23 21:05:13 ----A---- C:\WINDOWS\CMISETUP.INI 2009-11-23 21:05:13 ----A---- C:\WINDOWS\CMCDPLAY.INI 2009-11-23 21:05:11 ----A---- C:\WINDOWS\Wininit.ini 2009-11-23 21:05:11 ----A---- C:\WINDOWS\system32\udaprop.dll 2009-11-23 21:05:10 ----A---- C:\WINDOWS\system32\cmuda.dll 2009-11-23 21:05:10 ----A---- C:\WINDOWS\system32\cmirmdrv.exe 2009-11-23 21:05:10 ----A---- C:\WINDOWS\system32\cmirmdrv.dll 2009-11-23 21:05:09 ----D---- C:\Program Files\C-Media 3D Audio 2009-11-23 21:05:09 ----A---- C:\WINDOWS\system32\Audio3D.dll 2009-11-23 21:05:09 ----A---- C:\WINDOWS\system32\a3d.dll 2009-11-23 21:05:09 ----A---- C:\WINDOWS\CMIUninstall.exe 2009-11-23 21:05:09 ----A---- C:\WINDOWS\CmiRmRedundDir.exe 2009-11-23 21:05:09 ----A---- C:\WINDOWS\CMIRmDriver.dll 2009-11-23 21:04:57 ----A---- C:\WINDOWS\IsUninst.exe 2009-11-23 21:03:43 ----SHD---- C:\RECYCLER 2009-11-23 21:03:31 ----D---- C:\Program Files\Ninja 2009-11-23 21:00:27 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Identities 2009-11-23 21:00:24 ----HD---- C:\Program Files\Uninstall Information 2009-11-23 21:00:12 ----ASH---- C:\Documents and Settings\Dawid\Dane aplikacji\desktop.ini 2009-11-23 21:00:11 ----SD---- C:\Documents and Settings\Dawid\Dane aplikacji\Microsoft 2009-11-23 20:59:26 ----D---- C:\WINDOWS\SoftwareDistribution 2009-11-23 20:59:14 ----SD---- C:\WINDOWS\system32\Microsoft 2009-11-23 20:59:14 ----D---- C:\WINDOWS\Prefetch 2009-11-23 20:59:13 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-11-23 20:53:22 ----D---- C:\WINDOWS\system32\xircom 2009-11-23 20:53:22 ----D---- C:\Program Files\xerox 2009-11-23 20:53:22 ----D---- C:\Program Files\microsoft frontpage 2009-11-23 20:52:40 ----A---- C:\WINDOWS\control.ini 2009-11-23 20:52:40 ----A---- C:\AUTOEXEC.BAT 2009-11-23 20:52:17 ----A---- C:\WINDOWS\OEWABLog.txt 2009-11-23 20:52:08 ----A---- C:\WINDOWS\system32\mapi32.dll 2009-11-23 20:50:34 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-11-23 20:50:34 ----RD---- C:\WINDOWS\Offline Web Pages 2009-11-23 20:50:34 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest 2009-11-23 20:50:25 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest 2009-11-23 20:50:17 ----HD---- C:\Program Files\WindowsUpdate 2009-11-23 20:50:10 ----D---- C:\Program Files\Usługi online 2009-11-23 20:49:49 ----D---- C:\WINDOWS\system32\DirectX 2009-11-23 20:49:43 ----A---- C:\WINDOWS\system32\atrace.dll 2009-11-23 20:49:40 ----A---- C:\WINDOWS\system32\desktop.ini 2009-11-23 20:49:40 ----A---- C:\WINDOWS\desktop.ini 2009-11-23 20:49:27 ----A---- C:\WINDOWS\system32\nmevtmsg.dll 2009-11-23 20:49:25 ----D---- C:\Program Files\Common Files\Services 2009-11-23 20:49:25 ----A---- C:\WINDOWS\system32\acctres.dll 2009-11-23 20:49:21 ----SD---- C:\WINDOWS\Tasks 2009-11-23 20:49:21 ----A---- C:\WINDOWS\system32\icfgnt5.dll 2009-11-23 20:49:20 ----D---- C:\Program Files\Common Files\MSSoap 2009-11-23 20:49:10 ----D---- C:\WINDOWS\srchasst 2009-11-23 20:49:07 ----D---- C:\WINDOWS\system32\Macromed 2009-11-23 20:48:58 ----A---- C:\WINDOWS\system32\wuweb.dll 2009-11-23 20:48:58 ----A---- C:\WINDOWS\system32\wucltui.dll 2009-11-23 20:48:58 ----A---- C:\WINDOWS\system32\wuauserv.dll 2009-11-23 20:48:57 ----A---- C:\WINDOWS\system32\wups.dll 2009-11-23 20:48:57 ----A---- C:\WINDOWS\system32\wuaueng1.dll 2009-11-23 20:48:57 ----A---- C:\WINDOWS\system32\wuaueng.dll 2009-11-23 20:48:57 ----A---- C:\WINDOWS\system32\wuauclt1.exe 2009-11-23 20:48:57 ----A---- C:\WINDOWS\system32\wuauclt.exe 2009-11-23 20:48:57 ----A---- C:\WINDOWS\system32\wuapi.dll 2009-11-23 20:48:57 ----A---- C:\WINDOWS\system32\bitsprx4.dll 2009-11-23 20:48:57 ----A---- C:\WINDOWS\system32\bitsprx3.dll 2009-11-23 20:48:56 ----A---- C:\WINDOWS\system32\qmgrprxy.dll 2009-11-23 20:48:56 ----A---- C:\WINDOWS\system32\qmgr.dll 2009-11-23 20:48:56 ----A---- C:\WINDOWS\system32\bitsprx2.dll 2009-11-23 20:48:53 ----D---- C:\Program Files\Movie Maker 2009-11-23 20:48:28 ----A---- C:\WINDOWS\system32\safrslv.dll 2009-11-23 20:48:28 ----A---- C:\WINDOWS\system32\safrdm.dll 2009-11-23 20:48:28 ----A---- C:\WINDOWS\system32\safrcdlg.dll 2009-11-23 20:48:26 ----A---- C:\WINDOWS\system32\racpldlg.dll 2009-11-23 20:48:23 ----A---- C:\WINDOWS\system32\fltMc.exe 2009-11-23 20:48:23 ----A---- C:\WINDOWS\system32\fltlib.dll 2009-11-23 20:48:22 ----D---- C:\WINDOWS\system32\Restore 2009-11-23 20:48:22 ----A---- C:\WINDOWS\system32\srsvc.dll 2009-11-23 20:48:22 ----A---- C:\WINDOWS\system32\srrstr.dll 2009-11-23 20:48:22 ----A---- C:\WINDOWS\system32\srclient.dll 2009-11-23 20:48:22 ----A---- C:\WINDOWS\system32\ils.dll 2009-11-23 20:48:21 ----A---- C:\WINDOWS\system32\nmmkcert.dll 2009-11-23 20:48:21 ----A---- C:\WINDOWS\system32\msconf.dll 2009-11-23 20:48:21 ----A---- C:\WINDOWS\system32\mnmsrvc.exe 2009-11-23 20:48:21 ----A---- C:\WINDOWS\system32\mnmdd.dll 2009-11-23 20:48:21 ----A---- C:\WINDOWS\system32\isrdbg32.dll 2009-11-23 20:48:17 ----D---- C:\Program Files\NetMeeting 2009-11-23 20:48:17 ----A---- C:\WINDOWS\system32\msoert2.dll 2009-11-23 20:48:17 ----A---- C:\WINDOWS\system32\msoeacct.dll 2009-11-23 20:48:16 ----A---- C:\WINDOWS\system32\inetres.dll 2009-11-23 20:48:16 ----A---- C:\WINDOWS\system32\inetcomm.dll 2009-11-23 20:48:14 ----D---- C:\Program Files\Outlook Express 2009-11-23 20:48:14 ----A---- C:\WINDOWS\system32\schedsvc.dll 2009-11-23 20:48:14 ----A---- C:\WINDOWS\system32\mstinit.exe 2009-11-23 20:48:14 ----A---- C:\WINDOWS\system32\mstask.dll 2009-11-23 20:48:13 ----A---- C:\WINDOWS\system32\icwphbk.dll 2009-11-23 20:48:13 ----A---- C:\WINDOWS\system32\icwdial.dll 2009-11-23 20:48:12 ----A---- C:\WINDOWS\system32\isign32.dll 2009-11-23 20:48:12 ----A---- C:\WINDOWS\system32\inetcfg.dll 2009-11-23 20:48:05 ----D---- C:\Program Files\Common Files\System 2009-11-23 20:48:02 ----D---- C:\Program Files\Internet Explorer 2009-11-23 20:46:49 ----D---- C:\Program Files\ComPlus Applications 2009-11-23 20:46:45 ----A---- C:\WINDOWS\vbaddin.ini 2009-11-23 20:46:45 ----A---- C:\WINDOWS\vb.ini 2009-11-23 20:46:37 ----D---- C:\WINDOWS\Registration 2009-11-23 20:46:23 ----D---- C:\Program Files\Windows Media Player 2009-11-23 20:46:12 ----D---- C:\Program Files\Messenger 2009-11-23 20:46:04 ----D---- C:\Program Files\MSN Gaming Zone 2009-11-23 20:46:04 ----A---- C:\WINDOWS\system32\write.exe 2009-11-23 20:45:51 ----A---- C:\WINDOWS\system32\sndvol32.exe 2009-11-23 20:45:51 ----A---- C:\WINDOWS\system32\hticons.dll 2009-11-23 20:45:51 ----A---- C:\WINDOWS\system32\avwav.dll 2009-11-23 20:45:51 ----A---- C:\WINDOWS\system32\avtapi.dll 2009-11-23 20:45:51 ----A---- C:\WINDOWS\system32\avmeter.dll 2009-11-23 20:45:50 ----A---- C:\WINDOWS\system32\winchat.exe 2009-11-23 20:45:32 ----A---- C:\WINDOWS\system32\getuname.dll 2009-11-23 20:45:32 ----A---- C:\WINDOWS\system32\charmap.exe 2009-11-23 20:45:32 ----A---- C:\WINDOWS\system32\calc.exe 2009-11-23 20:45:31 ----A---- C:\WINDOWS\system32\winmine.exe 2009-11-23 20:45:31 ----A---- C:\WINDOWS\system32\sol.exe 2009-11-23 20:45:31 ----A---- C:\WINDOWS\system32\reset.exe 2009-11-23 20:45:31 ----A---- C:\WINDOWS\system32\mshearts.exe 2009-11-23 20:45:31 ----A---- C:\WINDOWS\system32\freecell.exe 2009-11-23 20:45:30 ----A---- C:\WINDOWS\system32\usrlogon.cmd 2009-11-23 20:45:30 ----A---- C:\WINDOWS\system32\tsshutdn.exe 2009-11-23 20:45:30 ----A---- C:\WINDOWS\system32\tslabels.ini 2009-11-23 20:45:30 ----A---- C:\WINDOWS\system32\tskill.exe 2009-11-23 20:45:30 ----A---- C:\WINDOWS\system32\tsdiscon.exe 2009-11-23 20:45:30 ----A---- C:\WINDOWS\system32\tscon.exe 2009-11-23 20:45:30 ----A---- C:\WINDOWS\system32\shadow.exe 2009-11-23 20:45:29 ----A---- C:\WINDOWS\system32\rwinsta.exe 2009-11-23 20:45:29 ----A---- C:\WINDOWS\system32\regini.exe 2009-11-23 20:45:29 ----A---- C:\WINDOWS\system32\rdpcfgex.dll 2009-11-23 20:45:29 ----A---- C:\WINDOWS\system32\qwinsta.exe 2009-11-23 20:45:29 ----A---- C:\WINDOWS\system32\qappsrv.exe 2009-11-23 20:45:29 ----A---- C:\WINDOWS\system32\msg.exe 2009-11-23 20:45:29 ----A---- C:\WINDOWS\system32\msdtcprf.ini 2009-11-23 20:45:29 ----A---- C:\WINDOWS\system32\logoff.exe 2009-11-23 20:45:29 ----A---- C:\WINDOWS\system32\cdmodem.dll 2009-11-23 20:45:18 ----A---- C:\WINDOWS\system32\wmimgmt.msc 2009-11-23 20:45:17 ----A---- C:\WINDOWS\system32\sndrec32.exe 2009-11-23 20:45:17 ----A---- C:\WINDOWS\system32\mplay32.exe 2009-11-23 20:45:17 ----A---- C:\WINDOWS\system32\accwiz.exe 2009-11-23 20:45:16 ----D---- C:\Program Files\Windows NT 2009-11-23 20:45:16 ----A---- C:\WINDOWS\system32\mspaint.exe 2009-11-23 20:45:16 ----A---- C:\WINDOWS\system32\hypertrm.dll 2009-11-23 20:45:15 ----A---- C:\WINDOWS\system32\spider.exe 2009-11-23 20:45:15 ----A---- C:\WINDOWS\system32\clipbrd.exe 2009-11-23 20:45:14 ----A---- C:\WINDOWS\system32\tsgqec.dll 2009-11-23 20:45:14 ----A---- C:\WINDOWS\system32\tscfgwmi.dll 2009-11-23 20:45:13 ----A---- C:\WINDOWS\system32\rhttpaa.dll 2009-11-23 20:45:13 ----A---- C:\WINDOWS\system32\aaclient.dll 2009-11-23 20:45:12 ----A---- C:\WINDOWS\system32\termsrv.dll 2009-11-23 20:45:12 ----A---- C:\WINDOWS\system32\sessmgr.exe 2009-11-23 20:45:12 ----A---- C:\WINDOWS\system32\remotepg.dll 2009-11-23 20:45:12 ----A---- C:\WINDOWS\system32\rdshost.exe 2009-11-23 20:45:12 ----A---- C:\WINDOWS\system32\rdsaddin.exe 2009-11-23 20:45:12 ----A---- C:\WINDOWS\system32\rdchost.dll 2009-11-23 20:45:12 ----A---- C:\WINDOWS\system32\mstscax.dll 2009-11-23 20:45:12 ----A---- C:\WINDOWS\system32\mstsc.exe 2009-11-23 20:45:11 ----D---- C:\WINDOWS\system32\MsDtc 2009-11-23 20:45:11 ----A---- C:\WINDOWS\system32\rdpwsx.dll 2009-11-23 20:45:11 ----A---- C:\WINDOWS\system32\rdpsnd.dll 2009-11-23 20:45:11 ----A---- C:\WINDOWS\system32\rdpclip.exe 2009-11-23 20:45:11 ----A---- C:\WINDOWS\system32\qprocess.exe 2009-11-23 20:45:11 ----A---- C:\WINDOWS\system32\mtxoci.dll 2009-11-23 20:45:11 ----A---- C:\WINDOWS\system32\msdtcuiu.dll 2009-11-23 20:45:11 ----A---- C:\WINDOWS\system32\icaapi.dll 2009-11-23 20:45:11 ----A---- C:\WINDOWS\system32\cfgbkend.dll 2009-11-23 20:45:10 ----A---- C:\WINDOWS\system32\xolehlp.dll 2009-11-23 20:45:10 ----A---- C:\WINDOWS\system32\msdtctm.dll 2009-11-23 20:45:10 ----A---- C:\WINDOWS\system32\msdtcprx.dll 2009-11-23 20:45:10 ----A---- C:\WINDOWS\system32\msdtclog.dll 2009-11-23 20:45:10 ----A---- C:\WINDOWS\system32\msdtc.exe 2009-11-23 20:45:09 ----D---- C:\WINDOWS\system32\Com 2009-11-23 20:45:09 ----A---- C:\WINDOWS\system32\mtxlegih.dll 2009-11-23 20:45:09 ----A---- C:\WINDOWS\system32\mtxex.dll 2009-11-23 20:45:09 ----A---- C:\WINDOWS\system32\mtxdm.dll 2009-11-23 20:45:09 ----A---- C:\WINDOWS\system32\dcomcnfg.exe 2009-11-23 20:45:08 ----A---- C:\WINDOWS\system32\stclient.dll 2009-11-23 20:45:08 ----A---- C:\WINDOWS\system32\comrepl.dll 2009-11-23 20:45:08 ----A---- C:\WINDOWS\system32\comaddin.dll 2009-11-23 20:45:08 ----A---- C:\WINDOWS\system32\colbact.dll 2009-11-23 20:45:08 ----A---- C:\WINDOWS\system32\clbcatex.dll 2009-11-23 20:45:08 ----A---- C:\WINDOWS\system32\catsrvut.dll 2009-11-23 20:45:08 ----A---- C:\WINDOWS\system32\catsrvps.dll 2009-11-23 20:45:08 ----A---- C:\WINDOWS\system32\catsrv.dll 2009-11-23 20:45:07 ----A---- C:\WINDOWS\system32\comuid.dll 2009-11-23 20:45:07 ----A---- C:\WINDOWS\system32\comsvcs.dll 2009-11-23 20:45:07 ----A---- C:\WINDOWS\system32\comsnap.dll 2009-11-23 20:45:07 ----A---- C:\WINDOWS\system32\clbcatq.dll 2009-11-23 20:44:57 ----A---- C:\WINDOWS\system32\servdeps.dll 2009-11-23 20:44:56 ----A---- C:\WINDOWS\system32\mmfutil.dll 2009-11-23 20:44:56 ----A---- C:\WINDOWS\system32\licwmi.dll 2009-11-23 20:44:56 ----A---- C:\WINDOWS\system32\cmprops.dll ======List of files/folders modified in the last 1 months====== 2009-12-01 14:55:25 ----A---- C:\WINDOWS\win.ini 2009-12-01 14:55:25 ----A---- C:\WINDOWS\system.ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-11-30 333192] R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-11-30 28424] R1 AvgTdiX;AVG Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-11-30 360584] R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-15 40448] R1 nltdi;nltdi; \??\C:\WINDOWS\system32\drivers\nltdi.sys [] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-25 3565568] R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-11-30 30104] R3 AVGIDSDriverxpx;AVG9IDSDriver; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys [] R3 AVGIDSFilterxpx;AVG9IDSFilter; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys [] R3 AVGIDSShimxpx;AVG9IDSShim; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys [] R3 CA561;ICatch (VI) PC Camera; C:\WINDOWS\System32\Drivers\SPCA561.SYS [2009-07-09 119798] R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2004-01-08 812416] R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-15 10368] R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-15 12160] R3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\system32\DRIVERS\R8139n51.SYS [2002-06-13 45568] R3 usbehci;Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-15 30208] R3 usbhub;Koncentrator z obsługą USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520] R3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608] S3 a49m86qr;a49m86qr; C:\WINDOWS\system32\drivers\a49m86qr.sys [] S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-11-30 30104] S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504] S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248] S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880] S3 NLNdisMP;NLNdisMP; C:\WINDOWS\system32\DRIVERS\nlndis.sys [] S3 NLNdisPT;NetLimiter Ndis Protocol Service; C:\WINDOWS\system32\DRIVERS\nlndis.sys [] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232] S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856] S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104] S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-02-25 602112] R2 avg9emc;AVG E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2009-11-30 906520] R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2009-11-30 285392] R2 avgfws9;AVG Firewall; C:\Program Files\AVG\AVG9\avgfws9.exe [2009-11-30 2304192] R2 AVGIDSAgent;AVG9IDSAgent; C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2009-11-30 5832712] R2 nlsvc;NetLimiter; C:\Program Files\NetLimiter 2 Pro\nlsvc.exe [2007-03-21 516096] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632] S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-02-25 593920] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] -----------------EOF-----------------[/log] [b]GMER[/b] [log]GMER 1.0.15.15252 - http://www.gmer.net Rootkit scan 2009-12-01 15:54:43 Windows 5.1.2600 Dodatek Service Pack 3 Running: 4to4lkip.exe; Driver: C:\DOCUME~1\Dawid\USTAWI~1\Temp\uxldypow.sys ---- System - GMER 1.0.15 ---- SSDT spik.sys ZwCreateKey [0xF771B0E0] SSDT spik.sys ZwEnumerateKey [0xF7733DA4] SSDT spik.sys ZwEnumerateValueKey [0xF7734132] SSDT spik.sys ZwOpenKey [0xF771B0C0] SSDT \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies ) ZwOpenProcess [0xF7AFF470] SSDT spik.sys ZwQueryKey [0xF773420A] SSDT spik.sys ZwQueryValueKey [0xF773408A] SSDT spik.sys ZwSetValueKey [0xF773429C] SSDT \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies ) ZwTerminateProcess [0xF7AFF520] SSDT \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies ) ZwTerminateThread [0xF7AFF5C0] SSDT \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies ) ZwWriteVirtualMemory [0xF7AFF660] INT 0x62 ? 8676EBF8 INT 0x63 ? 863BAD68 INT 0x73 ? 863BAD68 INT 0x82 ? 8676EBF8 INT 0xB4 ? 863BAD68 ---- Kernel code sections - GMER 1.0.15 ---- ? spik.sys Nie można odnaleźć określonego pliku. ! .text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xF6B6C000, 0x1C5D58, 0xE8000020] .text USBPORT.SYS!DllUnload F6B4B8AC 5 Bytes JMP 863BA348 .text a49m86qr.SYS F69EC386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...] .text a49m86qr.SYS F69EC3AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...] .text a49m86qr.SYS F69EC3C4 3 Bytes [00, 80, 02] .text a49m86qr.SYS F69EC3C9 1 Byte [30] .text a49m86qr.SYS F69EC3C9 11 Bytes [30, 00, 00, 00, 5E, 02, 00, ...] {XOR [EAX], AL; ADD [EAX], AL; POP ESI; ADD AL, [EAX]; ADD [EAX], AL; ADD [EAX], AL} .text ... ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 867DC2D8 IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F7746DDC] spik.sys IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F7746E30] spik.sys IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F771C042] spik.sys IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F771C13E] spik.sys IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F771C0C0] spik.sys IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F771C800] spik.sys IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F771C6D6] spik.sys IAT \SystemRoot\system32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 863BA448 IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F772BB90] spik.sys IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!RtlInitUnicodeString] 8800001C IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!swprintf] 001CBA86 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeSetEvent] C61AEB00 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoCreateSymbolicLink] 001C8986 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoGetConfigurationInformation] 86C61200 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoDeleteSymbolicLink] 00001C8B IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!MmFreeMappingAddress] 96868801 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoFreeErrorLogEntry] 8800001C IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoDisconnectInterrupt] 001CB286 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!MmUnmapIoSpace] 88968B00 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!ObReferenceObjectByPointer] 8900001C IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IofCompleteRequest] 001CA496 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!RtlCompareUnicodeString] C6168B00 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IofCallDriver] 001CC186 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!MmAllocateMappingAddress] 428A0A00 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoAllocateErrorLogEntry] C286880C IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoConnectInterrupt] 8B00001C IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoDetachDevice] 24A48DFA IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeWaitForSingleObject] 00000000 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeInitializeEvent] 4B8BDF8B IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeCancelTimer] 8D3F0304 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!RtlAnsiStringToUnicodeString] CB033043 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!RtlInitAnsiString] 0673C13B IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoBuildDeviceIoControlRequest] C13B0003 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoQueueWorkItem] 8366FA72 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!MmMapIoSpace] 75000E7B IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoInvalidateDeviceRelations] 0B7D80E3 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoReportDetectedDevice] 307B8D00 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoReportResourceForDetection] 00AA840F IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!RtlxAnsiStringToUnicodeSize] 83660000 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!NlsMbCodePageTag] 6A000E7A IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!PoRequestPowerIrp] C6647400 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeInsertByKeyDeviceQueue] 001CC386 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!PoRegisterDeviceForIdleDetection] 4F8B0200 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!sprintf] 968D5140 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!MmMapLockedPagesSpecifyCache] 00001C98 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!ObfDereferenceObject] 22F6E852 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoGetAttachedDeviceReference] 478B0000 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoInvalidateDeviceState] 50016A40 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!ZwClose] 1CB48E8D IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!ObReferenceObjectByHandle] E8510000 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!ZwCreateDirectoryObject] 000022E4 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoBuildSynchronousFsdRequest] 6A18538B IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!PoStartNextPowerIrp] 868D5200 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoCreateDevice] 00001CA0 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!RtlCopyUnicodeString] 22D2E850 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoAllocateDriverObjectExtension] 4B8B0000 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!RtlQueryRegistryValues] 51016A18 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!ZwOpenKey] 1CBC968D IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!RtlFreeUnicodeString] E8520000 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoStartTimer] 000022C0 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeInitializeTimer] 8A05478A IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoInitializeTimer] 001CC38E IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeInitializeDpc] 30C48300 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeInitializeSpinLock] 1CC58688 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoInitializeIrp] 80E90000 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!ZwCreateKey] C6000000 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!RtlAppendUnicodeStringToString] 001CC386 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!RtlIntegerToUnicodeString] 438B0100 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!ZwSetValueKey] 8E8D5018 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeInsertQueueDpc] 00001C98 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KefAcquireSpinLockAtDpcLevel] 2292E851 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoStartPacket] 538B0000 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KefReleaseSpinLockFromDpcLevel] 52016A18 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoBuildAsynchronousFsdRequest] 1CB4868D IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoFreeMdl] E8500000 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!MmUnlockPages] 00002280 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoWriteErrorLogEntry] 8A05478A IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeRemoveByKeyDeviceQueue] 001CC38E IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!MmMapLockedPagesWithReservedMapping] 18C48300 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!MmUnmapReservedMapping] 1CC58688 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeSynchronizeExecution] 43EB0000 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoStartNextPacket] 320C538A IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeBugCheckEx] 88F93BC0 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeRemoveDeviceQueue] 001CC396 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeSetTimer] F6317300 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!_allmul] 74070647 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!MmProbeAndLockPages] 75C0841A IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!_except_handler3] 05578A0B IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!PoSetPowerState] 968801B0 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoOpenDeviceRegistryKey] 00001CC5 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!RtlWriteRegistryValue] 57B60F66 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!RtlDeleteRegistryValue] 533B6604 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!_aulldiv] 03087408 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!strstr] 72F93B3F IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!_strupr] 8A09EBDA IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeQuerySystemTime] 86880547 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoWMIRegistrationControl] 00001CC5 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!KeTickCount] 88084B8A IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoAttachDeviceToDeviceStack] 001CC68E IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoDeleteDevice] 40578B00 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!ExAllocatePoolWithTag] 8D52006A IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoAllocateWorkItem] 001CC886 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoAllocateIrp] 11E85000 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoAllocateMdl] 8B000022 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!MmBuildMdlForNonPagedPool] 001CC08E IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!MmLockPagableDataSection] C4968B00 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoGetDriverObjectExtension] 8900001C IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!MmUnlockPagableImageSection] 001CCC8E IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!ExFreePoolWithTag] D0968900 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoFreeIrp] 8B00001C IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!IoFreeWorkItem] 016A4047 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!InitSafeBootMode] D4C68150 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!RtlCompareMemory] 5600001C IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!PoCallDriver] 0021E7E8 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!memmove] 18C48300 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[ntoskrnl.exe!MmHighestUserAddress] 5D5B5E5F IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[HAL.dll!KfAcquireSpinLock] 18C4830E IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[HAL.dll!READ_PORT_UCHAR] 1C959E88 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[HAL.dll!KeGetCurrentIrql] 9E880000 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[HAL.dll!KfRaiseIrql] 00001CB1 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[HAL.dll!KfLowerIrql] 0E798366 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[HAL.dll!HalGetInterruptVector] 74AAB000 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[HAL.dll!HalTranslateBusAddress] 8986C636 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[HAL.dll!KeStallExecutionProcessor] 1A00001C IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[HAL.dll!KfReleaseSpinLock] 1C8B86C6 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] C6020000 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[HAL.dll!READ_PORT_USHORT] 001C9686 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 86C60200 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[HAL.dll!WRITE_PORT_UCHAR] 00001CB2 IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[WMILIB.SYS!WmiSystemControl] 8800001C IAT \SystemRoot\System32\Drivers\a49m86qr.SYS[WMILIB.SYS!WmiCompleteRequest] 001CB99E ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 8676D1F8 AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.sys (IDS Application Activity Monitor Filter Driver./AVG Technologies ) Device \Driver\sptd \Device\732003306 spik.sys AttachedDevice \Driver\Tcpip \Device\Ip nltdi.sys (NetLimiter Driver/Locktime Software) AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) Device \Driver\NetBT \Device\NetBT_Tcpip_{82ADE926-1A99-40BF-9166-EA330CE884DD} 8640B1F8 Device \Driver\PCI_PNP3306 \Device\00000043 spik.sys Device \Driver\usbuhci \Device\USBPDO-0 863B91F8 Device \Driver\dmio \Device\DmControl\DmIoDaemon 867DA1F8 Device \Driver\dmio \Device\DmControl\DmConfig 867DA1F8 Device \Driver\dmio \Device\DmControl\DmPnP 867DA1F8 Device \Driver\dmio \Device\DmControl\DmInfo 867DA1F8 Device \Driver\usbuhci \Device\USBPDO-1 863B91F8 Device \Driver\usbuhci \Device\USBPDO-2 863B91F8 Device \Driver\usbehci \Device\USBPDO-3 863E9500 AttachedDevice \Driver\Tcpip \Device\Tcp nltdi.sys (NetLimiter Driver/Locktime Software) AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) Device \Driver\Ftdisk \Device\HarddiskVolume1 8676F1F8 Device \Driver\Cdrom \Device\CdRom0 8654C1F8 Device \Driver\Ftdisk \Device\HarddiskVolume2 8676F1F8 Device \Driver\USBSTOR \Device\00000065 86411500 Device \Driver\Ftdisk \Device\HarddiskVolume3 8676F1F8 Device \Driver\Cdrom \Device\CdRom1 8654C1F8 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F766EB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\atapi \Device\Ide\IdePort0 [F766EB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\atapi \Device\Ide\IdePort1 [F766EB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e [F766EB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\USBSTOR \Device\00000067 86411500 Device \Driver\NetBT \Device\NetBt_Wins_Export 8640B1F8 Device \Driver\NetBT \Device\NetbiosSmb 8640B1F8 AttachedDevice \Driver\Tcpip \Device\Udp nltdi.sys (NetLimiter Driver/Locktime Software) AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) AttachedDevice \Driver\Tcpip \Device\RawIp nltdi.sys (NetLimiter Driver/Locktime Software) Device \Driver\usbuhci \Device\USBFDO-0 863B91F8 Device \Driver\usbuhci \Device\USBFDO-1 863B91F8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 861BC500 Device \Driver\usbuhci \Device\USBFDO-2 863B91F8 Device \FileSystem\MRxSmb \Device\LanmanRedirector 861BC500 Device \Driver\usbehci \Device\USBFDO-3 863E9500 Device \Driver\Ftdisk \Device\FtControl 8676F1F8 Device \Driver\a49m86qr \Device\Scsi\a49m86qr1 8654B1F8 Device \Driver\a49m86qr \Device\Scsi\a49m86qr1Port2Path0Target0Lun0 8654B1F8 Device \FileSystem\Cdfs \Cdfs 861D3500 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xF6 0x52 0x56 0xC1 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x7D 0x5E 0xBD 0xEE ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x0E 0x9F 0x75 0x01 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xF6 0x52 0x56 0xC1 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x7D 0x5E 0xBD 0xEE ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x0E 0x9F 0x75 0x01 ... ---- EOF - GMER 1.0.15 ----[/log] [log]GMER 1.0.15.15252 - http://www.gmer.net Rootkit scan 2009-12-01 15:57:32 Windows 5.1.2600 Dodatek Service Pack 3 Running: 4to4lkip.exe; Driver: C:\DOCUME~1\Dawid\USTAWI~1\Temp\uxldypow.sys ---- Services - GMER 1.0.15 ---- Service .NET CLR Data Service .NET CLR Networking Service .NET Data Provider for Oracle Service .NET Data Provider for SqlServer Service .NETFramework Service [DISABLED] Abiosdsk Service [DISABLED] abp480n5 Service C:\WINDOWS\system32\DRIVERS\ACPI.sys (Sterownik ACPI dla systemu NT/Microsoft Corporation) [BOOT] ACPI Service (Sterownik kontrolera osadzonego interfejsu ACPI/Microsoft Corporation) [DISABLED] ACPIEC Service [DISABLED] adpu160m Service C:\WINDOWS\system32\drivers\aec.sys (Microsoft Acoustic Echo Canceller/Microsoft Corporation) [MANUAL] aec Service C:\WINDOWS\System32\drivers\afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation) [SYSTEM] AFD Service C:\WINDOWS\system32\DRIVERS\agp440.sys (440 NT AGP Filter/Microsoft Corporation) [BOOT] agp440 Service [DISABLED] Aha154x Service [DISABLED] aic78u2 Service [DISABLED] aic78xx Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Alerter Service C:\WINDOWS\System32\alg.exe (Application Layer Gateway Service/Microsoft Corporation) [MANUAL] ALG Service [DISABLED] AliIde Service [DISABLED] amsint Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] AppMgmt Service [DISABLED] asc Service [DISABLED] asc3350p Service [DISABLED] asc3550 Service ASP.NET Service ASP.NET_2.0.50727 Service C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft ASP.NET State Server/Microsoft Corporation) [MANUAL] aspnet_state Service C:\WINDOWS\system32\DRIVERS\asyncmac.sys (MS Remote Access serial network driver/Microsoft Corporation) [MANUAL] AsyncMac Service C:\WINDOWS\system32\DRIVERS\atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation) [BOOT] atapi Service [DISABLED] Atdisk Service C:\WINDOWS\system32\Ati2evxx.exe (ATI External Event Utility EXE Module/ATI Technologies Inc.) [AUTO] Ati HotKey Poller Service C:\WINDOWS\system32\ati2sgag.exe [AUTO] ATI Smart Service C:\WINDOWS\system32\DRIVERS\ati2mtag.sys (ATI Radeon WindowsNT Miniport Driver/ATI Technologies Inc.) [MANUAL] ati2mtag Service Atierecord Service C:\WINDOWS\system32\DRIVERS\atmarpc.sys (IP/ATM Arp Client/Microsoft Corporation) [MANUAL] Atmarpc Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] AudioSrv Service C:\WINDOWS\system32\DRIVERS\audstub.sys (AudStub Driver/Microsoft Corporation) [MANUAL] audstub Service AVG Service C:\Program Files\AVG\AVG9\avgemc.exe (AVG E-Mail Scanner/AVG Technologies CZ, s.r.o.) [AUTO] avg9emc Service C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Watchdog Service/AVG Technologies CZ, s.r.o.) [AUTO] avg9wd Service C:\WINDOWS\system32\DRIVERS\avgfwdx.sys (AVG Firewall intermediate miniport driver/AVG Technologies CZ, s.r.o.) [MANUAL] Avgfwdx Service C:\WINDOWS\system32\DRIVERS\avgfwdx.sys (AVG Firewall intermediate miniport driver/AVG Technologies CZ, s.r.o.) [MANUAL] Avgfwfd Service C:\Program Files\AVG\AVG9\avgfws9.exe (AVG Firewall Service/AVG Technologies CZ, s.r.o.) [AUTO] avgfws9 Service C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG IDS application/AVG Technologies CZ, s.r.o.) [AUTO] AVGIDSAgent Service C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys (IDS Application Activity Monitor Driver./AVG Technologies ) [MANUAL] AVGIDSDriverxpx Service C:\WINDOWS\System32\Drivers\AVGIDSxx.sys (IDS Application Activity Monitor Helper Driver./AVG Technologies ) [BOOT] AVGIDSErHrxpx Service C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys (IDS Application Activity Monitor Filter Driver./AVG Technologies ) [MANUAL] AVGIDSFilterxpx Service C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies ) [MANUAL] AVGIDSShimxpx Service C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG AVI Loader Driver/AVG Technologies CZ, s.r.o.) [SYSTEM] AvgLdx86 Service C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Resident Shield Minifilter Driver/AVG Technologies CZ, s.r.o.) [SYSTEM] AvgMfx86 Service C:\WINDOWS\System32\Drivers\avgrkx86.sys (AVG Anti-Rootkit Driver/AVG Technologies CZ, s.r.o.) [BOOT] AvgRkx86 Service C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) [SYSTEM] AvgTdiX Service BattC Service (BEEP Driver/Microsoft Corporation) [SYSTEM] Beep Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] BITS Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Browser Service C:\WINDOWS\System32\Drivers\SPCA561.SYS (Universal Serial Bus Camera Driver/SP) [MANUAL] CA561 Service (CardBus/PCMCIA IDE Miniport Driver/Microsoft Corporation) [DISABLED] cbidf2k Service C:\WINDOWS\system32\DRIVERS\CCDECODE.sys (WDM Closed Caption VBI Codec/Microsoft Corporation) [MANUAL] CCDECODE Service [DISABLED] cd20xrnt Service (CD-ROM Audio Filter Driver/Microsoft Corporation) [SYSTEM] Cdaudio Service (CD-ROM File System Driver/Microsoft Corporation) [DISABLED] Cdfs Service C:\WINDOWS\system32\DRIVERS\cdrom.sys (SCSI CD-ROM Driver/Microsoft Corporation) [SYSTEM] Cdrom Service [SYSTEM] Changer Service C:\WINDOWS\system32\cisvc.exe (Content Index service/Microsoft Corporation) [MANUAL] CiSvc Service C:\WINDOWS\system32\clipsrv.exe (Windows NT DDE Server/Microsoft Corporation) [DISABLED] ClipSrv Service C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (.NET Runtime Optimization Service/Microsoft Corporation) [MANUAL] clr_optimization_v2.0.50727_32 Service [DISABLED] CmdIde Service C:\WINDOWS\system32\drivers\cmuda.sys (C-Media Audio WDM Driver/C-Media Inc) [MANUAL] cmuda Service C:\WINDOWS\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] COMSysApp Service ContentFilter Service ContentIndex Service [DISABLED] Cpqarray Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] CryptSvc Service [DISABLED] dac2w2k Service [DISABLED] dac960nt Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] DcomLaunch Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Dhcp Service C:\WINDOWS\system32\DRIVERS\disk.sys (PnP Disk Driver/Microsoft Corporation) [BOOT] Disk Service C:\WINDOWS\System32\dmadmin.exe (Proces usługi Menedżera dysków logicznych/Microsoft Corp., Veritas Software) [MANUAL] dmadmin Service C:\WINDOWS\System32\drivers\dmboot.sys (Sterownik uruchamiania Menedżera dysków NT/Microsoft Corp., Veritas Software) [DISABLED] dmboot Service C:\WINDOWS\System32\drivers\dmio.sys (Sterownik We/Wy menedżera dysków NT/Microsoft Corp., Veritas Software) [BOOT] dmio Service C:\WINDOWS\System32\drivers\dmload.sys (NT Disk Manager Startup Driver/Microsoft Corp., Veritas Software.) [BOOT] dmload Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] dmserver Service C:\WINDOWS\system32\drivers\DMusic.sys (Microsoft Kernel DLS Synthesizer/Microsoft Corporation) [MANUAL] DMusic Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Dnscache Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Dot3svc Service [DISABLED] dpti2o Service C:\WINDOWS\system32\drivers\drmkaud.sys (Microsoft Kernel DRM Audio Descrambler Filter/Microsoft Corporation) [MANUAL] drmkaud Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] EapHost Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] ERSvc Service C:\WINDOWS\system32\services.exe (Usługi i aplikacja Kontroler/Microsoft Corporation) [AUTO] Eventlog Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] EventSystem Service (Fast FAT File System Driver/Microsoft Corporation) [DISABLED] Fastfat Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] FastUserSwitchingCompatibility Service C:\WINDOWS\system32\DRIVERS\fdc.sys (Floppy Disk Controller Driver/Microsoft Corporation) [MANUAL] Fdc Service (Sterownik kryptografii FIPS/Microsoft Corporation) [SYSTEM] Fips Service (Floppy Driver/Microsoft Corporation) [SYSTEM] Flpydisk Service C:\WINDOWS\system32\DRIVERS\fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) [BOOT] FltMgr Service (File System Recognizer Driver/Microsoft Corporation) [SYSTEM] Fs_Rec Service C:\WINDOWS\system32\DRIVERS\ftdisk.sys (Sterownik dysku FT/Microsoft Corporation) [BOOT] Ftdisk Service C:\WINDOWS\system32\DRIVERS\gameenum.sys (Game Port Enumerator/Microsoft Corporation) [MANUAL] gameenum Service C:\WINDOWS\system32\DRIVERS\msgpc.sys (MS General Packet Classifier/Microsoft Corporation) [MANUAL] Gpc Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] helpsvc Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] HidServ Service C:\WINDOWS\system32\DRIVERS\hidusb.sys (USB Miniport Driver for Input Devices/Microsoft Corporation) [MANUAL] hidusb Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] hkmsvc Service [DISABLED] hpn Service C:\WINDOWS\system32\DRIVERS\HPZid412.sys (IEEE-1284.4-1999 Driver (Windows 2000)/HP) [MANUAL] HPZid412 Service C:\WINDOWS\system32\DRIVERS\HPZipr12.sys (IEEE-1284.4-1999 Print Class Driver/HP) [MANUAL] HPZipr12 Service C:\WINDOWS\system32\DRIVERS\HPZius12.sys (1284.4<->Usb Datalink Driver (Windows 2000)/HP) [MANUAL] HPZius12 Service C:\WINDOWS\System32\Drivers\HTTP.sys (HTTP Protocol Stack/Microsoft Corporation) [MANUAL] HTTP Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] HTTPFilter Service [SYSTEM] i2omgmt Service [DISABLED] i2omp Service C:\WINDOWS\system32\DRIVERS\i8042prt.sys (Sterownik portu i8042/Microsoft Corporation) [SYSTEM] i8042prt Service C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (IDriverT Module/Macrovision Corporation) [MANUAL] IDriverT Service C:\WINDOWS\system32\DRIVERS\imapi.sys (IMAPI Kernel Driver/Microsoft Corporation) [SYSTEM] Imapi Service C:\WINDOWS\system32\imapi.exe (Image Mastering API/Microsoft Corporation) [MANUAL] ImapiService Service inetaccs Service [DISABLED] ini910u Service Inport Service C:\WINDOWS\system32\DRIVERS\intelide.sys (Sterownik Intel PCI IDE/Microsoft Corporation) [BOOT] IntelIde Service C:\WINDOWS\system32\DRIVERS\intelppm.sys (Sterownik urządzenia procesora/Microsoft Corporation) [SYSTEM] intelppm Service C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys (IPv6 Windows Firewall Driver/Microsoft Corporation) [MANUAL] Ip6Fw Service C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys (IP FILTER DRIVER/Microsoft Corporation) [MANUAL] IpFilterDriver Service C:\WINDOWS\system32\DRIVERS\ipinip.sys (IP in IP Encapsulation Driver/Microsoft Corporation) [MANUAL] IpInIp Service C:\WINDOWS\system32\DRIVERS\ipnat.sys (IP Network Address Translator/Microsoft Corporation) [MANUAL] IpNat Service C:\WINDOWS\system32\DRIVERS\ipsec.sys (IPSec Driver/Microsoft Corporation) [SYSTEM] IPSec Service C:\WINDOWS\system32\DRIVERS\irenum.sys (Infra-Red Bus Enumerator/Microsoft Corporation) [MANUAL] IRENUM Service ISAPISearch Service C:\WINDOWS\system32\DRIVERS\isapnp.sys (Sterownik magistrali ISA PNP/Microsoft Corporation) [BOOT] isapnp Service C:\WINDOWS\system32\DRIVERS\kbdclass.sys (Sterownik klasy klawiatury/Microsoft Corporation) [SYSTEM] Kbdclass Service C:\WINDOWS\system32\drivers\kmixer.sys (Kernel Mode Audio Mixer/Microsoft Corporation) [MANUAL] kmixer Service (Kernel Security Support Provider Interface/Microsoft Corporation) [BOOT] KSecDD Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] LanmanServer Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] lanmanworkstation Service [SYSTEM] lbrtfdc Service ldap Service LicenseService Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] LmHosts Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Messenger Service (Frame buffer simulator/Microsoft Corporation) [SYSTEM] mnmdd Service C:\WINDOWS\system32\mnmsrvc.exe (Zdalne udostępnianie pulpitu NetMeeting/Microsoft Corporation) [MANUAL] mnmsrvc Service (Sterownik modemu/Microsoft Corporation) [MANUAL] Modem Service C:\WINDOWS\system32\DRIVERS\mouclass.sys (Sterownik klasy myszy/Microsoft Corporation) [SYSTEM] Mouclass Service C:\WINDOWS\system32\DRIVERS\mouhid.sys (Sterownik filtru myszy HID/Microsoft Corporation) [MANUAL] mouhid Service (Mount Manager/Microsoft Corporation) [BOOT] MountMgr Service [DISABLED] mraid35x Service C:\WINDOWS\system32\DRIVERS\mrxdav.sys (Windows NT WebDav Minirdr/Microsoft Corporation) [MANUAL] MRxDAV Service C:\WINDOWS\system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation) [SYSTEM] MRxSmb Service C:\WINDOWS\system32\msdtc.exe (MS DTC console program/Microsoft Corporation) [MANUAL] MSDTC Service (Mailslot driver/Microsoft Corporation) [SYSTEM] Msfs Service C:\WINDOWS\system32\msiexec.exe (Windows® installer/Microsoft Corporation) [MANUAL] MSIServer Service C:\WINDOWS\system32\drivers\MSKSSRV.sys (MS KS Server/Microsoft Corporation) [MANUAL] MSKSSRV Service C:\WINDOWS\system32\drivers\MSPCLOCK.sys (MS Proxy Clock/Microsoft Corporation) [MANUAL] MSPCLOCK Service C:\WINDOWS\system32\drivers\MSPQM.sys (MS Proxy Quality Manager/Microsoft Corporation) [MANUAL] MSPQM Service C:\WINDOWS\system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) [MANUAL] mssmbios Service C:\WINDOWS\system32\drivers\MSTEE.sys (WDM Tee/Communication Transform Filter /Microsoft Corporation) [MANUAL] MSTEE Service (Multiple UNC Provider driver/Microsoft Corporation) [BOOT] Mup Service C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys (WDM NABTS/FEC VBI Codec/Microsoft Corporation) [MANUAL] NABTSFEC Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] napagent Service (NDIS 5.1 wrapper driver/Microsoft Corporation) [BOOT] NDIS Service C:\WINDOWS\system32\DRIVERS\NdisIP.sys (Microsoft IP Driver/Microsoft Corporation) [MANUAL] NdisIP Service C:\WINDOWS\system32\DRIVERS\ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation) [MANUAL] NdisTapi Service C:\WINDOWS\system32\DRIVERS\ndisuio.sys (NDIS User mode I/O Driver/Microsoft Corporation) [MANUAL] Ndisuio Service C:\WINDOWS\system32\DRIVERS\ndiswan.sys (MS PPP Framing Driver (Strong Encryption)/Microsoft Corporation) [MANUAL] NdisWan Service (NDIS Proxy/Microsoft Corporation) [MANUAL] NDProxy Service C:\WINDOWS\system32\DRIVERS\netbios.sys (NetBIOS interface driver/Microsoft Corporation) [SYSTEM] NetBIOS Service C:\WINDOWS\system32\DRIVERS\netbt.sys (MBT Transport driver/Microsoft Corporation) [SYSTEM] NetBT Service C:\WINDOWS\system32\netdde.exe (DDE sieci - komunikacja DDE/Microsoft Corporation) [DISABLED] NetDDE Service C:\WINDOWS\system32\netdde.exe (DDE sieci - komunikacja DDE/Microsoft Corporation) [DISABLED] NetDDEdsdm Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [MANUAL] Netlogon Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Netman Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Nla Service system32\DRIVERS\nlndis.sys [MANUAL] NLNdisMP Service system32\DRIVERS\nlndis.sys [MANUAL] NLNdisPT Service C:\Program Files\NetLimiter 2 Pro\nlsvc.exe (NetLimiter 2 service/Locktime Software) [AUTO] nlsvc Service C:\WINDOWS\system32\drivers\nltdi.sys (NetLimiter Driver/Locktime Software) [SYSTEM] nltdi Service (NPFS Driver/Microsoft Corporation) [SYSTEM] Npfs Service (NT File System Driver/Microsoft Corporation) [DISABLED] Ntfs Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [MANUAL] NtLmSsp Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] NtmsSvc Service (NULL Driver/Microsoft Corporation) [SYSTEM] Null Service C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys (NWLINK2 Traffic Filter Driver/Microsoft Corporation) [MANUAL] NwlnkFlt Service C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys (NWLINK2 Forwarder Driver/Microsoft Corporation) [MANUAL] NwlnkFwd Service C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Office Source Engine/Microsoft Corporation) [MANUAL] ose Service C:\WINDOWS\system32\DRIVERS\parport.sys (Sterownik portu równoległego/Microsoft Corporation) [MANUAL] Parport Service (Partition Manager/Microsoft Corporation) [BOOT] PartMgr Service (VDM Parallel Driver/Microsoft Corporation) [AUTO] ParVdm Service C:\WINDOWS\system32\DRIVERS\pci.sys (Licznik NT Plug and Play PCI/Microsoft Corporation) [BOOT] PCI Service [SYSTEM] PCIDump Service C:\WINDOWS\system32\DRIVERS\pciide.sys (Rodzajowy sterownik magistrali PCI IDE/Microsoft Corporation) [BOOT] PCIIde Service (Sterownik magistrali PCMCIA/Microsoft Corporation) [DISABLED] Pcmcia Service [MANUAL] PDCOMP Service [MANUAL] PDFRAME Service [MANUAL] PDRELI Service [MANUAL] PDRFRAME Service [DISABLED] perc2 Service [DISABLED] perc2hib Service PerfDisk Service PerfNet Service PerfOS Service PerfProc Service C:\WINDOWS\system32\services.exe (Usługi i aplikacja Kontroler/Microsoft Corporation) [AUTO] PlugPlay Service C:\WINDOWS\system32\HPZipm12.exe (PML Driver/HP) [AUTO] Pml Driver HPZ12 Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] PolicyAgent Service C:\WINDOWS\system32\DRIVERS\raspptp.sys (Peer-to-Peer Tunneling Protocol/Microsoft Corporation) [MANUAL] PptpMiniport Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] ProtectedStorage Service C:\WINDOWS\system32\DRIVERS\psched.sys (MS QoS Packet Scheduler/Microsoft Corporation) [MANUAL] PSched Service C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) [MANUAL] Ptilink Service [DISABLED] ql1080 Service [DISABLED] Ql10wnt Service [DISABLED] ql12160 Service [DISABLED] ql1240 Service [DISABLED] ql1280 Service C:\WINDOWS\system32\DRIVERS\rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation) [SYSTEM] RasAcd Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] RasAuto Service C:\WINDOWS\system32\DRIVERS\rasl2tp.sys (RAS L2TP mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Rasl2tp Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] RasMan Service C:\WINDOWS\system32\DRIVERS\raspppoe.sys (RAS PPPoE mini-port/call-manager driver/Microsoft Corporation) [MANUAL] RasPppoe Service C:\WINDOWS\system32\DRIVERS\raspti.sys (PTI DirectParallel(R) mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Raspti Service C:\WINDOWS\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation) [SYSTEM] Rdbss Service C:\WINDOWS\System32\DRIVERS\RDPCDD.sys (RDP Miniport/Microsoft Corporation) [SYSTEM] RDPCDD Service RDPDD Service C:\WINDOWS\system32\DRIVERS\rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation) [MANUAL] rdpdr Service RDPNP Service (RDP Terminal Stack Driver (US/Canada Only, Not for Export)/Microsoft Corporation) [MANUAL] RDPWD Service C:\WINDOWS\system32\sessmgr.exe (Menedżer sesji pomocy pulpitu zdalnego Microsoft®/Microsoft Corporation) [MANUAL] RDSessMgr Service C:\WINDOWS\system32\DRIVERS\redbook.sys (Sterownik filtru audio Redbook/Microsoft Corporation) [SYSTEM] redbook Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] RemoteAccess Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] RemoteRegistry Service C:\WINDOWS\system32\locator.exe (Rpc Locator/Microsoft Corporation) [MANUAL] RpcLocator Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] RpcSs Service C:\WINDOWS\system32\rsvp.exe (Microsoft RSVP/Microsoft Corporation) [MANUAL] RSVP Service C:\WINDOWS\system32\DRIVERS\R8139n51.SYS (Realtek RTL8139/810x Family NDIS 5.1 Drv/Realtek Semiconductor Corporation) [MANUAL] rtl8139 Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] SamSs Service C:\WINDOWS\System32\SCardSvr.exe (Smart Card Resource Management Server/Microsoft Corporation) [MANUAL] SCardSvr Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Schedule Service C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [MANUAL] Secdrv Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] seclogon Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] SENS Service C:\WINDOWS\system32\DRIVERS\serenum.sys (Serial Port Enumerator/Microsoft Corporation) [MANUAL] serenum Service C:\WINDOWS\system32\DRIVERS\serial.sys (Sterownik urządzenia szeregowego/Microsoft Corporation) [SYSTEM] Serial Service (SCSI Floppy Driver/Microsoft Corporation) [SYSTEM] Sfloppy Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] SharedAccess Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] ShellHWDetection Service [DISABLED] Simbad Service C:\WINDOWS\system32\DRIVERS\SLIP.sys (Microsoft Slip Deframing Filter Minidriver/Microsoft Corporation) [MANUAL] SLIP Service [DISABLED] Sparrow Service C:\WINDOWS\system32\drivers\splitter.sys (Microsoft Kernel Audio Splitter/Microsoft Corporation) [MANUAL] splitter Service C:\WINDOWS\system32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) [AUTO] Spooler Service C:\WINDOWS\System32\Drivers\sptd.sys [BOOT] sptd Service C:\WINDOWS\system32\DRIVERS\sr.sys (Sterownik filtru systemu plików Przywracania systemu/Microsoft Corporation) [BOOT] sr Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] srservice Service C:\WINDOWS\system32\DRIVERS\srv.sys (Server driver/Microsoft Corporation) [MANUAL] Srv Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] SSDPSRV Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] stisvc Service C:\WINDOWS\system32\DRIVERS\StreamIP.sys (Microsoft IP Test Driver/Microsoft Corporation) [MANUAL] streamip Service C:\WINDOWS\system32\DRIVERS\swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation) [MANUAL] swenum Service C:\WINDOWS\system32\drivers\swmidi.sys (Microsoft GS Wavetable Synthesizer/Microsoft Corporation) [MANUAL] swmidi Service C:\WINDOWS\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] SwPrv Service [DISABLED] symc810 Service [DISABLED] symc8xx Service [DISABLED] sym_hi Service [DISABLED] sym_u3 Service C:\WINDOWS\system32\drivers\sysaudio.sys (System Audio WDM Filter/Microsoft Corporation) [MANUAL] sysaudio Service C:\WINDOWS\system32\smlogsvc.exe (Usługa dzienników wydajności i alertów/Microsoft Corporation) [MANUAL] SysmonLog Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] TapiSrv Service C:\WINDOWS\system32\DRIVERS\tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation) [SYSTEM] Tcpip Service (Named Pipe Transport Driver/Microsoft Corporation) [MANUAL] TDPIPE Service (TCP Transport Driver/Microsoft Corporation) [MANUAL] TDTCP Service C:\WINDOWS\system32\DRIVERS\termdd.sys (Terminal Server Driver/Microsoft Corporation) [SYSTEM] TermDD Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] TermService Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Themes Service C:\WINDOWS\system32\tlntsvr.exe (Usługa Telnet/Microsoft Corporation) [DISABLED] TlntSvr Service [DISABLED] TosIde Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] TrkWks Service TSDDD Service (UDF File System Driver/Microsoft Corporation) [DISABLED] Udfs Service [DISABLED] ultra Service C:\WINDOWS\system32\DRIVERS\update.sys (Update Driver/Microsoft Corporation) [MANUAL] Update Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] upnphost Service C:\WINDOWS\System32\ups.exe (UPS Service/Microsoft Corporation) [MANUAL] UPS Service C:\WINDOWS\system32\DRIVERS\usbccgp.sys (USB Common Class Generic Parent Driver/Microsoft Corporation) [MANUAL] usbccgp Service C:\WINDOWS\system32\DRIVERS\usbehci.sys (EHCI eUSB Miniport Driver/Microsoft Corporation) [MANUAL] usbehci Service C:\WINDOWS\system32\DRIVERS\usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) [MANUAL] usbhub Service C:\WINDOWS\system32\DRIVERS\usbprint.sys (USB Printer driver/Microsoft Corporation) [MANUAL] usbprint Service C:\WINDOWS\system32\DRIVERS\usbscan.sys (USB Scanner Driver/Microsoft Corporation) [MANUAL] usbscan Service C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation) [MANUAL] USBSTOR Service C:\WINDOWS\system32\DRIVERS\usbuhci.sys (UHCI USB Miniport Driver/Microsoft Corporation) [MANUAL] usbuhci Service C:\WINDOWS\System32\drivers\vga.sys (VGA/Super VGA Video Driver/Microsoft Corporation) [SYSTEM] VgaSave Service [DISABLED] ViaIde Service (Sterownik kopiowania woluminów w tle/Microsoft Corporation) [BOOT] VolSnap Service C:\WINDOWS\System32\vssvc.exe (Usługa kopiowania woluminów w tle Microsoft®/Microsoft Corporation) [MANUAL] VSS Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] W32Time Service W3SVC Service C:\WINDOWS\system32\DRIVERS\wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation) [MANUAL] Wanarp Service [MANUAL] WDICA Service C:\WINDOWS\system32\drivers\wdmaud.sys (MMSYSTEM Wave/Midi API mapper/Microsoft Corporation) [MANUAL] wdmaud Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] WebClient Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] winmgmt Service [MANUAL] Winsock Service WinSock2 Service WinTrust Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] WmdmPmSN Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Wmi Service WmiApRpl Service C:\WINDOWS\system32\wbem\wmiapsrv.exe (Usługa karty wydajności WMI/Microsoft Corporation) [MANUAL] WmiApSrv Service (Winsock2 IFS Layer/Microsoft Corporation) [SYSTEM] WS2IFSL Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] wscsvc Service C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS (WDM WST Codec Driver/Microsoft Corporation) [MANUAL] WSTCODEC Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] wuauserv Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] WZCSVC Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] xmlprov Service {21D10148-B2EF-4767-9B5F-18C02ECBC83D} Service {82ADE926-1A99-40BF-9166-EA330CE884DD} ---- EOF - GMER 1.0.15 ----[/log] [b]Catchme[/b] [log]catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-12-01 15:58:35 Windows 5.1.2600 Dodatek Service Pack 3 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s1"=dword:2df9c43f "s2"=dword:110480d0 "h0"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC] "h0"=dword:00000000 "hdf12"=hex:f6,52,56,c1,da,20,d6,4e,a9,f2,4a,2e,73,e3,11,d3,33,83,9b,72,76,.. "p0"="C:\Program Files\DAEMON Tools Lite\" "u0"=hex:d4,c3,97,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001] "hdf12"=hex:7d,5e,bd,ee,6c,52,04,e7,65,b3,e8,6d,02,26,13,7a,29,bd,a1,d7,86,.. "a0"=hex:20,01,00,00,3f,05,4b,1a,82,98,d7,4f,9b,06,cd,c6,01,65,95,60,a1,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0] "hdf12"=hex:0e,9f,75,01,e7,8d,be,a2,e5,21,a1,f4,ec,07,9e,b8,57,6b,ff,aa,f8,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC] "h0"=dword:00000000 "hdf12"=hex:f6,52,56,c1,da,20,d6,4e,a9,f2,4a,2e,73,e3,11,d3,33,83,9b,72,76,.. "p0"="C:\Program Files\DAEMON Tools Lite\" "u0"=hex:d4,c3,97,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001] "hdf12"=hex:7d,5e,bd,ee,6c,52,04,e7,65,b3,e8,6d,02,26,13,7a,29,bd,a1,d7,86,.. "a0"=hex:20,01,00,00,3f,05,4b,1a,82,98,d7,4f,9b,06,cd,c6,01,65,95,60,a1,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0] "hdf12"=hex:0e,9f,75,01,e7,8d,be,a2,e5,21,a1,f4,ec,07,9e,b8,57,6b,ff,aa,f8,.. scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0[/log] [b]DDS[/b] [log] DDS (Ver_09-12-01.01) - NTFSx86 Run by Dawid at 16:02:33,85 on 2009-12-01 Internet Explorer: 6.0.2900.5512 Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.1023.531 [GMT 1:00] AV: AVG Internet Security *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: AVG Firewall *enabled* {8decf618-9569-4340-b34a-d78d28969b66} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe svchost.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files\AVG\AVG9\avgfws9.exe C:\Program Files\NetLimiter 2 Pro\nlsvc.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\AVG\AVG9\avgemc.exe C:\Program Files\AVG\AVG9\avgam.exe C:\Program Files\Opera\opera.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\osk.exe C:\WINDOWS\system32\MSSWCHX.EXE C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\sol.exe C:\Documents and Settings\Dawid\Pulpit\dds.pif ============== Pseudo HJT Report =============== BHO: FG2CatchUrl: {1f364306-aa45-47b5-9f9d-39a8b94e7ef1} - c:\program files\flashget network\flashget universal\comdlls\bhoCATCH.dll mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE uPolicies-explorer: NoSetActiveDesktop = 1 (0x1) uPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) uPolicies-system: DisableTaskMgr = 1 (0x1) mPolicies-explorer: NoSetActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) IE: &Download All by FlashGet - c:\program files\flashget network\flashget universal\comdlls\Bhoall.htm IE: &Download by FlashGet - c:\program files\flashget network\flashget universal\comdlls\Bholink.htm IE: E&ksport do programu Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll Notify: avgrsstarter - avgrsstx.dll ============= SERVICES / DRIVERS =============== R0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSxx.sys [2009-11-30 25608] R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2009-11-30 161800] R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-11-30 333192] R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-11-30 28424] R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-11-30 360584] R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [2007-4-23 82200] R2 avg9emc;AVG E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2009-11-30 906520] R2 avg9wd;AVG WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2009-11-30 285392] R2 avgfws9;AVG Firewall;c:\program files\avg\avg9\avgfws9.exe [2009-11-30 2304192] R2 AVGIDSAgent;AVG9IDSAgent;c:\program files\avg\avg9\identity protection\agent\bin\AVGIDSAgent.exe [2009-11-30 5832712] R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2009-11-30 30104] R3 AVGIDSDriverxpx;AVG9IDSDriver;c:\program files\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSDriver.sys [2009-11-30 122376] R3 AVGIDSFilterxpx;AVG9IDSFilter;c:\program files\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSFilter.sys [2009-11-30 30216] R3 AVGIDSShimxpx;AVG9IDSShim;c:\program files\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSShim.sys [2009-11-30 25736] S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2009-11-30 30104] S3 NLNdisMP;NLNdisMP;c:\windows\system32\drivers\nlndis.sys --> c:\windows\system32\drivers\nlndis.sys [?] S3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\drivers\nlndis.sys --> c:\windows\system32\drivers\nlndis.sys [?] =============== Created Last 30 ================ 2009-12-01 14:20:09 0 d-----w- c:\program files\trend micro 2009-12-01 13:54:29 0 d-----w- c:\windows\pss 2009-11-30 20:17:32 0 d--h--w- C:\$AVG 2009-11-30 20:17:08 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2009-11-30 20:17:06 25608 ----a-w- c:\windows\system32\drivers\AVGIDSxx.sys 2009-11-30 20:17:04 161800 ----a-w- c:\windows\system32\drivers\avgrkx86.sys 2009-11-30 20:17:02 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-11-30 20:16:49 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-11-30 20:16:40 0 d-----w- c:\windows\system32\drivers\Avg 2009-11-30 20:15:42 50968 ----a-w- c:\windows\system32\avgfwdx.dll 2009-11-30 20:15:42 30104 ----a-w- c:\windows\system32\drivers\avgfwdx.sys 2009-11-30 20:15:42 0 d-----w- c:\program files\AVG 2009-11-30 20:15:25 0 d-----w- c:\docume~1\alluse~1\daneap~1\avg9 2009-11-30 20:02:19 0 ----a-w- c:\windows\system32\18467.exe 2009-11-30 19:42:26 0 d-----w- c:\program files\AdvancedVirusRemover 2009-11-30 19:42:20 0 ----a-w- c:\windows\system32\41.exe 2009-11-30 19:42:08 22528 ----a-w- c:\windows\system32\winhelper86.dll 2009-11-30 19:42:02 741 ----a-w- c:\windows\system32\critical_warning.html 2009-11-30 19:36:49 0 d-----w- c:\program files\PDFtoPNG 2009-11-29 18:21:37 0 d-----w- c:\documents and settings\dawid\.gstreamer-0.10 2009-11-29 17:39:47 91648 -c--a-w- c:\windows\system32\dllcache\kswdmcap.ax 2009-11-29 17:39:47 91648 ----a-w- c:\windows\system32\kswdmcap.ax 2009-11-29 17:39:47 28672 -c--a-w- c:\windows\system32\dllcache\vidcap.ax 2009-11-29 17:39:47 28672 ----a-w- c:\windows\system32\vidcap.ax 2009-11-29 17:39:45 61952 -c--a-w- c:\windows\system32\dllcache\kstvtune.ax 2009-11-29 17:39:45 61952 ----a-w- c:\windows\system32\kstvtune.ax 2009-11-29 17:39:44 54784 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll 2009-11-29 17:39:44 54784 ----a-w- c:\windows\system32\vfwwdm32.dll 2009-11-29 17:39:38 43008 -c--a-w- c:\windows\system32\dllcache\ksxbar.ax 2009-11-29 17:39:38 43008 ----a-w- c:\windows\system32\ksxbar.ax 2009-11-29 17:24:51 631 ----a-w- c:\windows\system32\Remover.ini 2009-11-29 17:24:51 48128 ----a-w- c:\windows\system32\Remove.exe 2009-11-29 17:24:41 0 d-----w- c:\windows\PixArt 2009-11-29 17:24:40 0 d-----w- c:\program files\PC Camera 2009-11-29 17:24:40 0 d-----w- c:\program files\common files\PAC207 2009-11-29 17:11:17 307200 ----a-w- c:\windows\vidcap32.Exe 2009-11-29 17:11:17 0 d-----w- c:\windows\EffectResources 2009-11-29 17:11:15 81920 ----a-w- c:\windows\system32\ZS211sti.dll 2009-11-29 17:11:15 57344 ----a-w- c:\windows\Sti211.exe 2009-11-29 17:11:15 49152 ----a-w- c:\windows\Domino.exe 2009-11-29 17:11:15 172032 ----a-w- c:\windows\amcap.exe 2009-11-29 17:11:15 102400 ----a-w- c:\windows\ZS211Cap.exe 2009-11-29 17:11:14 49152 ----a-w- c:\windows\ZSSnp211.exe 2009-11-29 17:11:14 391836 ----a-w- c:\windows\system32\drivers\ZS211.sys 2009-11-29 17:11:14 172115 ----a-w- c:\windows\system32\ZS211Prp.Ax 2009-11-29 17:11:14 0 d-----w- c:\windows\CatRoot 2009-11-29 17:11:14 0 d-----w- c:\program files\Vimicro 2009-11-29 17:02:06 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2009-11-29 16:56:22 0 d-----r- c:\program files\Skype 2009-11-28 22:14:57 0 d-----w- c:\docume~1\alluse~1\daneap~1\OpenFM 2009-11-28 22:14:54 0 d-----w- c:\docume~1\dawid\daneap~1\OpenFM 2009-11-28 22:07:05 0 d-----w- c:\docume~1\dawid\daneap~1\Gadu-Gadu 10 2009-11-28 08:49:31 0 d-----w- c:\program files\AMT 2009-11-27 20:28:56 0 d-----w- c:\docume~1\dawid\daneap~1\Dev-Cpp 2009-11-27 20:27:51 0 d-----w- C:\Dev-Cpp 2009-11-26 20:32:57 0 d-----w- c:\docume~1\dawid\daneap~1\Gadu-Gadu 2009-11-24 18:29:53 0 d-----w- c:\docume~1\dawid\daneap~1\Locktime 2009-11-24 18:27:29 0 d-----w- c:\docume~1\alluse~1\daneap~1\Locktime 2009-11-24 18:27:05 0 d-----w- c:\program files\NetLimiter 2 Pro 2009-11-24 18:21:55 0 d-----w- c:\documents and settings\dawid\Gadu-Gadu 2009-11-24 18:21:37 0 d-----w- c:\program files\Gadu-Gadu 2009-11-24 17:46:20 0 d-----r- C:\Nowy folder 2009-11-24 17:16:11 0 d-----w- c:\windows\system32\appmgmt 2009-11-24 17:13:24 421 ----a-w- c:\windows\ODBC.INI 2009-11-24 17:13:02 17920 ----a-w- c:\windows\system32\mdimon.dll 2009-11-24 17:10:22 0 d-----w- c:\windows\SHELLNEW 2009-11-24 17:06:12 0 d-----w- c:\docume~1\alluse~1\daneap~1\DAEMON Tools Lite 2009-11-24 17:06:08 0 d-----w- c:\program files\DAEMON Tools Toolbar 2009-11-24 17:06:02 0 d-----w- c:\program files\DAEMON Tools Lite 2009-11-24 17:01:41 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-11-24 17:01:26 0 d-----w- c:\docume~1\dawid\daneap~1\DAEMON Tools Lite 2009-11-24 16:56:34 0 d-----w- c:\program files\common files\HP 2009-11-24 16:51:25 0 d-----w- c:\program files\common files\Hewlett-Packard 2009-11-24 16:50:52 16496 ----a-r- c:\windows\system32\drivers\HPZipr12.sys 2009-11-24 16:50:49 51120 ----a-r- c:\windows\system32\drivers\HPZid412.sys 2009-11-24 16:49:58 21744 ----a-r- c:\windows\system32\drivers\HPZius12.sys 2009-11-24 16:49:37 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys 2009-11-24 16:49:37 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys 2009-11-24 16:48:47 94208 ----a-w- c:\windows\system32\HPZipt12.dll 2009-11-24 16:48:47 69632 ----a-w- c:\windows\system32\HPZipm12.exe 2009-11-24 16:48:47 61440 ----a-w- c:\windows\system32\HPZinw12.exe 2009-11-24 16:48:47 57344 ----a-w- c:\windows\system32\HPZisn12.dll 2009-11-24 16:48:47 278584 ----a-w- c:\windows\system32\HPZidr12.dll 2009-11-24 16:48:47 204800 ----a-w- c:\windows\system32\HPZipr12.dll 2009-11-24 16:46:22 0 d-----w- c:\program files\HP 2009-11-24 16:46:15 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys 2009-11-24 16:46:15 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys 2009-11-24 16:46:10 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys 2009-11-24 16:46:10 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2009-11-24 16:44:04 21124 ------w- c:\windows\hpomdl07.dat 2009-11-24 16:44:04 113547 ----a-w- c:\windows\hpoins07.dat 2009-11-24 16:15:29 0 d-----r- C:\Downloads 2009-11-24 16:12:29 0 d-----w- c:\docume~1\dawid\daneap~1\BITS 2009-11-24 16:12:22 0 d-----w- C:\profiles 2009-11-24 16:12:04 0 d-----w- c:\program files\FlashGet Network 2009-11-23 20:37:36 0 d-----w- c:\program files\common files\ODBC 2009-11-23 20:37:31 0 d-----w- c:\program files\common files\SpeechEngines 2009-11-23 20:36:32 0 d--h--w- c:\documents and settings\all users\Szablony 2009-11-23 20:36:32 0 d-----w- c:\documents and settings\all users\Ulubione 2009-11-23 20:36:32 0 d-----w- c:\documents and settings\all users\Pulpit 2009-11-23 20:36:32 0 d-----r- c:\documents and settings\all users\Menu Start 2009-11-23 20:36:32 0 d-----r- c:\documents and settings\all users\Dokumenty 2009-11-23 20:36:03 0 d--h--r- c:\documents and settings\all users\Dane aplikacji 2009-11-23 20:25:05 0 d-----w- c:\program files\K-Lite Codec Pack 2009-11-23 20:05:09 0 d-----w- c:\program files\C-Media 3D Audio 2009-11-23 20:03:31 0 d-----w- c:\program files\Ninja 2009-11-23 19:50:50 0 d-sh--w- c:\documents and settings\all users\DRM 2009-11-23 19:50:17 0 d--h--w- c:\program files\WindowsUpdate 2009-11-23 19:50:10 0 d-----w- c:\program files\Usługi online 2009-11-23 19:49:20 0 d-----w- c:\program files\common files\MSSoap 2009-11-23 19:46:12 0 d-----w- c:\program files\Messenger 2009-11-23 19:46:04 0 d-----w- c:\program files\MSN Gaming Zone 2009-11-23 19:45:16 0 d-----w- c:\program files\Windows NT ==================== Find3M ==================== 2009-11-23 20:16:00 74450 ----a-w- c:\windows\system32\perfc015.dat 2009-11-23 20:16:00 448348 ----a-w- c:\windows\system32\perfh015.dat 2009-11-23 19:47:04 21856 ----a-w- c:\windows\system32\emptyregdb.dat 2009-11-09 18:00:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll ============= FINISH: 16:03:21,15 =============== [/log] [log] UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-12-01.01) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 2009-11-23 20:57:31 System Uptime: 2009-12-01 14:57:04 (2 hours ago) Motherboard: | | P4I45PE. Processor: Intel(R) Celeron(R) CPU 2.40GHz | FC-478 | 2398/100mhz ==== Disk Partitions ========================= C: is FIXED (NTFS) - 19 GiB total, 0,937 GiB free. D: is CDROM () G: is CDROM () H: is FIXED (NTFS) - 20 GiB total, 11,568 GiB free. I: is FIXED (NTFS) - 129 GiB total, 92,749 GiB free. ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP1: 2009-11-23 21:00:55 - Punkt kontrolny systemu RP2: 2009-11-23 21:07:29 - Installed RTLSetup for Realtek RTL8139/810x Family NIC 3.00 RP3: 2009-11-23 21:16:14 - Installed Opera 10.00. RP4: 2009-11-24 17:31:49 - Installed NetLimiter 3 RP5: 2009-11-24 18:01:38 - SPTD setup V1.58 RP6: 2009-11-24 18:09:55 - Zainstalowano: Microsoft Office Professional Edition 2003 RP7: 2009-11-24 18:15:37 - Removed NetLimiter 3 RP8: 2009-11-25 16:44:54 - SPTD setup V1.62 RP9: 2009-11-25 22:23:29 - Installed PC Inspector File Recovery RP10: 2009-11-25 22:34:13 - Removed PC Inspector File Recovery RP11: 2009-11-27 19:50:50 - Removed Opera 10.00. RP12: 2009-11-27 19:51:22 - Installed Opera 10.10. RP13: 2009-11-28 20:13:47 - Punkt kontrolny systemu RP14: 2009-11-29 18:11:12 - Zainstalowane USB PC Camera (ZS211) RP15: 2009-11-29 18:24:17 - Installed USB PC CAMERA P227 RP16: 2009-11-29 18:39:32 - Aktualizuj do niepodpisanego sterownika RP17: 2009-11-30 20:00:34 - Punkt kontrolny systemu RP18: 2009-11-30 21:15:22 - Installed AVG 9.0 RP19: 2009-11-30 21:31:33 - Avg8 Update RP20: 2009-11-30 21:31:56 - Avg8 Update ==== Installed Programs ====================== 1500 1500_Help 1500Trb 7-Zip 4.65 Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin AiO_Scan AiOSoftware ATI Display Driver AVG 9.0 BufferChm C-Media 3D Audio CP_Package_Variety1 CP_Package_Variety2 CP_Package_Variety3 DAEMON Tools Toolbar Destinations Dev-C++ 5 beta 9 release (4.9.9.2) DeviceManagementQFolder DocProc eSupportQFolder Fax FlashGet 2.0 Gadu-Gadu 7.7 HijackThis 2.0.2 HP Image Zone Express HP Imaging Device Functions 5.3 HP PSC & OfficeJet 5.3.B HP Software Update HP Solution Center & Imaging Support Tools 5.3 HPProductAssistant K-Lite Mega Codec Pack 5.4.4 Microsoft .NET Framework 2.0 Microsoft Office Professional Edition 2003 Microsoft Visual C++ 2005 Redistributable NetLimiter 2 Pro (remove only) NewCopy Opera 10.10 PDF to PNG Converter ProductContext Readme RTLSetup for Realtek RTL8139/810x Family NIC 3.00 Scan ScannerCopy Skype™ 4.0 SolutionCenter Status TrayApp Unload USB PC Camera (ZS211) USB PC CAMERA P227 WebFldrs XP WebReg Winamp ==== Event Viewer Messages From Past Week ======== 2009-11-24 19:16:15, informacje: Windows File Protection [64002] - Podjęto próbę zamiany chronionego pliku systemowego c:\windows\system32\apphelp.dll. Dla zachowania stabilności systemu została przywrócona wersja oryginalna pliku. Wersja złego pliku: 5.1.2600.5512. ==== End Of File =========================== [/log]
Gość komentarz 1 grudnia 2009 komentarz 1 grudnia 2009 (edytowane) Miałem to samo ale nie tak fajna tapetke sciagnij te programy i przeskanuj kompa http://www.idg.pl/ftp/pc_897/Anti.Trojan.5.5.420.html http://www.pctools.com/pl/spyware-doctor/
Gość komentarz 1 grudnia 2009 komentarz 1 grudnia 2009 Na tą infekcję to tylko ComboFix: http://www.forumpc.pl/index.php?showtopic=120614&st=0&p=837303&fromsearch=1&#entry837303 Użyj go i wklej loga.
DawidG3 komentarz 1 grudnia 2009 Autor komentarz 1 grudnia 2009 Log z programu [b]SDFix[/b]: [url]http://wklej.org/id/221438/[/url] Nowy log z programu [b]RIST[/b]: [url]http://wklej.org/id/221444/[/url] Nowy log z programu [b]OTL[/b]: [url]http://wklej.org/id/221453/[/url] Nowy drugi log z programu [b]OTL[/b]: [url]http://wklej.org/id/221460/[/url]
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.