gosia1995 utworzono 25 czerwca 2010 utworzono 25 czerwca 2010 Pomocy!!!! Mam używanego laptopa hp omnibook xe4500 i coś zknociłam. Teraz jak tylko po włączeniu komputera loguję się na konto, to w dwóch egzemplarzach włączają mi się moje dokumenty. Co mogłam zrobić i co teraz powinnam zrobić ?? Proszę o szybką pomoc!!!!! Gosiaq [color="#ff0000"] //przenoszę do subforum Logi do sprawdzenia //raaz[/color]
raazor90 komentarz 27 czerwca 2010 komentarz 27 czerwca 2010 Wygląda mi to na infekcję, daj loga z OTL: http://www.forumpc.pl/index.php?showtopic=104338
gosia1995 komentarz 3 lipca 2010 Autor komentarz 3 lipca 2010 (edytowane) To chyba to [log]OTL logfile created on: 2010-07-03 17:15:53 - Run 1 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\user\Moje dokumenty Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 254,00 Mb Total Physical Memory | 20,00 Mb Available Physical Memory | 8,00% Memory free 625,00 Mb Paging File | 163,00 Mb Available in Paging File | 26,00% Paging File free Paging file location(s): C:\pagefile.sys 384 768 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 27,92 Gb Total Space | 18,85 Gb Free Space | 67,50% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: HEWLETT-DUT2OTV Current User Name: user Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color="#e56717"]========== Processes (All) ==========[/color] PRC - [2010-07-03 14:29:44 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\OTL.exe PRC - [2010-06-18 17:00:10 | 000,198,608 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe PRC - [2010-05-11 11:51:52 | 001,287,120 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsTray.exe PRC - [2010-04-28 13:45:50 | 000,835,952 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2010-03-15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsSvc.exe PRC - [2010-03-11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsAuxs.exe PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-04-14 22:51:32 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe PRC - [2008-04-14 22:51:30 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msiexec.exe PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2002-04-22 22:00:16 | 000,282,624 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\system32\atiptaxx.exe PRC - [2002-04-22 20:13:58 | 000,118,784 | ---- | M] () -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2002-04-20 13:56:36 | 000,077,824 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Hewlett-Packard\One-Touch\ONETOUCH.EXE PRC - [2002-04-12 13:54:22 | 000,126,976 | R--- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe PRC - [2002-04-12 13:53:14 | 000,536,576 | R--- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2002-03-27 12:18:44 | 000,004,608 | ---- | M] (Conexant Systems) -- C:\WINDOWS\system32\carpserv.exe PRC - [2002-03-25 18:38:38 | 000,122,880 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\RadioSvr.exe PRC - [2002-03-14 13:12:46 | 000,151,552 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\HPConfig.exe PRC - [2002-03-14 03:25:00 | 000,102,455 | ---- | M] (VERITAS Software, Inc.) -- C:\WINDOWS\system32\dla\tfswctrl.exe PRC - [2002-03-07 18:57:50 | 000,061,440 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe [color="#e56717"]========== Modules (All) ==========[/color] MOD - [2010-07-03 14:29:44 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\OTL.exe MOD - [2010-02-26 07:16:18 | 000,154,160 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\smum32.dll MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-06-17 21:03:15 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 22:50:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2008-04-14 22:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 22:50:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2008-04-14 22:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 22:50:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008-04-14 22:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2002-04-12 13:54:00 | 000,065,536 | R--- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll [color="#e56717"]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- -- (gupdate) Usługa Google Update (gupdate) SRV - [2010-06-18 17:00:10 | 000,198,608 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service) SRV - [2010-03-15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Security\pctsSvc.exe -- (sdCoreService) SRV - [2010-03-11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Security\pctsAuxs.exe -- (sdAuxService) SRV - [2002-03-25 18:38:38 | 000,122,880 | ---- | M] (Hewlett-Packard) [On_Demand | Running] -- C:\WINDOWS\system32\RadioSvr.exe -- (RadioSvr) SRV - [2002-03-14 13:12:46 | 000,151,552 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPConfig.exe -- (HPConfig) SRV - [2002-01-18 18:33:40 | 000,069,632 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\WINDOWS\system32\HpRfDev.exe -- (HpRfDev) [color="#e56717"]========== Driver Services (SafeList) ==========[/color] DRV - [2010-03-29 10:06:14 | 000,218,592 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore) DRV - [2002-05-20 10:51:26 | 000,016,064 | ---- | M] (National Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DP83815.sys -- (DP83815) DRV - [2002-04-22 21:20:22 | 000,426,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2002-04-19 10:36:54 | 000,006,848 | ---- | M] (Hewlett-Packard Co.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Hpgate.sys -- (HPGate) DRV - [2002-04-12 17:38:08 | 000,225,504 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\calihal.sys -- (CALIHALA) DRV - [2002-04-12 17:33:28 | 000,321,504 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\caliaud.sys -- (CALIAUD) DRV - [2002-04-12 13:42:04 | 000,252,880 | R--- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2002-04-01 17:05:08 | 000,014,643 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KBFILTR.SYS -- (KBFiltr) DRV - [2002-03-27 12:18:52 | 000,034,224 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\strmdisp.sys -- (StreamDispatcher) DRV - [2002-03-27 12:17:26 | 000,153,380 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWALI.sys -- (HSFHWALI) DRV - [2002-03-27 12:16:14 | 001,171,616 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP) DRV - [2002-03-27 12:10:00 | 000,594,960 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2002-03-14 03:25:00 | 000,094,679 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa) DRV - [2002-03-14 03:25:00 | 000,088,758 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf) DRV - [2002-03-14 03:25:00 | 000,052,758 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs) DRV - [2002-03-14 03:25:00 | 000,034,743 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs) DRV - [2002-03-14 03:25:00 | 000,023,607 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio) DRV - [2002-03-14 03:25:00 | 000,013,847 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio) DRV - [2002-03-14 03:25:00 | 000,006,327 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool) DRV - [2002-03-14 03:25:00 | 000,004,119 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct) DRV - [2002-03-14 03:25:00 | 000,002,203 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres) DRV - [2002-02-15 03:21:00 | 000,078,048 | ---- | M] (VERITAS Software, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb) DRV - [2002-02-12 02:56:00 | 000,040,096 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm) DRV - [2002-01-30 13:33:42 | 000,014,472 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hpci.sys -- (HPCI) DRV - [2002-01-28 17:04:04 | 000,005,589 | ---- | M] (VERITAS Software, Inc.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5) DRV - [2002-01-28 17:03:18 | 000,022,963 | ---- | M] (VERITAS Software, Inc.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln) DRV - [2002-01-18 12:00:00 | 000,057,344 | ---- | M] (LAN-Express) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Express.sys -- (LEX_NIC_SERVICE) DRV - [2001-12-17 23:54:32 | 000,026,112 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aliirda.sys -- (ALiIRDA) DRV - [2001-10-30 04:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde) DRV - [2001-08-31 17:49:18 | 000,030,733 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ALiAGP.sys -- (ALiAGP) DRV - [2001-08-17 21:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA) [color="#e56717"]========== Standard Registry (SafeList) ==========[/color] [color="#e56717"]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://www.hp.com/info/homepage-o"]http://www.hp.com/info/homepage-o[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.hp.com/info/homepage-o"]http://www.hp.com/info/homepage-o[/url] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.hp.com/info/homepage-o"]http://www.hp.com/info/homepage-o[/url] IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.hp.com/info/homepage-o"]http://www.hp.com/info/homepage-o[/url] IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.hp.com/info/homepage-o"]http://www.hp.com/info/homepage-o[/url] IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.pl/"]http://www.google.pl/[/url] IE - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) IE - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\ [2010-06-22 15:54:53 | 000,000,000 | ---D | M] O1 HOSTS File: ([2001-10-30 04:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx () O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O3 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.) O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.) O4 - HKLM..\Run: [CARPService] C:\WINDOWS\System32\carpserv.exe (Conexant Systems) O4 - HKLM..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe (Hewlett-Packard) O4 - HKLM..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe (Hewlett-Packard) O4 - HKLM..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe (Hewlett-Packard) O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsTray.exe (PC Tools) O4 - HKLM..\Run: [QT4HPOT] C:\Program Files\Hewlett-Packard\One-Touch\ONETOUCH.EXE (Dritek System Inc.) O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) O4 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005..\Run: [EXPLORER.EXE] C:\WINDOWS\explorer.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005..\Run: [wsctf.exe] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} [url="http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1277063856334"]http://update.micros...b?1277063856334[/url] (WUWebControl Class) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.243.39.61 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (EXPLORER.EXE) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2002-06-14 13:49:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2002-06-14 13:33:32 | 000,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: UploadMgr - Service SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color="#e56717"]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-07-03 15:04:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2010-07-03 14:33:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Kopia Moje obrazy [2010-07-03 14:31:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit\Zdjęcia [2010-07-03 14:29:41 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\OTL.exe [2010-06-23 15:58:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall [2010-06-23 15:58:39 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$ [2010-06-23 14:06:53 | 000,143,360 | R--- | C] (Zenographics) -- C:\WINDOWS\apptune1020.exe [2010-06-23 14:06:44 | 000,086,016 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZSPOOL.DLL [2010-06-23 14:06:44 | 000,086,016 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZLhp1020.dll [2010-06-23 14:06:44 | 000,028,672 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\IMF32.DLL [2010-06-23 14:06:44 | 000,024,576 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZTAG32.DLL [2010-06-23 14:06:43 | 000,028,672 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\zlm.dll [2010-06-23 14:06:31 | 000,000,000 | -H-D | C] -- C:\Program Files\Zenographics [2010-06-23 13:53:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Opera [2010-06-23 13:53:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Opera [2010-06-22 22:38:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files [2010-06-22 22:29:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Moje wideo [2010-06-22 22:17:35 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2010-06-22 20:15:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt [2010-06-22 15:54:50 | 000,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll [2010-06-22 15:54:49 | 001,435,600 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll [2010-06-22 15:54:49 | 000,264,144 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll [2010-06-22 15:54:36 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys [2010-06-22 15:54:21 | 000,218,592 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys [2010-06-22 15:54:21 | 000,088,040 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys [2010-06-22 15:53:55 | 000,063,360 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys [2010-06-22 15:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools [2010-06-22 15:53:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\PC Tools [2010-06-22 15:53:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Tools [2010-06-22 15:53:18 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security [2010-06-22 15:05:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google [2010-06-22 07:40:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google [2010-06-22 07:39:33 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2010-06-22 07:39:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google [2010-06-21 23:31:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-06-21 23:29:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\Notesy programu OneNote [2010-06-21 23:07:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works [2010-06-21 23:06:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2010-06-21 22:58:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW [2010-06-21 22:57:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft Help [2010-06-21 22:56:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2010-06-21 22:56:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help [2010-06-21 22:52:33 | 000,000,000 | RH-D | C] -- C:\MSOCache [2010-06-21 22:27:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo [2010-06-21 22:26:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2010-06-21 22:09:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-pl [2010-06-21 22:09:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\provisioning [2010-06-21 22:09:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas [2010-06-21 22:09:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl [2010-06-21 22:09:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\peernet [2010-06-21 19:51:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic [2010-06-21 19:46:18 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software [2010-06-21 19:46:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-06-21 19:29:47 | 000,050,688 | ---- | C] (Grupa robocza Twain) -- C:\WINDOWS\twain_32.dll [2010-06-21 19:00:24 | 000,000,000 | ---D | C] -- C:\000e55a71bd05f0e73 [2010-06-21 18:17:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles [2010-06-21 18:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome [2010-06-21 18:07:56 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$ [2010-06-20 22:23:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Macromedia [2010-06-20 22:14:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Opera [2010-06-20 22:14:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Opera [2010-06-20 22:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2010-06-20 22:02:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits [2010-06-20 21:57:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution [2010-06-20 21:05:25 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user\UserData [2010-06-20 20:06:49 | 001,074,896 | ---- | C] (C. Ghisler & Co.) -- C:\Documents and Settings\user\Pulpit\TOTALCMD.EXE [2010-06-20 20:04:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit\Moje Koffane!!! [2010-06-20 20:03:46 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2010-06-20 17:04:53 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user\Cookies [2010-06-20 17:04:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\InterTrust [2010-06-20 17:04:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Identities [2010-06-20 17:04:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Adobe [2010-06-20 17:04:52 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user\Dane aplikacji\Microsoft [2010-06-20 17:04:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\SendTo [2010-06-20 17:04:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent [2010-06-20 17:04:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Dane aplikacji [2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Ulubione [2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Moje obrazy [2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty [2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Moja muzyka [2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Menu Start [2010-06-20 17:04:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\Ustawienia lokalne [2010-06-20 17:04:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\Szablony [2010-06-20 17:04:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\PrintHood [2010-06-20 17:04:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\NetHood [2010-06-20 17:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Symantec [2010-06-20 17:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit [2010-06-20 17:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\My eBooks [2010-06-20 17:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-06-19 22:26:44 | 000,078,048 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\drvmcdb.sys [2010-06-19 22:26:44 | 000,040,096 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\drvnddm.sys [2010-06-19 22:26:44 | 000,005,589 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\sscdbhk5.sys [2010-06-19 22:26:43 | 000,098,354 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\dla.exe [2010-06-19 22:26:43 | 000,061,494 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\tfswapi.dll [2010-06-19 22:26:43 | 000,022,963 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\ssrtln.sys [2010-06-19 22:26:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dla [2010-06-19 22:26:42 | 000,000,000 | ---D | C] -- C:\Program Files\HP DLA [2010-06-19 22:26:32 | 000,000,000 | ---D | C] -- C:\Program Files\HP RecordNow [2010-06-19 22:26:06 | 000,000,000 | ---D | C] -- C:\Program Files\InterVideo [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color="#e56717"]========== Files - Modified Within 60 Days ==========[/color] [2010-07-03 17:08:07 | 001,048,576 | -H-- | M] () -- C:\Documents and Settings\user\NTUSER.DAT [2010-07-03 16:44:00 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-07-03 16:21:47 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-07-03 14:59:23 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-07-03 14:59:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-07-03 14:59:15 | 266,915,840 | -HS- | M] () -- C:\hiberfil.sys [2010-07-03 14:57:25 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\user\ntuser.ini [2010-07-03 14:29:44 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\OTL.exe [2010-07-03 14:28:17 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-07-03 13:36:51 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-06-25 21:20:31 | 003,223,142 | -H-- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-06-23 15:32:39 | 000,009,728 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-06-22 15:54:12 | 000,001,692 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\PC Tools AntiVirus Free.lnk [2010-06-22 15:19:51 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2010-06-22 07:29:05 | 000,148,400 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-06-21 23:19:10 | 000,028,264 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-06-21 22:32:45 | 000,763,814 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-06-21 22:32:45 | 000,356,068 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-06-21 22:32:45 | 000,311,938 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-06-21 22:32:45 | 000,049,910 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-06-21 22:32:45 | 000,040,326 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-06-21 22:29:17 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2010-06-21 22:28:30 | 000,000,519 | ---- | M] () -- C:\WINDOWS\win.ini [2010-06-21 22:17:55 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2010-06-21 21:57:20 | 000,047,564 | ---- | M] () -- C:\ntdetect.com [2010-06-21 21:57:19 | 000,251,152 | ---- | M] () -- C:\ntldr [2010-06-20 22:14:25 | 000,000,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2010-06-20 20:07:38 | 000,000,313 | ---- | M] () -- C:\WINDOWS\WINCMD.INI [2010-06-19 22:26:44 | 000,000,132 | ---- | M] () -- C:\WINDOWS\wininit.ini [2010-06-19 22:26:13 | 000,001,667 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\InterVideo WinDVD.lnk [2010-06-19 22:24:46 | 000,001,182 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2010-06-19 22:24:42 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\NTUSER.DAT [2010-06-19 22:18:29 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini [2010-06-18 17:00:16 | 000,149,456 | ---- | M] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll [2010-06-18 17:00:12 | 001,435,600 | ---- | M] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll [2010-06-18 17:00:12 | 000,264,144 | ---- | M] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll [2010-06-18 17:00:02 | 000,767,952 | ---- | M] () -- C:\WINDOWS\BDTSupport.dll [2010-05-10 14:14:18 | 000,000,192 | ---- | M] () -- C:\WINDOWS\UDB.zip [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color="#e56717"]========== Files Created - No Company Name ==========[/color] [2010-06-23 14:06:43 | 000,206,768 | R--- | C] () -- C:\WINDOWS\System32\hp1022.img [2010-06-23 14:06:43 | 000,128,612 | R--- | C] () -- C:\WINDOWS\System32\hp1020.img [2010-06-23 14:06:42 | 000,574,100 | R--- | C] () -- C:\WINDOWS\System32\hp1022n.img [2010-06-23 14:06:42 | 000,397,312 | R--- | C] () -- C:\WINDOWS\System32\zshp1020.exe [2010-06-23 14:06:42 | 000,106,496 | R--- | C] () -- C:\WINDOWS\System32\vshp1020.dll [2010-06-23 14:06:41 | 000,007,578 | R--- | C] () -- C:\WINDOWS\System32\ZSHP1020.HLP [2010-06-22 22:30:19 | 000,009,728 | ---- | C] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-06-22 15:54:51 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll [2010-06-22 15:54:50 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml [2010-06-22 15:54:50 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml [2010-06-22 15:54:50 | 000,000,192 | ---- | C] () -- C:\WINDOWS\UDB.zip [2010-06-22 15:54:50 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip [2010-06-22 15:54:36 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat [2010-06-22 15:54:21 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat [2010-06-22 15:54:21 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat [2010-06-22 15:54:12 | 000,001,692 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\PC Tools AntiVirus Free.lnk [2010-06-22 15:53:55 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat [2010-06-22 07:39:55 | 000,001,032 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-06-22 07:39:54 | 000,001,028 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-06-21 22:28:22 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx [2010-06-21 22:10:47 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta [2010-06-21 22:10:47 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css [2010-06-21 22:10:47 | 000,001,714 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf [2010-06-21 22:10:47 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js [2010-06-21 22:10:46 | 000,693,932 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm [2010-06-21 22:10:46 | 000,071,460 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm [2010-06-21 22:10:46 | 000,027,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm [2010-06-21 22:10:45 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav [2010-06-21 22:10:45 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav [2010-06-21 22:10:45 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav [2010-06-21 22:10:45 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav [2010-06-21 22:10:45 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav [2010-06-21 22:10:45 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav [2010-06-21 22:10:45 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav [2010-06-21 22:10:45 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav [2010-06-21 22:10:44 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav [2010-06-21 22:10:44 | 000,058,350 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf [2010-06-21 22:10:43 | 000,034,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf [2010-06-21 22:10:43 | 000,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf [2010-06-21 22:10:43 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif [2010-06-21 22:10:43 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif [2010-06-21 22:10:43 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif [2010-06-21 22:10:43 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif [2010-06-21 22:10:43 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif [2010-06-21 22:10:43 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif [2010-06-21 22:10:43 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif [2010-06-21 22:10:42 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv [2010-06-21 22:10:42 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif [2010-06-21 22:10:42 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif [2010-06-21 22:10:42 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif [2010-06-21 22:10:42 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif [2010-06-21 22:10:42 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif [2010-06-21 22:10:42 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js [2010-06-21 22:10:42 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif [2010-06-21 22:10:42 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif [2010-06-21 22:10:42 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif [2010-06-21 22:10:42 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif [2010-06-21 22:10:42 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif [2010-06-21 22:10:42 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif [2010-06-21 22:10:42 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif [2010-06-21 22:10:42 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif [2010-06-21 22:10:41 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv [2010-06-21 22:10:41 | 000,089,253 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm [2010-06-21 22:10:41 | 000,066,160 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz [2010-06-21 22:10:41 | 000,001,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf [2010-06-21 22:10:41 | 000,001,482 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl [2010-06-21 22:10:41 | 000,001,479 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl [2010-06-21 22:10:41 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl [2010-06-21 22:10:41 | 000,001,471 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl [2010-06-21 22:10:41 | 000,001,463 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl [2010-06-21 22:10:41 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm [2010-06-21 22:10:41 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl [2010-06-21 22:10:41 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl [2010-06-21 22:10:41 | 000,001,041 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl [2010-06-21 22:10:41 | 000,000,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl [2010-06-21 22:10:41 | 000,000,822 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl [2010-06-21 22:10:41 | 000,000,808 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl [2010-06-21 22:10:41 | 000,000,792 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl [2010-06-21 22:10:41 | 000,000,786 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl [2010-06-21 22:10:41 | 000,000,738 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl [2010-06-21 22:10:40 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv [2010-06-21 22:10:40 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip [2010-06-21 22:10:40 | 000,001,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl [2010-06-21 22:10:40 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip [2010-06-21 22:10:39 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp [2010-06-21 22:10:39 | 000,036,644 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf [2010-06-21 22:10:39 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif [2010-06-21 22:10:39 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif [2010-06-21 22:10:39 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt [2010-06-21 22:10:38 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv [2010-06-21 22:10:38 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js [2010-06-21 22:10:37 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv [2010-06-21 22:10:37 | 000,184,137 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz [2010-06-21 22:10:37 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css [2010-06-21 22:10:37 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm [2010-06-21 22:10:37 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js [2010-06-21 22:10:37 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif [2010-06-21 22:10:37 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif [2010-06-21 22:10:37 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif [2010-06-21 22:10:37 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif [2010-06-21 22:10:37 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif [2010-06-21 22:10:36 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif [2010-06-21 22:10:24 | 000,239,616 | ---- | C] () -- C:\WINDOWS\System32\wstrenderer.ax [2010-06-21 22:10:24 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\wstpager.ax [2010-06-21 22:10:24 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\vbicodec.ax [2010-06-21 22:09:59 | 000,118,272 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax [2010-06-21 21:58:03 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod [2010-06-21 21:58:02 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty [2010-06-21 19:35:53 | 000,046,306 | ---- | C] () -- C:\WINDOWS\System32\ieuinit.inf [2010-06-21 19:28:59 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2010-06-21 19:28:48 | 000,053,920 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe [2010-06-21 19:28:17 | 000,956,990 | ---- | C] () -- C:\WINDOWS\System32\instcat.sql [2010-06-21 19:27:46 | 000,148,992 | ---- | C] () -- C:\WINDOWS\System32\mpg2splt.ax [2010-06-21 19:27:03 | 000,004,310 | ---- | C] () -- C:\WINDOWS\System32\odbcconf.rsp [2010-06-21 19:26:44 | 000,003,346 | ---- | C] () -- C:\WINDOWS\System32\redir.exe [2010-06-21 19:26:02 | 001,356,288 | ---- | C] () -- C:\WINDOWS\System32\webfldrs.msi [2010-06-21 19:25:20 | 000,265,948 | ---- | C] () -- C:\WINDOWS\System32\locale.nls [2010-06-21 19:25:07 | 000,023,044 | ---- | C] () -- C:\WINDOWS\System32\sorttbls.nls [2010-06-21 19:24:38 | 000,047,564 | ---- | C] () -- C:\ntdetect.com [2010-06-21 19:24:37 | 000,251,152 | ---- | C] () -- C:\ntldr [2010-06-21 18:17:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls [2010-06-20 22:14:25 | 000,000,602 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2010-06-20 20:07:12 | 000,000,313 | ---- | C] () -- C:\WINDOWS\WINCMD.INI [2010-06-20 17:04:52 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\user\ntuser.ini [2010-06-20 17:04:51 | 001,048,576 | -H-- | C] () -- C:\Documents and Settings\user\NTUSER.DAT [2010-06-20 17:04:51 | 000,032,768 | -H-- | C] () -- C:\Documents and Settings\user\ntuser.dat.LOG [2010-06-19 22:26:43 | 000,000,132 | ---- | C] () -- C:\WINDOWS\wininit.ini [2010-06-19 22:26:12 | 000,001,667 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\InterVideo WinDVD.lnk [2010-06-19 22:24:41 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT [2010-06-19 22:24:41 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT.LOG [2010-06-19 22:24:35 | 000,001,805 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\MSN Explorer.lnk [2002-06-14 14:25:13 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2002-06-14 14:00:40 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll [2002-03-06 17:01:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2001-08-31 15:33:58 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\VxDMDcDlg.dll [1980-01-01 00:00:00 | 000,406,775 | ---- | C] () -- C:\WINDOWS\System32\ati3duag.dll [1980-01-01 00:00:00 | 000,000,988 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [color="#e56717"]========== LOP Check ==========[/color] [2002-06-14 14:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\InterTrust [2010-06-21 19:46:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-07-03 16:24:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2002-06-14 14:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\InterTrust [2010-06-23 13:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Opera [2002-06-14 14:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\InterTrust [2010-06-20 22:14:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Opera [color="#e56717"]========== Purity Check ==========[/color] [color="#e56717"]========== Custom Scans ==========[/color] [color="#a23bec"]< %systemdrive%\*.* >[/color] [2002-06-14 13:49:20 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-06-21 22:17:55 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2001-10-30 04:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2002-06-14 13:24:20 | 000,000,084 | -HS- | M] () -- C:\BOOTLOG.TXT [2002-06-14 13:49:20 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2002-03-12 18:13:58 | 000,065,271 | RHS- | M] () -- C:\DRVSPACE.BIN [2010-07-03 14:59:15 | 266,915,840 | -HS- | M] () -- C:\hiberfil.sys [1999-11-09 13:02:34 | 000,000,497 | ---- | M] () -- C:\HPSUPPT.TXT [2002-06-14 13:50:30 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2002-06-14 13:50:30 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010-06-21 21:57:20 | 000,047,564 | ---- | M] () -- C:\ntdetect.com [2010-06-21 21:57:19 | 000,251,152 | ---- | M] () -- C:\ntldr [2010-07-03 14:59:13 | 402,653,184 | -HS- | M] () -- C:\pagefile.sys [2002-06-14 13:56:36 | 000,000,098 | RH-- | M] () -- C:\version.inf [2001-10-30 04:00:00 | 000,000,010 | ---- | M] () -- C:\WIN51 [2001-10-30 04:00:00 | 000,000,010 | ---- | M] () -- C:\WIN51IP [color="#a23bec"]< MD5 for: AGP440.SYS >[/color] [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\000e55a71bd05f0e73\i386\sp3.cab:agp440.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys [2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [2001-08-17 21:58:00 | 000,025,472 | ---- | M] (Microsoft Corporation) MD5=65880045C51AA36184841CEE915A61DF -- C:\WINDOWS\SoftwareDistribution\Download\43ab4310d3c682d7f669ad4db86a272d\backup\agp440.sys [color="#a23bec"]< MD5 for: ATAPI.SYS >[/color] [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\000e55a71bd05f0e73\i386\sp3.cab:atapi.sys [2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp1.cab:atapi.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2002-08-29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\43ab4310d3c682d7f669ad4db86a272d\backup\atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [color="#a23bec"]< MD5 for: BEEP.SYS >[/color] [2001-10-30 04:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color="#a23bec"]< MD5 for: CDROM.SYS >[/color] [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\000e55a71bd05f0e73\i386\sp3.cab:cdrom.sys [2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp1.cab:cdrom.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\43ab4310d3c682d7f669ad4db86a272d\backup\cdrom.sys [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2002-08-29 01:27:56 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=6506E033AD04CFEC9EE56DBEFD1083DD -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [color="#a23bec"]< MD5 for: EVENTLOG.DLL >[/color] [2002-09-20 18:03:48 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=29B2476DBB81A31473F76DD2E0B9360C -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color="#a23bec"]< MD5 for: NDIS.SYS >[/color] [2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [2002-08-29 02:09:26 | 000,167,552 | ---- | M] (Microsoft Corporation) MD5=3B350E5A2A5E951453F3993275A4523A -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color="#a23bec"]< MD5 for: WINLOGON.EXE >[/color] [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe [2002-02-21 11:48:30 | 000,431,616 | ---- | M] (Microsoft Corporation) MD5=84ABBAB7802780D90AC79C0FE8584ECD -- C:\I386\WINLOGON.EXE [2002-09-20 18:05:50 | 000,519,168 | ---- | M] (Microsoft Corporation) MD5=8B6E6BB5D451F8BBC0621203B687D993 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [color="#e56717"]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 156 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2 @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:A8ADE5D8 @Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:430C6D84 < End of report > [/log]
Tomek01 komentarz 3 lipca 2010 komentarz 3 lipca 2010 Co do otwierania moich dokumentów, wygląda to na infekcję z mediów przenośnych. Zastosuj [b][color=#0000CD][url=http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe]Flash Disinfector[/url][/color][/b], najlepiej z podpiętym pendrive'm. Następnie załącz dodatkowo log [url="http://images.malwareremoval.com/random/RSIT.exe"][b][color="#0000FF"]R[/color]andom's [color="#0000FF"]S[/color]ystem [color="#0000FF"]I[/color]nformation [color="#0000FF"]T[/color]ool[/b][/url]
gosia1995 komentarz 4 lipca 2010 Autor komentarz 4 lipca 2010 załączam loga z RSIT [log]Logfile of random's system information tool 1.07 (written by random/random) Run by user at 2010-07-04 12:58:25 Microsoft Windows XP Professional Dodatek Service Pack 3 System drive C: has 18 GB (62%) free of 29 GB Total RAM: 254 MB (20% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:59:54, on 2010-07-04 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\Ati2evxx.exe C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe C:\WINDOWS\system32\carpserv.exe C:\WINDOWS\system32\atiptaxx.exe C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\PC Tools Security\pctsTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\HPConfig.exe C:\WINDOWS\system32\RadioSvr.exe C:\Program Files\PC Tools Security\pctsAuxs.exe C:\Program Files\PC Tools Security\pctsSvc.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\user\Moje dokumenty\Pobieranie\RSIT.exe C:\Program Files\trend micro\user.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll F2 - REG:system.ini: UserInit=userinit.exe,EXPLORER.EXE O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll O4 - HKLM\..\Run: [CARPService] carpserv.exe O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe O4 - HKLM\..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe /RK O4 - HKLM\..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe /s O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE O4 - HKLM\..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe -r O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [ISTray] "C:\Program Files\PC Tools Security\pctsTray.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [wsctf.exe] wsctf.exe O4 - HKCU\..\Run: [EXPLORER.EXE] EXPLORER.EXE O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com/info/homepage-o O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1277063856334 O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe O23 - Service: Usługa Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe O23 - Service: HP RF Device Service (HpRfDev) - Hewlett-Packard - C:\WINDOWS\system32\HpRfDev.exe O23 - Service: RadioSvr - Hewlett-Packard - C:\WINDOWS\system32\RadioSvr.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\PC Tools Security\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\PC Tools Security\pctsSvc.exe -- End of file - 6208 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-03-02 37808] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}] PC Tools Browser Guard BHO - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll [2010-06-18 632784] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {472734EA-242A-422B-ADF8-83D1E48CC825} - PC Tools Browser Guard - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll [2010-06-18 632784] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "CARPService"=C:\WINDOWS\system32\carpserv.exe [2002-03-27 4608] "ATIModeChange"=C:\WINDOWS\system32\Ati2mdxx.exe [2002-04-22 28672] "AtiPTA"=C:\WINDOWS\system32\atiptaxx.exe [2002-04-22 282624] "HP TV Now"=C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe [2002-04-30 237568] "HP Display Settings"=C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe [2002-03-07 61440] "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2002-04-12 126976] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2002-04-12 536576] "QT4HPOT"=C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE [2002-04-20 77824] "HP Presentation Ready"=C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe [2002-04-26 77824] "dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2002-03-14 102455] "ISTray"=C:\Program Files\PC Tools Security\pctsTray.exe [2010-05-11 1287120] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] "wsctf.exe"=wsctf.exe [] "EXPLORER.EXE"=C:\WINDOWS\EXPLORER.EXE [2008-04-14 1035264] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=36 "NoDriveAutoRun"=0xFFFFFFFF [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote" "C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" ======List of files/folders created in the last 3 months====== 2010-07-04 12:58:27 ----D---- C:\Program Files\trend micro 2010-07-04 12:58:25 ----D---- C:\rsit 2010-07-04 12:57:32 ----RASHD---- C:\autorun.inf 2010-07-04 12:37:37 ----D---- C:\WINDOWS\LastGood 2010-07-04 11:09:09 ----SHD---- C:\Config.Msi 2010-07-04 10:06:43 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$ 2010-07-04 10:06:29 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2010-07-04 10:06:15 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$ 2010-07-04 10:05:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$ 2010-07-04 10:05:44 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$ 2010-07-04 10:05:31 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ 2010-07-04 10:05:17 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$ 2010-07-04 10:04:59 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$ 2010-07-04 10:04:43 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$ 2010-07-04 10:04:31 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$ 2010-07-04 10:04:18 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$ 2010-07-04 10:04:05 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$ 2010-07-04 10:03:46 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$ 2010-07-04 10:03:32 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$ 2010-07-04 10:03:17 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2010-07-04 10:03:01 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2010-07-04 10:01:47 ----HDC---- C:\WINDOWS\$NtUninstallKB982381$ 2010-07-04 10:01:32 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$ 2010-07-04 10:00:42 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$ 2010-07-03 23:38:16 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\MSN6 2010-07-03 23:38:13 ----D---- C:\Documents and Settings\user\Dane aplikacji\MSN6 2010-07-03 22:27:24 ----D---- C:\Documents and Settings\user\Dane aplikacji\Mozilla 2010-07-03 21:25:39 ----D---- C:\Program Files\Mozilla Firefox 2010-07-03 14:28:45 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$ 2010-07-03 14:27:47 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$ 2010-07-03 14:26:18 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2010-07-03 14:22:56 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$ 2010-07-03 14:16:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$ 2010-07-03 14:13:47 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$ 2010-07-03 14:07:35 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2010-07-03 13:59:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2010-06-25 20:27:42 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$ 2010-06-25 20:24:59 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2010-06-25 20:22:19 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$ 2010-06-24 21:48:59 ----A---- C:\WINDOWS\system32\browserchoice.exe 2010-06-23 19:25:24 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$ 2010-06-23 19:24:44 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$ 2010-06-23 15:58:44 ----D---- C:\WINDOWS\system32\PreInstall 2010-06-23 15:58:40 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$ 2010-06-23 15:58:39 ----HD---- C:\WINDOWS\$hf_mig$ 2010-06-23 14:06:53 ----RA---- C:\WINDOWS\apptune1020.exe 2010-06-23 14:06:44 ----A---- C:\WINDOWS\system32\ZTAG32.DLL 2010-06-23 14:06:44 ----A---- C:\WINDOWS\system32\ZSPOOL.DLL 2010-06-23 14:06:44 ----A---- C:\WINDOWS\system32\ZLhp1020.dll 2010-06-23 14:06:44 ----A---- C:\WINDOWS\system32\IMF32.DLL 2010-06-23 14:06:43 ----A---- C:\WINDOWS\system32\zlm.dll 2010-06-23 14:06:42 ----RA---- C:\WINDOWS\system32\zshp1020.exe 2010-06-23 14:06:42 ----RA---- C:\WINDOWS\system32\vshp1020.dll 2010-06-23 14:06:31 ----HD---- C:\Program Files\Zenographics 2010-06-22 22:17:35 ----D---- C:\Program Files\7-Zip 2010-06-22 20:15:24 ----D---- C:\WINDOWS\system32\appmgmt 2010-06-22 15:54:51 ----A---- C:\WINDOWS\BDTSupport.dll 2010-06-22 15:54:50 ----A---- C:\WINDOWS\SGDetectionTool.dll 2010-06-22 15:54:49 ----A---- C:\WINDOWS\PCTBDRes.dll 2010-06-22 15:54:49 ----A---- C:\WINDOWS\PCTBDCore.dll 2010-06-22 15:53:19 ----D---- C:\Program Files\Common Files\PC Tools 2010-06-22 15:53:19 ----D---- C:\Documents and Settings\user\Dane aplikacji\PC Tools 2010-06-22 15:53:19 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\PC Tools 2010-06-22 15:53:18 ----D---- C:\Program Files\PC Tools Security 2010-06-22 07:39:33 ----D---- C:\Program Files\Google 2010-06-21 23:32:12 ----A---- C:\WINDOWS\system32\muweb.dll 2010-06-21 23:32:12 ----A---- C:\WINDOWS\system32\mucltui.dll.mui 2010-06-21 23:32:11 ----A---- C:\WINDOWS\system32\mucltui.dll 2010-06-21 23:31:26 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2010-06-21 23:13:45 ----A---- C:\WINDOWS\system32\msonpmon.dll 2010-06-21 23:07:50 ----D---- C:\Program Files\Microsoft Works 2010-06-21 23:06:36 ----D---- C:\Program Files\Common Files\DESIGNER 2010-06-21 22:58:10 ----D---- C:\WINDOWS\SHELLNEW 2010-06-21 22:56:32 ----D---- C:\Program Files\Microsoft Office 2010-06-21 22:56:27 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help 2010-06-21 22:52:33 ----RHD---- C:\MSOCache 2010-06-21 22:26:16 ----D---- C:\WINDOWS\Prefetch 2010-06-21 22:10:52 ----N---- C:\WINDOWS\system32\msxml6r.dll 2010-06-21 22:10:51 ----N---- C:\WINDOWS\system32\msxml6.dll 2010-06-21 22:10:36 ----N---- C:\WINDOWS\system32\wmvdmoe2.dll 2010-06-21 22:10:35 ----N---- C:\WINDOWS\system32\wmspdmoe.dll 2010-06-21 22:10:35 ----N---- C:\WINDOWS\system32\wmspdmod.dll 2010-06-21 22:10:35 ----N---- C:\WINDOWS\system32\wmsdmoe2.dll 2010-06-21 22:10:34 ----N---- C:\WINDOWS\system32\wmpdxm.dll 2010-06-21 22:10:33 ----N---- C:\WINDOWS\system32\wmpasf.dll 2010-06-21 22:10:33 ----A---- C:\WINDOWS\system32\wmp.dll 2010-06-21 22:10:32 ----N---- C:\WINDOWS\system32\wmidx.dll 2010-06-21 22:10:32 ----N---- C:\WINDOWS\system32\wmerror.dll 2010-06-21 22:10:31 ----N---- C:\WINDOWS\system32\mspmsnsv.dll 2010-06-21 22:10:30 ----N---- C:\WINDOWS\system32\mp4sdmod.dll 2010-06-21 22:10:30 ----N---- C:\WINDOWS\system32\mp43dmod.dll 2010-06-21 22:10:24 ----N---- C:\WINDOWS\system32\comsdupd.exe 2010-06-21 22:10:12 ----N---- C:\WINDOWS\system32\aaclient.dll 2010-06-21 22:10:11 ----N---- C:\WINDOWS\system32\ativvaxx.dll 2010-06-21 22:10:11 ----N---- C:\WINDOWS\system32\ativtmxx.dll 2010-06-21 22:10:11 ----N---- C:\WINDOWS\system32\ati2cqag.dll 2010-06-21 22:10:10 ----N---- C:\WINDOWS\system32\credssp.dll 2010-06-21 22:10:10 ----N---- C:\WINDOWS\system32\cmsetacl.dll 2010-06-21 22:10:10 ----N---- C:\WINDOWS\system32\btpanui.dll 2010-06-21 22:10:10 ----N---- C:\WINDOWS\system32\bthserv.dll 2010-06-21 22:10:10 ----N---- C:\WINDOWS\system32\bthci.dll 2010-06-21 22:10:10 ----N---- C:\WINDOWS\system32\blastcln.exe 2010-06-21 22:10:10 ----N---- C:\WINDOWS\system32\bitsprx4.dll 2010-06-21 22:10:10 ----N---- C:\WINDOWS\system32\azroles.dll 2010-06-21 22:10:10 ----N---- C:\WINDOWS\system32\auditusr.exe 2010-06-21 22:10:09 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll 2010-06-21 22:10:09 ----N---- C:\WINDOWS\system32\dot3dlg.dll 2010-06-21 22:10:09 ----N---- C:\WINDOWS\system32\dot3cfg.dll 2010-06-21 22:10:09 ----N---- C:\WINDOWS\system32\dot3api.dll 2010-06-21 22:10:09 ----N---- C:\WINDOWS\system32\dimsroam.dll 2010-06-21 22:10:09 ----N---- C:\WINDOWS\system32\dimsntfy.dll 2010-06-21 22:10:09 ----N---- C:\WINDOWS\system32\dhcpqec.dll 2010-06-21 22:10:09 ----N---- C:\WINDOWS\system32\d3d9.dll 2010-06-21 22:10:08 ----N---- C:\WINDOWS\system32\dot3ui.dll 2010-06-21 22:10:08 ----N---- C:\WINDOWS\system32\dot3svc.dll 2010-06-21 22:10:08 ----N---- C:\WINDOWS\system32\dot3msm.dll 2010-06-21 22:10:07 ----N---- C:\WINDOWS\system32\eapsvc.dll 2010-06-21 22:10:07 ----N---- C:\WINDOWS\system32\eapqec.dll 2010-06-21 22:10:07 ----N---- C:\WINDOWS\system32\eappprxy.dll 2010-06-21 22:10:07 ----N---- C:\WINDOWS\system32\eapphost.dll 2010-06-21 22:10:07 ----N---- C:\WINDOWS\system32\eappgnui.dll 2010-06-21 22:10:07 ----N---- C:\WINDOWS\system32\eappcfg.dll 2010-06-21 22:10:07 ----N---- C:\WINDOWS\system32\eapp3hst.dll 2010-06-21 22:10:07 ----N---- C:\WINDOWS\system32\eapolqec.dll 2010-06-21 22:10:07 ----N---- C:\WINDOWS\system32\dxdiagn.dll 2010-06-21 22:10:06 ----N---- C:\WINDOWS\system32\fltmc.exe 2010-06-21 22:10:06 ----N---- C:\WINDOWS\system32\fltlib.dll 2010-06-21 22:10:06 ----N---- C:\WINDOWS\system32\extmgr.dll 2010-06-21 22:10:05 ----N---- C:\WINDOWS\system32\httpapi.dll 2010-06-21 22:10:05 ----N---- C:\WINDOWS\system32\hsfcisp2.dll 2010-06-21 22:10:05 ----N---- C:\WINDOWS\system32\fwcfg.dll 2010-06-21 22:10:05 ----N---- C:\WINDOWS\system32\fsquirt.exe 2010-06-21 22:10:04 ----N---- C:\WINDOWS\system32\ieencode.dll 2010-06-21 22:10:02 ----N---- C:\WINDOWS\system32\kbdnepr.dll 2010-06-21 22:10:02 ----N---- C:\WINDOWS\system32\kbdmlt48.dll 2010-06-21 22:10:02 ----N---- C:\WINDOWS\system32\kbdmlt47.dll 2010-06-21 22:10:02 ----N---- C:\WINDOWS\system32\kbdmaori.dll 2010-06-21 22:10:02 ----N---- C:\WINDOWS\system32\kbdiultn.dll 2010-06-21 22:10:02 ----N---- C:\WINDOWS\system32\kbdinmal.dll 2010-06-21 22:10:02 ----N---- C:\WINDOWS\system32\kbdinben.dll 2010-06-21 22:10:02 ----N---- C:\WINDOWS\system32\kbdinbe1.dll 2010-06-21 22:10:02 ----N---- C:\WINDOWS\system32\kbdfi1.dll 2010-06-21 22:10:02 ----N---- C:\WINDOWS\system32\kbdbhc.dll 2010-06-21 22:10:01 ----N---- C:\WINDOWS\system32\l2gpstore.dll 2010-06-21 22:10:01 ----N---- C:\WINDOWS\system32\kmsvc.dll 2010-06-21 22:10:01 ----N---- C:\WINDOWS\system32\kbdukx.dll 2010-06-21 22:10:01 ----N---- C:\WINDOWS\system32\kbdsmsno.dll 2010-06-21 22:10:01 ----N---- C:\WINDOWS\system32\kbdsmsfi.dll 2010-06-21 22:10:01 ----N---- C:\WINDOWS\system32\kbdpash.dll 2010-06-21 22:10:01 ----N---- C:\WINDOWS\system32\kbdno1.dll 2010-06-21 22:10:00 ----N---- C:\WINDOWS\system32\mmcperf.exe 2010-06-21 22:10:00 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll 2010-06-21 22:10:00 ----N---- C:\WINDOWS\system32\mmcex.dll 2010-06-21 22:10:00 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll 2010-06-21 22:09:59 ----N---- C:\WINDOWS\system32\mtxparhd.dll 2010-06-21 22:09:59 ----N---- C:\WINDOWS\system32\msshavmsg.dll 2010-06-21 22:09:59 ----N---- C:\WINDOWS\system32\mssha.dll 2010-06-21 22:09:59 ----N---- C:\WINDOWS\system32\msdadiag.dll 2010-06-21 22:09:58 ----N---- C:\WINDOWS\system32\napstat.exe 2010-06-21 22:09:58 ----N---- C:\WINDOWS\system32\napmontr.dll 2010-06-21 22:09:58 ----N---- C:\WINDOWS\system32\napipsec.dll 2010-06-21 22:09:57 ----N---- C:\WINDOWS\system32\powercfg.exe 2010-06-21 22:09:57 ----N---- C:\WINDOWS\system32\pnrpnsp.dll 2010-06-21 22:09:57 ----N---- C:\WINDOWS\system32\photometadatahandler.dll 2010-06-21 22:09:57 ----N---- C:\WINDOWS\system32\p2psvc.dll 2010-06-21 22:09:57 ----N---- C:\WINDOWS\system32\p2pnetsh.dll 2010-06-21 22:09:57 ----N---- C:\WINDOWS\system32\p2pgraph.dll 2010-06-21 22:09:57 ----N---- C:\WINDOWS\system32\p2pgasvc.dll 2010-06-21 22:09:57 ----N---- C:\WINDOWS\system32\p2p.dll 2010-06-21 22:09:57 ----N---- C:\WINDOWS\system32\onex.dll 2010-06-21 22:09:56 ----N---- C:\WINDOWS\system32\s3gnb.dll 2010-06-21 22:09:56 ----N---- C:\WINDOWS\system32\rhttpaa.dll 2010-06-21 22:09:56 ----N---- C:\WINDOWS\system32\rasqec.dll 2010-06-21 22:09:56 ----N---- C:\WINDOWS\system32\qutil.dll 2010-06-21 22:09:56 ----N---- C:\WINDOWS\system32\qcliprov.dll 2010-06-21 22:09:56 ----N---- C:\WINDOWS\system32\qagentrt.dll 2010-06-21 22:09:56 ----N---- C:\WINDOWS\system32\qagent.dll 2010-06-21 22:09:55 ----N---- C:\WINDOWS\system32\smbinst.exe 2010-06-21 22:09:55 ----N---- C:\WINDOWS\system32\slserv.exe 2010-06-21 22:09:55 ----N---- C:\WINDOWS\system32\slrundll.exe 2010-06-21 22:09:55 ----N---- C:\WINDOWS\system32\slgen.dll 2010-06-21 22:09:55 ----N---- C:\WINDOWS\system32\slextspk.dll 2010-06-21 22:09:55 ----N---- C:\WINDOWS\system32\slcoinst.dll 2010-06-21 22:09:55 ----N---- C:\WINDOWS\system32\setupn.exe 2010-06-21 22:09:55 ----N---- C:\WINDOWS\system32\sdhcinst.dll 2010-06-21 22:09:54 ----N---- C:\WINDOWS\system32\xpsp3res.dll 2010-06-21 22:09:54 ----N---- C:\WINDOWS\system32\xpsp2res.dll 2010-06-21 22:09:54 ----N---- C:\WINDOWS\system32\twext.dll 2010-06-21 22:09:54 ----N---- C:\WINDOWS\system32\tspkg.dll 2010-06-21 22:09:54 ----N---- C:\WINDOWS\system32\tsgqec.dll 2010-06-21 22:09:54 ----N---- C:\WINDOWS\system32\strmfilt.dll 2010-06-21 22:09:53 ----N---- C:\WINDOWS\system32\windowscodecsext.dll 2010-06-21 22:09:53 ----N---- C:\WINDOWS\system32\windowscodecs.dll 2010-06-21 22:09:53 ----N---- C:\WINDOWS\system32\w3ssl.dll 2010-06-21 22:09:53 ----N---- C:\WINDOWS\system32\verclsid.exe 2010-06-21 22:09:53 ----N---- C:\WINDOWS\system32\tzchange.exe 2010-06-21 22:09:52 ----N---- C:\WINDOWS\system32\wshbth.dll 2010-06-21 22:09:52 ----N---- C:\WINDOWS\system32\wscsvc.dll 2010-06-21 22:09:52 ----N---- C:\WINDOWS\system32\wscntfy.exe 2010-06-21 22:09:52 ----N---- C:\WINDOWS\system32\wmphoto.dll 2010-06-21 22:09:52 ----N---- C:\WINDOWS\system32\wlanapi.dll 2010-06-21 22:09:52 ----N---- C:\WINDOWS\system32\winshfhc.dll 2010-06-21 22:09:51 ----N---- C:\WINDOWS\system32\wuaueng1.dll 2010-06-21 22:09:51 ----N---- C:\WINDOWS\system32\wuauclt1.exe 2010-06-21 22:09:50 ----N---- C:\WINDOWS\system32\xmlprovi.dll 2010-06-21 22:09:50 ----N---- C:\WINDOWS\system32\xmlprov.dll 2010-06-21 22:09:50 ----N---- C:\WINDOWS\system32\xmllite.dll 2010-06-21 22:09:50 ----N---- C:\WINDOWS\slrundll.exe 2010-06-21 22:09:49 ----D---- C:\WINDOWS\system32\pl-pl 2010-06-21 22:09:47 ----D---- C:\WINDOWS\provisioning 2010-06-21 22:09:45 ----D---- C:\WINDOWS\l2schemas 2010-06-21 22:09:44 ----D---- C:\WINDOWS\system32\pl 2010-06-21 22:09:43 ----D---- C:\WINDOWS\peernet 2010-06-21 21:54:50 ----A---- C:\WINDOWS\005307_.tmp 2010-06-21 19:51:00 ----D---- C:\WINDOWS\network diagnostic 2010-06-21 19:46:18 ----D---- C:\Program Files\Alwil Software 2010-06-21 19:46:18 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software 2010-06-21 19:40:44 ----A---- C:\WINDOWS\003753_.tmp 2010-06-21 19:39:15 ----A---- C:\WINDOWS\system32\spupdsvc.exe 2010-06-21 19:35:44 ----A---- C:\WINDOWS\system32\secedit.exe 2010-06-21 19:35:41 ----A---- C:\WINDOWS\system32\ir41_qc.dll 2010-06-21 19:35:40 ----A---- C:\WINDOWS\system32\ir41_qcx.dll 2010-06-21 19:35:39 ----A---- C:\WINDOWS\system32\ir50_32.dll 2010-06-21 19:35:38 ----A---- C:\WINDOWS\system32\ir50_qc.dll 2010-06-21 19:35:37 ----A---- C:\WINDOWS\system32\ir50_qcx.dll 2010-06-21 19:35:36 ----A---- C:\WINDOWS\system32\mstscax.dll 2010-06-21 19:35:36 ----A---- C:\WINDOWS\system32\mstsc.exe 2010-06-21 19:35:35 ----A---- C:\WINDOWS\system32\xpob2res.dll 2010-06-21 19:35:34 ----A---- C:\WINDOWS\system32\xpsp1res.dll 2010-06-21 19:35:33 ----A---- C:\WINDOWS\system32\winhttp.dll 2010-06-21 19:34:36 ----A---- C:\WINDOWS\system32\spiisupd.exe 2010-06-21 19:34:36 ----A---- C:\WINDOWS\system32\asr_pfu.exe 2010-06-21 19:34:21 ----A---- C:\WINDOWS\system32\encdec.dll 2010-06-21 19:34:19 ----A---- C:\WINDOWS\system32\dsprpres.dll 2010-06-21 19:34:08 ----A---- C:\WINDOWS\system32\nv4_disp.dll 2010-06-21 19:34:04 ----A---- C:\WINDOWS\system32\ati2dvaa.dll 2010-06-21 19:34:03 ----A---- C:\WINDOWS\system32\msftedit.dll 2010-06-21 19:34:01 ----A---- C:\WINDOWS\system32\sbe.dll 2010-06-21 19:33:57 ----A---- C:\WINDOWS\system32\sbeio.dll 2010-06-21 19:33:52 ----A---- C:\WINDOWS\system32\hccoin.dll 2010-06-21 19:33:48 ----A---- C:\WINDOWS\system32\iuengine.dll 2010-06-21 19:33:45 ----A---- C:\WINDOWS\system32\mssap.dll 2010-06-21 19:33:42 ----A---- C:\WINDOWS\system32\winbrand.dll 2010-06-21 19:33:20 ----A---- C:\WINDOWS\system32\faxpatch.exe 2010-06-21 19:33:17 ----A---- C:\WINDOWS\system32\encapi.dll 2010-06-21 19:33:02 ----A---- C:\WINDOWS\system32\wuauserv.dll 2010-06-21 19:32:54 ----A---- C:\WINDOWS\system32\qmgr.dll 2010-06-21 19:32:51 ----A---- C:\WINDOWS\system32\pidgen.dll 2010-06-21 19:32:51 ----A---- C:\WINDOWS\system32\dpcdll.dll 2010-06-21 19:32:37 ----A---- C:\WINDOWS\system32\bitsprx2.dll 2010-06-21 19:32:32 ----A---- C:\WINDOWS\system32\bitsprx3.dll 2010-06-21 19:32:17 ----A---- C:\WINDOWS\system32\adsnw.dll 2010-06-21 19:32:16 ----A---- C:\WINDOWS\system32\appmgmts.dll 2010-06-21 19:32:15 ----A---- C:\WINDOWS\system32\cipher.exe 2010-06-21 19:32:15 ----A---- C:\WINDOWS\system32\bootcfg.exe 2010-06-21 19:32:15 ----A---- C:\WINDOWS\system32\asr_fmt.exe 2010-06-21 19:32:15 ----A---- C:\WINDOWS\system32\appmgr.dll 2010-06-21 19:32:14 ----A---- C:\WINDOWS\system32\fde.dll 2010-06-21 19:32:14 ----A---- C:\WINDOWS\system32\eventtriggers.exe 2010-06-21 19:32:14 ----A---- C:\WINDOWS\system32\eventcreate.exe 2010-06-21 19:32:14 ----A---- C:\WINDOWS\system32\efsadu.dll 2010-06-21 19:32:14 ----A---- C:\WINDOWS\system32\driverquery.exe 2010-06-21 19:32:13 ----A---- C:\WINDOWS\system32\getmac.exe 2010-06-21 19:32:13 ----A---- C:\WINDOWS\system32\fdeploy.dll 2010-06-21 19:32:12 ----A---- C:\WINDOWS\system32\mqad.dll 2010-06-21 19:32:12 ----A---- C:\WINDOWS\system32\logman.exe 2010-06-21 19:32:12 ----A---- C:\WINDOWS\system32\gptext.dll 2010-06-21 19:32:12 ----A---- C:\WINDOWS\system32\gpresult.exe 2010-06-21 19:32:12 ----A---- C:\WINDOWS\system32\gpedit.dll 2010-06-21 19:32:11 ----A---- C:\WINDOWS\system32\mqoa.dll 2010-06-21 19:32:11 ----A---- C:\WINDOWS\system32\mqlogmgr.dll 2010-06-21 19:32:11 ----A---- C:\WINDOWS\system32\mqise.dll 2010-06-21 19:32:11 ----A---- C:\WINDOWS\system32\mqdscli.dll 2010-06-21 19:32:11 ----A---- C:\WINDOWS\system32\mqbkup.exe 2010-06-21 19:32:09 ----A---- C:\WINDOWS\system32\mqrtdep.dll 2010-06-21 19:32:09 ----A---- C:\WINDOWS\system32\mqrt.dll 2010-06-21 19:32:09 ----A---- C:\WINDOWS\system32\mqqm.dll 2010-06-21 19:32:08 ----A---- C:\WINDOWS\system32\mqsvc.exe 2010-06-21 19:32:08 ----A---- C:\WINDOWS\system32\mqsnap.dll 2010-06-21 19:32:08 ----A---- C:\WINDOWS\system32\mqsec.dll 2010-06-21 19:32:07 ----A---- C:\WINDOWS\system32\mqupgrd.dll 2010-06-21 19:32:07 ----A---- C:\WINDOWS\system32\mqtrig.dll 2010-06-21 19:32:07 ----A---- C:\WINDOWS\system32\mqtgsvc.exe 2010-06-21 19:32:06 ----A---- C:\WINDOWS\system32\ntbackup.exe 2010-06-21 19:32:06 ----A---- C:\WINDOWS\system32\mqutil.dll 2010-06-21 19:32:04 ----A---- C:\WINDOWS\system32\nwwks.dll 2010-06-21 19:32:04 ----A---- C:\WINDOWS\system32\nwapi32.dll 2010-06-21 19:32:03 ----A---- C:\WINDOWS\system32\systeminfo.exe 2010-06-21 19:32:03 ----A---- C:\WINDOWS\system32\schtasks.exe 2010-06-21 19:32:03 ----A---- C:\WINDOWS\system32\rsnotify.exe 2010-06-21 19:32:03 ----A---- C:\WINDOWS\system32\proxycfg.exe 2010-06-21 19:32:03 ----A---- C:\WINDOWS\system32\openfiles.exe 2010-06-21 19:32:02 ----A---- C:\WINDOWS\system32\tasklist.exe 2010-06-21 19:32:02 ----A---- C:\WINDOWS\system32\taskkill.exe 2010-06-21 19:32:01 ----A---- C:\WINDOWS\system32\tlntsvr.exe 2010-06-21 19:32:01 ----A---- C:\WINDOWS\system32\tlntsess.exe 2010-06-21 19:32:01 ----A---- C:\WINDOWS\system32\tlntadmn.exe 2010-06-21 19:32:00 ----A---- C:\WINDOWS\system32\tracerpt.exe 2010-06-21 19:32:00 ----A---- C:\WINDOWS\system32\tlntsvrp.dll 2010-06-21 19:31:59 ----A---- C:\WINDOWS\system32\wsecedit.dll 2010-06-21 19:29:47 ----A---- C:\WINDOWS\twain_32.dll 2010-06-21 19:29:47 ----A---- C:\WINDOWS\regedit.exe 2010-06-21 19:29:47 ----A---- C:\WINDOWS\hh.exe 2010-06-21 19:29:47 ----A---- C:\WINDOWS\explorer.exe 2010-06-21 19:29:46 ----A---- C:\WINDOWS\winhlp32.exe 2010-06-21 19:29:36 ----A---- C:\WINDOWS\system32\6to4svc.dll 2010-06-21 19:29:35 ----A---- C:\WINDOWS\system32\admparse.dll 2010-06-21 19:29:35 ----A---- C:\WINDOWS\system32\actxprxy.dll 2010-06-21 19:29:35 ----A---- C:\WINDOWS\system32\actmovie.exe 2010-06-21 19:29:35 ----A---- C:\WINDOWS\system32\activeds.dll 2010-06-21 19:29:35 ----A---- C:\WINDOWS\system32\aclui.dll 2010-06-21 19:29:35 ----A---- C:\WINDOWS\system32\accwiz.exe 2010-06-21 19:29:34 ----A---- C:\WINDOWS\system32\alrsvc.dll 2010-06-21 19:29:34 ----A---- C:\WINDOWS\system32\alg.exe 2010-06-21 19:29:34 ----A---- C:\WINDOWS\system32\ahui.exe 2010-06-21 19:29:34 ----A---- C:\WINDOWS\system32\advpack.dll 2010-06-21 19:29:34 ----A---- C:\WINDOWS\system32\adsnt.dll 2010-06-21 19:29:34 ----A---- C:\WINDOWS\system32\adsmsext.dll 2010-06-21 19:29:34 ----A---- C:\WINDOWS\system32\adsldpc.dll 2010-06-21 19:29:34 ----A---- C:\WINDOWS\system32\adsldp.dll 2010-06-21 19:29:33 ----A---- C:\WINDOWS\system32\apphelp.dll 2010-06-21 19:29:33 ----A---- C:\WINDOWS\system32\amstream.dll 2010-06-21 19:29:32 ----A---- C:\WINDOWS\system32\at.exe 2010-06-21 19:29:32 ----A---- C:\WINDOWS\system32\asycfilt.dll 2010-06-21 19:29:32 ----A---- C:\WINDOWS\system32\asferror.dll 2010-06-21 19:29:31 ----A---- C:\WINDOWS\system32\atmfd.dll 2010-06-21 19:29:31 ----A---- C:\WINDOWS\system32\atmadm.exe 2010-06-21 19:29:31 ----A---- C:\WINDOWS\system32\atl.dll 2010-06-21 19:29:30 ----A---- C:\WINDOWS\system32\atmlib.dll 2010-06-21 19:29:29 ----A---- C:\WINDOWS\system32\audiosrv.dll 2010-06-21 19:29:29 ----A---- C:\WINDOWS\system32\attrib.exe 2010-06-21 19:29:28 ----A---- C:\WINDOWS\system32\authz.dll 2010-06-21 19:29:27 ----A---- C:\WINDOWS\system32\autofmt.exe 2010-06-21 19:29:25 ----A---- C:\WINDOWS\system32\basesrv.dll 2010-06-21 19:29:25 ----A---- C:\WINDOWS\system32\avifil32.dll 2010-06-21 19:29:25 ----A---- C:\WINDOWS\system32\autolfn.exe 2010-06-21 19:29:24 ----A---- C:\WINDOWS\system32\blackbox.dll 2010-06-21 19:29:24 ----A---- C:\WINDOWS\system32\bidispl.dll 2010-06-21 19:29:24 ----A---- C:\WINDOWS\system32\batt.dll 2010-06-21 19:29:24 ----A---- C:\WINDOWS\system32\batmeter.dll 2010-06-21 19:29:23 ----A---- C:\WINDOWS\system32\browser.dll 2010-06-21 19:29:23 ----A---- C:\WINDOWS\system32\browselc.dll 2010-06-21 19:29:22 ----A---- C:\WINDOWS\system32\cabinet.dll 2010-06-21 19:29:22 ----A---- C:\WINDOWS\system32\browsewm.dll 2010-06-21 19:29:22 ----A---- C:\WINDOWS\system32\browseui.dll 2010-06-21 19:29:21 ----A---- C:\WINDOWS\system32\catsrv.dll 2010-06-21 19:29:21 ----A---- C:\WINDOWS\system32\capesnpn.dll 2010-06-21 19:29:21 ----A---- C:\WINDOWS\system32\camocx.dll 2010-06-21 19:29:21 ----A---- C:\WINDOWS\system32\cabview.dll 2010-06-21 19:29:20 ----A---- C:\WINDOWS\system32\catsrvut.dll 2010-06-21 19:29:20 ----A---- C:\WINDOWS\system32\catsrvps.dll 2010-06-21 19:29:19 ----A---- C:\WINDOWS\system32\cdosys.dll 2010-06-21 19:29:19 ----A---- C:\WINDOWS\system32\cdfview.dll 2010-06-21 19:29:17 ----A---- C:\WINDOWS\system32\cewmdm.dll 2010-06-21 19:29:17 ----A---- C:\WINDOWS\system32\certmgr.dll 2010-06-21 19:29:17 ----A---- C:\WINDOWS\system32\certcli.dll 2010-06-21 19:29:16 ----A---- C:\WINDOWS\system32\cic.dll 2010-06-21 19:29:16 ----A---- C:\WINDOWS\system32\cfgmgr32.dll 2010-06-21 19:29:16 ----A---- C:\WINDOWS\system32\cfgbkend.dll 2010-06-21 19:29:15 ----A---- C:\WINDOWS\system32\clbcatq.dll 2010-06-21 19:29:15 ----A---- C:\WINDOWS\system32\clbcatex.dll 2010-06-21 19:29:15 ----A---- C:\WINDOWS\system32\cisvc.exe 2010-06-21 19:29:15 ----A---- C:\WINDOWS\system32\ciodm.dll 2010-06-21 19:29:14 ----A---- C:\WINDOWS\system32\clipbrd.exe 2010-06-21 19:29:14 ----A---- C:\WINDOWS\system32\cliconfg.exe 2010-06-21 19:29:14 ----A---- C:\WINDOWS\system32\cliconfg.dll 2010-06-21 19:29:14 ----A---- C:\WINDOWS\system32\cleanmgr.exe 2010-06-21 19:29:13 ----A---- C:\WINDOWS\system32\cmdial32.dll 2010-06-21 19:29:13 ----A---- C:\WINDOWS\system32\cmcfg32.dll 2010-06-21 19:29:13 ----A---- C:\WINDOWS\system32\clusapi.dll 2010-06-21 19:29:13 ----A---- C:\WINDOWS\system32\clipsrv.exe 2010-06-21 19:29:12 ----A---- C:\WINDOWS\system32\comaddin.dll 2010-06-21 19:29:12 ----A---- C:\WINDOWS\system32\colbact.dll 2010-06-21 19:29:12 ----A---- C:\WINDOWS\system32\cnbjmon.dll 2010-06-21 19:29:12 ----A---- C:\WINDOWS\system32\cmutil.dll 2010-06-21 19:29:12 ----A---- C:\WINDOWS\system32\cmstp.exe 2010-06-21 19:29:12 ----A---- C:\WINDOWS\system32\cmprops.dll 2010-06-21 19:29:12 ----A---- C:\WINDOWS\system32\cmmon32.exe 2010-06-21 19:29:12 ----A---- C:\WINDOWS\system32\cmdl32.exe 2010-06-21 19:29:11 ----A---- C:\WINDOWS\system32\comrepl.dll 2010-06-21 19:29:11 ----A---- C:\WINDOWS\system32\compstui.dll 2010-06-21 19:29:11 ----A---- C:\WINDOWS\system32\compatui.dll 2010-06-21 19:29:10 ----A---- C:\WINDOWS\system32\comres.dll 2010-06-21 19:29:09 ----A---- C:\WINDOWS\system32\comsnap.dll 2010-06-21 19:29:08 ----A---- C:\WINDOWS\system32\comuid.dll 2010-06-21 19:29:08 ----A---- C:\WINDOWS\system32\comsvcs.dll 2010-06-21 19:29:07 ----A---- C:\WINDOWS\system32\confmsp.dll 2010-06-21 19:29:06 ----A---- C:\WINDOWS\system32\cryptdlg.dll 2010-06-21 19:29:06 ----A---- C:\WINDOWS\system32\crypt32.dll 2010-06-21 19:29:06 ----A---- C:\WINDOWS\system32\credui.dll 2010-06-21 19:29:06 ----A---- C:\WINDOWS\system32\corpol.dll 2010-06-21 19:29:06 ----A---- C:\WINDOWS\system32\conime.exe 2010-06-21 19:29:05 ----A---- C:\WINDOWS\system32\cryptsvc.dll 2010-06-21 19:29:05 ----A---- C:\WINDOWS\system32\cryptnet.dll 2010-06-21 19:29:05 ----A---- C:\WINDOWS\system32\cryptext.dll 2010-06-21 19:29:05 ----A---- C:\WINDOWS\system32\cryptdll.dll 2010-06-21 19:29:04 ----A---- C:\WINDOWS\system32\cscript.exe 2010-06-21 19:29:04 ----A---- C:\WINDOWS\system32\cscdll.dll 2010-06-21 19:29:04 ----A---- C:\WINDOWS\system32\cryptui.dll 2010-06-21 19:29:03 ----A---- C:\WINDOWS\system32\ctfmon.exe 2010-06-21 19:29:03 ----A---- C:\WINDOWS\system32\csrss.exe 2010-06-21 19:29:03 ----A---- C:\WINDOWS\system32\cscui.dll 2010-06-21 19:29:02 ----A---- C:\WINDOWS\system32\d3dim700.dll 2010-06-21 19:29:02 ----A---- C:\WINDOWS\system32\d3d8thk.dll 2010-06-21 19:29:02 ----A---- C:\WINDOWS\system32\d3d8.dll 2010-06-21 19:29:01 ----A---- C:\WINDOWS\system32\datime.dll 2010-06-21 19:29:01 ----A---- C:\WINDOWS\system32\dataclen.dll 2010-06-21 19:29:01 ----A---- C:\WINDOWS\system32\danim.dll 2010-06-21 19:29:00 ----A---- C:\WINDOWS\system32\dbghelp.dll 2010-06-21 19:29:00 ----A---- C:\WINDOWS\system32\davclnt.dll 2010-06-21 19:28:59 ----A---- C:\WINDOWS\system32\ddraw.dll 2010-06-21 19:28:59 ----A---- C:\WINDOWS\system32\ddeshare.exe 2010-06-21 19:28:59 ----A---- C:\WINDOWS\system32\dcomcnfg.exe 2010-06-21 19:28:59 ----A---- C:\WINDOWS\system32\dciman32.dll 2010-06-21 19:28:59 ----A---- C:\WINDOWS\system32\dbnmpntw.dll 2010-06-21 19:28:59 ----A---- C:\WINDOWS\system32\dbnetlib.dll 2010-06-21 19:28:59 ----A---- C:\WINDOWS\system32\dbmsrpcn.dll 2010-06-21 19:28:58 ----A---- C:\WINDOWS\system32\dfrgfat.exe 2010-06-21 19:28:58 ----A---- C:\WINDOWS\system32\devmgr.dll 2010-06-21 19:28:58 ----A---- C:\WINDOWS\system32\devenum.dll 2010-06-21 19:28:58 ----A---- C:\WINDOWS\system32\defrag.exe 2010-06-21 19:28:58 ----A---- C:\WINDOWS\system32\ddrawex.dll 2010-06-21 19:28:57 ----A---- C:\WINDOWS\system32\dhcpmon.dll 2010-06-21 19:28:57 ----A---- C:\WINDOWS\system32\dgnet.dll 2010-06-21 19:28:57 ----A---- C:\WINDOWS\system32\dfsshlex.dll 2010-06-21 19:28:57 ----A---- C:\WINDOWS\system32\dfrgui.dll 2010-06-21 19:28:57 ----A---- C:\WINDOWS\system32\dfrgsnap.dll 2010-06-21 19:28:57 ----A---- C:\WINDOWS\system32\dfrgntfs.exe 2010-06-21 19:28:56 ----A---- C:\WINDOWS\system32\digest.dll 2010-06-21 19:28:56 ----A---- C:\WINDOWS\system32\diantz.exe 2010-06-21 19:28:55 ----A---- C:\WINDOWS\system32\diskcopy.dll 2010-06-21 19:28:55 ----A---- C:\WINDOWS\system32\dinput8.dll 2010-06-21 19:28:55 ----A---- C:\WINDOWS\system32\dinput.dll 2010-06-21 19:28:52 ----A---- C:\WINDOWS\system32\dmadmin.exe 2010-06-21 19:28:52 ----A---- C:\WINDOWS\system32\dllhost.exe 2010-06-21 19:28:52 ----A---- C:\WINDOWS\system32\dispex.dll 2010-06-21 19:28:52 ----A---- C:\WINDOWS\system32\diskpart.exe 2010-06-21 19:28:51 ----A---- C:\WINDOWS\system32\dmdlgs.dll 2010-06-21 19:28:51 ----A---- C:\WINDOWS\system32\dmcompos.dll 2010-06-21 19:28:51 ----A---- C:\WINDOWS\system32\dmband.dll 2010-06-21 19:28:50 ----A---- C:\WINDOWS\system32\dmime.dll 2010-06-21 19:28:50 ----A---- C:\WINDOWS\system32\dmdskmgr.dll 2010-06-21 19:28:49 ----A---- C:\WINDOWS\system32\dmsynth.dll 2010-06-21 19:28:49 ----A---- C:\WINDOWS\system32\dmstyle.dll 2010-06-21 19:28:49 ----A---- C:\WINDOWS\system32\dmserver.dll 2010-06-21 19:28:49 ----A---- C:\WINDOWS\system32\dmscript.dll 2010-06-21 19:28:49 ----A---- C:\WINDOWS\system32\dmremote.exe 2010-06-21 19:28:49 ----A---- C:\WINDOWS\system32\dmloader.dll 2010-06-21 19:28:48 ----A---- C:\WINDOWS\system32\dosx.exe 2010-06-21 19:28:48 ----A---- C:\WINDOWS\system32\docprop2.dll 2010-06-21 19:28:48 ----A---- C:\WINDOWS\system32\dnsrslvr.dll 2010-06-21 19:28:48 ----A---- C:\WINDOWS\system32\dnsapi.dll 2010-06-21 19:28:48 ----A---- C:\WINDOWS\system32\dmutil.dll 2010-06-21 19:28:48 ----A---- C:\WINDOWS\system32\dmusic.dll 2010-06-21 19:28:47 ----A---- C:\WINDOWS\system32\dpnhupnp.dll 2010-06-21 19:28:47 ----A---- C:\WINDOWS\system32\dpnhpast.dll 2010-06-21 19:28:47 ----A---- C:\WINDOWS\system32\dpnet.dll 2010-06-21 19:28:47 ----A---- C:\WINDOWS\system32\dpnaddr.dll 2010-06-21 19:28:47 ----A---- C:\WINDOWS\system32\dpmodemx.dll 2010-06-21 19:28:47 ----A---- C:\WINDOWS\system32\dplayx.dll 2010-06-21 19:28:47 ----A---- C:\WINDOWS\system32\dplaysvr.exe 2010-06-21 19:28:46 ----A---- C:\WINDOWS\system32\dpwsockx.dll 2010-06-21 19:28:46 ----A---- C:\WINDOWS\system32\dpvvox.dll 2010-06-21 19:28:46 ----A---- C:\WINDOWS\system32\dpvsetup.exe 2010-06-21 19:28:46 ----A---- C:\WINDOWS\system32\dpvoice.dll 2010-06-21 19:28:46 ----A---- C:\WINDOWS\system32\dpvacm.dll 2010-06-21 19:28:46 ----A---- C:\WINDOWS\system32\dpnsvr.exe 2010-06-21 19:28:46 ----A---- C:\WINDOWS\system32\dpnlobby.dll 2010-06-21 19:28:45 ----A---- C:\WINDOWS\system32\ds32gt.dll 2010-06-21 19:28:45 ----A---- C:\WINDOWS\system32\drprov.dll 2010-06-21 19:28:45 ----A---- C:\WINDOWS\system32\drmv2clt.dll 2010-06-21 19:28:45 ----A---- C:\WINDOWS\system32\drmstor.dll 2010-06-21 19:28:45 ----A---- C:\WINDOWS\system32\drmclien.dll 2010-06-21 19:28:44 ----A---- C:\WINDOWS\system32\dskquoui.dll 2010-06-21 19:28:44 ----A---- C:\WINDOWS\system32\dskquota.dll 2010-06-21 19:28:44 ----A---- C:\WINDOWS\system32\dsdmoprp.dll 2010-06-21 19:28:44 ----A---- C:\WINDOWS\system32\dsdmo.dll 2010-06-21 19:28:43 ----A---- C:\WINDOWS\system32\dsound3d.dll 2010-06-21 19:28:43 ----A---- C:\WINDOWS\system32\dsound.dll 2010-06-21 19:28:42 ----A---- C:\WINDOWS\system32\dsprop.dll 2010-06-21 19:28:41 ----A---- C:\WINDOWS\system32\dumprep.exe 2010-06-21 19:28:41 ----A---- C:\WINDOWS\system32\dswave.dll 2010-06-21 19:28:41 ----A---- C:\WINDOWS\system32\dsuiext.dll 2010-06-21 19:28:41 ----A---- C:\WINDOWS\system32\dssenh.dll 2010-06-21 19:28:41 ----A---- C:\WINDOWS\system32\dssec.dll 2010-06-21 19:28:41 ----A---- C:\WINDOWS\system32\dsquery.dll 2010-06-21 19:28:40 ----A---- C:\WINDOWS\system32\dx7vb.dll 2010-06-21 19:28:40 ----A---- C:\WINDOWS\system32\dwwin.exe 2010-06-21 19:28:40 ----A---- C:\WINDOWS\system32\dvdupgrd.exe 2010-06-21 19:28:40 ----A---- C:\WINDOWS\system32\duser.dll 2010-06-21 19:28:39 ----A---- C:\WINDOWS\system32\dx8vb.dll 2010-06-21 19:28:38 ----A---- C:\WINDOWS\system32\dxdiag.exe 2010-06-21 19:28:37 ----A---- C:\WINDOWS\system32\dxmasf.dll 2010-06-21 19:28:36 ----A---- C:\WINDOWS\system32\ersvc.dll 2010-06-21 19:28:36 ----A---- C:\WINDOWS\system32\els.dll 2010-06-21 19:28:36 ----A---- C:\WINDOWS\system32\dxtrans.dll 2010-06-21 19:28:36 ----A---- C:\WINDOWS\system32\dxtmsft.dll 2010-06-21 19:28:35 ----A---- C:\WINDOWS\system32\esent.dll 2010-06-21 19:28:35 ----A---- C:\WINDOWS\system32\es.dll 2010-06-21 19:28:34 ----A---- C:\WINDOWS\system32\eventlog.dll 2010-06-21 19:28:34 ----A---- C:\WINDOWS\system32\eudcedit.exe 2010-06-21 19:28:33 ----A---- C:\WINDOWS\system32\filemgmt.dll 2010-06-21 19:28:33 ----A---- C:\WINDOWS\system32\feclient.dll 2010-06-21 19:28:33 ----A---- C:\WINDOWS\system32\faultrep.dll 2010-06-21 19:28:33 ----A---- C:\WINDOWS\system32\exts.dll 2010-06-21 19:28:33 ----A---- C:\WINDOWS\system32\extrac32.exe 2010-06-21 19:28:33 ----A---- C:\WINDOWS\system32\expsrv.dll 2010-06-21 19:28:32 ----A---- C:\WINDOWS\system32\fontext.dll 2010-06-21 19:28:32 ----A---- C:\WINDOWS\system32\fldrclnr.dll 2010-06-21 19:28:32 ----A---- C:\WINDOWS\system32\findstr.exe 2010-06-21 19:28:31 ----A---- C:\WINDOWS\system32\framebuf.dll 2010-06-21 19:28:31 ----A---- C:\WINDOWS\system32\forcedos.exe 2010-06-21 19:28:31 ----A---- C:\WINDOWS\system32\fontview.exe 2010-06-21 19:28:31 ----A---- C:\WINDOWS\system32\fontsub.dll 2010-06-21 19:28:30 ----A---- C:\WINDOWS\system32\glu32.dll 2010-06-21 19:28:30 ----A---- C:\WINDOWS\system32\gdi32.dll 2010-06-21 19:28:29 ----A---- C:\WINDOWS\system32\h323msp.dll 2010-06-21 19:28:29 ----A---- C:\WINDOWS\system32\grpconv.exe 2010-06-21 19:28:29 ----A---- C:\WINDOWS\system32\gpkrsrc.dll 2010-06-21 19:28:28 ----A---- C:\WINDOWS\system32\help.exe 2010-06-21 19:28:27 ----A---- C:\WINDOWS\system32\hlink.dll 2010-06-21 19:28:27 ----A---- C:\WINDOWS\system32\hid.dll 2010-06-21 19:28:27 ----A---- C:\WINDOWS\system32\hhsetup.dll 2010-06-21 19:28:26 ----A---- C:\WINDOWS\system32\hypertrm.dll 2010-06-21 19:28:26 ----A---- C:\WINDOWS\system32\htui.dll 2010-06-21 19:28:26 ----A---- C:\WINDOWS\system32\hotplug.dll 2010-06-21 19:28:26 ----A---- C:\WINDOWS\system32\hnetwiz.dll 2010-06-21 19:28:26 ----A---- C:\WINDOWS\system32\hnetcfg.dll 2010-06-21 19:28:25 ----A---- C:\WINDOWS\system32\icaapi.dll 2010-06-21 19:28:25 ----A---- C:\WINDOWS\system32\iasrad.dll 2010-06-21 19:28:24 ----A---- C:\WINDOWS\system32\idq.dll 2010-06-21 19:28:24 ----A---- C:\WINDOWS\system32\icwphbk.dll 2010-06-21 19:28:24 ----A---- C:\WINDOWS\system32\icwdial.dll 2010-06-21 19:28:24 ----A---- C:\WINDOWS\system32\icmp.dll 2010-06-21 19:28:24 ----A---- C:\WINDOWS\system32\icm32.dll 2010-06-21 19:28:24 ----A---- C:\WINDOWS\system32\iccvid.dll 2010-06-21 19:28:23 ----A---- C:\WINDOWS\system32\iedkcs32.dll 2010-06-21 19:28:23 ----A---- C:\WINDOWS\system32\ieaksie.dll 2010-06-21 19:28:23 ----A---- C:\WINDOWS\system32\ieakeng.dll 2010-06-21 19:28:23 ----A---- C:\WINDOWS\system32\ie4uinit.exe 2010-06-21 19:28:22 ----A---- C:\WINDOWS\system32\ils.dll 2010-06-21 19:28:22 ----A---- C:\WINDOWS\system32\igmpagnt.dll 2010-06-21 19:28:22 ----A---- C:\WINDOWS\system32\ifmon.dll 2010-06-21 19:28:22 ----A---- C:\WINDOWS\system32\iexpress.exe 2010-06-21 19:28:22 ----A---- C:\WINDOWS\system32\iesetup.dll 2010-06-21 19:28:22 ----A---- C:\WINDOWS\system32\iernonce.dll 2010-06-21 19:28:22 ----A---- C:\WINDOWS\system32\iepeers.dll 2010-06-21 19:28:21 ----A---- C:\WINDOWS\system32\inetcfg.dll 2010-06-21 19:28:21 ----A---- C:\WINDOWS\system32\imm32.dll 2010-06-21 19:28:21 ----A---- C:\WINDOWS\system32\imgutil.dll 2010-06-21 19:28:21 ----A---- C:\WINDOWS\system32\imeshare.dll 2010-06-21 19:28:21 ----A---- C:\WINDOWS\system32\imapi.exe 2010-06-21 19:28:20 ----A---- C:\WINDOWS\system32\inetpp.dll 2010-06-21 19:28:20 ----A---- C:\WINDOWS\system32\inetmib1.dll 2010-06-21 19:28:20 ----A---- C:\WINDOWS\system32\inetcomm.dll 2010-06-21 19:28:19 ----A---- C:\WINDOWS\system32\initpki.dll 2010-06-21 19:28:19 ----A---- C:\WINDOWS\system32\inetres.dll 2010-06-21 19:28:19 ----A---- C:\WINDOWS\system32\inetppui.dll 2010-06-21 19:28:18 ----A---- C:\WINDOWS\system32\inseng.dll 2010-06-21 19:28:18 ----A---- C:\WINDOWS\system32\input.dll 2010-06-21 19:28:17 ----A---- C:\WINDOWS\system32\ipmontr.dll 2010-06-21 19:28:17 ----A---- C:\WINDOWS\system32\iphlpapi.dll 2010-06-21 19:28:17 ----A---- C:\WINDOWS\system32\ipconfig.exe 2010-06-21 19:28:15 ----A---- C:\WINDOWS\system32\iprtrmgr.dll 2010-06-21 19:28:15 ----A---- C:\WINDOWS\system32\ippromon.dll 2010-06-21 19:28:15 ----A---- C:\WINDOWS\system32\ipnathlp.dll 2010-06-21 19:28:14 ----A---- C:\WINDOWS\system32\ipsecsnp.dll 2010-06-21 19:28:13 ----A---- C:\WINDOWS\system32\ipsmsnap.dll 2010-06-21 19:28:13 ----A---- C:\WINDOWS\system32\ipsecsvc.dll 2010-06-21 19:28:12 ----A---- C:\WINDOWS\system32\irftp.exe 2010-06-21 19:28:12 ----A---- C:\WINDOWS\system32\ipxwan.dll 2010-06-21 19:28:12 ----A---- C:\WINDOWS\system32\ipxroute.exe 2010-06-21 19:28:12 ----A---- C:\WINDOWS\system32\ipv6mon.dll 2010-06-21 19:28:12 ----A---- C:\WINDOWS\system32\ipv6.exe 2010-06-21 19:28:11 ----A---- C:\WINDOWS\system32\itss.dll 2010-06-21 19:28:11 ----A---- C:\WINDOWS\system32\itircl.dll 2010-06-21 19:28:11 ----A---- C:\WINDOWS\system32\isrdbg32.dll 2010-06-21 19:28:11 ----A---- C:\WINDOWS\system32\isign32.dll 2010-06-21 19:28:11 ----A---- C:\WINDOWS\system32\irmon.dll 2010-06-21 19:28:10 ----A---- C:\WINDOWS\system32\jgpl400.dll 2010-06-21 19:28:10 ----A---- C:\WINDOWS\system32\jgdw400.dll 2010-06-21 19:28:10 ----A---- C:\WINDOWS\system32\iyuv_32.dll 2010-06-21 19:28:10 ----A---- C:\WINDOWS\system32\ixsso.dll 2010-06-21 19:28:09 ----A---- C:\WINDOWS\system32\jscript.dll 2010-06-21 19:28:08 ----A---- C:\WINDOWS\system32\kbdnec.dll 2010-06-21 19:28:08 ----A---- C:\WINDOWS\system32\jsproxy.dll 2010-06-21 19:28:07 ----A---- C:\WINDOWS\system32\keymgr.dll 2010-06-21 19:28:07 ----A---- C:\WINDOWS\system32\kerberos.dll 2010-06-21 19:28:07 ----A---- C:\WINDOWS\system32\kd1394.dll 2010-06-21 19:28:06 ----A---- C:\WINDOWS\system32\laprxy.dll 2010-06-21 19:28:06 ----A---- C:\WINDOWS\system32\ksuser.dll 2010-06-21 19:28:06 ----A---- C:\WINDOWS\system32\krnl386.exe 2010-06-21 19:28:05 ----A---- C:\WINDOWS\system32\linkinfo.dll 2010-06-21 19:28:05 ----A---- C:\WINDOWS\system32\licwmi.dll 2010-06-21 19:28:05 ----A---- C:\WINDOWS\system32\licmgr10.dll 2010-06-21 19:28:05 ----A---- C:\WINDOWS\system32\licdll.dll 2010-06-21 19:28:04 ----A---- C:\WINDOWS\system32\localui.dll 2010-06-21 19:28:04 ----A---- C:\WINDOWS\system32\localsec.dll 2010-06-21 19:28:04 ----A---- C:\WINDOWS\system32\loadperf.dll 2010-06-21 19:28:04 ----A---- C:\WINDOWS\system32\lmrt.dll 2010-06-21 19:28:03 ----A---- C:\WINDOWS\system32\logonui.exe 2010-06-21 19:28:03 ----A---- C:\WINDOWS\system32\logagent.exe 2010-06-21 19:28:02 ----A---- C:\WINDOWS\system32\magnify.exe 2010-06-21 19:28:02 ----A---- C:\WINDOWS\system32\lsass.exe 2010-06-21 19:28:02 ----A---- C:\WINDOWS\system32\lprhelp.dll 2010-06-21 19:28:02 ----A---- C:\WINDOWS\system32\lpk.dll 2010-06-21 19:28:01 ----A---- C:\WINDOWS\system32\mcastmib.dll 2010-06-21 19:28:01 ----A---- C:\WINDOWS\system32\makecab.exe 2010-06-21 19:28:00 ----A---- C:\WINDOWS\system32\mciwave.dll 2010-06-21 19:28:00 ----A---- C:\WINDOWS\system32\mciseq.dll 2010-06-21 19:28:00 ----A---- C:\WINDOWS\system32\mciqtz32.dll 2010-06-21 19:28:00 ----A---- C:\WINDOWS\system32\mciavi32.dll 2010-06-21 19:27:59 ----A---- C:\WINDOWS\system32\mdminst.dll 2010-06-21 19:27:58 ----A---- C:\WINDOWS\system32\mfc40u.dll 2010-06-21 19:27:58 ----A---- C:\WINDOWS\system32\mf3216.dll 2010-06-21 19:27:54 ----A---- C:\WINDOWS\system32\mfc42.dll 2010-06-21 19:27:52 ----A---- C:\WINDOWS\system32\midimap.dll 2010-06-21 19:27:52 ----A---- C:\WINDOWS\system32\mfcsubs.dll 2010-06-21 19:27:52 ----A---- C:\WINDOWS\system32\mfc42u.dll 2010-06-21 19:27:51 ----A---- C:\WINDOWS\system32\mlang.dll 2010-06-21 19:27:51 ----A---- C:\WINDOWS\system32\mimefilt.dll 2010-06-21 19:27:51 ----A---- C:\WINDOWS\system32\miglibnt.dll 2010-06-21 19:27:50 ----A---- C:\WINDOWS\system32\mmcbase.dll 2010-06-21 19:27:50 ----A---- C:\WINDOWS\system32\mmc.exe 2010-06-21 19:27:49 ----A---- C:\WINDOWS\system32\mmcshext.dll 2010-06-21 19:27:49 ----A---- C:\WINDOWS\system32\mmcndmgr.dll 2010-06-21 19:27:48 ----A---- C:\WINDOWS\system32\mmfutil.dll 2010-06-21 19:27:47 ----A---- C:\WINDOWS\system32\modemui.dll 2010-06-21 19:27:47 ----A---- C:\WINDOWS\system32\mobsync.exe 2010-06-21 19:27:47 ----A---- C:\WINDOWS\system32\mobsync.dll 2010-06-21 19:27:47 ----A---- C:\WINDOWS\system32\mnmsrvc.exe 2010-06-21 19:27:47 ----A---- C:\WINDOWS\system32\mnmdd.dll 2010-06-21 19:27:47 ----A---- C:\WINDOWS\system32\mmsystem.dll 2010-06-21 19:27:46 ----A---- C:\WINDOWS\system32\mpr.dll 2010-06-21 19:27:46 ----A---- C:\WINDOWS\system32\mplay32.exe 2010-06-21 19:27:46 ----A---- C:\WINDOWS\system32\mpg4dmod.dll 2010-06-21 19:27:46 ----A---- C:\WINDOWS\system32\moricons.dll 2010-06-21 19:27:46 ----A---- C:\WINDOWS\system32\more.com 2010-06-21 19:27:45 ----A---- C:\WINDOWS\system32\msasn1.dll 2010-06-21 19:27:45 ----A---- C:\WINDOWS\system32\msapsspc.dll 2010-06-21 19:27:45 ----A---- C:\WINDOWS\system32\msafd.dll 2010-06-21 19:27:45 ----A---- C:\WINDOWS\system32\msacm32.dll 2010-06-21 19:27:45 ----A---- C:\WINDOWS\system32\mprdim.dll 2010-06-21 19:27:45 ----A---- C:\WINDOWS\system32\mprapi.dll 2010-06-21 19:27:44 ----A---- C:\WINDOWS\system32\msctfp.dll 2010-06-21 19:27:44 ----A---- C:\WINDOWS\system32\msctf.dll 2010-06-21 19:27:44 ----A---- C:\WINDOWS\system32\mscpxl32.dll 2010-06-21 19:27:44 ----A---- C:\WINDOWS\system32\mscpx32r.dll 2010-06-21 19:27:44 ----A---- C:\WINDOWS\system32\msconf.dll 2010-06-21 19:27:44 ----A---- C:\WINDOWS\system32\mscms.dll 2010-06-21 19:27:43 ----A---- C:\WINDOWS\system32\msdtctm.dll 2010-06-21 19:27:43 ----A---- C:\WINDOWS\system32\msdtcprx.dll 2010-06-21 19:27:43 ----A---- C:\WINDOWS\system32\msdtclog.dll 2010-06-21 19:27:43 ----A---- C:\WINDOWS\system32\msdtc.exe 2010-06-21 19:27:43 ----A---- C:\WINDOWS\system32\msdmo.dll 2010-06-21 19:27:43 ----A---- C:\WINDOWS\system32\msdart.dll 2010-06-21 19:27:42 ----A---- C:\WINDOWS\system32\msdtcuiu.dll 2010-06-21 19:27:41 ----A---- C:\WINDOWS\system32\msexcl40.dll 2010-06-21 19:27:41 ----A---- C:\WINDOWS\system32\msexch40.dll 2010-06-21 19:27:41 ----A---- C:\WINDOWS\system32\msdxmlc.dll 2010-06-21 19:27:40 ----A---- C:\WINDOWS\system32\msgina.dll 2010-06-21 19:27:39 ----A---- C:\WINDOWS\system32\mshta.exe 2010-06-21 19:27:37 ----A---- C:\WINDOWS\system32\mshtmler.dll 2010-06-21 19:27:37 ----A---- C:\WINDOWS\system32\mshtmled.dll 2010-06-21 19:27:37 ----A---- C:\WINDOWS\system32\mshtml.dll 2010-06-21 19:27:36 ----A---- C:\WINDOWS\system32\msiexec.exe 2010-06-21 19:27:36 ----A---- C:\WINDOWS\system32\msieftp.dll 2010-06-21 19:27:36 ----A---- C:\WINDOWS\system32\msidle.dll 2010-06-21 19:27:36 ----A---- C:\WINDOWS\system32\msident.dll 2010-06-21 19:27:36 ----A---- C:\WINDOWS\system32\msi.dll 2010-06-21 19:27:35 ----A---- C:\WINDOWS\system32\msimsg.dll 2010-06-21 19:27:35 ----A---- C:\WINDOWS\system32\msimg32.dll 2010-06-21 19:27:35 ----A---- C:\WINDOWS\system32\msihnd.dll 2010-06-21 19:27:34 ----A---- C:\WINDOWS\system32\msisip.dll 2010-06-21 19:27:34 ----A---- C:\WINDOWS\system32\msimtf.dll 2010-06-21 19:27:33 ----A---- C:\WINDOWS\system32\msjint40.dll 2010-06-21 19:27:33 ----A---- C:\WINDOWS\system32\msjetoledb40.dll 2010-06-21 19:27:33 ----A---- C:\WINDOWS\system32\msjet40.dll 2010-06-21 19:27:32 ----A---- C:\WINDOWS\system32\msnetobj.dll 2010-06-21 19:27:32 ----A---- C:\WINDOWS\system32\msltus40.dll 2010-06-21 19:27:32 ----A---- C:\WINDOWS\system32\mslbui.dll 2010-06-21 19:27:32 ----A---- C:\WINDOWS\system32\msjtes40.dll 2010-06-21 19:27:32 ----A---- C:\WINDOWS\system32\msjter40.dll 2010-06-21 19:27:31 ----A---- C:\WINDOWS\system32\mspmsp.dll 2010-06-21 19:27:31 ----A---- C:\WINDOWS\system32\mspbde40.dll 2010-06-21 19:27:31 ----A---- C:\WINDOWS\system32\mspatcha.dll 2010-06-21 19:27:31 ----A---- C:\WINDOWS\system32\mspaint.exe 2010-06-21 19:27:31 ----A---- C:\WINDOWS\system32\msorcl32.dll 2010-06-21 19:27:31 ----A---- C:\WINDOWS\system32\msorc32r.dll 2010-06-21 19:27:31 ----A---- C:\WINDOWS\system32\msoert2.dll 2010-06-21 19:27:31 ----A---- C:\WINDOWS\system32\msoeacct.dll 2010-06-21 19:27:31 ----A---- C:\WINDOWS\system32\msnsspc.dll 2010-06-21 19:27:30 ----A---- C:\WINDOWS\system32\msrd3x40.dll 2010-06-21 19:27:30 ----A---- C:\WINDOWS\system32\msrd2x40.dll 2010-06-21 19:27:30 ----A---- C:\WINDOWS\system32\msrating.dll 2010-06-21 19:27:30 ----A---- C:\WINDOWS\system32\msprivs.dll 2010-06-21 19:27:29 ----A---- C:\WINDOWS\system32\mstext40.dll 2010-06-21 19:27:29 ----A---- C:\WINDOWS\system32\mstask.dll 2010-06-21 19:27:29 ----A---- C:\WINDOWS\system32\msscp.dll 2010-06-21 19:27:29 ----A---- C:\WINDOWS\system32\msrle32.dll 2010-06-21 19:27:29 ----A---- C:\WINDOWS\system32\msrepl40.dll 2010-06-21 19:27:28 ----A---- C:\WINDOWS\system32\msvbvm60.dll 2010-06-21 19:27:28 ----A---- C:\WINDOWS\system32\msutb.dll 2010-06-21 19:27:28 ----A---- C:\WINDOWS\system32\mstlsapi.dll 2010-06-21 19:27:28 ----A---- C:\WINDOWS\system32\mstinit.exe 2010-06-21 19:27:28 ----A---- C:\WINDOWS\system32\mstime.dll 2010-06-21 19:27:26 ----A---- C:\WINDOWS\system32\msvcrt.dll 2010-06-21 19:27:26 ----A---- C:\WINDOWS\system32\msvcp60.dll 2010-06-21 19:27:26 ----A---- C:\WINDOWS\system32\msvcirt.dll 2010-06-21 19:27:25 ----A---- C:\WINDOWS\system32\msvfw32.dll 2010-06-21 19:27:25 ----A---- C:\WINDOWS\system32\msvcrt40.dll 2010-06-21 19:27:24 ----A---- C:\WINDOWS\system32\msw3prt.dll 2010-06-21 19:27:24 ----A---- C:\WINDOWS\system32\msvidctl.dll 2010-06-21 19:27:23 ----A---- C:\WINDOWS\system32\mswdat10.dll 2010-06-21 19:27:21 ----A---- C:\WINDOWS\system32\mswmdm.dll 2010-06-21 19:27:21 ----A---- C:\WINDOWS\system32\mswebdvd.dll 2010-06-21 19:27:20 ----A---- C:\WINDOWS\system32\mswstr10.dll 2010-06-21 19:27:20 ----A---- C:\WINDOWS\system32\mswsock.dll 2010-06-21 19:27:19 ----A---- C:\WINDOWS\system32\msxml.dll 2010-06-21 19:27:19 ----A---- C:\WINDOWS\system32\msxbde40.dll 2010-06-21 19:27:17 ----A---- C:\WINDOWS\system32\msxml2.dll 2010-06-21 19:27:16 ----A---- C:\WINDOWS\system32\mtxlegih.dll 2010-06-21 19:27:16 ----A---- C:\WINDOWS\system32\mtxex.dll 2010-06-21 19:27:16 ----A---- C:\WINDOWS\system32\mtxdm.dll 2010-06-21 19:27:16 ----A---- C:\WINDOWS\system32\mtxclu.dll 2010-06-21 19:27:16 ----A---- C:\WINDOWS\system32\msyuv.dll 2010-06-21 19:27:16 ----A---- C:\WINDOWS\system32\msxml3.dll 2010-06-21 19:27:15 ----A---- C:\WINDOWS\system32\mtxoci.dll 2010-06-21 19:27:14 ----A---- C:\WINDOWS\system32\net.exe 2010-06-21 19:27:14 ----A---- C:\WINDOWS\system32\nddenb32.dll 2010-06-21 19:27:14 ----A---- C:\WINDOWS\system32\nddeapir.exe 2010-06-21 19:27:14 ----A---- C:\WINDOWS\system32\nddeapi.dll 2010-06-21 19:27:14 ----A---- C:\WINDOWS\system32\ncobjapi.dll 2010-06-21 19:27:14 ----A---- C:\WINDOWS\system32\narrator.exe 2010-06-21 19:27:14 ----A---- C:\WINDOWS\system32\mydocs.dll 2010-06-21 19:27:13 ----A---- C:\WINDOWS\system32\netcfgx.dll 2010-06-21 19:27:13 ----A---- C:\WINDOWS\system32\netapi32.dll 2010-06-21 19:27:13 ----A---- C:\WINDOWS\system32\net1.exe 2010-06-21 19:27:12 ----A---- C:\WINDOWS\system32\netman.dll 2010-06-21 19:27:12 ----A---- C:\WINDOWS\system32\netlogon.dll 2010-06-21 19:27:12 ----A---- C:\WINDOWS\system32\netid.dll 2010-06-21 19:27:12 ----A---- C:\WINDOWS\system32\netdde.exe 2010-06-21 19:27:11 ----A---- C:\WINDOWS\system32\netsh.exe 2010-06-21 19:27:11 ----A---- C:\WINDOWS\system32\netsetup.exe 2010-06-21 19:27:11 ----A---- C:\WINDOWS\system32\netrap.dll 2010-06-21 19:27:11 ----A---- C:\WINDOWS\system32\netplwiz.dll 2010-06-21 19:27:10 ----A---- C:\WINDOWS\system32\netui1.dll 2010-06-21 19:27:10 ----A---- C:\WINDOWS\system32\netui0.dll 2010-06-21 19:27:10 ----A---- C:\WINDOWS\system32\netstat.exe 2010-06-21 19:27:10 ----A---- C:\WINDOWS\system32\netshell.dll 2010-06-21 19:27:09 ----A---- C:\WINDOWS\system32\npptools.dll 2010-06-21 19:27:09 ----A---- C:\WINDOWS\system32\notepad.exe 2010-06-21 19:27:09 ----A---- C:\WINDOWS\system32\nmmkcert.dll 2010-06-21 19:27:09 ----A---- C:\WINDOWS\system32\nlhtml.dll 2010-06-21 19:27:09 ----A---- C:\WINDOWS\system32\newdev.dll 2010-06-21 19:27:09 ----A---- C:\WINDOWS\notepad.exe 2010-06-21 19:27:08 ----A---- C:\WINDOWS\system32\ntmsapi.dll 2010-06-21 19:27:08 ----A---- C:\WINDOWS\system32\ntmarta.dll 2010-06-21 19:27:08 ----A---- C:\WINDOWS\system32\ntlanman.dll 2010-06-21 19:27:08 ----A---- C:\WINDOWS\system32\ntdsapi.dll 2010-06-21 19:27:07 ----A---- C:\WINDOWS\system32\ntmsmgr.dll 2010-06-21 19:27:07 ----A---- C:\WINDOWS\system32\ntmsdba.dll 2010-06-21 19:27:06 ----A---- C:\WINDOWS\system32\oakley.dll 2010-06-21 19:27:06 ----A---- C:\WINDOWS\system32\ntvdmd.dll 2010-06-21 19:27:06 ----A---- C:\WINDOWS\system32\ntshrui.dll 2010-06-21 19:27:06 ----A---- C:\WINDOWS\system32\ntmssvc.dll 2010-06-21 19:27:05 ----A---- C:\WINDOWS\system32\odbc32.dll 2010-06-21 19:27:05 ----A---- C:\WINDOWS\system32\ocmanage.dll 2010-06-21 19:27:05 ----A---- C:\WINDOWS\system32\occache.dll 2010-06-21 19:27:05 ----A---- C:\WINDOWS\system32\objsel.dll 2010-06-21 19:27:04 ----A---- C:\WINDOWS\system32\odbcconf.dll 2010-06-21 19:27:04 ----A---- C:\WINDOWS\system32\odbcbcp.dll 2010-06-21 19:27:04 ----A---- C:\WINDOWS\system32\odbcad32.exe 2010-06-21 19:27:04 ----A---- C:\WINDOWS\system32\odbc32gt.dll 2010-06-21 19:27:03 ----A---- C:\WINDOWS\system32\odbcjt32.dll 2010-06-21 19:27:03 ----A---- C:\WINDOWS\system32\odbcji32.dll 2010-06-21 19:27:03 ----A---- C:\WINDOWS\system32\odbcint.dll 2010-06-21 19:27:03 ----A---- C:\WINDOWS\system32\odbccu32.dll 2010-06-21 19:27:03 ----A---- C:\WINDOWS\system32\odbccr32.dll 2010-06-21 19:27:03 ----A---- C:\WINDOWS\system32\odbccp32.dll 2010-06-21 19:27:03 ----A---- C:\WINDOWS\system32\odbcconf.exe 2010-06-21 19:27:02 ----A---- C:\WINDOWS\system32\odtext32.dll 2010-06-21 19:27:02 ----A---- C:\WINDOWS\system32\odpdx32.dll 2010-06-21 19:27:02 ----A---- C:\WINDOWS\system32\odfox32.dll 2010-06-21 19:27:02 ----A---- C:\WINDOWS\system32\odexl32.dll 2010-06-21 19:27:02 ----A---- C:\WINDOWS\system32\oddbse32.dll 2010-06-21 19:27:02 ----A---- C:\WINDOWS\system32\odbctrac.dll 2010-06-21 19:27:02 ----A---- C:\WINDOWS\system32\odbcp32r.dll 2010-06-21 19:27:01 ----A---- C:\WINDOWS\system32\ole32.dll 2010-06-21 19:27:01 ----A---- C:\WINDOWS\system32\offfilt.dll 2010-06-21 19:27:00 ----A---- C:\WINDOWS\system32\olepro32.dll 2010-06-21 19:27:00 ----A---- C:\WINDOWS\system32\oleprn.dll 2010-06-21 19:27:00 ----A---- C:\WINDOWS\system32\oledlg.dll 2010-06-21 19:27:00 ----A---- C:\WINDOWS\system32\olecli32.dll 2010-06-21 19:26:59 ----A---- C:\WINDOWS\system32\osuninst.dll 2010-06-21 19:26:59 ----A---- C:\WINDOWS\system32\osk.exe 2010-06-21 19:26:59 ----A---- C:\WINDOWS\system32\opengl32.dll 2010-06-21 19:26:58 ----A---- C:\WINDOWS\system32\perfos.dll 2010-06-21 19:26:58 ----A---- C:\WINDOWS\system32\perfnet.dll 2010-06-21 19:26:58 ----A---- C:\WINDOWS\system32\perfmon.exe 2010-06-21 19:26:58 ----A---- C:\WINDOWS\system32\perfdisk.dll 2010-06-21 19:26:58 ----A---- C:\WINDOWS\system32\pdh.dll 2010-06-21 19:26:58 ----A---- C:\WINDOWS\system32\pautoenr.dll 2010-06-21 19:26:58 ----A---- C:\WINDOWS\system32\packager.exe 2010-06-21 19:26:57 ----A---- C:\WINDOWS\system32\polstore.dll 2010-06-21 19:26:57 ----A---- C:\WINDOWS\system32\pngfilt.dll 2010-06-21 19:26:57 ----A---- C:\WINDOWS\system32\pjlmon.dll 2010-06-21 19:26:57 ----A---- C:\WINDOWS\system32\ping.exe 2010-06-21 19:26:57 ----A---- C:\WINDOWS\system32\pid.dll 2010-06-21 19:26:57 ----A---- C:\WINDOWS\system32\photowiz.dll 2010-06-21 19:26:57 ----A---- C:\WINDOWS\system32\perfproc.dll 2010-06-21 19:26:56 ----A---- C:\WINDOWS\system32\progman.exe 2010-06-21 19:26:56 ----A---- C:\WINDOWS\system32\profmap.dll 2010-06-21 19:26:56 ----A---- C:\WINDOWS\system32\powrprof.dll 2010-06-21 19:26:55 ----A---- C:\WINDOWS\system32\proquota.exe 2010-06-21 19:26:54 ----A---- C:\WINDOWS\system32\qasf.dll 2010-06-21 19:26:54 ----A---- C:\WINDOWS\system32\pstorsvc.dll 2010-06-21 19:26:54 ----A---- C:\WINDOWS\system32\pstorec.dll 2010-06-21 19:26:54 ----A---- C:\WINDOWS\system32\psbase.dll 2010-06-21 19:26:54 ----A---- C:\WINDOWS\system32\psapi.dll 2010-06-21 19:26:53 ----A---- C:\WINDOWS\system32\qcap.dll 2010-06-21 19:26:52 ----A---- C:\WINDOWS\system32\qdvd.dll 2010-06-21 19:26:52 ----A---- C:\WINDOWS\system32\qdv.dll 2010-06-21 19:26:51 ----A---- C:\WINDOWS\system32\qedit.dll 2010-06-21 19:26:50 ----A---- C:\WINDOWS\system32\qedwipes.dll 2010-06-21 19:26:49 ----A---- C:\WINDOWS\system32\quartz.dll 2010-06-21 19:26:49 ----A---- C:\WINDOWS\system32\qprocess.exe 2010-06-21 19:26:49 ----A---- C:\WINDOWS\system32\qmgrprxy.dll 2010-06-21 19:26:47 ----A---- C:\WINDOWS\system32\rasphone.exe 2010-06-21 19:26:47 ----A---- C:\WINDOWS\system32\rasmans.dll 2010-06-21 19:26:47 ----A---- C:\WINDOWS\system32\raschap.dll 2010-06-21 19:26:47 ----A---- C:\WINDOWS\system32\rasadhlp.dll 2010-06-21 19:26:47 ----A---- C:\WINDOWS\system32\racpldlg.dll 2010-06-21 19:26:47 ----A---- C:\WINDOWS\system32\query.dll 2010-06-21 19:26:46 ----A---- C:\WINDOWS\system32\rdchost.dll 2010-06-21 19:26:46 ----A---- C:\WINDOWS\system32\rcp.exe 2010-06-21 19:26:46 ----A---- C:\WINDOWS\system32\rcimlby.exe 2010-06-21 19:26:46 ----A---- C:\WINDOWS\system32\rcbdyctl.dll 2010-06-21 19:26:46 ----A---- C:\WINDOWS\system32\rastls.dll 2010-06-21 19:26:46 ----A---- C:\WINDOWS\system32\rassapi.dll 2010-06-21 19:26:46 ----A---- C:\WINDOWS\system32\rasppp.dll 2010-06-21 19:26:45 ----A---- C:\WINDOWS\system32\rdsaddin.exe 2010-06-21 19:26:45 ----A---- C:\WINDOWS\system32\rdpwsx.dll 2010-06-21 19:26:45 ----A---- C:\WINDOWS\system32\rdpsnd.dll 2010-06-21 19:26:45 ----A---- C:\WINDOWS\system32\rdpdd.dll 2010-06-21 19:26:45 ----A---- C:\WINDOWS\system32\rdpclip.exe 2010-06-21 19:26:44 ----A---- C:\WINDOWS\system32\regsvc.dll 2010-06-21 19:26:44 ----A---- C:\WINDOWS\system32\regapi.dll 2010-06-21 19:26:44 ----A---- C:\WINDOWS\system32\reg.exe 2010-06-21 19:26:44 ----A---- C:\WINDOWS\system32\redir.exe 2010-06-21 19:26:44 ----A---- C:\WINDOWS\system32\rdshost.exe 2010-06-21 19:26:43 ----A---- C:\WINDOWS\system32\rexec.exe 2010-06-21 19:26:43 ----A---- C:\WINDOWS\system32\resutils.dll 2010-06-21 19:26:43 ----A---- C:\WINDOWS\system32\remotepg.dll 2010-06-21 19:26:43 ----A---- C:\WINDOWS\system32\regwizc.dll 2010-06-21 19:26:43 ----A---- C:\WINDOWS\system32\regsvr32.exe 2010-06-21 19:26:42 ----A---- C:\WINDOWS\system32\rsvpsp.dll 2010-06-21 19:26:42 ----A---- C:\WINDOWS\system32\rsmps.dll 2010-06-21 19:26:42 ----A---- C:\WINDOWS\system32\rsh.exe 2010-06-21 19:26:42 ----A---- C:\WINDOWS\system32\rsaenh.dll 2010-06-21 19:26:42 ----A---- C:\WINDOWS\system32\rpcss.dll 2010-06-21 19:26:42 ----A---- C:\WINDOWS\system32\rpcrt4.dll 2010-06-21 19:26:42 ----A---- C:\WINDOWS\system32\riched20.dll 2010-06-21 19:26:41 ----A---- C:\WINDOWS\system32\rundll32.exe 2010-06-21 19:26:41 ----A---- C:\WINDOWS\system32\rtutils.dll 2010-06-21 19:26:41 ----A---- C:\WINDOWS\system32\rtipxmib.dll 2010-06-21 19:26:41 ----A---- C:\WINDOWS\system32\rtcshare.exe 2010-06-21 19:26:40 ----A---- C:\WINDOWS\system32\scecli.dll 2010-06-21 19:26:40 ----A---- C:\WINDOWS\system32\sccsccp.dll 2010-06-21 19:26:40 ----A---- C:\WINDOWS\system32\scarddlg.dll 2010-06-21 19:26:40 ----A---- C:\WINDOWS\system32\safrslv.dll 2010-06-21 19:26:40 ----A---- C:\WINDOWS\system32\safrdm.dll 2010-06-21 19:26:40 ----A---- C:\WINDOWS\system32\safrcdlg.dll 2010-06-21 19:26:40 ----A---- C:\WINDOWS\system32\runonce.exe 2010-06-21 19:26:39 ----A---- C:\WINDOWS\system32\schedsvc.dll 2010-06-21 19:26:39 ----A---- C:\WINDOWS\system32\scesrv.dll 2010-06-21 19:26:38 ----A---- C:\WINDOWS\system32\seclogon.dll 2010-06-21 19:26:38 ----A---- C:\WINDOWS\system32\sdbinst.exe 2010-06-21 19:26:38 ----A---- C:\WINDOWS\system32\scrrun.dll 2010-06-21 19:26:38 ----A---- C:\WINDOWS\system32\scrobj.dll 2010-06-21 19:26:38 ----A---- C:\WINDOWS\system32\sclgntfy.dll 2010-06-21 19:26:37 ----A---- C:\WINDOWS\system32\setup.exe 2010-06-21 19:26:37 ----A---- C:\WINDOWS\system32\sethc.exe 2010-06-21 19:26:37 ----A---- C:\WINDOWS\system32\servdeps.dll 2010-06-21 19:26:37 ----A---- C:\WINDOWS\system32\sensapi.dll 2010-06-21 19:26:37 ----A---- C:\WINDOWS\system32\sens.dll 2010-06-21 19:26:37 ----A---- C:\WINDOWS\system32\sendmail.dll 2010-06-21 19:26:37 ----A---- C:\WINDOWS\system32\sendcmsg.dll 2010-06-21 19:26:37 ----A---- C:\WINDOWS\system32\security.dll 2010-06-21 19:26:37 ----A---- C:\WINDOWS\system32\secur32.dll 2010-06-21 19:26:36 ----A---- C:\WINDOWS\system32\sfc_os.dll 2010-06-21 19:26:36 ----A---- C:\WINDOWS\system32\sfc.dll 2010-06-21 19:26:35 ----A---- C:\WINDOWS\system32\shdoclc.dll 2010-06-21 19:26:35 ----A---- C:\WINDOWS\system32\sfcfiles.dll 2010-06-21 19:26:34 ----A---- C:\WINDOWS\system32\shdocvw.dll 2010-06-21 19:26:31 ----A---- C:\WINDOWS\system32\shimgvw.dll 2010-06-21 19:26:31 ----A---- C:\WINDOWS\system32\shimeng.dll 2010-06-21 19:26:31 ----A---- C:\WINDOWS\system32\shgina.dll 2010-06-21 19:26:31 ----A---- C:\WINDOWS\system32\shfolder.dll 2010-06-21 19:26:31 ----A---- C:\WINDOWS\system32\shell32.dll 2010-06-21 19:26:30 ----A---- C:\WINDOWS\system32\shmgrate.exe 2010-06-21 19:26:30 ----A---- C:\WINDOWS\system32\shmedia.dll 2010-06-21 19:26:30 ----A---- C:\WINDOWS\system32\shlwapi.dll 2010-06-21 19:26:29 ----A---- C:\WINDOWS\system32\shsvcs.dll 2010-06-21 19:26:29 ----A---- C:\WINDOWS\system32\shscrap.dll 2010-06-21 19:26:29 ----A---- C:\WINDOWS\system32\shrpubw.exe 2010-06-21 19:26:28 ----A---- C:\WINDOWS\system32\sigverif.exe 2010-06-21 19:26:28 ----A---- C:\WINDOWS\system32\sigtab.dll 2010-06-21 19:26:28 ----A---- C:\WINDOWS\system32\shutdown.exe 2010-06-21 19:26:27 ----A---- C:\WINDOWS\system32\skeys.exe 2010-06-21 19:26:26 ----A---- C:\WINDOWS\system32\slbcsp.dll 2010-06-21 19:26:26 ----A---- C:\WINDOWS\system32\slayerxp.dll 2010-06-21 19:26:25 ----A---- C:\WINDOWS\system32\smlogcfg.dll 2010-06-21 19:26:25 ----A---- C:\WINDOWS\system32\slbiop.dll 2010-06-21 19:26:24 ----A---- C:\WINDOWS\system32\snmpsnap.dll 2010-06-21 19:26:24 ----A---- C:\WINDOWS\system32\snmpapi.dll 2010-06-21 19:26:24 ----A---- C:\WINDOWS\system32\sndrec32.exe 2010-06-21 19:26:24 ----A---- C:\WINDOWS\system32\smlogsvc.exe 2010-06-21 19:26:23 ----A---- C:\WINDOWS\system32\sort.exe 2010-06-21 19:26:22 ----A---- C:\WINDOWS\system32\spoolsv.exe 2010-06-21 19:26:22 ----A---- C:\WINDOWS\system32\spoolss.dll 2010-06-21 19:26:22 ----A---- C:\WINDOWS\system32\spider.exe 2010-06-21 19:26:21 ----A---- C:\WINDOWS\system32\srrstr.dll 2010-06-21 19:26:21 ----A---- C:\WINDOWS\system32\srclient.dll 2010-06-21 19:26:21 ----A---- C:\WINDOWS\system32\sqlunirl.dll 2010-06-21 19:26:21 ----A---- C:\WINDOWS\system32\sqlsrv32.dll 2010-06-21 19:26:20 ----A---- C:\WINDOWS\system32\ssdpsrv.dll 2010-06-21 19:26:20 ----A---- C:\WINDOWS\system32\ssdpapi.dll 2010-06-21 19:26:20 ----A---- C:\WINDOWS\system32\srsvc.dll 2010-06-21 19:26:18 ----A---- C:\WINDOWS\system32\stobject.dll 2010-06-21 19:26:18 ----A---- C:\WINDOWS\system32\stimon.exe 2010-06-21 19:26:18 ----A---- C:\WINDOWS\system32\sti_ci.dll 2010-06-21 19:26:18 ----A---- C:\WINDOWS\system32\sti.dll 2010-06-21 19:26:18 ----A---- C:\WINDOWS\system32\stclient.dll 2010-06-21 19:26:17 ----A---- C:\WINDOWS\system32\synceng.dll 2010-06-21 19:26:17 ----A---- C:\WINDOWS\system32\sxs.dll 2010-06-21 19:26:17 ----A---- C:\WINDOWS\system32\svchost.exe 2010-06-21 19:26:17 ----A---- C:\WINDOWS\system32\strmdll.dll 2010-06-21 19:26:17 ----A---- C:\WINDOWS\system32\storprop.dll 2010-06-21 19:26:16 ----A---- C:\WINDOWS\system32\t2embed.dll 2010-06-21 19:26:16 ----A---- C:\WINDOWS\system32\sysocmgr.exe 2010-06-21 19:26:16 ----A---- C:\WINDOWS\system32\syncui.dll 2010-06-21 19:26:15 ----A---- C:\WINDOWS\system32\tapi3.dll 2010-06-21 19:26:14 ----A---- C:\WINDOWS\system32\tcpmon.ini 2010-06-21 19:26:14 ----A---- C:\WINDOWS\system32\tcpmon.dll 2010-06-21 19:26:14 ----A---- C:\WINDOWS\system32\tcpmib.dll 2010-06-21 19:26:14 ----A---- C:\WINDOWS\system32\taskmgr.exe 2010-06-21 19:26:14 ----A---- C:\WINDOWS\system32\tapisrv.dll 2010-06-21 19:26:14 ----A---- C:\WINDOWS\system32\tapi32.dll 2010-06-21 19:26:13 ----A---- C:\WINDOWS\system32\tourstart.exe 2010-06-21 19:26:13 ----A---- C:\WINDOWS\system32\themeui.dll 2010-06-21 19:26:13 ----A---- C:\WINDOWS\system32\termsrv.dll 2010-06-21 19:26:13 ----A---- C:\WINDOWS\system32\termmgr.dll 2010-06-21 19:26:13 ----A---- C:\WINDOWS\system32\telnet.exe 2010-06-21 19:26:12 ----A---- C:\WINDOWS\system32\udhisapi.dll 2010-06-21 19:26:12 ----A---- C:\WINDOWS\system32\txflog.dll 2010-06-21 19:26:12 ----A---- C:\WINDOWS\system32\tsddd.dll 2010-06-21 19:26:12 ----A---- C:\WINDOWS\system32\tscfgwmi.dll 2010-06-21 19:26:12 ----A---- C:\WINDOWS\system32\trkwks.dll 2010-06-21 19:26:12 ----A---- C:\WINDOWS\system32\tree.com 2010-06-21 19:26:12 ----A---- C:\WINDOWS\system32\tracert.exe 2010-06-21 19:26:11 ----A---- C:\WINDOWS\system32\unimdmat.dll 2010-06-21 19:26:11 ----A---- C:\WINDOWS\system32\umpnpmgr.dll 2010-06-21 19:26:11 ----A---- C:\WINDOWS\system32\umandlg.dll 2010-06-21 19:26:10 ----A---- C:\WINDOWS\system32\upnpui.dll 2010-06-21 19:26:10 ----A---- C:\WINDOWS\system32\upnphost.dll 2010-06-21 19:26:10 ----A---- C:\WINDOWS\system32\upnpcont.exe 2010-06-21 19:26:10 ----A---- C:\WINDOWS\system32\upnp.dll 2010-06-21 19:26:10 ----A---- C:\WINDOWS\system32\uniplat.dll 2010-06-21 19:26:09 ----A---- C:\WINDOWS\system32\usbui.dll 2010-06-21 19:26:09 ----A---- C:\WINDOWS\system32\usbmon.dll 2010-06-21 19:26:09 ----A---- C:\WINDOWS\system32\urlmon.dll 2010-06-21 19:26:09 ----A---- C:\WINDOWS\system32\url.dll 2010-06-21 19:26:09 ----A---- C:\WINDOWS\system32\ups.exe 2010-06-21 19:26:08 ----A---- C:\WINDOWS\system32\user32.dll 2010-06-21 19:26:07 ----A---- C:\WINDOWS\system32\vbajet32.dll 2010-06-21 19:26:07 ----A---- C:\WINDOWS\system32\uxtheme.dll 2010-06-21 19:26:07 ----A---- C:\WINDOWS\system32\utilman.exe 2010-06-21 19:26:07 ----A---- C:\WINDOWS\system32\usp10.dll 2010-06-21 19:26:07 ----A---- C:\WINDOWS\system32\userenv.dll 2010-06-21 19:26:06 ----A---- C:\WINDOWS\system32\verifier.dll 2010-06-21 19:26:06 ----A---- C:\WINDOWS\system32\vdmredir.dll 2010-06-21 19:26:06 ----A---- C:\WINDOWS\system32\vdmdbg.dll 2010-06-21 19:26:06 ----A---- C:\WINDOWS\system32\vbscript.dll 2010-06-21 19:26:05 ----A---- C:\WINDOWS\system32\vssapi.dll 2010-06-21 19:26:05 ----A---- C:\WINDOWS\system32\version.dll 2010-06-21 19:26:04 ----A---- C:\WINDOWS\system32\wavemsp.dll 2010-06-21 19:26:04 ----A---- C:\WINDOWS\system32\w32time.dll 2010-06-21 19:26:04 ----A---- C:\WINDOWS\system32\vssvc.exe 2010-06-21 19:26:03 ----A---- C:\WINDOWS\system32\webcheck.dll 2010-06-21 19:26:03 ----A---- C:\WINDOWS\system32\wdigest.dll 2010-06-21 19:26:02 ----A---- C:\WINDOWS\system32\webvw.dll 2010-06-21 19:26:02 ----A---- C:\WINDOWS\system32\webclnt.dll 2010-06-21 19:26:01 ----A---- C:\WINDOWS\system32\wiadefui.dll 2010-06-21 19:26:01 ----A---- C:\WINDOWS\system32\wiaacmgr.exe 2010-06-21 19:26:01 ----A---- C:\WINDOWS\system32\wextract.exe 2010-06-21 19:26:00 ----A---- C:\WINDOWS\system32\wiashext.dll 2010-06-21 19:26:00 ----A---- C:\WINDOWS\system32\wiaservc.dll 2010-06-21 19:26:00 ----A---- C:\WINDOWS\system32\wiascr.dll 2010-06-21 19:26:00 ----A---- C:\WINDOWS\system32\wiadss.dll 2010-06-21 19:25:59 ----A---- C:\WINDOWS\system32\wininet.dll 2010-06-21 19:25:59 ----A---- C:\WINDOWS\system32\wiavideo.dll 2010-06-21 19:25:58 ----A---- C:\WINDOWS\system32\winmm.dll 2010-06-21 19:25:58 ----A---- C:\WINDOWS\system32\winlogon.exe 2010-06-21 19:25:58 ----A---- C:\WINDOWS\system32\winipsec.dll 2010-06-21 19:25:57 ----A---- C:\WINDOWS\system32\winntbbu.dll 2010-06-21 19:25:56 ----A---- C:\WINDOWS\system32\winsta.dll 2010-06-21 19:25:56 ----A---- C:\WINDOWS\system32\winsrv.dll 2010-06-21 19:25:56 ----A---- C:\WINDOWS\system32\winscard.dll 2010-06-21 19:25:56 ----A---- C:\WINDOWS\system32\winrnr.dll 2010-06-21 19:25:55 ----A---- C:\WINDOWS\system32\winver.exe 2010-06-21 19:25:55 ----A---- C:\WINDOWS\system32\wintrust.dll 2010-06-21 19:25:54 ----A---- C:\WINDOWS\system32\wmadmod.dll 2010-06-21 19:25:54 ----A---- C:\WINDOWS\system32\wlnotify.dll 2010-06-21 19:25:54 ----A---- C:\WINDOWS\system32\wldap32.dll 2010-06-21 19:25:53 ----A---- C:\WINDOWS\system32\wmadmoe.dll 2010-06-21 19:25:52 ----A---- C:\WINDOWS\system32\wmasf.dll 2010-06-21 19:25:51 ----A---- C:\WINDOWS\system32\WMNetmgr.dll 2010-06-21 19:25:51 ----A---- C:\WINDOWS\system32\wmi.dll 2010-06-21 19:25:51 ----A---- C:\WINDOWS\system32\wmdmps.dll 2010-06-21 19:25:51 ----A---- C:\WINDOWS\system32\wmdmlog.dll 2010-06-21 19:25:50 ----A---- C:\WINDOWS\system32\wmpcore.dll 2010-06-21 19:25:50 ----A---- C:\WINDOWS\system32\wmpcd.dll 2010-06-21 19:25:49 ----A---- C:\WINDOWS\system32\wmploc.dll 2010-06-21 19:25:47 ----A---- C:\WINDOWS\system32\wmpui.dll 2010-06-21 19:25:47 ----A---- C:\WINDOWS\system32\wmpshell.dll 2010-06-21 19:25:45 ----A---- C:\WINDOWS\system32\wmsdmod.dll 2010-06-21 19:25:44 ----A---- C:\WINDOWS\system32\wmstream.dll 2010-06-21 19:25:44 ----A---- C:\WINDOWS\system32\wmsdmoe.dll 2010-06-21 19:25:43 ----A---- C:\WINDOWS\system32\WMVCore.dll 2010-06-21 19:25:41 ----A---- C:\WINDOWS\system32\wmvdmod.dll 2010-06-21 19:25:40 ----A---- C:\WINDOWS\system32\wpabaln.exe 2010-06-21 19:25:40 ----A---- C:\WINDOWS\system32\wow32.dll 2010-06-21 19:25:39 ----A---- C:\WINDOWS\system32\wshcon.dll 2010-06-21 19:25:39 ----A---- C:\WINDOWS\system32\wscript.exe 2010-06-21 19:25:39 ----A---- C:\WINDOWS\system32\ws2help.dll 2010-06-21 19:25:39 ----A---- C:\WINDOWS\system32\ws2_32.dll 2010-06-21 19:25:39 ----A---- C:\WINDOWS\system32\wpnpinst.exe 2010-06-21 19:25:38 ----A---- C:\WINDOWS\system32\wshrm.dll 2010-06-21 19:25:38 ----A---- C:\WINDOWS\system32\wshirda.dll 2010-06-21 19:25:38 ----A---- C:\WINDOWS\system32\wship6.dll 2010-06-21 19:25:38 ----A---- C:\WINDOWS\system32\wshext.dll 2010-06-21 19:25:37 ----A---- C:\WINDOWS\system32\wsock32.dll 2010-06-21 19:25:37 ----A---- C:\WINDOWS\system32\wsnmp32.dll 2010-06-21 19:25:37 ----A---- C:\WINDOWS\system32\wshtcpip.dll 2010-06-21 19:25:36 ----A---- C:\WINDOWS\system32\xcopy.exe 2010-06-21 19:25:36 ----A---- C:\WINDOWS\system32\xactsrv.dll 2010-06-21 19:25:36 ----A---- C:\WINDOWS\system32\wzcsvc.dll 2010-06-21 19:25:36 ----A---- C:\WINDOWS\system32\wzcsapi.dll 2010-06-21 19:25:36 ----A---- C:\WINDOWS\system32\wzcdlg.dll 2010-06-21 19:25:36 ----A---- C:\WINDOWS\system32\wtsapi32.dll 2010-06-21 19:25:36 ----A---- C:\WINDOWS\system32\wstdecod.dll 2010-06-21 19:25:35 ----A---- C:\WINDOWS\system32\zipfldr.dll 2010-06-21 19:25:35 ----A---- C:\WINDOWS\system32\xolehlp.dll 2010-06-21 19:25:35 ----A---- C:\WINDOWS\system32\xenroll.dll 2010-06-21 19:25:25 ----A---- C:\WINDOWS\system32\advapi32.dll 2010-06-21 19:25:24 ----A---- C:\WINDOWS\system32\autoconv.exe 2010-06-21 19:25:24 ----A---- C:\WINDOWS\system32\autochk.exe 2010-06-21 19:25:23 ----A---- C:\WINDOWS\system32\comctl32.dll 2010-06-21 19:25:23 ----A---- C:\WINDOWS\system32\cmd.exe 2010-06-21 19:25:23 ----A---- C:\WINDOWS\system32\cacls.exe 2010-06-21 19:25:22 ----A---- C:\WINDOWS\system32\format.com 2010-06-21 19:25:22 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll 2010-06-21 19:25:22 ----A---- C:\WINDOWS\system32\csrsrv.dll 2010-06-21 19:25:22 ----A---- C:\WINDOWS\system32\comdlg32.dll 2010-06-21 19:25:21 ----A---- C:\WINDOWS\system32\imagehlp.dll 2010-06-21 19:25:21 ----A---- C:\WINDOWS\system32\ftp.exe 2010-06-21 19:25:20 ----A---- C:\WINDOWS\system32\locator.exe 2010-06-21 19:25:20 ----A---- C:\WINDOWS\system32\localspl.dll 2010-06-21 19:25:20 ----A---- C:\WINDOWS\system32\lmhsvc.dll 2010-06-21 19:25:20 ----A---- C:\WINDOWS\system32\kernel32.dll 2010-06-21 19:25:19 ----A---- C:\WINDOWS\system32\lsasrv.dll 2010-06-21 19:25:18 ----A---- C:\WINDOWS\system32\msv1_0.dll 2010-06-21 19:25:18 ----A---- C:\WINDOWS\system32\msgsvc.dll 2010-06-21 19:25:18 ----A---- C:\WINDOWS\system32\mgmtapi.dll 2010-06-21 19:25:17 ----A---- C:\WINDOWS\system32\ntprint.dll 2010-06-21 19:25:17 ----A---- C:\WINDOWS\system32\ntlsapi.dll 2010-06-21 19:25:17 ----A---- C:\WINDOWS\system32\ntdll.dll 2010-06-21 19:25:17 ----A---- C:\WINDOWS\system32\nslookup.exe 2010-06-21 19:25:16 ----A---- C:\WINDOWS\system32\nwprovau.dll 2010-06-21 19:25:16 ----A---- C:\WINDOWS\system32\ntvdm.exe 2010-06-21 19:25:15 ----A---- C:\WINDOWS\system32\oleaut32.dll 2010-06-21 19:25:14 ----A---- C:\WINDOWS\system32\olecnv32.dll 2010-06-21 19:25:13 ----A---- C:\WINDOWS\system32\perfctrs.dll 2010-06-21 19:25:12 ----A---- C:\WINDOWS\system32\rasauto.dll 2010-06-21 19:25:12 ----A---- C:\WINDOWS\system32\rasapi32.dll 2010-06-21 19:25:12 ----A---- C:\WINDOWS\system32\printui.dll 2010-06-21 19:25:11 ----A---- C:\WINDOWS\system32\samsrv.dll 2010-06-21 19:25:11 ----A---- C:\WINDOWS\system32\samlib.dll 2010-06-21 19:25:11 ----A---- C:\WINDOWS\system32\rshx32.dll 2010-06-21 19:25:11 ----A---- C:\WINDOWS\system32\rastapi.dll 2010-06-21 19:25:11 ----A---- C:\WINDOWS\system32\rasman.dll 2010-06-21 19:25:11 ----A---- C:\WINDOWS\system32\rasdlg.dll 2010-06-21 19:25:10 ----A---- C:\WINDOWS\system32\services.exe 2010-06-21 19:25:10 ----A---- C:\WINDOWS\system32\schannel.dll 2010-06-21 19:25:10 ----A---- C:\WINDOWS\system32\scardsvr.exe 2010-06-21 19:25:10 ----A---- C:\WINDOWS\system32\savedump.exe 2010-06-21 19:25:09 ----A---- C:\WINDOWS\system32\sessmgr.exe 2010-06-21 19:25:08 ----A---- C:\WINDOWS\system32\smss.exe 2010-06-21 19:25:08 ----A---- C:\WINDOWS\system32\setupapi.dll 2010-06-21 19:25:07 ----A---- C:\WINDOWS\system32\srvsvc.dll 2010-06-21 19:25:06 ----A---- C:\WINDOWS\system32\userinit.exe 2010-06-21 19:25:06 ----A---- C:\WINDOWS\system32\untfs.dll 2010-06-21 19:25:06 ----A---- C:\WINDOWS\system32\ulib.dll 2010-06-21 19:25:06 ----A---- C:\WINDOWS\system32\tcpmonui.dll 2010-06-21 19:25:06 ----A---- C:\WINDOWS\system32\syssetup.dll 2010-06-21 19:25:04 ----A---- C:\WINDOWS\system32\wkssvc.dll 2010-06-21 19:25:04 ----A---- C:\WINDOWS\system32\win32spl.dll 2010-06-21 19:24:38 ----A---- C:\ntdetect.com 2010-06-21 19:24:37 ----A---- C:\WINDOWS\system32\HAL.DLL 2010-06-21 19:24:35 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe 2010-06-21 19:24:33 ----A---- C:\WINDOWS\system32\ntoskrnl.exe 2010-06-21 19:00:24 ----D---- C:\000e55a71bd05f0e73 2010-06-21 18:17:16 ----D---- C:\WINDOWS\ServicePackFiles 2010-06-21 18:17:15 ----D---- C:\WINDOWS\ehome 2010-06-21 18:17:06 ----N---- C:\WINDOWS\system32\wmvcore2.dll 2010-06-21 18:15:20 ----A---- C:\WINDOWS\system32\dbmsadsn.dll 2010-06-21 18:15:19 ----A---- C:\WINDOWS\system32\dbmsvinn.dll 2010-06-21 18:14:50 ----A---- C:\WINDOWS\system32\mindex.dll 2010-06-21 18:14:33 ----A---- C:\WINDOWS\system32\msisam11.dll 2010-06-21 18:14:23 ----A---- C:\WINDOWS\system32\msuni11.dll 2010-06-21 18:13:48 ----A---- C:\WINDOWS\system32\sccbase.dll 2010-06-21 18:13:18 ----A---- C:\WINDOWS\system32\tscupgrd.exe 2010-06-21 18:13:00 ----A---- C:\WINDOWS\system32\wmpstub.exe 2010-06-21 18:12:57 ----A---- C:\WINDOWS\system32\wmv8dmod.dll 2010-06-21 18:12:54 ----A---- C:\WINDOWS\system32\wmvdmoe.dll 2010-06-21 18:10:14 ----A---- C:\WINDOWS\001118_.tmp 2010-06-21 18:07:56 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$ 2010-06-20 22:23:52 ----D---- C:\Documents and Settings\user\Dane aplikacji\Macromedia 2010-06-20 22:14:31 ----D---- C:\Documents and Settings\user\Dane aplikacji\Opera 2010-06-20 22:14:16 ----D---- C:\Program Files\Opera 2010-06-20 22:02:45 ----D---- C:\WINDOWS\system32\bits 2010-06-20 22:02:35 ----HDC---- C:\WINDOWS\$NtUninstallKB842773$ 2010-06-20 21:59:39 ----A---- C:\WINDOWS\system32\wups2.dll 2010-06-20 21:59:39 ----A---- C:\WINDOWS\system32\wups.dll 2010-06-20 21:59:39 ----A---- C:\WINDOWS\system32\wucltui.dll.mui 2010-06-20 21:59:39 ----A---- C:\WINDOWS\system32\wucltui.dll 2010-06-20 21:59:38 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui 2010-06-20 21:59:37 ----A---- C:\WINDOWS\system32\wuapi.dll.mui 2010-06-20 21:59:37 ----A---- C:\WINDOWS\system32\wuapi.dll 2010-06-20 21:57:54 ----D---- C:\WINDOWS\SoftwareDistribution 2010-06-20 20:07:12 ----A---- C:\WINDOWS\WINCMD.INI 2010-06-20 20:03:46 ----SHD---- C:\RECYCLER 2010-06-20 17:04:55 ----ASH---- C:\Documents and Settings\user\Dane aplikacji\desktop.ini 2010-06-20 17:04:53 ----D---- C:\Documents and Settings\user\Dane aplikacji\InterTrust 2010-06-20 17:04:53 ----D---- C:\Documents and Settings\user\Dane aplikacji\Identities 2010-06-20 17:04:53 ----D---- C:\Documents and Settings\user\Dane aplikacji\Adobe 2010-06-20 17:04:52 ----SD---- C:\Documents and Settings\user\Dane aplikacji\Microsoft 2010-06-20 17:04:52 ----D---- C:\Documents and Settings\user\Dane aplikacji\Symantec 2010-06-19 22:26:43 ----D---- C:\WINDOWS\system32\dla 2010-06-19 22:26:43 ----A---- C:\WINDOWS\wininit.ini 2010-06-19 22:26:43 ----A---- C:\WINDOWS\system32\tfswapi.dll 2010-06-19 22:26:43 ----A---- C:\WINDOWS\dla.exe 2010-06-19 22:26:42 ----D---- C:\Program Files\HP DLA 2010-06-19 22:26:32 ----D---- C:\Program Files\HP RecordNow 2010-06-19 22:26:06 ----D---- C:\Program Files\InterVideo ======List of files/folders modified in the last 3 months====== 2010-07-04 12:58:39 ----D---- C:\WINDOWS\Temp 2010-07-04 12:58:27 ----RD---- C:\Program Files 2010-07-04 12:44:59 ----HD---- C:\WINDOWS\inf 2010-07-04 12:37:37 ----D---- C:\WINDOWS 2010-07-04 12:37:35 ----D---- C:\WINDOWS\system32\CatRoot2 2010-07-04 12:29:42 ----AD---- C:\WINDOWS\system32 2010-07-04 12:28:06 ----RSHD---- C:\WINDOWS\system32\dllcache 2010-07-04 12:28:06 ----D---- C:\Program Files\Outlook Express 2010-07-04 11:09:08 ----SHD---- C:\WINDOWS\Installer 2010-07-04 10:31:21 ----RSD---- C:\WINDOWS\Fonts 2010-07-04 10:29:10 ----D---- C:\Program Files\Common Files\Microsoft Shared 2010-07-04 10:24:24 ----D---- C:\WINDOWS\WinSxS 2010-07-04 10:06:37 ----A---- C:\WINDOWS\imsins.BAK 2010-07-04 10:00:54 ----D---- C:\WINDOWS\system32\drivers 2010-07-03 22:44:04 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-06-25 20:33:49 ----D---- C:\WINDOWS\AppPatch 2010-06-23 14:06:37 ----D---- C:\Program Files\Hewlett-Packard 2010-06-23 08:09:20 ----D---- C:\Program Files\Common Files\Adobe 2010-06-22 20:29:56 ----D---- C:\Program Files\Common Files 2010-06-22 20:27:34 ----SD---- C:\WINDOWS\Tasks 2010-06-22 20:12:54 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Symantec 2010-06-22 07:29:22 ----D---- C:\WINDOWS\Debug 2010-06-21 23:11:23 ----D---- C:\WINDOWS\system32\config 2010-06-21 23:04:59 ----SD---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft 2010-06-21 23:04:59 ----D---- C:\WINDOWS\PCHEALTH 2010-06-21 22:32:45 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-06-21 22:29:43 ----A---- C:\WINDOWS\OEWABLog.txt 2010-06-21 22:28:30 ----A---- C:\WINDOWS\win.ini 2010-06-21 22:28:29 ----D---- C:\Program Files\Windows Media Player 2010-06-21 22:28:05 ----D---- C:\WINDOWS\system32\inetsrv 2010-06-21 22:26:43 ----A---- C:\WINDOWS\setuplog.txt 2010-06-21 22:26:35 ----D---- C:\WINDOWS\system32\wbem 2010-06-21 22:25:39 ----SHD---- C:\System Volume Information 2010-06-21 22:25:31 ----D---- C:\WINDOWS\system32\Setup 2010-06-21 22:25:31 ----D---- C:\Program Files\Messenger 2010-06-21 22:22:57 ----D---- C:\WINDOWS\system32\CatRoot 2010-06-21 22:22:42 ----D---- C:\WINDOWS\security 2010-06-21 22:17:55 ----RASH---- C:\boot.ini 2010-06-21 22:10:56 ----D---- C:\WINDOWS\Help 2010-06-21 22:10:23 ----D---- C:\WINDOWS\ime 2010-06-21 22:09:49 ----D---- C:\WINDOWS\system32\usmt 2010-06-21 22:09:49 ----D---- C:\WINDOWS\system32\oobe 2010-06-21 22:09:46 ----D---- C:\Program Files\Movie Maker 2010-06-21 22:09:46 ----D---- C:\Program Files\Internet Explorer 2010-06-21 22:09:42 ----D---- C:\WINDOWS\Media 2010-06-21 22:02:57 ----D---- C:\WINDOWS\system32\Restore 2010-06-21 22:02:56 ----D---- C:\WINDOWS\system32\npp 2010-06-21 22:02:54 ----D---- C:\WINDOWS\msagent 2010-06-21 22:02:50 ----D---- C:\WINDOWS\srchasst 2010-06-21 22:02:48 ----D---- C:\Program Files\NetMeeting 2010-06-21 22:02:45 ----D---- C:\WINDOWS\system32\Com 2010-06-21 22:02:40 ----D---- C:\Program Files\Windows NT 2010-06-21 22:02:31 ----D---- C:\Program Files\Common Files\System 2010-06-21 22:01:49 ----D---- C:\WINDOWS\system 2010-06-21 21:58:08 ----RD---- C:\WINDOWS\Web 2010-06-21 21:54:35 ----D---- C:\WINDOWS\system32\ReinstallBackups 2010-06-20 21:59:42 ----HD---- C:\Program Files\WindowsUpdate 2010-06-20 21:57:54 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-06-20 17:04:51 ----D---- C:\Documents and Settings 2010-06-19 22:26:06 ----HD---- C:\Program Files\InstallShield Installation Information 2010-06-19 22:22:21 ----D---- C:\WINDOWS\Registration 2010-06-19 22:18:29 ----A---- C:\WINDOWS\system.ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2002-01-28 5589] R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2002-01-28 22963] R1 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-30 12032] R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2002-02-12 40096] R2 HPGate;HPGate; C:\WINDOWS\System32\Drivers\HPGate.sys [2002-04-19 6848] R2 irda;Protokół IrDA; C:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-14 88192] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2001-10-22 9855] R2 StreamDispatcher;StreamDispatcher; C:\WINDOWS\System32\DRIVERS\strmdisp.sys [2002-03-27 34224] R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2002-03-14 23607] R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2002-03-14 34743] R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2002-03-14 4119] R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2002-03-14 2203] R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2002-03-14 52758] R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2002-03-14 13847] R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2002-03-14 6327] R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2002-03-14 88758] R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2002-03-14 94679] R3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-14 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2002-04-22 426624] R3 CALIAUD;HP ALI 3D Environmental Audio; C:\WINDOWS\system32\drivers\caliaud.sys [2002-04-12 321504] R3 CALIHALA;CALIHALA; C:\WINDOWS\system32\drivers\calihal.sys [2002-04-12 225504] R3 CmBatt;Sterownik baterii Microsoft o metodzie kontroli ACPI; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-14 13952] R3 DP83815;National Semiconductor Corp. DP83815 NDIS 5.0 Miniport Driver; C:\WINDOWS\System32\DRIVERS\DP83815.SYS [2002-05-20 16064] R3 HPCI;HP Configuration Interface; C:\WINDOWS\System32\DRIVERS\hpci.sys [2002-01-30 14472] R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2002-03-27 1171616] R3 HSFHWALI;HSFHWALI; C:\WINDOWS\System32\DRIVERS\HSFHWALI.sys [2002-03-27 153380] R3 KBFiltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\KBFiltr.sys [2002-04-01 14643] R3 MODEMCSA;Urządzenie filtru strumieniowego usługi Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128] R3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-14 61824] R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\System32\DRIVERS\SynTP.sys [2002-04-12 252880] R3 usbhub;Koncentrator z obsługą USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520] R3 usbohci;Sterownik Miniport otwartego kontrolera hosta USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-14 17152] R3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2002-03-27 594960] S3 ALiIRDA;ALi Infrared Device Driver; C:\WINDOWS\System32\DRIVERS\aliirda.sys [2001-12-17 26112] S3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368] S3 LEX_NIC_SERVICE;IEEE 802.11 Wireless NIC Win2000 Driver; C:\WINDOWS\System32\DRIVERS\Express.sys [2002-01-18 57344] S3 mouhid;Sterownik myszy HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-26 12160] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2002-04-22 118784] R2 Browser Defender Update Service;Browser Defender Update Service; C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe [2010-06-18 198608] R2 HPConfig;HP Configuration Interface Service; C:\WINDOWS\system32\HPConfig.exe [2002-03-14 151552] R2 Irmon;Monitor podczerwieni; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\PC Tools Security\pctsAuxs.exe [2010-03-11 366840] R2 sdCoreService;PC Tools Security Service; C:\Program Files\PC Tools Security\pctsSvc.exe [2010-03-15 1142224] R3 RadioSvr;RadioSvr; C:\WINDOWS\system32\RadioSvr.exe [2002-03-25 122880] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe /svc [] S2 HpRfDev;HP RF Device Service; C:\WINDOWS\system32\HpRfDev.exe [2002-01-18 69632] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] -----------------EOF----------------- [/log] Co mam teraz zrobić?
Tomek01 komentarz 4 lipca 2010 komentarz 4 lipca 2010 (edytowane) A po co Ci kolejny log z OTL ? Przecież tu wszystko pięknie widać a nowy będzie się różnić tylko jednym szczegółem.
gosia1995 komentarz 4 lipca 2010 Autor komentarz 4 lipca 2010 oto on [log]OTL logfile created on: 2010-07-04 19:16:04 - Run 2 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\user\Moje dokumenty Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 254,00 Mb Total Physical Memory | 35,00 Mb Available Physical Memory | 14,00% Memory free 657,00 Mb Paging File | 71,00 Mb Available in Paging File | 11,00% Paging File free Paging file location(s): C:\pagefile.sys 384 768 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 27,92 Gb Total Space | 17,51 Gb Free Space | 62,70% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: HEWLETT-DUT2OTV Current User Name: user Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-07-03 14:29:44 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\OTL.exe PRC - [2010-06-26 10:49:39 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-06-26 10:49:39 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010-06-18 17:00:10 | 000,198,608 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe PRC - [2010-05-11 11:51:52 | 001,287,120 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsTray.exe PRC - [2010-03-15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsSvc.exe PRC - [2010-03-11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsAuxs.exe PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-04-14 22:51:32 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2002-04-22 22:00:16 | 000,282,624 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\system32\atiptaxx.exe PRC - [2002-04-22 20:13:58 | 000,118,784 | ---- | M] () -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2002-04-20 13:56:36 | 000,077,824 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Hewlett-Packard\One-Touch\ONETOUCH.EXE PRC - [2002-04-12 13:54:22 | 000,126,976 | R--- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe PRC - [2002-04-12 13:53:14 | 000,536,576 | R--- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2002-03-27 12:18:44 | 000,004,608 | ---- | M] (Conexant Systems) -- C:\WINDOWS\system32\carpserv.exe PRC - [2002-03-25 18:38:38 | 000,122,880 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\RadioSvr.exe PRC - [2002-03-14 13:12:46 | 000,151,552 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\HPConfig.exe PRC - [2002-03-14 03:25:00 | 000,102,455 | ---- | M] (VERITAS Software, Inc.) -- C:\WINDOWS\system32\dla\tfswctrl.exe PRC - [2002-03-07 18:57:50 | 000,061,440 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-07-03 14:29:44 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\OTL.exe MOD - [2010-02-26 07:16:18 | 000,154,160 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\smum32.dll MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-04-15 16:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-06-17 21:03:15 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008-04-14 22:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2002-04-12 13:54:00 | 000,065,536 | R--- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- -- (gupdate) Usługa Google Update (gupdate) SRV - [2010-06-18 17:00:10 | 000,198,608 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service) SRV - [2010-03-15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Security\pctsSvc.exe -- (sdCoreService) SRV - [2010-03-11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Security\pctsAuxs.exe -- (sdAuxService) SRV - [2002-03-25 18:38:38 | 000,122,880 | ---- | M] (Hewlett-Packard) [On_Demand | Running] -- C:\WINDOWS\system32\RadioSvr.exe -- (RadioSvr) SRV - [2002-03-14 13:12:46 | 000,151,552 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPConfig.exe -- (HPConfig) SRV - [2002-01-18 18:33:40 | 000,069,632 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\WINDOWS\system32\HpRfDev.exe -- (HpRfDev) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-03-29 10:06:14 | 000,218,592 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore) DRV - [2002-05-20 10:51:26 | 000,016,064 | ---- | M] (National Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DP83815.sys -- (DP83815) DRV - [2002-04-22 21:20:22 | 000,426,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2002-04-19 10:36:54 | 000,006,848 | ---- | M] (Hewlett-Packard Co.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Hpgate.sys -- (HPGate) DRV - [2002-04-12 17:38:08 | 000,225,504 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\calihal.sys -- (CALIHALA) DRV - [2002-04-12 17:33:28 | 000,321,504 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\caliaud.sys -- (CALIAUD) DRV - [2002-04-12 13:42:04 | 000,252,880 | R--- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2002-04-01 17:05:08 | 000,014,643 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KBFILTR.SYS -- (KBFiltr) DRV - [2002-03-27 12:18:52 | 000,034,224 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\strmdisp.sys -- (StreamDispatcher) DRV - [2002-03-27 12:17:26 | 000,153,380 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWALI.sys -- (HSFHWALI) DRV - [2002-03-27 12:16:14 | 001,171,616 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP) DRV - [2002-03-27 12:10:00 | 000,594,960 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2002-03-14 03:25:00 | 000,094,679 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa) DRV - [2002-03-14 03:25:00 | 000,088,758 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf) DRV - [2002-03-14 03:25:00 | 000,052,758 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs) DRV - [2002-03-14 03:25:00 | 000,034,743 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs) DRV - [2002-03-14 03:25:00 | 000,023,607 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio) DRV - [2002-03-14 03:25:00 | 000,013,847 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio) DRV - [2002-03-14 03:25:00 | 000,006,327 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool) DRV - [2002-03-14 03:25:00 | 000,004,119 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct) DRV - [2002-03-14 03:25:00 | 000,002,203 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres) DRV - [2002-02-15 03:21:00 | 000,078,048 | ---- | M] (VERITAS Software, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb) DRV - [2002-02-12 02:56:00 | 000,040,096 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm) DRV - [2002-01-30 13:33:42 | 000,014,472 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hpci.sys -- (HPCI) DRV - [2002-01-28 17:04:04 | 000,005,589 | ---- | M] (VERITAS Software, Inc.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5) DRV - [2002-01-28 17:03:18 | 000,022,963 | ---- | M] (VERITAS Software, Inc.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln) DRV - [2002-01-18 12:00:00 | 000,057,344 | ---- | M] (LAN-Express) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Express.sys -- (LEX_NIC_SERVICE) DRV - [2001-12-17 23:54:32 | 000,026,112 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aliirda.sys -- (ALiIRDA) DRV - [2001-10-30 04:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde) DRV - [2001-08-31 17:49:18 | 000,030,733 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ALiAGP.sys -- (ALiAGP) DRV - [2001-08-17 21:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com/info/homepage-o IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com/info/homepage-o IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com/info/homepage-o IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com/info/homepage-o IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) IE - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:2.0.1 FF - HKLM\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\ [2010-06-22 15:54:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-07-03 22:27:49 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-07-03 22:13:21 | 000,000,000 | ---D | M] [2010-07-03 22:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Extensions [2010-07-03 22:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\u1b59a8k.default\extensions [2010-07-03 22:13:25 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-06-26 09:59:22 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-06-26 09:59:22 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-06-26 09:59:22 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-06-26 09:59:22 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-06-26 09:59:22 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-06-26 09:59:22 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2001-10-30 04:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx () O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O3 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.) O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.) O4 - HKLM..\Run: [CARPService] C:\WINDOWS\System32\carpserv.exe (Conexant Systems) O4 - HKLM..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe (Hewlett-Packard) O4 - HKLM..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe (Hewlett-Packard) O4 - HKLM..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe (Hewlett-Packard) O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsTray.exe (PC Tools) O4 - HKLM..\Run: [QT4HPOT] C:\Program Files\Hewlett-Packard\One-Touch\ONETOUCH.EXE (Dritek System Inc.) O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) O4 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005..\Run: [EXPLORER.EXE] C:\WINDOWS\explorer.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005..\Run: [wsctf.exe] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O7 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.) O15 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\..Trusted Domains: ([]msn in Mój komputer) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1277063856334 (WUWebControl Class) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.243.39.61 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (EXPLORER.EXE) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2002-06-14 13:49:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-07-04 12:57:32 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2002-06-14 13:33:32 | 000,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: UploadMgr - Service SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-07-04 12:58:27 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2010-07-04 12:58:25 | 000,000,000 | ---D | C] -- C:\rsit [2010-07-04 12:57:32 | 000,000,000 | RHSD | C] -- C:\autorun.inf [2010-07-04 11:09:09 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010-07-03 23:47:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\Pobieranie [2010-07-03 23:38:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\MSN6 [2010-07-03 23:38:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\MSN6 [2010-07-03 22:27:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla [2010-07-03 21:27:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Mozilla [2010-07-03 21:25:39 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2010-07-03 14:33:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Kopia Moje obrazy [2010-07-03 14:31:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit\Zdjęcia [2010-07-03 14:29:41 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\OTL.exe [2010-06-23 15:58:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall [2010-06-23 15:58:39 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$ [2010-06-23 14:06:53 | 000,143,360 | R--- | C] (Zenographics) -- C:\WINDOWS\apptune1020.exe [2010-06-23 14:06:44 | 000,086,016 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZSPOOL.DLL [2010-06-23 14:06:44 | 000,086,016 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZLhp1020.dll [2010-06-23 14:06:44 | 000,028,672 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\IMF32.DLL [2010-06-23 14:06:44 | 000,024,576 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZTAG32.DLL [2010-06-23 14:06:43 | 000,028,672 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\zlm.dll [2010-06-23 14:06:31 | 000,000,000 | -H-D | C] -- C:\Program Files\Zenographics [2010-06-23 13:53:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Opera [2010-06-23 13:53:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Opera [2010-06-22 22:38:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files [2010-06-22 22:29:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Moje wideo [2010-06-22 22:17:35 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2010-06-22 20:15:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt [2010-06-22 15:54:50 | 000,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll [2010-06-22 15:54:49 | 001,435,600 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll [2010-06-22 15:54:49 | 000,264,144 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll [2010-06-22 15:54:36 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys [2010-06-22 15:54:21 | 000,218,592 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys [2010-06-22 15:54:21 | 000,088,040 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys [2010-06-22 15:53:55 | 000,063,360 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys [2010-06-22 15:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools [2010-06-22 15:53:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\PC Tools [2010-06-22 15:53:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Tools [2010-06-22 15:53:18 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security [2010-06-22 15:05:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google [2010-06-22 07:40:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google [2010-06-22 07:39:33 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2010-06-22 07:39:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google [2010-06-21 23:31:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-06-21 23:29:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\Notesy programu OneNote [2010-06-21 23:07:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works [2010-06-21 23:06:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2010-06-21 22:58:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW [2010-06-21 22:57:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft Help [2010-06-21 22:56:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2010-06-21 22:56:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help [2010-06-21 22:52:33 | 000,000,000 | RH-D | C] -- C:\MSOCache [2010-06-21 22:27:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo [2010-06-21 22:26:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2010-06-21 22:09:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-pl [2010-06-21 22:09:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\provisioning [2010-06-21 22:09:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas [2010-06-21 22:09:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl [2010-06-21 22:09:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\peernet [2010-06-21 19:51:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic [2010-06-21 19:46:18 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software [2010-06-21 19:46:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-06-21 19:29:47 | 000,050,688 | ---- | C] (Grupa robocza Twain) -- C:\WINDOWS\twain_32.dll [2010-06-21 19:00:24 | 000,000,000 | ---D | C] -- C:\000e55a71bd05f0e73 [2010-06-21 18:17:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles [2010-06-21 18:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome [2010-06-21 18:07:56 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$ [2010-06-20 22:23:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Macromedia [2010-06-20 22:14:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Opera [2010-06-20 22:14:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Opera [2010-06-20 22:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2010-06-20 22:02:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits [2010-06-20 21:57:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution [2010-06-20 20:06:49 | 001,074,896 | ---- | C] (C. Ghisler & Co.) -- C:\Documents and Settings\user\Pulpit\TOTALCMD.EXE [2010-06-20 20:04:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit\Moje Koffane!!! [2010-06-20 20:03:46 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2010-06-20 17:04:53 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user\Cookies [2010-06-20 17:04:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\InterTrust [2010-06-20 17:04:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Identities [2010-06-20 17:04:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Adobe [2010-06-20 17:04:52 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user\Dane aplikacji\Microsoft [2010-06-20 17:04:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\SendTo [2010-06-20 17:04:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent [2010-06-20 17:04:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Dane aplikacji [2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Ulubione [2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Moje obrazy [2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty [2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Moja muzyka [2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Menu Start [2010-06-20 17:04:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\Ustawienia lokalne [2010-06-20 17:04:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\Szablony [2010-06-20 17:04:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\PrintHood [2010-06-20 17:04:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\NetHood [2010-06-20 17:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Symantec [2010-06-20 17:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit [2010-06-20 17:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\My eBooks [2010-06-20 17:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-06-19 22:26:44 | 000,078,048 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\drvmcdb.sys [2010-06-19 22:26:44 | 000,040,096 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\drvnddm.sys [2010-06-19 22:26:44 | 000,005,589 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\sscdbhk5.sys [2010-06-19 22:26:43 | 000,098,354 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\dla.exe [2010-06-19 22:26:43 | 000,061,494 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\tfswapi.dll [2010-06-19 22:26:43 | 000,022,963 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\ssrtln.sys [2010-06-19 22:26:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dla [2010-06-19 22:26:42 | 000,000,000 | ---D | C] -- C:\Program Files\HP DLA [2010-06-19 22:26:32 | 000,000,000 | ---D | C] -- C:\Program Files\HP RecordNow [2010-06-19 22:26:06 | 000,000,000 | ---D | C] -- C:\Program Files\InterVideo [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-07-04 18:44:06 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-07-04 15:44:10 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-07-04 15:43:53 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-07-04 15:43:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-07-04 15:42:04 | 001,048,576 | -H-- | M] () -- C:\Documents and Settings\user\NTUSER.DAT [2010-07-04 15:42:04 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\user\ntuser.ini [2010-07-04 15:40:55 | 003,754,866 | -H-- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-07-04 12:28:38 | 000,148,400 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-07-04 10:06:37 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-07-03 22:14:08 | 000,001,612 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-07-03 21:27:51 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat [2010-07-03 14:29:44 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\OTL.exe [2010-07-03 13:36:51 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-06-23 15:32:39 | 000,009,728 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-06-22 15:54:12 | 000,001,692 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\PC Tools AntiVirus Free.lnk [2010-06-22 15:19:51 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2010-06-21 23:19:10 | 000,028,264 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-06-21 22:32:45 | 000,763,814 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-06-21 22:32:45 | 000,356,068 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-06-21 22:32:45 | 000,311,938 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-06-21 22:32:45 | 000,049,910 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-06-21 22:32:45 | 000,040,326 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-06-21 22:29:17 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2010-06-21 22:28:30 | 000,000,519 | ---- | M] () -- C:\WINDOWS\win.ini [2010-06-21 22:17:55 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2010-06-21 21:57:20 | 000,047,564 | ---- | M] () -- C:\ntdetect.com [2010-06-21 21:57:19 | 000,251,152 | ---- | M] () -- C:\ntldr [2010-06-20 22:14:25 | 000,000,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2010-06-20 20:07:38 | 000,000,313 | ---- | M] () -- C:\WINDOWS\WINCMD.INI [2010-06-19 22:26:44 | 000,000,132 | ---- | M] () -- C:\WINDOWS\wininit.ini [2010-06-19 22:26:13 | 000,001,667 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\InterVideo WinDVD.lnk [2010-06-19 22:24:46 | 000,001,182 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2010-06-19 22:24:42 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\NTUSER.DAT [2010-06-19 22:18:29 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini [2010-06-18 17:00:16 | 000,149,456 | ---- | M] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll [2010-06-18 17:00:12 | 001,435,600 | ---- | M] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll [2010-06-18 17:00:12 | 000,264,144 | ---- | M] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll [2010-06-18 17:00:02 | 000,767,952 | ---- | M] () -- C:\WINDOWS\BDTSupport.dll [2010-05-10 14:14:18 | 000,000,192 | ---- | M] () -- C:\WINDOWS\UDB.zip [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-07-03 22:14:08 | 000,001,612 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-07-03 21:27:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010-06-23 14:06:43 | 000,206,768 | R--- | C] () -- C:\WINDOWS\System32\hp1022.img [2010-06-23 14:06:43 | 000,128,612 | R--- | C] () -- C:\WINDOWS\System32\hp1020.img [2010-06-23 14:06:42 | 000,574,100 | R--- | C] () -- C:\WINDOWS\System32\hp1022n.img [2010-06-23 14:06:42 | 000,397,312 | R--- | C] () -- C:\WINDOWS\System32\zshp1020.exe [2010-06-23 14:06:42 | 000,106,496 | R--- | C] () -- C:\WINDOWS\System32\vshp1020.dll [2010-06-23 14:06:41 | 000,007,578 | R--- | C] () -- C:\WINDOWS\System32\ZSHP1020.HLP [2010-06-22 22:30:19 | 000,009,728 | ---- | C] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-06-22 15:54:51 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll [2010-06-22 15:54:50 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml [2010-06-22 15:54:50 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml [2010-06-22 15:54:50 | 000,000,192 | ---- | C] () -- C:\WINDOWS\UDB.zip [2010-06-22 15:54:50 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip [2010-06-22 15:54:36 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat [2010-06-22 15:54:21 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat [2010-06-22 15:54:21 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat [2010-06-22 15:54:12 | 000,001,692 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\PC Tools AntiVirus Free.lnk [2010-06-22 15:53:55 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat [2010-06-22 07:39:55 | 000,001,032 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-06-22 07:39:54 | 000,001,028 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-06-21 22:28:22 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx [2010-06-21 22:10:47 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta [2010-06-21 22:10:47 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css [2010-06-21 22:10:47 | 000,001,714 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf [2010-06-21 22:10:47 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js [2010-06-21 22:10:46 | 000,693,932 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm [2010-06-21 22:10:46 | 000,071,460 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm [2010-06-21 22:10:46 | 000,027,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm [2010-06-21 22:10:45 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav [2010-06-21 22:10:45 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav [2010-06-21 22:10:45 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav [2010-06-21 22:10:45 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav [2010-06-21 22:10:45 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav [2010-06-21 22:10:45 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav [2010-06-21 22:10:45 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav [2010-06-21 22:10:45 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav [2010-06-21 22:10:44 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav [2010-06-21 22:10:44 | 000,058,350 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf [2010-06-21 22:10:43 | 000,034,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf [2010-06-21 22:10:43 | 000,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf [2010-06-21 22:10:43 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif [2010-06-21 22:10:43 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif [2010-06-21 22:10:43 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif [2010-06-21 22:10:43 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif [2010-06-21 22:10:43 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif [2010-06-21 22:10:43 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif [2010-06-21 22:10:43 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif [2010-06-21 22:10:42 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv [2010-06-21 22:10:42 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif [2010-06-21 22:10:42 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif [2010-06-21 22:10:42 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif [2010-06-21 22:10:42 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif [2010-06-21 22:10:42 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif [2010-06-21 22:10:42 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js [2010-06-21 22:10:42 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif [2010-06-21 22:10:42 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif [2010-06-21 22:10:42 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif [2010-06-21 22:10:42 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif [2010-06-21 22:10:42 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif [2010-06-21 22:10:42 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif [2010-06-21 22:10:42 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif [2010-06-21 22:10:42 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif [2010-06-21 22:10:41 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv [2010-06-21 22:10:41 | 000,089,253 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm [2010-06-21 22:10:41 | 000,066,160 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz [2010-06-21 22:10:41 | 000,001,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf [2010-06-21 22:10:41 | 000,001,482 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl [2010-06-21 22:10:41 | 000,001,479 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl [2010-06-21 22:10:41 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl [2010-06-21 22:10:41 | 000,001,471 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl [2010-06-21 22:10:41 | 000,001,463 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl [2010-06-21 22:10:41 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm [2010-06-21 22:10:41 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl [2010-06-21 22:10:41 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl [2010-06-21 22:10:41 | 000,001,041 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl [2010-06-21 22:10:41 | 000,000,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl [2010-06-21 22:10:41 | 000,000,822 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl [2010-06-21 22:10:41 | 000,000,808 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl [2010-06-21 22:10:41 | 000,000,792 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl [2010-06-21 22:10:41 | 000,000,786 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl [2010-06-21 22:10:41 | 000,000,738 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl [2010-06-21 22:10:40 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv [2010-06-21 22:10:40 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip [2010-06-21 22:10:40 | 000,001,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl [2010-06-21 22:10:40 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip [2010-06-21 22:10:39 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp [2010-06-21 22:10:39 | 000,036,644 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf [2010-06-21 22:10:39 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif [2010-06-21 22:10:39 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif [2010-06-21 22:10:39 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt [2010-06-21 22:10:38 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv [2010-06-21 22:10:38 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js [2010-06-21 22:10:37 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv [2010-06-21 22:10:37 | 000,184,137 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz [2010-06-21 22:10:37 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css [2010-06-21 22:10:37 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm [2010-06-21 22:10:37 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js [2010-06-21 22:10:37 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif [2010-06-21 22:10:37 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif [2010-06-21 22:10:37 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif [2010-06-21 22:10:37 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif [2010-06-21 22:10:37 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif [2010-06-21 22:10:36 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif [2010-06-21 22:10:24 | 000,239,616 | ---- | C] () -- C:\WINDOWS\System32\wstrenderer.ax [2010-06-21 22:10:24 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\wstpager.ax [2010-06-21 22:10:24 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\vbicodec.ax [2010-06-21 22:09:59 | 000,118,272 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax [2010-06-21 21:58:03 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod [2010-06-21 21:58:02 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty [2010-06-21 19:35:53 | 000,046,306 | ---- | C] () -- C:\WINDOWS\System32\ieuinit.inf [2010-06-21 19:28:59 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2010-06-21 19:28:48 | 000,053,920 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe [2010-06-21 19:28:17 | 000,956,990 | ---- | C] () -- C:\WINDOWS\System32\instcat.sql [2010-06-21 19:27:46 | 000,148,992 | ---- | C] () -- C:\WINDOWS\System32\mpg2splt.ax [2010-06-21 19:27:03 | 000,004,310 | ---- | C] () -- C:\WINDOWS\System32\odbcconf.rsp [2010-06-21 19:26:44 | 000,003,346 | ---- | C] () -- C:\WINDOWS\System32\redir.exe [2010-06-21 19:26:02 | 001,356,288 | ---- | C] () -- C:\WINDOWS\System32\webfldrs.msi [2010-06-21 19:25:20 | 000,265,948 | ---- | C] () -- C:\WINDOWS\System32\locale.nls [2010-06-21 19:25:07 | 000,023,044 | ---- | C] () -- C:\WINDOWS\System32\sorttbls.nls [2010-06-21 19:24:38 | 000,047,564 | ---- | C] () -- C:\ntdetect.com [2010-06-21 19:24:37 | 000,251,152 | ---- | C] () -- C:\ntldr [2010-06-21 18:17:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls [2010-06-20 22:14:25 | 000,000,602 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2010-06-20 20:07:12 | 000,000,313 | ---- | C] () -- C:\WINDOWS\WINCMD.INI [2010-06-20 17:04:52 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\user\ntuser.ini [2010-06-20 17:04:51 | 001,048,576 | -H-- | C] () -- C:\Documents and Settings\user\NTUSER.DAT [2010-06-20 17:04:51 | 000,020,480 | -H-- | C] () -- C:\Documents and Settings\user\ntuser.dat.LOG [2010-06-19 22:26:43 | 000,000,132 | ---- | C] () -- C:\WINDOWS\wininit.ini [2010-06-19 22:26:12 | 000,001,667 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\InterVideo WinDVD.lnk [2010-06-19 22:24:41 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT [2010-06-19 22:24:41 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT.LOG [2010-06-19 22:24:35 | 000,001,805 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\MSN Explorer.lnk [2002-06-14 14:25:13 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2002-06-14 14:00:40 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll [2002-03-06 17:01:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2001-08-31 15:33:58 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\VxDMDcDlg.dll [1980-01-01 00:00:00 | 000,406,775 | ---- | C] () -- C:\WINDOWS\System32\ati3duag.dll [1980-01-01 00:00:00 | 000,000,988 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [color=#E56717]========== LOP Check ==========[/color] [2002-06-14 14:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\InterTrust [2010-06-21 19:46:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-07-04 19:02:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2002-06-14 14:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\InterTrust [2010-06-23 13:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Opera [2002-06-14 14:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\InterTrust [2010-06-20 22:14:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Opera [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2002-06-14 13:49:20 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-06-21 22:17:55 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2001-10-30 04:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2002-06-14 13:24:20 | 000,000,084 | -HS- | M] () -- C:\BOOTLOG.TXT [2002-06-14 13:49:20 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2002-03-12 18:13:58 | 000,065,271 | RHS- | M] () -- C:\DRVSPACE.BIN [1999-11-09 13:02:34 | 000,000,497 | ---- | M] () -- C:\HPSUPPT.TXT [2002-06-14 13:50:30 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2002-06-14 13:50:30 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010-06-21 21:57:20 | 000,047,564 | ---- | M] () -- C:\ntdetect.com [2010-06-21 21:57:19 | 000,251,152 | ---- | M] () -- C:\ntldr [2010-07-04 19:22:43 | 452,984,832 | -HS- | M] () -- C:\pagefile.sys [2002-06-14 13:56:36 | 000,000,098 | RH-- | M] () -- C:\version.inf [2001-10-30 04:00:00 | 000,000,010 | ---- | M] () -- C:\WIN51 [2001-10-30 04:00:00 | 000,000,010 | ---- | M] () -- C:\WIN51IP [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\000e55a71bd05f0e73\i386\sp3.cab:agp440.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys [2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [2001-08-17 21:58:00 | 000,025,472 | ---- | M] (Microsoft Corporation) MD5=65880045C51AA36184841CEE915A61DF -- C:\WINDOWS\SoftwareDistribution\Download\43ab4310d3c682d7f669ad4db86a272d\backup\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\000e55a71bd05f0e73\i386\sp3.cab:atapi.sys [2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp1.cab:atapi.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2002-08-29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\43ab4310d3c682d7f669ad4db86a272d\backup\atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-10-30 04:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\000e55a71bd05f0e73\i386\sp3.cab:cdrom.sys [2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp1.cab:cdrom.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\43ab4310d3c682d7f669ad4db86a272d\backup\cdrom.sys [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2002-08-29 01:27:56 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=6506E033AD04CFEC9EE56DBEFD1083DD -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2002-09-20 18:03:48 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=29B2476DBB81A31473F76DD2E0B9360C -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [2002-08-29 02:09:26 | 000,167,552 | ---- | M] (Microsoft Corporation) MD5=3B350E5A2A5E951453F3993275A4523A -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe [2002-02-21 11:48:30 | 000,431,616 | ---- | M] (Microsoft Corporation) MD5=84ABBAB7802780D90AC79C0FE8584ECD -- C:\I386\WINLOGON.EXE [2002-09-20 18:05:50 | 000,519,168 | ---- | M] (Microsoft Corporation) MD5=8B6E6BB5D451F8BBC0621203B687D993 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [color=#A23BEC]< >[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 168 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2 @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:A8ADE5D8 @Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:430C6D84 < End of report > [/log]
Tomek01 komentarz 4 lipca 2010 komentarz 4 lipca 2010 Poczekamy w takim razie co kolega Cyni widzi innego w tym logu OTL niż w poprzednim.
Gość komentarz 4 lipca 2010 komentarz 4 lipca 2010 Uruchom [b]OTL[/b] i w oknie [b]Custom Scans/Fixes[/b] wklej to: [quote] :OTL O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O4 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005..\Run: [wsctf.exe] File not found O3 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. SRV - File not found [Auto | Stopped] -- -- (gupdate) Usługa Google Update (gupdate) @Alternate Data Stream - 168 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2 @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:A8ADE5D8 @Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:430C6D84 :Reg [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Shell"="explorer.exe" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EXPLORER.EXE"=- [HKEY_USERS\S-1-5-21-527237240-630328440-839522115-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Shell"=- :Commands [emptytemp] [Reboot] [/quote] Kliknij w [color="#000000"][b]Run Fix[/b][/color]. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie. Następnie uruchom [b]OTL[/b] ponownie, tym razem kliknij "[b][color="blue"]Run Scan[/color][/b]". [color="#ff0000"]//kolor czerwony jest zarezerwowany dla moderatorów i administracji //zapoznaj się z regulaminem, kolejne takie przypadki będą "nagrodzone" warnem //raaz[/color]
gosia1995 komentarz 4 lipca 2010 Autor komentarz 4 lipca 2010 to jest ten ostani log [log]OTL logfile created on: 2010-07-04 21:52:16 - Run 3 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\user\Moje dokumenty Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 254,00 Mb Total Physical Memory | 68,00 Mb Available Physical Memory | 27,00% Memory free 625,00 Mb Paging File | 187,00 Mb Available in Paging File | 30,00% Paging File free Paging file location(s): C:\pagefile.sys 384 768 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 27,92 Gb Total Space | 18,21 Gb Free Space | 65,22% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: HEWLETT-DUT2OTV Current User Name: user Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-07-03 14:29:44 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\OTL.exe PRC - [2010-06-26 10:49:39 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-06-18 17:00:10 | 000,198,608 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe PRC - [2010-05-11 11:51:52 | 001,287,120 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsTray.exe PRC - [2010-03-15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsSvc.exe PRC - [2010-03-11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsAuxs.exe PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-04-14 22:51:32 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2002-04-22 22:00:16 | 000,282,624 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\system32\atiptaxx.exe PRC - [2002-04-22 20:13:58 | 000,118,784 | ---- | M] () -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2002-04-20 13:56:36 | 000,077,824 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Hewlett-Packard\One-Touch\ONETOUCH.EXE PRC - [2002-04-12 13:54:22 | 000,126,976 | R--- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe PRC - [2002-04-12 13:53:14 | 000,536,576 | R--- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2002-03-27 12:18:44 | 000,004,608 | ---- | M] (Conexant Systems) -- C:\WINDOWS\system32\carpserv.exe PRC - [2002-03-25 18:38:38 | 000,122,880 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\RadioSvr.exe PRC - [2002-03-14 13:12:46 | 000,151,552 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\HPConfig.exe PRC - [2002-03-14 03:25:00 | 000,102,455 | ---- | M] (VERITAS Software, Inc.) -- C:\WINDOWS\system32\dla\tfswctrl.exe PRC - [2002-03-07 18:57:50 | 000,061,440 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-07-03 14:29:44 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\OTL.exe MOD - [2010-04-16 18:09:02 | 000,669,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll MOD - [2010-04-16 18:09:01 | 001,509,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll MOD - [2010-04-16 18:09:01 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll MOD - [2010-02-26 07:16:18 | 000,154,160 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\smum32.dll MOD - [2009-12-24 09:04:53 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-04-15 16:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-10-15 18:36:55 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll MOD - [2008-06-20 19:48:53 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll MOD - [2008-06-17 21:03:15 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 22:51:00 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll MOD - [2008-04-14 22:51:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll MOD - [2008-04-14 22:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 22:50:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 22:50:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 22:50:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2008-04-14 22:50:42 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 22:50:40 | 000,278,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstask.dll MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll MOD - [2008-04-14 22:50:38 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2008-04-14 22:50:36 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll MOD - [2008-04-14 22:50:34 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 22:50:18 | 000,602,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll MOD - [2008-04-14 22:50:18 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2008-04-14 22:50:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008-04-14 22:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2002-04-12 13:54:00 | 000,065,536 | R--- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- -- (gupdate) Usługa Google Update (gupdate) SRV - [2010-06-18 17:00:10 | 000,198,608 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service) SRV - [2010-03-15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Security\pctsSvc.exe -- (sdCoreService) SRV - [2010-03-11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Security\pctsAuxs.exe -- (sdAuxService) SRV - [2002-03-25 18:38:38 | 000,122,880 | ---- | M] (Hewlett-Packard) [On_Demand | Running] -- C:\WINDOWS\system32\RadioSvr.exe -- (RadioSvr) SRV - [2002-03-14 13:12:46 | 000,151,552 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPConfig.exe -- (HPConfig) SRV - [2002-01-18 18:33:40 | 000,069,632 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\WINDOWS\system32\HpRfDev.exe -- (HpRfDev) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-03-29 10:06:14 | 000,218,592 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore) DRV - [2002-05-20 10:51:26 | 000,016,064 | ---- | M] (National Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DP83815.sys -- (DP83815) DRV - [2002-04-22 21:20:22 | 000,426,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2002-04-19 10:36:54 | 000,006,848 | ---- | M] (Hewlett-Packard Co.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Hpgate.sys -- (HPGate) DRV - [2002-04-12 17:38:08 | 000,225,504 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\calihal.sys -- (CALIHALA) DRV - [2002-04-12 17:33:28 | 000,321,504 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\caliaud.sys -- (CALIAUD) DRV - [2002-04-12 13:42:04 | 000,252,880 | R--- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2002-04-01 17:05:08 | 000,014,643 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KBFILTR.SYS -- (KBFiltr) DRV - [2002-03-27 12:18:52 | 000,034,224 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\strmdisp.sys -- (StreamDispatcher) DRV - [2002-03-27 12:17:26 | 000,153,380 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWALI.sys -- (HSFHWALI) DRV - [2002-03-27 12:16:14 | 001,171,616 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP) DRV - [2002-03-27 12:10:00 | 000,594,960 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2002-03-14 03:25:00 | 000,094,679 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa) DRV - [2002-03-14 03:25:00 | 000,088,758 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf) DRV - [2002-03-14 03:25:00 | 000,052,758 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs) DRV - [2002-03-14 03:25:00 | 000,034,743 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs) DRV - [2002-03-14 03:25:00 | 000,023,607 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio) DRV - [2002-03-14 03:25:00 | 000,013,847 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio) DRV - [2002-03-14 03:25:00 | 000,006,327 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool) DRV - [2002-03-14 03:25:00 | 000,004,119 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct) DRV - [2002-03-14 03:25:00 | 000,002,203 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres) DRV - [2002-02-15 03:21:00 | 000,078,048 | ---- | M] (VERITAS Software, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb) DRV - [2002-02-12 02:56:00 | 000,040,096 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm) DRV - [2002-01-30 13:33:42 | 000,014,472 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hpci.sys -- (HPCI) DRV - [2002-01-28 17:04:04 | 000,005,589 | ---- | M] (VERITAS Software, Inc.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5) DRV - [2002-01-28 17:03:18 | 000,022,963 | ---- | M] (VERITAS Software, Inc.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln) DRV - [2002-01-18 12:00:00 | 000,057,344 | ---- | M] (LAN-Express) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Express.sys -- (LEX_NIC_SERVICE) DRV - [2001-12-17 23:54:32 | 000,026,112 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aliirda.sys -- (ALiIRDA) DRV - [2001-10-30 04:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde) DRV - [2001-08-31 17:49:18 | 000,030,733 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ALiAGP.sys -- (ALiAGP) DRV - [2001-08-17 21:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com/info/homepage-o IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com/info/homepage-o IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com/info/homepage-o IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com/info/homepage-o IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) IE - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:2.0.1 FF - HKLM\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\ [2010-06-22 15:54:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-07-03 22:27:49 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-07-03 22:13:21 | 000,000,000 | ---D | M] [2010-07-03 22:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Extensions [2010-07-03 22:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\u1b59a8k.default\extensions [2010-07-03 22:13:25 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-06-26 09:59:22 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-06-26 09:59:22 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-06-26 09:59:22 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-06-26 09:59:22 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-06-26 09:59:22 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-06-26 09:59:22 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2001-10-30 04:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx () O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.) O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.) O4 - HKLM..\Run: [CARPService] C:\WINDOWS\System32\carpserv.exe (Conexant Systems) O4 - HKLM..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe (Hewlett-Packard) O4 - HKLM..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe (Hewlett-Packard) O4 - HKLM..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe (Hewlett-Packard) O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsTray.exe (PC Tools) O4 - HKLM..\Run: [QT4HPOT] C:\Program Files\Hewlett-Packard\One-Touch\ONETOUCH.EXE (Dritek System Inc.) O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O7 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.) O15 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\..Trusted Domains: ([]msn in Mój komputer) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1277063856334 (WUWebControl Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.243.39.61 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (EXPLORER.EXE) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2002-06-14 13:49:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-07-04 12:57:32 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2002-06-14 13:33:32 | 000,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: UploadMgr - Service SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-07-04 21:28:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2010-07-04 21:04:10 | 000,000,000 | ---D | C] -- C:\_OTL [2010-07-04 12:58:27 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2010-07-04 12:58:25 | 000,000,000 | ---D | C] -- C:\rsit [2010-07-04 12:57:32 | 000,000,000 | RHSD | C] -- C:\autorun.inf [2010-07-04 11:09:09 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010-07-03 23:47:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\Pobieranie [2010-07-03 23:38:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\MSN6 [2010-07-03 23:38:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\MSN6 [2010-07-03 22:27:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla [2010-07-03 21:27:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Mozilla [2010-07-03 21:25:39 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2010-07-03 14:33:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Kopia Moje obrazy [2010-07-03 14:31:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit\Zdjęcia [2010-07-03 14:29:41 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\OTL.exe [2010-06-23 15:58:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall [2010-06-23 15:58:39 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$ [2010-06-23 14:06:53 | 000,143,360 | R--- | C] (Zenographics) -- C:\WINDOWS\apptune1020.exe [2010-06-23 14:06:44 | 000,086,016 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZSPOOL.DLL [2010-06-23 14:06:44 | 000,086,016 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZLhp1020.dll [2010-06-23 14:06:44 | 000,028,672 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\IMF32.DLL [2010-06-23 14:06:44 | 000,024,576 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZTAG32.DLL [2010-06-23 14:06:43 | 000,028,672 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\zlm.dll [2010-06-23 14:06:31 | 000,000,000 | -H-D | C] -- C:\Program Files\Zenographics [2010-06-23 13:53:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Opera [2010-06-23 13:53:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Opera [2010-06-22 22:38:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files [2010-06-22 22:29:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Moje wideo [2010-06-22 22:17:35 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2010-06-22 20:15:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt [2010-06-22 15:54:50 | 000,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll [2010-06-22 15:54:49 | 001,435,600 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll [2010-06-22 15:54:49 | 000,264,144 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll [2010-06-22 15:54:36 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys [2010-06-22 15:54:21 | 000,218,592 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys [2010-06-22 15:54:21 | 000,088,040 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys [2010-06-22 15:53:55 | 000,063,360 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys [2010-06-22 15:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools [2010-06-22 15:53:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\PC Tools [2010-06-22 15:53:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Tools [2010-06-22 15:53:18 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security [2010-06-22 15:05:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google [2010-06-22 07:40:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google [2010-06-22 07:39:33 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2010-06-22 07:39:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google [2010-06-21 23:31:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-06-21 23:29:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\Notesy programu OneNote [2010-06-21 23:07:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works [2010-06-21 23:06:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2010-06-21 22:58:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW [2010-06-21 22:57:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft Help [2010-06-21 22:56:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2010-06-21 22:56:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help [2010-06-21 22:52:33 | 000,000,000 | RH-D | C] -- C:\MSOCache [2010-06-21 22:27:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo [2010-06-21 22:26:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2010-06-21 22:09:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-pl [2010-06-21 22:09:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\provisioning [2010-06-21 22:09:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas [2010-06-21 22:09:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl [2010-06-21 22:09:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\peernet [2010-06-21 19:51:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic [2010-06-21 19:46:18 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software [2010-06-21 19:46:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-06-21 19:29:47 | 000,050,688 | ---- | C] (Grupa robocza Twain) -- C:\WINDOWS\twain_32.dll [2010-06-21 19:00:24 | 000,000,000 | ---D | C] -- C:\000e55a71bd05f0e73 [2010-06-21 18:17:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles [2010-06-21 18:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome [2010-06-21 18:07:56 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$ [2010-06-20 22:23:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Macromedia [2010-06-20 22:14:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Opera [2010-06-20 22:14:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Opera [2010-06-20 22:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2010-06-20 22:02:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits [2010-06-20 21:57:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution [2010-06-20 20:06:49 | 001,074,896 | ---- | C] (C. Ghisler & Co.) -- C:\Documents and Settings\user\Pulpit\TOTALCMD.EXE [2010-06-20 20:04:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit\Moje Koffane!!! [2010-06-20 20:03:46 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2010-06-20 17:04:53 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user\Cookies [2010-06-20 17:04:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\InterTrust [2010-06-20 17:04:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Identities [2010-06-20 17:04:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Adobe [2010-06-20 17:04:52 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user\Dane aplikacji\Microsoft [2010-06-20 17:04:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\SendTo [2010-06-20 17:04:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent [2010-06-20 17:04:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Dane aplikacji [2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Ulubione [2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Moje obrazy [2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty [2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Moja muzyka [2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Menu Start [2010-06-20 17:04:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\Ustawienia lokalne [2010-06-20 17:04:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\Szablony [2010-06-20 17:04:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\PrintHood [2010-06-20 17:04:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\NetHood [2010-06-20 17:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Symantec [2010-06-20 17:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit [2010-06-20 17:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\My eBooks [2010-06-20 17:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-06-19 22:26:44 | 000,078,048 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\drvmcdb.sys [2010-06-19 22:26:44 | 000,040,096 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\drvnddm.sys [2010-06-19 22:26:44 | 000,005,589 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\sscdbhk5.sys [2010-06-19 22:26:43 | 000,098,354 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\dla.exe [2010-06-19 22:26:43 | 000,061,494 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\tfswapi.dll [2010-06-19 22:26:43 | 000,022,963 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\ssrtln.sys [2010-06-19 22:26:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dla [2010-06-19 22:26:42 | 000,000,000 | ---D | C] -- C:\Program Files\HP DLA [2010-06-19 22:26:32 | 000,000,000 | ---D | C] -- C:\Program Files\HP RecordNow [2010-06-19 22:26:06 | 000,000,000 | ---D | C] -- C:\Program Files\InterVideo [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-07-04 21:44:01 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-07-04 21:17:56 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-07-04 21:15:26 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-07-04 21:15:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-07-04 21:14:38 | 001,048,576 | -H-- | M] () -- C:\Documents and Settings\user\NTUSER.DAT [2010-07-04 21:14:16 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\user\ntuser.ini [2010-07-04 15:40:55 | 003,754,866 | -H-- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-07-04 12:28:38 | 000,148,400 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-07-04 10:06:37 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-07-03 22:14:08 | 000,001,612 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-07-03 21:27:51 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat [2010-07-03 14:29:44 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\OTL.exe [2010-07-03 13:36:51 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-06-23 15:32:39 | 000,009,728 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-06-22 15:54:12 | 000,001,692 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\PC Tools AntiVirus Free.lnk [2010-06-22 15:19:51 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2010-06-21 23:19:10 | 000,028,264 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-06-21 22:32:45 | 000,763,814 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-06-21 22:32:45 | 000,356,068 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-06-21 22:32:45 | 000,311,938 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-06-21 22:32:45 | 000,049,910 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-06-21 22:32:45 | 000,040,326 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-06-21 22:29:17 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2010-06-21 22:28:30 | 000,000,519 | ---- | M] () -- C:\WINDOWS\win.ini [2010-06-21 22:17:55 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2010-06-21 21:57:20 | 000,047,564 | ---- | M] () -- C:\ntdetect.com [2010-06-21 21:57:19 | 000,251,152 | ---- | M] () -- C:\ntldr [2010-06-20 22:14:25 | 000,000,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2010-06-20 20:07:38 | 000,000,313 | ---- | M] () -- C:\WINDOWS\WINCMD.INI [2010-06-19 22:26:44 | 000,000,132 | ---- | M] () -- C:\WINDOWS\wininit.ini [2010-06-19 22:26:13 | 000,001,667 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\InterVideo WinDVD.lnk [2010-06-19 22:24:46 | 000,001,182 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2010-06-19 22:24:42 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\NTUSER.DAT [2010-06-19 22:18:29 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini [2010-06-18 17:00:16 | 000,149,456 | ---- | M] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll [2010-06-18 17:00:12 | 001,435,600 | ---- | M] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll [2010-06-18 17:00:12 | 000,264,144 | ---- | M] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll [2010-06-18 17:00:02 | 000,767,952 | ---- | M] () -- C:\WINDOWS\BDTSupport.dll [2010-05-10 14:14:18 | 000,000,192 | ---- | M] () -- C:\WINDOWS\UDB.zip [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-07-03 22:14:08 | 000,001,612 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-07-03 21:27:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010-06-23 14:06:43 | 000,206,768 | R--- | C] () -- C:\WINDOWS\System32\hp1022.img [2010-06-23 14:06:43 | 000,128,612 | R--- | C] () -- C:\WINDOWS\System32\hp1020.img [2010-06-23 14:06:42 | 000,574,100 | R--- | C] () -- C:\WINDOWS\System32\hp1022n.img [2010-06-23 14:06:42 | 000,397,312 | R--- | C] () -- C:\WINDOWS\System32\zshp1020.exe [2010-06-23 14:06:42 | 000,106,496 | R--- | C] () -- C:\WINDOWS\System32\vshp1020.dll [2010-06-23 14:06:41 | 000,007,578 | R--- | C] () -- C:\WINDOWS\System32\ZSHP1020.HLP [2010-06-22 22:30:19 | 000,009,728 | ---- | C] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-06-22 15:54:51 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll [2010-06-22 15:54:50 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml [2010-06-22 15:54:50 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml [2010-06-22 15:54:50 | 000,000,192 | ---- | C] () -- C:\WINDOWS\UDB.zip [2010-06-22 15:54:50 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip [2010-06-22 15:54:36 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat [2010-06-22 15:54:21 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat [2010-06-22 15:54:21 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat [2010-06-22 15:54:12 | 000,001,692 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\PC Tools AntiVirus Free.lnk [2010-06-22 15:53:55 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat [2010-06-22 07:39:55 | 000,001,032 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-06-22 07:39:54 | 000,001,028 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-06-21 22:28:22 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx [2010-06-21 22:10:47 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta [2010-06-21 22:10:47 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css [2010-06-21 22:10:47 | 000,001,714 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf [2010-06-21 22:10:47 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js [2010-06-21 22:10:46 | 000,693,932 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm [2010-06-21 22:10:46 | 000,071,460 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm [2010-06-21 22:10:46 | 000,027,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm [2010-06-21 22:10:45 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav [2010-06-21 22:10:45 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav [2010-06-21 22:10:45 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav [2010-06-21 22:10:45 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav [2010-06-21 22:10:45 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav [2010-06-21 22:10:45 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav [2010-06-21 22:10:45 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav [2010-06-21 22:10:45 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav [2010-06-21 22:10:44 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav [2010-06-21 22:10:44 | 000,058,350 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf [2010-06-21 22:10:43 | 000,034,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf [2010-06-21 22:10:43 | 000,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf [2010-06-21 22:10:43 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif [2010-06-21 22:10:43 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif [2010-06-21 22:10:43 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif [2010-06-21 22:10:43 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif [2010-06-21 22:10:43 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif [2010-06-21 22:10:43 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif [2010-06-21 22:10:43 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif [2010-06-21 22:10:42 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv [2010-06-21 22:10:42 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif [2010-06-21 22:10:42 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif [2010-06-21 22:10:42 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif [2010-06-21 22:10:42 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif [2010-06-21 22:10:42 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif [2010-06-21 22:10:42 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js [2010-06-21 22:10:42 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif [2010-06-21 22:10:42 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif [2010-06-21 22:10:42 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif [2010-06-21 22:10:42 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif [2010-06-21 22:10:42 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif [2010-06-21 22:10:42 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif [2010-06-21 22:10:42 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif [2010-06-21 22:10:42 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif [2010-06-21 22:10:41 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv [2010-06-21 22:10:41 | 000,089,253 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm [2010-06-21 22:10:41 | 000,066,160 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz [2010-06-21 22:10:41 | 000,001,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf [2010-06-21 22:10:41 | 000,001,482 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl [2010-06-21 22:10:41 | 000,001,479 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl [2010-06-21 22:10:41 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl [2010-06-21 22:10:41 | 000,001,471 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl [2010-06-21 22:10:41 | 000,001,463 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl [2010-06-21 22:10:41 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm [2010-06-21 22:10:41 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl [2010-06-21 22:10:41 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl [2010-06-21 22:10:41 | 000,001,041 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl [2010-06-21 22:10:41 | 000,000,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl [2010-06-21 22:10:41 | 000,000,822 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl [2010-06-21 22:10:41 | 000,000,808 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl [2010-06-21 22:10:41 | 000,000,792 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl [2010-06-21 22:10:41 | 000,000,786 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl [2010-06-21 22:10:41 | 000,000,738 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl [2010-06-21 22:10:40 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv [2010-06-21 22:10:40 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip [2010-06-21 22:10:40 | 000,001,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl [2010-06-21 22:10:40 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip [2010-06-21 22:10:39 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp [2010-06-21 22:10:39 | 000,036,644 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf [2010-06-21 22:10:39 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif [2010-06-21 22:10:39 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif [2010-06-21 22:10:39 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt [2010-06-21 22:10:38 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv [2010-06-21 22:10:38 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js [2010-06-21 22:10:37 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv [2010-06-21 22:10:37 | 000,184,137 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz [2010-06-21 22:10:37 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css [2010-06-21 22:10:37 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm [2010-06-21 22:10:37 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js [2010-06-21 22:10:37 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif [2010-06-21 22:10:37 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif [2010-06-21 22:10:37 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif [2010-06-21 22:10:37 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif [2010-06-21 22:10:37 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif [2010-06-21 22:10:36 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif [2010-06-21 22:10:24 | 000,239,616 | ---- | C] () -- C:\WINDOWS\System32\wstrenderer.ax [2010-06-21 22:10:24 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\wstpager.ax [2010-06-21 22:10:24 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\vbicodec.ax [2010-06-21 22:09:59 | 000,118,272 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax [2010-06-21 21:58:03 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod [2010-06-21 21:58:02 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty [2010-06-21 19:35:53 | 000,046,306 | ---- | C] () -- C:\WINDOWS\System32\ieuinit.inf [2010-06-21 19:28:59 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2010-06-21 19:28:48 | 000,053,920 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe [2010-06-21 19:28:17 | 000,956,990 | ---- | C] () -- C:\WINDOWS\System32\instcat.sql [2010-06-21 19:27:46 | 000,148,992 | ---- | C] () -- C:\WINDOWS\System32\mpg2splt.ax [2010-06-21 19:27:03 | 000,004,310 | ---- | C] () -- C:\WINDOWS\System32\odbcconf.rsp [2010-06-21 19:26:44 | 000,003,346 | ---- | C] () -- C:\WINDOWS\System32\redir.exe [2010-06-21 19:26:02 | 001,356,288 | ---- | C] () -- C:\WINDOWS\System32\webfldrs.msi [2010-06-21 19:25:20 | 000,265,948 | ---- | C] () -- C:\WINDOWS\System32\locale.nls [2010-06-21 19:25:07 | 000,023,044 | ---- | C] () -- C:\WINDOWS\System32\sorttbls.nls [2010-06-21 19:24:38 | 000,047,564 | ---- | C] () -- C:\ntdetect.com [2010-06-21 19:24:37 | 000,251,152 | ---- | C] () -- C:\ntldr [2010-06-21 18:17:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls [2010-06-20 22:14:25 | 000,000,602 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2010-06-20 20:07:12 | 000,000,313 | ---- | C] () -- C:\WINDOWS\WINCMD.INI [2010-06-20 17:04:52 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\user\ntuser.ini [2010-06-20 17:04:51 | 001,048,576 | -H-- | C] () -- C:\Documents and Settings\user\NTUSER.DAT [2010-06-20 17:04:51 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\user\ntuser.dat.LOG [2010-06-19 22:26:43 | 000,000,132 | ---- | C] () -- C:\WINDOWS\wininit.ini [2010-06-19 22:26:12 | 000,001,667 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\InterVideo WinDVD.lnk [2010-06-19 22:24:41 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT [2010-06-19 22:24:41 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT.LOG [2010-06-19 22:24:35 | 000,001,805 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\MSN Explorer.lnk [2002-06-14 14:25:13 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2002-06-14 14:00:40 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll [2002-03-06 17:01:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2001-08-31 15:33:58 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\VxDMDcDlg.dll [1980-01-01 00:00:00 | 000,406,775 | ---- | C] () -- C:\WINDOWS\System32\ati3duag.dll [1980-01-01 00:00:00 | 000,000,988 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [color=#E56717]========== LOP Check ==========[/color] [2002-06-14 14:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\InterTrust [2010-06-21 19:46:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-07-04 21:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2002-06-14 14:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\InterTrust [2010-06-23 13:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Opera [2002-06-14 14:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\InterTrust [2010-06-20 22:14:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Opera [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2002-06-14 13:49:20 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-06-21 22:17:55 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2001-10-30 04:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2002-06-14 13:24:20 | 000,000,084 | -HS- | M] () -- C:\BOOTLOG.TXT [2002-06-14 13:49:20 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2002-03-12 18:13:58 | 000,065,271 | RHS- | M] () -- C:\DRVSPACE.BIN [1999-11-09 13:02:34 | 000,000,497 | ---- | M] () -- C:\HPSUPPT.TXT [2002-06-14 13:50:30 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2002-06-14 13:50:30 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010-06-21 21:57:20 | 000,047,564 | ---- | M] () -- C:\ntdetect.com [2010-06-21 21:57:19 | 000,251,152 | ---- | M] () -- C:\ntldr [2010-07-04 21:15:17 | 402,653,184 | -HS- | M] () -- C:\pagefile.sys [2002-06-14 13:56:36 | 000,000,098 | RH-- | M] () -- C:\version.inf [2001-10-30 04:00:00 | 000,000,010 | ---- | M] () -- C:\WIN51 [2001-10-30 04:00:00 | 000,000,010 | ---- | M] () -- C:\WIN51IP [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\000e55a71bd05f0e73\i386\sp3.cab:agp440.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys [2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [2001-08-17 21:58:00 | 000,025,472 | ---- | M] (Microsoft Corporation) MD5=65880045C51AA36184841CEE915A61DF -- C:\WINDOWS\SoftwareDistribution\Download\43ab4310d3c682d7f669ad4db86a272d\backup\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\000e55a71bd05f0e73\i386\sp3.cab:atapi.sys [2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp1.cab:atapi.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2002-08-29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\43ab4310d3c682d7f669ad4db86a272d\backup\atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-10-30 04:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\000e55a71bd05f0e73\i386\sp3.cab:cdrom.sys [2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp1.cab:cdrom.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\43ab4310d3c682d7f669ad4db86a272d\backup\cdrom.sys [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2002-08-29 01:27:56 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=6506E033AD04CFEC9EE56DBEFD1083DD -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2002-09-20 18:03:48 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=29B2476DBB81A31473F76DD2E0B9360C -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [2002-08-29 02:09:26 | 000,167,552 | ---- | M] (Microsoft Corporation) MD5=3B350E5A2A5E951453F3993275A4523A -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe [2002-02-21 11:48:30 | 000,431,616 | ---- | M] (Microsoft Corporation) MD5=84ABBAB7802780D90AC79C0FE8584ECD -- C:\I386\WINLOGON.EXE [2002-09-20 18:05:50 | 000,519,168 | ---- | M] (Microsoft Corporation) MD5=8B6E6BB5D451F8BBC0621203B687D993 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 168 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2 @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:A8ADE5D8 @Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:430C6D84 < End of report > [/log] Zobaczę, bo może już jest wszystko ok.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.