x-kom hosting

pomocy! hp omnibook xe4500

gosia1995
utworzono
utworzono

Pomocy!!!!

Mam używanego laptopa hp omnibook xe4500 i coś zknociłam. Teraz jak tylko po włączeniu komputera loguję się
na konto, to w dwóch egzemplarzach włączają mi się moje dokumenty.

Co mogłam zrobić i co teraz powinnam zrobić ??

Proszę o szybką pomoc!!!!!

Gosiaq
[color="#ff0000"]
//przenoszę do subforum Logi do sprawdzenia
//raaz[/color]

raazor90
komentarz
komentarz

Wygląda mi to na infekcję, daj loga z OTL: http://www.forumpc.pl/index.php?showtopic=104338

gosia1995
komentarz
komentarz (edytowane)

To chyba to
[log]OTL logfile created on: 2010-07-03 17:15:53 - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\user\Moje dokumenty
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

254,00 Mb Total Physical Memory | 20,00 Mb Available Physical Memory | 8,00% Memory free
625,00 Mb Paging File | 163,00 Mb Available in Paging File | 26,00% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 27,92 Gb Total Space | 18,85 Gb Free Space | 67,50% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HEWLETT-DUT2OTV
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color="#e56717"]========== Processes (All) ==========[/color]

PRC - [2010-07-03 14:29:44 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\OTL.exe
PRC - [2010-06-18 17:00:10 | 000,198,608 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2010-05-11 11:51:52 | 001,287,120 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsTray.exe
PRC - [2010-04-28 13:45:50 | 000,835,952 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2010-03-15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsSvc.exe
PRC - [2010-03-11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsAuxs.exe
PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 22:51:32 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2008-04-14 22:51:30 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msiexec.exe
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2002-04-22 22:00:16 | 000,282,624 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\system32\atiptaxx.exe
PRC - [2002-04-22 20:13:58 | 000,118,784 | ---- | M] () -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2002-04-20 13:56:36 | 000,077,824 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Hewlett-Packard\One-Touch\ONETOUCH.EXE
PRC - [2002-04-12 13:54:22 | 000,126,976 | R--- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2002-04-12 13:53:14 | 000,536,576 | R--- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2002-03-27 12:18:44 | 000,004,608 | ---- | M] (Conexant Systems) -- C:\WINDOWS\system32\carpserv.exe
PRC - [2002-03-25 18:38:38 | 000,122,880 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\RadioSvr.exe
PRC - [2002-03-14 13:12:46 | 000,151,552 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\HPConfig.exe
PRC - [2002-03-14 03:25:00 | 000,102,455 | ---- | M] (VERITAS Software, Inc.) -- C:\WINDOWS\system32\dla\tfswctrl.exe
PRC - [2002-03-07 18:57:50 | 000,061,440 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe


[color="#e56717"]========== Modules (All) ==========[/color]

MOD - [2010-07-03 14:29:44 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\OTL.exe
MOD - [2010-02-26 07:16:18 | 000,154,160 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\smum32.dll
MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-06-17 21:03:15 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 22:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-14 22:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 22:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2002-04-12 13:54:00 | 000,065,536 | R--- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll


[color="#e56717"]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- -- (gupdate) Usługa Google Update (gupdate)
SRV - [2010-06-18 17:00:10 | 000,198,608 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010-03-15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2010-03-11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2002-03-25 18:38:38 | 000,122,880 | ---- | M] (Hewlett-Packard) [On_Demand | Running] -- C:\WINDOWS\system32\RadioSvr.exe -- (RadioSvr)
SRV - [2002-03-14 13:12:46 | 000,151,552 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPConfig.exe -- (HPConfig)
SRV - [2002-01-18 18:33:40 | 000,069,632 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\WINDOWS\system32\HpRfDev.exe -- (HpRfDev)


[color="#e56717"]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-03-29 10:06:14 | 000,218,592 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2002-05-20 10:51:26 | 000,016,064 | ---- | M] (National Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DP83815.sys -- (DP83815)
DRV - [2002-04-22 21:20:22 | 000,426,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2002-04-19 10:36:54 | 000,006,848 | ---- | M] (Hewlett-Packard Co.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Hpgate.sys -- (HPGate)
DRV - [2002-04-12 17:38:08 | 000,225,504 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\calihal.sys -- (CALIHALA)
DRV - [2002-04-12 17:33:28 | 000,321,504 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\caliaud.sys -- (CALIAUD)
DRV - [2002-04-12 13:42:04 | 000,252,880 | R--- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2002-04-01 17:05:08 | 000,014,643 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KBFILTR.SYS -- (KBFiltr)
DRV - [2002-03-27 12:18:52 | 000,034,224 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\strmdisp.sys -- (StreamDispatcher)
DRV - [2002-03-27 12:17:26 | 000,153,380 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWALI.sys -- (HSFHWALI)
DRV - [2002-03-27 12:16:14 | 001,171,616 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2002-03-27 12:10:00 | 000,594,960 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2002-03-14 03:25:00 | 000,094,679 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2002-03-14 03:25:00 | 000,088,758 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2002-03-14 03:25:00 | 000,052,758 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2002-03-14 03:25:00 | 000,034,743 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2002-03-14 03:25:00 | 000,023,607 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2002-03-14 03:25:00 | 000,013,847 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2002-03-14 03:25:00 | 000,006,327 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2002-03-14 03:25:00 | 000,004,119 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2002-03-14 03:25:00 | 000,002,203 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2002-02-15 03:21:00 | 000,078,048 | ---- | M] (VERITAS Software, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2002-02-12 02:56:00 | 000,040,096 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2002-01-30 13:33:42 | 000,014,472 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hpci.sys -- (HPCI)
DRV - [2002-01-28 17:04:04 | 000,005,589 | ---- | M] (VERITAS Software, Inc.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2002-01-28 17:03:18 | 000,022,963 | ---- | M] (VERITAS Software, Inc.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2002-01-18 12:00:00 | 000,057,344 | ---- | M] (LAN-Express) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Express.sys -- (LEX_NIC_SERVICE)
DRV - [2001-12-17 23:54:32 | 000,026,112 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aliirda.sys -- (ALiIRDA)
DRV - [2001-10-30 04:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001-08-31 17:49:18 | 000,030,733 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ALiAGP.sys -- (ALiAGP)
DRV - [2001-08-17 21:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)


[color="#e56717"]========== Standard Registry (SafeList) ==========[/color]


[color="#e56717"]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://www.hp.com/info/homepage-o"]http://www.hp.com/info/homepage-o[/url]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.hp.com/info/homepage-o"]http://www.hp.com/info/homepage-o[/url]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.hp.com/info/homepage-o"]http://www.hp.com/info/homepage-o[/url]
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.hp.com/info/homepage-o"]http://www.hp.com/info/homepage-o[/url]
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.hp.com/info/homepage-o"]http://www.hp.com/info/homepage-o[/url]
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.pl/"]http://www.google.pl/[/url]
IE - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\ [2010-06-22 15:54:53 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2001-10-30 04:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [CARPService] C:\WINDOWS\System32\carpserv.exe (Conexant Systems)
O4 - HKLM..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe (Hewlett-Packard)
O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [QT4HPOT] C:\Program Files\Hewlett-Packard\One-Touch\ONETOUCH.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005..\Run: [EXPLORER.EXE] C:\WINDOWS\explorer.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005..\Run: [wsctf.exe] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} [url="http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1277063856334"]http://update.micros...b?1277063856334[/url] (WUWebControl Class)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.243.39.61
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (EXPLORER.EXE) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002-06-14 13:49:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2002-06-14 13:33:32 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color="#e56717"]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-07-03 15:04:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010-07-03 14:33:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Kopia Moje obrazy
[2010-07-03 14:31:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit\Zdjęcia
[2010-07-03 14:29:41 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\OTL.exe
[2010-06-23 15:58:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010-06-23 15:58:39 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010-06-23 14:06:53 | 000,143,360 | R--- | C] (Zenographics) -- C:\WINDOWS\apptune1020.exe
[2010-06-23 14:06:44 | 000,086,016 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZSPOOL.DLL
[2010-06-23 14:06:44 | 000,086,016 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZLhp1020.dll
[2010-06-23 14:06:44 | 000,028,672 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\IMF32.DLL
[2010-06-23 14:06:44 | 000,024,576 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZTAG32.DLL
[2010-06-23 14:06:43 | 000,028,672 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\zlm.dll
[2010-06-23 14:06:31 | 000,000,000 | -H-D | C] -- C:\Program Files\Zenographics
[2010-06-23 13:53:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Opera
[2010-06-23 13:53:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Opera
[2010-06-22 22:38:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files
[2010-06-22 22:29:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Moje wideo
[2010-06-22 22:17:35 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010-06-22 20:15:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010-06-22 15:54:50 | 000,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
[2010-06-22 15:54:49 | 001,435,600 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
[2010-06-22 15:54:49 | 000,264,144 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll
[2010-06-22 15:54:36 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010-06-22 15:54:21 | 000,218,592 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2010-06-22 15:54:21 | 000,088,040 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2010-06-22 15:53:55 | 000,063,360 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2010-06-22 15:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010-06-22 15:53:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\PC Tools
[2010-06-22 15:53:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Tools
[2010-06-22 15:53:18 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security
[2010-06-22 15:05:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google
[2010-06-22 07:40:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
[2010-06-22 07:39:33 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010-06-22 07:39:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google
[2010-06-21 23:31:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-06-21 23:29:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\Notesy programu OneNote
[2010-06-21 23:07:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010-06-21 23:06:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010-06-21 22:58:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2010-06-21 22:57:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft Help
[2010-06-21 22:56:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010-06-21 22:56:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
[2010-06-21 22:52:33 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010-06-21 22:27:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo
[2010-06-21 22:26:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010-06-21 22:09:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-pl
[2010-06-21 22:09:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\provisioning
[2010-06-21 22:09:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010-06-21 22:09:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl
[2010-06-21 22:09:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\peernet
[2010-06-21 19:51:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010-06-21 19:46:18 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-06-21 19:46:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-06-21 19:29:47 | 000,050,688 | ---- | C] (Grupa robocza Twain) -- C:\WINDOWS\twain_32.dll
[2010-06-21 19:00:24 | 000,000,000 | ---D | C] -- C:\000e55a71bd05f0e73
[2010-06-21 18:17:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010-06-21 18:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2010-06-21 18:07:56 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010-06-20 22:23:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Macromedia
[2010-06-20 22:14:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Opera
[2010-06-20 22:14:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Opera
[2010-06-20 22:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2010-06-20 22:02:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010-06-20 21:57:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010-06-20 21:05:25 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user\UserData
[2010-06-20 20:06:49 | 001,074,896 | ---- | C] (C. Ghisler & Co.) -- C:\Documents and Settings\user\Pulpit\TOTALCMD.EXE
[2010-06-20 20:04:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit\Moje Koffane!!!
[2010-06-20 20:03:46 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010-06-20 17:04:53 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user\Cookies
[2010-06-20 17:04:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\InterTrust
[2010-06-20 17:04:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Identities
[2010-06-20 17:04:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Adobe
[2010-06-20 17:04:52 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user\Dane aplikacji\Microsoft
[2010-06-20 17:04:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\SendTo
[2010-06-20 17:04:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent
[2010-06-20 17:04:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Dane aplikacji
[2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Ulubione
[2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Moje obrazy
[2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty
[2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Moja muzyka
[2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Menu Start
[2010-06-20 17:04:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\Ustawienia lokalne
[2010-06-20 17:04:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\Szablony
[2010-06-20 17:04:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\PrintHood
[2010-06-20 17:04:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\NetHood
[2010-06-20 17:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Symantec
[2010-06-20 17:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit
[2010-06-20 17:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\My eBooks
[2010-06-20 17:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-06-19 22:26:44 | 000,078,048 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\drvmcdb.sys
[2010-06-19 22:26:44 | 000,040,096 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\drvnddm.sys
[2010-06-19 22:26:44 | 000,005,589 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\sscdbhk5.sys
[2010-06-19 22:26:43 | 000,098,354 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\dla.exe
[2010-06-19 22:26:43 | 000,061,494 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\tfswapi.dll
[2010-06-19 22:26:43 | 000,022,963 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\ssrtln.sys
[2010-06-19 22:26:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dla
[2010-06-19 22:26:42 | 000,000,000 | ---D | C] -- C:\Program Files\HP DLA
[2010-06-19 22:26:32 | 000,000,000 | ---D | C] -- C:\Program Files\HP RecordNow
[2010-06-19 22:26:06 | 000,000,000 | ---D | C] -- C:\Program Files\InterVideo
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color="#e56717"]========== Files - Modified Within 60 Days ==========[/color]

[2010-07-03 17:08:07 | 001,048,576 | -H-- | M] () -- C:\Documents and Settings\user\NTUSER.DAT
[2010-07-03 16:44:00 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-07-03 16:21:47 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-07-03 14:59:23 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-07-03 14:59:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-07-03 14:59:15 | 266,915,840 | -HS- | M] () -- C:\hiberfil.sys
[2010-07-03 14:57:25 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\user\ntuser.ini
[2010-07-03 14:29:44 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\OTL.exe
[2010-07-03 14:28:17 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-07-03 13:36:51 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-06-25 21:20:31 | 003,223,142 | -H-- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-06-23 15:32:39 | 000,009,728 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-06-22 15:54:12 | 000,001,692 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\PC Tools AntiVirus Free.lnk
[2010-06-22 15:19:51 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-06-22 07:29:05 | 000,148,400 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-06-21 23:19:10 | 000,028,264 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-06-21 22:32:45 | 000,763,814 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-06-21 22:32:45 | 000,356,068 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-06-21 22:32:45 | 000,311,938 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-06-21 22:32:45 | 000,049,910 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-06-21 22:32:45 | 000,040,326 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-06-21 22:29:17 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010-06-21 22:28:30 | 000,000,519 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-06-21 22:17:55 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010-06-21 21:57:20 | 000,047,564 | ---- | M] () -- C:\ntdetect.com
[2010-06-21 21:57:19 | 000,251,152 | ---- | M] () -- C:\ntldr
[2010-06-20 22:14:25 | 000,000,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2010-06-20 20:07:38 | 000,000,313 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2010-06-19 22:26:44 | 000,000,132 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010-06-19 22:26:13 | 000,001,667 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\InterVideo WinDVD.lnk
[2010-06-19 22:24:46 | 000,001,182 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010-06-19 22:24:42 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\NTUSER.DAT
[2010-06-19 22:18:29 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-06-18 17:00:16 | 000,149,456 | ---- | M] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
[2010-06-18 17:00:12 | 001,435,600 | ---- | M] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
[2010-06-18 17:00:12 | 000,264,144 | ---- | M] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll
[2010-06-18 17:00:02 | 000,767,952 | ---- | M] () -- C:\WINDOWS\BDTSupport.dll
[2010-05-10 14:14:18 | 000,000,192 | ---- | M] () -- C:\WINDOWS\UDB.zip
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color="#e56717"]========== Files Created - No Company Name ==========[/color]

[2010-06-23 14:06:43 | 000,206,768 | R--- | C] () -- C:\WINDOWS\System32\hp1022.img
[2010-06-23 14:06:43 | 000,128,612 | R--- | C] () -- C:\WINDOWS\System32\hp1020.img
[2010-06-23 14:06:42 | 000,574,100 | R--- | C] () -- C:\WINDOWS\System32\hp1022n.img
[2010-06-23 14:06:42 | 000,397,312 | R--- | C] () -- C:\WINDOWS\System32\zshp1020.exe
[2010-06-23 14:06:42 | 000,106,496 | R--- | C] () -- C:\WINDOWS\System32\vshp1020.dll
[2010-06-23 14:06:41 | 000,007,578 | R--- | C] () -- C:\WINDOWS\System32\ZSHP1020.HLP
[2010-06-22 22:30:19 | 000,009,728 | ---- | C] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-06-22 15:54:51 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2010-06-22 15:54:50 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml
[2010-06-22 15:54:50 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml
[2010-06-22 15:54:50 | 000,000,192 | ---- | C] () -- C:\WINDOWS\UDB.zip
[2010-06-22 15:54:50 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip
[2010-06-22 15:54:36 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2010-06-22 15:54:21 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2010-06-22 15:54:21 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2010-06-22 15:54:12 | 000,001,692 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\PC Tools AntiVirus Free.lnk
[2010-06-22 15:53:55 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat
[2010-06-22 07:39:55 | 000,001,032 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-06-22 07:39:54 | 000,001,028 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-06-21 22:28:22 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010-06-21 22:10:47 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2010-06-21 22:10:47 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2010-06-21 22:10:47 | 000,001,714 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2010-06-21 22:10:47 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2010-06-21 22:10:46 | 000,693,932 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2010-06-21 22:10:46 | 000,071,460 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2010-06-21 22:10:46 | 000,027,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2010-06-21 22:10:45 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2010-06-21 22:10:45 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2010-06-21 22:10:45 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2010-06-21 22:10:45 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2010-06-21 22:10:45 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2010-06-21 22:10:45 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2010-06-21 22:10:45 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2010-06-21 22:10:45 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2010-06-21 22:10:44 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2010-06-21 22:10:44 | 000,058,350 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2010-06-21 22:10:43 | 000,034,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2010-06-21 22:10:43 | 000,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2010-06-21 22:10:43 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2010-06-21 22:10:43 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2010-06-21 22:10:43 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2010-06-21 22:10:43 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2010-06-21 22:10:43 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2010-06-21 22:10:43 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2010-06-21 22:10:43 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2010-06-21 22:10:42 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2010-06-21 22:10:42 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2010-06-21 22:10:42 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2010-06-21 22:10:42 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2010-06-21 22:10:42 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2010-06-21 22:10:42 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2010-06-21 22:10:42 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2010-06-21 22:10:42 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2010-06-21 22:10:42 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2010-06-21 22:10:42 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2010-06-21 22:10:42 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2010-06-21 22:10:42 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2010-06-21 22:10:42 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2010-06-21 22:10:42 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2010-06-21 22:10:42 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2010-06-21 22:10:41 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2010-06-21 22:10:41 | 000,089,253 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2010-06-21 22:10:41 | 000,066,160 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2010-06-21 22:10:41 | 000,001,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2010-06-21 22:10:41 | 000,001,482 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2010-06-21 22:10:41 | 000,001,479 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2010-06-21 22:10:41 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2010-06-21 22:10:41 | 000,001,471 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2010-06-21 22:10:41 | 000,001,463 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2010-06-21 22:10:41 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2010-06-21 22:10:41 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2010-06-21 22:10:41 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2010-06-21 22:10:41 | 000,001,041 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2010-06-21 22:10:41 | 000,000,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2010-06-21 22:10:41 | 000,000,822 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2010-06-21 22:10:41 | 000,000,808 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2010-06-21 22:10:41 | 000,000,792 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2010-06-21 22:10:41 | 000,000,786 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2010-06-21 22:10:41 | 000,000,738 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2010-06-21 22:10:40 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2010-06-21 22:10:40 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2010-06-21 22:10:40 | 000,001,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2010-06-21 22:10:40 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2010-06-21 22:10:39 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2010-06-21 22:10:39 | 000,036,644 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2010-06-21 22:10:39 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2010-06-21 22:10:39 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2010-06-21 22:10:39 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2010-06-21 22:10:38 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2010-06-21 22:10:38 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2010-06-21 22:10:37 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2010-06-21 22:10:37 | 000,184,137 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2010-06-21 22:10:37 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2010-06-21 22:10:37 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2010-06-21 22:10:37 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2010-06-21 22:10:37 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2010-06-21 22:10:37 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2010-06-21 22:10:37 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2010-06-21 22:10:37 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2010-06-21 22:10:37 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2010-06-21 22:10:36 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2010-06-21 22:10:24 | 000,239,616 | ---- | C] () -- C:\WINDOWS\System32\wstrenderer.ax
[2010-06-21 22:10:24 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\wstpager.ax
[2010-06-21 22:10:24 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\vbicodec.ax
[2010-06-21 22:09:59 | 000,118,272 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax
[2010-06-21 21:58:03 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2010-06-21 21:58:02 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010-06-21 19:35:53 | 000,046,306 | ---- | C] () -- C:\WINDOWS\System32\ieuinit.inf
[2010-06-21 19:28:59 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2010-06-21 19:28:48 | 000,053,920 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe
[2010-06-21 19:28:17 | 000,956,990 | ---- | C] () -- C:\WINDOWS\System32\instcat.sql
[2010-06-21 19:27:46 | 000,148,992 | ---- | C] () -- C:\WINDOWS\System32\mpg2splt.ax
[2010-06-21 19:27:03 | 000,004,310 | ---- | C] () -- C:\WINDOWS\System32\odbcconf.rsp
[2010-06-21 19:26:44 | 000,003,346 | ---- | C] () -- C:\WINDOWS\System32\redir.exe
[2010-06-21 19:26:02 | 001,356,288 | ---- | C] () -- C:\WINDOWS\System32\webfldrs.msi
[2010-06-21 19:25:20 | 000,265,948 | ---- | C] () -- C:\WINDOWS\System32\locale.nls
[2010-06-21 19:25:07 | 000,023,044 | ---- | C] () -- C:\WINDOWS\System32\sorttbls.nls
[2010-06-21 19:24:38 | 000,047,564 | ---- | C] () -- C:\ntdetect.com
[2010-06-21 19:24:37 | 000,251,152 | ---- | C] () -- C:\ntldr
[2010-06-21 18:17:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010-06-20 22:14:25 | 000,000,602 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2010-06-20 20:07:12 | 000,000,313 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2010-06-20 17:04:52 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\user\ntuser.ini
[2010-06-20 17:04:51 | 001,048,576 | -H-- | C] () -- C:\Documents and Settings\user\NTUSER.DAT
[2010-06-20 17:04:51 | 000,032,768 | -H-- | C] () -- C:\Documents and Settings\user\ntuser.dat.LOG
[2010-06-19 22:26:43 | 000,000,132 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010-06-19 22:26:12 | 000,001,667 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\InterVideo WinDVD.lnk
[2010-06-19 22:24:41 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT
[2010-06-19 22:24:41 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT.LOG
[2010-06-19 22:24:35 | 000,001,805 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\MSN Explorer.lnk
[2002-06-14 14:25:13 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2002-06-14 14:00:40 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2002-03-06 17:01:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2001-08-31 15:33:58 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\VxDMDcDlg.dll
[1980-01-01 00:00:00 | 000,406,775 | ---- | C] () -- C:\WINDOWS\System32\ati3duag.dll
[1980-01-01 00:00:00 | 000,000,988 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[color="#e56717"]========== LOP Check ==========[/color]

[2002-06-14 14:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\InterTrust
[2010-06-21 19:46:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-07-03 16:24:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2002-06-14 14:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\InterTrust
[2010-06-23 13:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Opera
[2002-06-14 14:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\InterTrust
[2010-06-20 22:14:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Opera

[color="#e56717"]========== Purity Check ==========[/color]



[color="#e56717"]========== Custom Scans ==========[/color]


[color="#a23bec"]< %systemdrive%\*.* >[/color]
[2002-06-14 13:49:20 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-06-21 22:17:55 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2001-10-30 04:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2002-06-14 13:24:20 | 000,000,084 | -HS- | M] () -- C:\BOOTLOG.TXT
[2002-06-14 13:49:20 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2002-03-12 18:13:58 | 000,065,271 | RHS- | M] () -- C:\DRVSPACE.BIN
[2010-07-03 14:59:15 | 266,915,840 | -HS- | M] () -- C:\hiberfil.sys
[1999-11-09 13:02:34 | 000,000,497 | ---- | M] () -- C:\HPSUPPT.TXT
[2002-06-14 13:50:30 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2002-06-14 13:50:30 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010-06-21 21:57:20 | 000,047,564 | ---- | M] () -- C:\ntdetect.com
[2010-06-21 21:57:19 | 000,251,152 | ---- | M] () -- C:\ntldr
[2010-07-03 14:59:13 | 402,653,184 | -HS- | M] () -- C:\pagefile.sys
[2002-06-14 13:56:36 | 000,000,098 | RH-- | M] () -- C:\version.inf
[2001-10-30 04:00:00 | 000,000,010 | ---- | M] () -- C:\WIN51
[2001-10-30 04:00:00 | 000,000,010 | ---- | M] () -- C:\WIN51IP


[color="#a23bec"]< MD5 for: AGP440.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\000e55a71bd05f0e73\i386\sp3.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2001-08-17 21:58:00 | 000,025,472 | ---- | M] (Microsoft Corporation) MD5=65880045C51AA36184841CEE915A61DF -- C:\WINDOWS\SoftwareDistribution\Download\43ab4310d3c682d7f669ad4db86a272d\backup\agp440.sys

[color="#a23bec"]< MD5 for: ATAPI.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\000e55a71bd05f0e73\i386\sp3.cab:atapi.sys
[2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp1.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2002-08-29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\43ab4310d3c682d7f669ad4db86a272d\backup\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[color="#a23bec"]< MD5 for: BEEP.SYS >[/color]
[2001-10-30 04:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color="#a23bec"]< MD5 for: CDROM.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\000e55a71bd05f0e73\i386\sp3.cab:cdrom.sys
[2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp1.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\43ab4310d3c682d7f669ad4db86a272d\backup\cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2002-08-29 01:27:56 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=6506E033AD04CFEC9EE56DBEFD1083DD -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

[color="#a23bec"]< MD5 for: EVENTLOG.DLL >[/color]
[2002-09-20 18:03:48 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=29B2476DBB81A31473F76DD2E0B9360C -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color="#a23bec"]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2002-08-29 02:09:26 | 000,167,552 | ---- | M] (Microsoft Corporation) MD5=3B350E5A2A5E951453F3993275A4523A -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

[color="#a23bec"]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe
[2002-02-21 11:48:30 | 000,431,616 | ---- | M] (Microsoft Corporation) MD5=84ABBAB7802780D90AC79C0FE8584ECD -- C:\I386\WINLOGON.EXE
[2002-09-20 18:05:50 | 000,519,168 | ---- | M] (Microsoft Corporation) MD5=8B6E6BB5D451F8BBC0621203B687D993 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

[color="#e56717"]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 156 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:A8ADE5D8
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:430C6D84
< End of report >
[/log]

Tomek01
komentarz
komentarz

Co do otwierania moich dokumentów, wygląda to na infekcję z mediów przenośnych. Zastosuj [b][color=#0000CD][url=http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe]Flash Disinfector[/url][/color][/b], najlepiej z podpiętym pendrive'm.


Następnie załącz dodatkowo log [url="http://images.malwareremoval.com/random/RSIT.exe"][b][color="#0000FF"]R[/color]andom's [color="#0000FF"]S[/color]ystem [color="#0000FF"]I[/color]nformation [color="#0000FF"]T[/color]ool[/b][/url]

gosia1995
komentarz
komentarz

załączam loga z RSIT

[log]Logfile of random's system information tool 1.07 (written by random/random)
Run by user at 2010-07-04 12:58:25
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive C: has 18 GB (62%) free of 29 GB
Total RAM: 254 MB (20% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:59:54, on 2010-07-04
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
C:\WINDOWS\system32\carpserv.exe
C:\WINDOWS\system32\atiptaxx.exe
C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\PC Tools Security\pctsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\HPConfig.exe
C:\WINDOWS\system32\RadioSvr.exe
C:\Program Files\PC Tools Security\pctsAuxs.exe
C:\Program Files\PC Tools Security\pctsSvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\user\Moje dokumenty\Pobieranie\RSIT.exe
C:\Program Files\trend micro\user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
F2 - REG:system.ini: UserInit=userinit.exe,EXPLORER.EXE
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe /RK
O4 - HKLM\..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
O4 - HKLM\..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe -r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\PC Tools Security\pctsTray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [wsctf.exe] wsctf.exe
O4 - HKCU\..\Run: [EXPLORER.EXE] EXPLORER.EXE
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com/info/homepage-o
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1277063856334
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: Usługa Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HP RF Device Service (HpRfDev) - Hewlett-Packard - C:\WINDOWS\system32\HpRfDev.exe
O23 - Service: RadioSvr - Hewlett-Packard - C:\WINDOWS\system32\RadioSvr.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\PC Tools Security\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\PC Tools Security\pctsSvc.exe

--
End of file - 6208 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-03-02 37808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]
PC Tools Browser Guard BHO - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll [2010-06-18 632784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{472734EA-242A-422B-ADF8-83D1E48CC825} - PC Tools Browser Guard - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll [2010-06-18 632784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CARPService"=C:\WINDOWS\system32\carpserv.exe [2002-03-27 4608]
"ATIModeChange"=C:\WINDOWS\system32\Ati2mdxx.exe [2002-04-22 28672]
"AtiPTA"=C:\WINDOWS\system32\atiptaxx.exe [2002-04-22 282624]
"HP TV Now"=C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe [2002-04-30 237568]
"HP Display Settings"=C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe [2002-03-07 61440]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2002-04-12 126976]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2002-04-12 536576]
"QT4HPOT"=C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE [2002-04-20 77824]
"HP Presentation Ready"=C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe [2002-04-26 77824]
"dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2002-03-14 102455]
"ISTray"=C:\Program Files\PC Tools Security\pctsTray.exe [2010-05-11 1287120]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"wsctf.exe"=wsctf.exe []
"EXPLORER.EXE"=C:\WINDOWS\EXPLORER.EXE [2008-04-14 1035264]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=0xFFFFFFFF

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 3 months======

2010-07-04 12:58:27 ----D---- C:\Program Files\trend micro
2010-07-04 12:58:25 ----D---- C:\rsit
2010-07-04 12:57:32 ----RASHD---- C:\autorun.inf
2010-07-04 12:37:37 ----D---- C:\WINDOWS\LastGood
2010-07-04 11:09:09 ----SHD---- C:\Config.Msi
2010-07-04 10:06:43 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-07-04 10:06:29 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-07-04 10:06:15 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-07-04 10:05:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-07-04 10:05:44 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2010-07-04 10:05:31 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-07-04 10:05:17 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2010-07-04 10:04:59 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-07-04 10:04:43 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-07-04 10:04:31 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-07-04 10:04:18 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-07-04 10:04:05 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-07-04 10:03:46 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-07-04 10:03:32 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-07-04 10:03:17 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-07-04 10:03:01 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-07-04 10:01:47 ----HDC---- C:\WINDOWS\$NtUninstallKB982381$
2010-07-04 10:01:32 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-07-04 10:00:42 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-07-03 23:38:16 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\MSN6
2010-07-03 23:38:13 ----D---- C:\Documents and Settings\user\Dane aplikacji\MSN6
2010-07-03 22:27:24 ----D---- C:\Documents and Settings\user\Dane aplikacji\Mozilla
2010-07-03 21:25:39 ----D---- C:\Program Files\Mozilla Firefox
2010-07-03 14:28:45 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-07-03 14:27:47 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-07-03 14:26:18 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-07-03 14:22:56 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-07-03 14:16:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-07-03 14:13:47 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-07-03 14:07:35 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-07-03 13:59:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-06-25 20:27:42 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-06-25 20:24:59 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-06-25 20:22:19 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-06-24 21:48:59 ----A---- C:\WINDOWS\system32\browserchoice.exe
2010-06-23 19:25:24 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-06-23 19:24:44 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-06-23 15:58:44 ----D---- C:\WINDOWS\system32\PreInstall
2010-06-23 15:58:40 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-06-23 15:58:39 ----HD---- C:\WINDOWS\$hf_mig$
2010-06-23 14:06:53 ----RA---- C:\WINDOWS\apptune1020.exe
2010-06-23 14:06:44 ----A---- C:\WINDOWS\system32\ZTAG32.DLL
2010-06-23 14:06:44 ----A---- C:\WINDOWS\system32\ZSPOOL.DLL
2010-06-23 14:06:44 ----A---- C:\WINDOWS\system32\ZLhp1020.dll
2010-06-23 14:06:44 ----A---- C:\WINDOWS\system32\IMF32.DLL
2010-06-23 14:06:43 ----A---- C:\WINDOWS\system32\zlm.dll
2010-06-23 14:06:42 ----RA---- C:\WINDOWS\system32\zshp1020.exe
2010-06-23 14:06:42 ----RA---- C:\WINDOWS\system32\vshp1020.dll
2010-06-23 14:06:31 ----HD---- C:\Program Files\Zenographics
2010-06-22 22:17:35 ----D---- C:\Program Files\7-Zip
2010-06-22 20:15:24 ----D---- C:\WINDOWS\system32\appmgmt
2010-06-22 15:54:51 ----A---- C:\WINDOWS\BDTSupport.dll
2010-06-22 15:54:50 ----A---- C:\WINDOWS\SGDetectionTool.dll
2010-06-22 15:54:49 ----A---- C:\WINDOWS\PCTBDRes.dll
2010-06-22 15:54:49 ----A---- C:\WINDOWS\PCTBDCore.dll
2010-06-22 15:53:19 ----D---- C:\Program Files\Common Files\PC Tools
2010-06-22 15:53:19 ----D---- C:\Documents and Settings\user\Dane aplikacji\PC Tools
2010-06-22 15:53:19 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\PC Tools
2010-06-22 15:53:18 ----D---- C:\Program Files\PC Tools Security
2010-06-22 07:39:33 ----D---- C:\Program Files\Google
2010-06-21 23:32:12 ----A---- C:\WINDOWS\system32\muweb.dll
2010-06-21 23:32:12 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-06-21 23:32:11 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-06-21 23:31:26 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2010-06-21 23:13:45 ----A---- C:\WINDOWS\system32\msonpmon.dll
2010-06-21 23:07:50 ----D---- C:\Program Files\Microsoft Works
2010-06-21 23:06:36 ----D---- C:\Program Files\Common Files\DESIGNER
2010-06-21 22:58:10 ----D---- C:\WINDOWS\SHELLNEW
2010-06-21 22:56:32 ----D---- C:\Program Files\Microsoft Office
2010-06-21 22:56:27 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
2010-06-21 22:52:33 ----RHD---- C:\MSOCache
2010-06-21 22:26:16 ----D---- C:\WINDOWS\Prefetch
2010-06-21 22:10:52 ----N---- C:\WINDOWS\system32\msxml6r.dll
2010-06-21 22:10:51 ----N---- C:\WINDOWS\system32\msxml6.dll
2010-06-21 22:10:36 ----N---- C:\WINDOWS\system32\wmvdmoe2.dll
2010-06-21 22:10:35 ----N---- C:\WINDOWS\system32\wmspdmoe.dll
2010-06-21 22:10:35 ----N---- C:\WINDOWS\system32\wmspdmod.dll
2010-06-21 22:10:35 ----N---- C:\WINDOWS\system32\wmsdmoe2.dll
2010-06-21 22:10:34 ----N---- C:\WINDOWS\system32\wmpdxm.dll
2010-06-21 22:10:33 ----N---- C:\WINDOWS\system32\wmpasf.dll
2010-06-21 22:10:33 ----A---- C:\WINDOWS\system32\wmp.dll
2010-06-21 22:10:32 ----N---- C:\WINDOWS\system32\wmidx.dll
2010-06-21 22:10:32 ----N---- C:\WINDOWS\system32\wmerror.dll
2010-06-21 22:10:31 ----N---- C:\WINDOWS\system32\mspmsnsv.dll
2010-06-21 22:10:30 ----N---- C:\WINDOWS\system32\mp4sdmod.dll
2010-06-21 22:10:30 ----N---- C:\WINDOWS\system32\mp43dmod.dll
2010-06-21 22:10:24 ----N---- C:\WINDOWS\system32\comsdupd.exe
2010-06-21 22:10:12 ----N---- C:\WINDOWS\system32\aaclient.dll
2010-06-21 22:10:11 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2010-06-21 22:10:11 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2010-06-21 22:10:11 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2010-06-21 22:10:10 ----N---- C:\WINDOWS\system32\credssp.dll
2010-06-21 22:10:10 ----N---- C:\WINDOWS\system32\cmsetacl.dll
2010-06-21 22:10:10 ----N---- C:\WINDOWS\system32\btpanui.dll
2010-06-21 22:10:10 ----N---- C:\WINDOWS\system32\bthserv.dll
2010-06-21 22:10:10 ----N---- C:\WINDOWS\system32\bthci.dll
2010-06-21 22:10:10 ----N---- C:\WINDOWS\system32\blastcln.exe
2010-06-21 22:10:10 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2010-06-21 22:10:10 ----N---- C:\WINDOWS\system32\azroles.dll
2010-06-21 22:10:10 ----N---- C:\WINDOWS\system32\auditusr.exe
2010-06-21 22:10:09 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2010-06-21 22:10:09 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2010-06-21 22:10:09 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2010-06-21 22:10:09 ----N---- C:\WINDOWS\system32\dot3api.dll
2010-06-21 22:10:09 ----N---- C:\WINDOWS\system32\dimsroam.dll
2010-06-21 22:10:09 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2010-06-21 22:10:09 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2010-06-21 22:10:09 ----N---- C:\WINDOWS\system32\d3d9.dll
2010-06-21 22:10:08 ----N---- C:\WINDOWS\system32\dot3ui.dll
2010-06-21 22:10:08 ----N---- C:\WINDOWS\system32\dot3svc.dll
2010-06-21 22:10:08 ----N---- C:\WINDOWS\system32\dot3msm.dll
2010-06-21 22:10:07 ----N---- C:\WINDOWS\system32\eapsvc.dll
2010-06-21 22:10:07 ----N---- C:\WINDOWS\system32\eapqec.dll
2010-06-21 22:10:07 ----N---- C:\WINDOWS\system32\eappprxy.dll
2010-06-21 22:10:07 ----N---- C:\WINDOWS\system32\eapphost.dll
2010-06-21 22:10:07 ----N---- C:\WINDOWS\system32\eappgnui.dll
2010-06-21 22:10:07 ----N---- C:\WINDOWS\system32\eappcfg.dll
2010-06-21 22:10:07 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2010-06-21 22:10:07 ----N---- C:\WINDOWS\system32\eapolqec.dll
2010-06-21 22:10:07 ----N---- C:\WINDOWS\system32\dxdiagn.dll
2010-06-21 22:10:06 ----N---- C:\WINDOWS\system32\fltmc.exe
2010-06-21 22:10:06 ----N---- C:\WINDOWS\system32\fltlib.dll
2010-06-21 22:10:06 ----N---- C:\WINDOWS\system32\extmgr.dll
2010-06-21 22:10:05 ----N---- C:\WINDOWS\system32\httpapi.dll
2010-06-21 22:10:05 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2010-06-21 22:10:05 ----N---- C:\WINDOWS\system32\fwcfg.dll
2010-06-21 22:10:05 ----N---- C:\WINDOWS\system32\fsquirt.exe
2010-06-21 22:10:04 ----N---- C:\WINDOWS\system32\ieencode.dll
2010-06-21 22:10:02 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2010-06-21 22:10:02 ----N---- C:\WINDOWS\system32\kbdmlt48.dll
2010-06-21 22:10:02 ----N---- C:\WINDOWS\system32\kbdmlt47.dll
2010-06-21 22:10:02 ----N---- C:\WINDOWS\system32\kbdmaori.dll
2010-06-21 22:10:02 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2010-06-21 22:10:02 ----N---- C:\WINDOWS\system32\kbdinmal.dll
2010-06-21 22:10:02 ----N---- C:\WINDOWS\system32\kbdinben.dll
2010-06-21 22:10:02 ----N---- C:\WINDOWS\system32\kbdinbe1.dll
2010-06-21 22:10:02 ----N---- C:\WINDOWS\system32\kbdfi1.dll
2010-06-21 22:10:02 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2010-06-21 22:10:01 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2010-06-21 22:10:01 ----N---- C:\WINDOWS\system32\kmsvc.dll
2010-06-21 22:10:01 ----N---- C:\WINDOWS\system32\kbdukx.dll
2010-06-21 22:10:01 ----N---- C:\WINDOWS\system32\kbdsmsno.dll
2010-06-21 22:10:01 ----N---- C:\WINDOWS\system32\kbdsmsfi.dll
2010-06-21 22:10:01 ----N---- C:\WINDOWS\system32\kbdpash.dll
2010-06-21 22:10:01 ----N---- C:\WINDOWS\system32\kbdno1.dll
2010-06-21 22:10:00 ----N---- C:\WINDOWS\system32\mmcperf.exe
2010-06-21 22:10:00 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2010-06-21 22:10:00 ----N---- C:\WINDOWS\system32\mmcex.dll
2010-06-21 22:10:00 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2010-06-21 22:09:59 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2010-06-21 22:09:59 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2010-06-21 22:09:59 ----N---- C:\WINDOWS\system32\mssha.dll
2010-06-21 22:09:59 ----N---- C:\WINDOWS\system32\msdadiag.dll
2010-06-21 22:09:58 ----N---- C:\WINDOWS\system32\napstat.exe
2010-06-21 22:09:58 ----N---- C:\WINDOWS\system32\napmontr.dll
2010-06-21 22:09:58 ----N---- C:\WINDOWS\system32\napipsec.dll
2010-06-21 22:09:57 ----N---- C:\WINDOWS\system32\powercfg.exe
2010-06-21 22:09:57 ----N---- C:\WINDOWS\system32\pnrpnsp.dll
2010-06-21 22:09:57 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2010-06-21 22:09:57 ----N---- C:\WINDOWS\system32\p2psvc.dll
2010-06-21 22:09:57 ----N---- C:\WINDOWS\system32\p2pnetsh.dll
2010-06-21 22:09:57 ----N---- C:\WINDOWS\system32\p2pgraph.dll
2010-06-21 22:09:57 ----N---- C:\WINDOWS\system32\p2pgasvc.dll
2010-06-21 22:09:57 ----N---- C:\WINDOWS\system32\p2p.dll
2010-06-21 22:09:57 ----N---- C:\WINDOWS\system32\onex.dll
2010-06-21 22:09:56 ----N---- C:\WINDOWS\system32\s3gnb.dll
2010-06-21 22:09:56 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2010-06-21 22:09:56 ----N---- C:\WINDOWS\system32\rasqec.dll
2010-06-21 22:09:56 ----N---- C:\WINDOWS\system32\qutil.dll
2010-06-21 22:09:56 ----N---- C:\WINDOWS\system32\qcliprov.dll
2010-06-21 22:09:56 ----N---- C:\WINDOWS\system32\qagentrt.dll
2010-06-21 22:09:56 ----N---- C:\WINDOWS\system32\qagent.dll
2010-06-21 22:09:55 ----N---- C:\WINDOWS\system32\smbinst.exe
2010-06-21 22:09:55 ----N---- C:\WINDOWS\system32\slserv.exe
2010-06-21 22:09:55 ----N---- C:\WINDOWS\system32\slrundll.exe
2010-06-21 22:09:55 ----N---- C:\WINDOWS\system32\slgen.dll
2010-06-21 22:09:55 ----N---- C:\WINDOWS\system32\slextspk.dll
2010-06-21 22:09:55 ----N---- C:\WINDOWS\system32\slcoinst.dll
2010-06-21 22:09:55 ----N---- C:\WINDOWS\system32\setupn.exe
2010-06-21 22:09:55 ----N---- C:\WINDOWS\system32\sdhcinst.dll
2010-06-21 22:09:54 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2010-06-21 22:09:54 ----N---- C:\WINDOWS\system32\xpsp2res.dll
2010-06-21 22:09:54 ----N---- C:\WINDOWS\system32\twext.dll
2010-06-21 22:09:54 ----N---- C:\WINDOWS\system32\tspkg.dll
2010-06-21 22:09:54 ----N---- C:\WINDOWS\system32\tsgqec.dll
2010-06-21 22:09:54 ----N---- C:\WINDOWS\system32\strmfilt.dll
2010-06-21 22:09:53 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2010-06-21 22:09:53 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2010-06-21 22:09:53 ----N---- C:\WINDOWS\system32\w3ssl.dll
2010-06-21 22:09:53 ----N---- C:\WINDOWS\system32\verclsid.exe
2010-06-21 22:09:53 ----N---- C:\WINDOWS\system32\tzchange.exe
2010-06-21 22:09:52 ----N---- C:\WINDOWS\system32\wshbth.dll
2010-06-21 22:09:52 ----N---- C:\WINDOWS\system32\wscsvc.dll
2010-06-21 22:09:52 ----N---- C:\WINDOWS\system32\wscntfy.exe
2010-06-21 22:09:52 ----N---- C:\WINDOWS\system32\wmphoto.dll
2010-06-21 22:09:52 ----N---- C:\WINDOWS\system32\wlanapi.dll
2010-06-21 22:09:52 ----N---- C:\WINDOWS\system32\winshfhc.dll
2010-06-21 22:09:51 ----N---- C:\WINDOWS\system32\wuaueng1.dll
2010-06-21 22:09:51 ----N---- C:\WINDOWS\system32\wuauclt1.exe
2010-06-21 22:09:50 ----N---- C:\WINDOWS\system32\xmlprovi.dll
2010-06-21 22:09:50 ----N---- C:\WINDOWS\system32\xmlprov.dll
2010-06-21 22:09:50 ----N---- C:\WINDOWS\system32\xmllite.dll
2010-06-21 22:09:50 ----N---- C:\WINDOWS\slrundll.exe
2010-06-21 22:09:49 ----D---- C:\WINDOWS\system32\pl-pl
2010-06-21 22:09:47 ----D---- C:\WINDOWS\provisioning
2010-06-21 22:09:45 ----D---- C:\WINDOWS\l2schemas
2010-06-21 22:09:44 ----D---- C:\WINDOWS\system32\pl
2010-06-21 22:09:43 ----D---- C:\WINDOWS\peernet
2010-06-21 21:54:50 ----A---- C:\WINDOWS\005307_.tmp
2010-06-21 19:51:00 ----D---- C:\WINDOWS\network diagnostic
2010-06-21 19:46:18 ----D---- C:\Program Files\Alwil Software
2010-06-21 19:46:18 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
2010-06-21 19:40:44 ----A---- C:\WINDOWS\003753_.tmp
2010-06-21 19:39:15 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-06-21 19:35:44 ----A---- C:\WINDOWS\system32\secedit.exe
2010-06-21 19:35:41 ----A---- C:\WINDOWS\system32\ir41_qc.dll
2010-06-21 19:35:40 ----A---- C:\WINDOWS\system32\ir41_qcx.dll
2010-06-21 19:35:39 ----A---- C:\WINDOWS\system32\ir50_32.dll
2010-06-21 19:35:38 ----A---- C:\WINDOWS\system32\ir50_qc.dll
2010-06-21 19:35:37 ----A---- C:\WINDOWS\system32\ir50_qcx.dll
2010-06-21 19:35:36 ----A---- C:\WINDOWS\system32\mstscax.dll
2010-06-21 19:35:36 ----A---- C:\WINDOWS\system32\mstsc.exe
2010-06-21 19:35:35 ----A---- C:\WINDOWS\system32\xpob2res.dll
2010-06-21 19:35:34 ----A---- C:\WINDOWS\system32\xpsp1res.dll
2010-06-21 19:35:33 ----A---- C:\WINDOWS\system32\winhttp.dll
2010-06-21 19:34:36 ----A---- C:\WINDOWS\system32\spiisupd.exe
2010-06-21 19:34:36 ----A---- C:\WINDOWS\system32\asr_pfu.exe
2010-06-21 19:34:21 ----A---- C:\WINDOWS\system32\encdec.dll
2010-06-21 19:34:19 ----A---- C:\WINDOWS\system32\dsprpres.dll
2010-06-21 19:34:08 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2010-06-21 19:34:04 ----A---- C:\WINDOWS\system32\ati2dvaa.dll
2010-06-21 19:34:03 ----A---- C:\WINDOWS\system32\msftedit.dll
2010-06-21 19:34:01 ----A---- C:\WINDOWS\system32\sbe.dll
2010-06-21 19:33:57 ----A---- C:\WINDOWS\system32\sbeio.dll
2010-06-21 19:33:52 ----A---- C:\WINDOWS\system32\hccoin.dll
2010-06-21 19:33:48 ----A---- C:\WINDOWS\system32\iuengine.dll
2010-06-21 19:33:45 ----A---- C:\WINDOWS\system32\mssap.dll
2010-06-21 19:33:42 ----A---- C:\WINDOWS\system32\winbrand.dll
2010-06-21 19:33:20 ----A---- C:\WINDOWS\system32\faxpatch.exe
2010-06-21 19:33:17 ----A---- C:\WINDOWS\system32\encapi.dll
2010-06-21 19:33:02 ----A---- C:\WINDOWS\system32\wuauserv.dll
2010-06-21 19:32:54 ----A---- C:\WINDOWS\system32\qmgr.dll
2010-06-21 19:32:51 ----A---- C:\WINDOWS\system32\pidgen.dll
2010-06-21 19:32:51 ----A---- C:\WINDOWS\system32\dpcdll.dll
2010-06-21 19:32:37 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2010-06-21 19:32:32 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2010-06-21 19:32:17 ----A---- C:\WINDOWS\system32\adsnw.dll
2010-06-21 19:32:16 ----A---- C:\WINDOWS\system32\appmgmts.dll
2010-06-21 19:32:15 ----A---- C:\WINDOWS\system32\cipher.exe
2010-06-21 19:32:15 ----A---- C:\WINDOWS\system32\bootcfg.exe
2010-06-21 19:32:15 ----A---- C:\WINDOWS\system32\asr_fmt.exe
2010-06-21 19:32:15 ----A---- C:\WINDOWS\system32\appmgr.dll
2010-06-21 19:32:14 ----A---- C:\WINDOWS\system32\fde.dll
2010-06-21 19:32:14 ----A---- C:\WINDOWS\system32\eventtriggers.exe
2010-06-21 19:32:14 ----A---- C:\WINDOWS\system32\eventcreate.exe
2010-06-21 19:32:14 ----A---- C:\WINDOWS\system32\efsadu.dll
2010-06-21 19:32:14 ----A---- C:\WINDOWS\system32\driverquery.exe
2010-06-21 19:32:13 ----A---- C:\WINDOWS\system32\getmac.exe
2010-06-21 19:32:13 ----A---- C:\WINDOWS\system32\fdeploy.dll
2010-06-21 19:32:12 ----A---- C:\WINDOWS\system32\mqad.dll
2010-06-21 19:32:12 ----A---- C:\WINDOWS\system32\logman.exe
2010-06-21 19:32:12 ----A---- C:\WINDOWS\system32\gptext.dll
2010-06-21 19:32:12 ----A---- C:\WINDOWS\system32\gpresult.exe
2010-06-21 19:32:12 ----A---- C:\WINDOWS\system32\gpedit.dll
2010-06-21 19:32:11 ----A---- C:\WINDOWS\system32\mqoa.dll
2010-06-21 19:32:11 ----A---- C:\WINDOWS\system32\mqlogmgr.dll
2010-06-21 19:32:11 ----A---- C:\WINDOWS\system32\mqise.dll
2010-06-21 19:32:11 ----A---- C:\WINDOWS\system32\mqdscli.dll
2010-06-21 19:32:11 ----A---- C:\WINDOWS\system32\mqbkup.exe
2010-06-21 19:32:09 ----A---- C:\WINDOWS\system32\mqrtdep.dll
2010-06-21 19:32:09 ----A---- C:\WINDOWS\system32\mqrt.dll
2010-06-21 19:32:09 ----A---- C:\WINDOWS\system32\mqqm.dll
2010-06-21 19:32:08 ----A---- C:\WINDOWS\system32\mqsvc.exe
2010-06-21 19:32:08 ----A---- C:\WINDOWS\system32\mqsnap.dll
2010-06-21 19:32:08 ----A---- C:\WINDOWS\system32\mqsec.dll
2010-06-21 19:32:07 ----A---- C:\WINDOWS\system32\mqupgrd.dll
2010-06-21 19:32:07 ----A---- C:\WINDOWS\system32\mqtrig.dll
2010-06-21 19:32:07 ----A---- C:\WINDOWS\system32\mqtgsvc.exe
2010-06-21 19:32:06 ----A---- C:\WINDOWS\system32\ntbackup.exe
2010-06-21 19:32:06 ----A---- C:\WINDOWS\system32\mqutil.dll
2010-06-21 19:32:04 ----A---- C:\WINDOWS\system32\nwwks.dll
2010-06-21 19:32:04 ----A---- C:\WINDOWS\system32\nwapi32.dll
2010-06-21 19:32:03 ----A---- C:\WINDOWS\system32\systeminfo.exe
2010-06-21 19:32:03 ----A---- C:\WINDOWS\system32\schtasks.exe
2010-06-21 19:32:03 ----A---- C:\WINDOWS\system32\rsnotify.exe
2010-06-21 19:32:03 ----A---- C:\WINDOWS\system32\proxycfg.exe
2010-06-21 19:32:03 ----A---- C:\WINDOWS\system32\openfiles.exe
2010-06-21 19:32:02 ----A---- C:\WINDOWS\system32\tasklist.exe
2010-06-21 19:32:02 ----A---- C:\WINDOWS\system32\taskkill.exe
2010-06-21 19:32:01 ----A---- C:\WINDOWS\system32\tlntsvr.exe
2010-06-21 19:32:01 ----A---- C:\WINDOWS\system32\tlntsess.exe
2010-06-21 19:32:01 ----A---- C:\WINDOWS\system32\tlntadmn.exe
2010-06-21 19:32:00 ----A---- C:\WINDOWS\system32\tracerpt.exe
2010-06-21 19:32:00 ----A---- C:\WINDOWS\system32\tlntsvrp.dll
2010-06-21 19:31:59 ----A---- C:\WINDOWS\system32\wsecedit.dll
2010-06-21 19:29:47 ----A---- C:\WINDOWS\twain_32.dll
2010-06-21 19:29:47 ----A---- C:\WINDOWS\regedit.exe
2010-06-21 19:29:47 ----A---- C:\WINDOWS\hh.exe
2010-06-21 19:29:47 ----A---- C:\WINDOWS\explorer.exe
2010-06-21 19:29:46 ----A---- C:\WINDOWS\winhlp32.exe
2010-06-21 19:29:36 ----A---- C:\WINDOWS\system32\6to4svc.dll
2010-06-21 19:29:35 ----A---- C:\WINDOWS\system32\admparse.dll
2010-06-21 19:29:35 ----A---- C:\WINDOWS\system32\actxprxy.dll
2010-06-21 19:29:35 ----A---- C:\WINDOWS\system32\actmovie.exe
2010-06-21 19:29:35 ----A---- C:\WINDOWS\system32\activeds.dll
2010-06-21 19:29:35 ----A---- C:\WINDOWS\system32\aclui.dll
2010-06-21 19:29:35 ----A---- C:\WINDOWS\system32\accwiz.exe
2010-06-21 19:29:34 ----A---- C:\WINDOWS\system32\alrsvc.dll
2010-06-21 19:29:34 ----A---- C:\WINDOWS\system32\alg.exe
2010-06-21 19:29:34 ----A---- C:\WINDOWS\system32\ahui.exe
2010-06-21 19:29:34 ----A---- C:\WINDOWS\system32\advpack.dll
2010-06-21 19:29:34 ----A---- C:\WINDOWS\system32\adsnt.dll
2010-06-21 19:29:34 ----A---- C:\WINDOWS\system32\adsmsext.dll
2010-06-21 19:29:34 ----A---- C:\WINDOWS\system32\adsldpc.dll
2010-06-21 19:29:34 ----A---- C:\WINDOWS\system32\adsldp.dll
2010-06-21 19:29:33 ----A---- C:\WINDOWS\system32\apphelp.dll
2010-06-21 19:29:33 ----A---- C:\WINDOWS\system32\amstream.dll
2010-06-21 19:29:32 ----A---- C:\WINDOWS\system32\at.exe
2010-06-21 19:29:32 ----A---- C:\WINDOWS\system32\asycfilt.dll
2010-06-21 19:29:32 ----A---- C:\WINDOWS\system32\asferror.dll
2010-06-21 19:29:31 ----A---- C:\WINDOWS\system32\atmfd.dll
2010-06-21 19:29:31 ----A---- C:\WINDOWS\system32\atmadm.exe
2010-06-21 19:29:31 ----A---- C:\WINDOWS\system32\atl.dll
2010-06-21 19:29:30 ----A---- C:\WINDOWS\system32\atmlib.dll
2010-06-21 19:29:29 ----A---- C:\WINDOWS\system32\audiosrv.dll
2010-06-21 19:29:29 ----A---- C:\WINDOWS\system32\attrib.exe
2010-06-21 19:29:28 ----A---- C:\WINDOWS\system32\authz.dll
2010-06-21 19:29:27 ----A---- C:\WINDOWS\system32\autofmt.exe
2010-06-21 19:29:25 ----A---- C:\WINDOWS\system32\basesrv.dll
2010-06-21 19:29:25 ----A---- C:\WINDOWS\system32\avifil32.dll
2010-06-21 19:29:25 ----A---- C:\WINDOWS\system32\autolfn.exe
2010-06-21 19:29:24 ----A---- C:\WINDOWS\system32\blackbox.dll
2010-06-21 19:29:24 ----A---- C:\WINDOWS\system32\bidispl.dll
2010-06-21 19:29:24 ----A---- C:\WINDOWS\system32\batt.dll
2010-06-21 19:29:24 ----A---- C:\WINDOWS\system32\batmeter.dll
2010-06-21 19:29:23 ----A---- C:\WINDOWS\system32\browser.dll
2010-06-21 19:29:23 ----A---- C:\WINDOWS\system32\browselc.dll
2010-06-21 19:29:22 ----A---- C:\WINDOWS\system32\cabinet.dll
2010-06-21 19:29:22 ----A---- C:\WINDOWS\system32\browsewm.dll
2010-06-21 19:29:22 ----A---- C:\WINDOWS\system32\browseui.dll
2010-06-21 19:29:21 ----A---- C:\WINDOWS\system32\catsrv.dll
2010-06-21 19:29:21 ----A---- C:\WINDOWS\system32\capesnpn.dll
2010-06-21 19:29:21 ----A---- C:\WINDOWS\system32\camocx.dll
2010-06-21 19:29:21 ----A---- C:\WINDOWS\system32\cabview.dll
2010-06-21 19:29:20 ----A---- C:\WINDOWS\system32\catsrvut.dll
2010-06-21 19:29:20 ----A---- C:\WINDOWS\system32\catsrvps.dll
2010-06-21 19:29:19 ----A---- C:\WINDOWS\system32\cdosys.dll
2010-06-21 19:29:19 ----A---- C:\WINDOWS\system32\cdfview.dll
2010-06-21 19:29:17 ----A---- C:\WINDOWS\system32\cewmdm.dll
2010-06-21 19:29:17 ----A---- C:\WINDOWS\system32\certmgr.dll
2010-06-21 19:29:17 ----A---- C:\WINDOWS\system32\certcli.dll
2010-06-21 19:29:16 ----A---- C:\WINDOWS\system32\cic.dll
2010-06-21 19:29:16 ----A---- C:\WINDOWS\system32\cfgmgr32.dll
2010-06-21 19:29:16 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2010-06-21 19:29:15 ----A---- C:\WINDOWS\system32\clbcatq.dll
2010-06-21 19:29:15 ----A---- C:\WINDOWS\system32\clbcatex.dll
2010-06-21 19:29:15 ----A---- C:\WINDOWS\system32\cisvc.exe
2010-06-21 19:29:15 ----A---- C:\WINDOWS\system32\ciodm.dll
2010-06-21 19:29:14 ----A---- C:\WINDOWS\system32\clipbrd.exe
2010-06-21 19:29:14 ----A---- C:\WINDOWS\system32\cliconfg.exe
2010-06-21 19:29:14 ----A---- C:\WINDOWS\system32\cliconfg.dll
2010-06-21 19:29:14 ----A---- C:\WINDOWS\system32\cleanmgr.exe
2010-06-21 19:29:13 ----A---- C:\WINDOWS\system32\cmdial32.dll
2010-06-21 19:29:13 ----A---- C:\WINDOWS\system32\cmcfg32.dll
2010-06-21 19:29:13 ----A---- C:\WINDOWS\system32\clusapi.dll
2010-06-21 19:29:13 ----A---- C:\WINDOWS\system32\clipsrv.exe
2010-06-21 19:29:12 ----A---- C:\WINDOWS\system32\comaddin.dll
2010-06-21 19:29:12 ----A---- C:\WINDOWS\system32\colbact.dll
2010-06-21 19:29:12 ----A---- C:\WINDOWS\system32\cnbjmon.dll
2010-06-21 19:29:12 ----A---- C:\WINDOWS\system32\cmutil.dll
2010-06-21 19:29:12 ----A---- C:\WINDOWS\system32\cmstp.exe
2010-06-21 19:29:12 ----A---- C:\WINDOWS\system32\cmprops.dll
2010-06-21 19:29:12 ----A---- C:\WINDOWS\system32\cmmon32.exe
2010-06-21 19:29:12 ----A---- C:\WINDOWS\system32\cmdl32.exe
2010-06-21 19:29:11 ----A---- C:\WINDOWS\system32\comrepl.dll
2010-06-21 19:29:11 ----A---- C:\WINDOWS\system32\compstui.dll
2010-06-21 19:29:11 ----A---- C:\WINDOWS\system32\compatui.dll
2010-06-21 19:29:10 ----A---- C:\WINDOWS\system32\comres.dll
2010-06-21 19:29:09 ----A---- C:\WINDOWS\system32\comsnap.dll
2010-06-21 19:29:08 ----A---- C:\WINDOWS\system32\comuid.dll
2010-06-21 19:29:08 ----A---- C:\WINDOWS\system32\comsvcs.dll
2010-06-21 19:29:07 ----A---- C:\WINDOWS\system32\confmsp.dll
2010-06-21 19:29:06 ----A---- C:\WINDOWS\system32\cryptdlg.dll
2010-06-21 19:29:06 ----A---- C:\WINDOWS\system32\crypt32.dll
2010-06-21 19:29:06 ----A---- C:\WINDOWS\system32\credui.dll
2010-06-21 19:29:06 ----A---- C:\WINDOWS\system32\corpol.dll
2010-06-21 19:29:06 ----A---- C:\WINDOWS\system32\conime.exe
2010-06-21 19:29:05 ----A---- C:\WINDOWS\system32\cryptsvc.dll
2010-06-21 19:29:05 ----A---- C:\WINDOWS\system32\cryptnet.dll
2010-06-21 19:29:05 ----A---- C:\WINDOWS\system32\cryptext.dll
2010-06-21 19:29:05 ----A---- C:\WINDOWS\system32\cryptdll.dll
2010-06-21 19:29:04 ----A---- C:\WINDOWS\system32\cscript.exe
2010-06-21 19:29:04 ----A---- C:\WINDOWS\system32\cscdll.dll
2010-06-21 19:29:04 ----A---- C:\WINDOWS\system32\cryptui.dll
2010-06-21 19:29:03 ----A---- C:\WINDOWS\system32\ctfmon.exe
2010-06-21 19:29:03 ----A---- C:\WINDOWS\system32\csrss.exe
2010-06-21 19:29:03 ----A---- C:\WINDOWS\system32\cscui.dll
2010-06-21 19:29:02 ----A---- C:\WINDOWS\system32\d3dim700.dll
2010-06-21 19:29:02 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2010-06-21 19:29:02 ----A---- C:\WINDOWS\system32\d3d8.dll
2010-06-21 19:29:01 ----A---- C:\WINDOWS\system32\datime.dll
2010-06-21 19:29:01 ----A---- C:\WINDOWS\system32\dataclen.dll
2010-06-21 19:29:01 ----A---- C:\WINDOWS\system32\danim.dll
2010-06-21 19:29:00 ----A---- C:\WINDOWS\system32\dbghelp.dll
2010-06-21 19:29:00 ----A---- C:\WINDOWS\system32\davclnt.dll
2010-06-21 19:28:59 ----A---- C:\WINDOWS\system32\ddraw.dll
2010-06-21 19:28:59 ----A---- C:\WINDOWS\system32\ddeshare.exe
2010-06-21 19:28:59 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2010-06-21 19:28:59 ----A---- C:\WINDOWS\system32\dciman32.dll
2010-06-21 19:28:59 ----A---- C:\WINDOWS\system32\dbnmpntw.dll
2010-06-21 19:28:59 ----A---- C:\WINDOWS\system32\dbnetlib.dll
2010-06-21 19:28:59 ----A---- C:\WINDOWS\system32\dbmsrpcn.dll
2010-06-21 19:28:58 ----A---- C:\WINDOWS\system32\dfrgfat.exe
2010-06-21 19:28:58 ----A---- C:\WINDOWS\system32\devmgr.dll
2010-06-21 19:28:58 ----A---- C:\WINDOWS\system32\devenum.dll
2010-06-21 19:28:58 ----A---- C:\WINDOWS\system32\defrag.exe
2010-06-21 19:28:58 ----A---- C:\WINDOWS\system32\ddrawex.dll
2010-06-21 19:28:57 ----A---- C:\WINDOWS\system32\dhcpmon.dll
2010-06-21 19:28:57 ----A---- C:\WINDOWS\system32\dgnet.dll
2010-06-21 19:28:57 ----A---- C:\WINDOWS\system32\dfsshlex.dll
2010-06-21 19:28:57 ----A---- C:\WINDOWS\system32\dfrgui.dll
2010-06-21 19:28:57 ----A---- C:\WINDOWS\system32\dfrgsnap.dll
2010-06-21 19:28:57 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
2010-06-21 19:28:56 ----A---- C:\WINDOWS\system32\digest.dll
2010-06-21 19:28:56 ----A---- C:\WINDOWS\system32\diantz.exe
2010-06-21 19:28:55 ----A---- C:\WINDOWS\system32\diskcopy.dll
2010-06-21 19:28:55 ----A---- C:\WINDOWS\system32\dinput8.dll
2010-06-21 19:28:55 ----A---- C:\WINDOWS\system32\dinput.dll
2010-06-21 19:28:52 ----A---- C:\WINDOWS\system32\dmadmin.exe
2010-06-21 19:28:52 ----A---- C:\WINDOWS\system32\dllhost.exe
2010-06-21 19:28:52 ----A---- C:\WINDOWS\system32\dispex.dll
2010-06-21 19:28:52 ----A---- C:\WINDOWS\system32\diskpart.exe
2010-06-21 19:28:51 ----A---- C:\WINDOWS\system32\dmdlgs.dll
2010-06-21 19:28:51 ----A---- C:\WINDOWS\system32\dmcompos.dll
2010-06-21 19:28:51 ----A---- C:\WINDOWS\system32\dmband.dll
2010-06-21 19:28:50 ----A---- C:\WINDOWS\system32\dmime.dll
2010-06-21 19:28:50 ----A---- C:\WINDOWS\system32\dmdskmgr.dll
2010-06-21 19:28:49 ----A---- C:\WINDOWS\system32\dmsynth.dll
2010-06-21 19:28:49 ----A---- C:\WINDOWS\system32\dmstyle.dll
2010-06-21 19:28:49 ----A---- C:\WINDOWS\system32\dmserver.dll
2010-06-21 19:28:49 ----A---- C:\WINDOWS\system32\dmscript.dll
2010-06-21 19:28:49 ----A---- C:\WINDOWS\system32\dmremote.exe
2010-06-21 19:28:49 ----A---- C:\WINDOWS\system32\dmloader.dll
2010-06-21 19:28:48 ----A---- C:\WINDOWS\system32\dosx.exe
2010-06-21 19:28:48 ----A---- C:\WINDOWS\system32\docprop2.dll
2010-06-21 19:28:48 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2010-06-21 19:28:48 ----A---- C:\WINDOWS\system32\dnsapi.dll
2010-06-21 19:28:48 ----A---- C:\WINDOWS\system32\dmutil.dll
2010-06-21 19:28:48 ----A---- C:\WINDOWS\system32\dmusic.dll
2010-06-21 19:28:47 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2010-06-21 19:28:47 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2010-06-21 19:28:47 ----A---- C:\WINDOWS\system32\dpnet.dll
2010-06-21 19:28:47 ----A---- C:\WINDOWS\system32\dpnaddr.dll
2010-06-21 19:28:47 ----A---- C:\WINDOWS\system32\dpmodemx.dll
2010-06-21 19:28:47 ----A---- C:\WINDOWS\system32\dplayx.dll
2010-06-21 19:28:47 ----A---- C:\WINDOWS\system32\dplaysvr.exe
2010-06-21 19:28:46 ----A---- C:\WINDOWS\system32\dpwsockx.dll
2010-06-21 19:28:46 ----A---- C:\WINDOWS\system32\dpvvox.dll
2010-06-21 19:28:46 ----A---- C:\WINDOWS\system32\dpvsetup.exe
2010-06-21 19:28:46 ----A---- C:\WINDOWS\system32\dpvoice.dll
2010-06-21 19:28:46 ----A---- C:\WINDOWS\system32\dpvacm.dll
2010-06-21 19:28:46 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2010-06-21 19:28:46 ----A---- C:\WINDOWS\system32\dpnlobby.dll
2010-06-21 19:28:45 ----A---- C:\WINDOWS\system32\ds32gt.dll
2010-06-21 19:28:45 ----A---- C:\WINDOWS\system32\drprov.dll
2010-06-21 19:28:45 ----A---- C:\WINDOWS\system32\drmv2clt.dll
2010-06-21 19:28:45 ----A---- C:\WINDOWS\system32\drmstor.dll
2010-06-21 19:28:45 ----A---- C:\WINDOWS\system32\drmclien.dll
2010-06-21 19:28:44 ----A---- C:\WINDOWS\system32\dskquoui.dll
2010-06-21 19:28:44 ----A---- C:\WINDOWS\system32\dskquota.dll
2010-06-21 19:28:44 ----A---- C:\WINDOWS\system32\dsdmoprp.dll
2010-06-21 19:28:44 ----A---- C:\WINDOWS\system32\dsdmo.dll
2010-06-21 19:28:43 ----A---- C:\WINDOWS\system32\dsound3d.dll
2010-06-21 19:28:43 ----A---- C:\WINDOWS\system32\dsound.dll
2010-06-21 19:28:42 ----A---- C:\WINDOWS\system32\dsprop.dll
2010-06-21 19:28:41 ----A---- C:\WINDOWS\system32\dumprep.exe
2010-06-21 19:28:41 ----A---- C:\WINDOWS\system32\dswave.dll
2010-06-21 19:28:41 ----A---- C:\WINDOWS\system32\dsuiext.dll
2010-06-21 19:28:41 ----A---- C:\WINDOWS\system32\dssenh.dll
2010-06-21 19:28:41 ----A---- C:\WINDOWS\system32\dssec.dll
2010-06-21 19:28:41 ----A---- C:\WINDOWS\system32\dsquery.dll
2010-06-21 19:28:40 ----A---- C:\WINDOWS\system32\dx7vb.dll
2010-06-21 19:28:40 ----A---- C:\WINDOWS\system32\dwwin.exe
2010-06-21 19:28:40 ----A---- C:\WINDOWS\system32\dvdupgrd.exe
2010-06-21 19:28:40 ----A---- C:\WINDOWS\system32\duser.dll
2010-06-21 19:28:39 ----A---- C:\WINDOWS\system32\dx8vb.dll
2010-06-21 19:28:38 ----A---- C:\WINDOWS\system32\dxdiag.exe
2010-06-21 19:28:37 ----A---- C:\WINDOWS\system32\dxmasf.dll
2010-06-21 19:28:36 ----A---- C:\WINDOWS\system32\ersvc.dll
2010-06-21 19:28:36 ----A---- C:\WINDOWS\system32\els.dll
2010-06-21 19:28:36 ----A---- C:\WINDOWS\system32\dxtrans.dll
2010-06-21 19:28:36 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2010-06-21 19:28:35 ----A---- C:\WINDOWS\system32\esent.dll
2010-06-21 19:28:35 ----A---- C:\WINDOWS\system32\es.dll
2010-06-21 19:28:34 ----A---- C:\WINDOWS\system32\eventlog.dll
2010-06-21 19:28:34 ----A---- C:\WINDOWS\system32\eudcedit.exe
2010-06-21 19:28:33 ----A---- C:\WINDOWS\system32\filemgmt.dll
2010-06-21 19:28:33 ----A---- C:\WINDOWS\system32\feclient.dll
2010-06-21 19:28:33 ----A---- C:\WINDOWS\system32\faultrep.dll
2010-06-21 19:28:33 ----A---- C:\WINDOWS\system32\exts.dll
2010-06-21 19:28:33 ----A---- C:\WINDOWS\system32\extrac32.exe
2010-06-21 19:28:33 ----A---- C:\WINDOWS\system32\expsrv.dll
2010-06-21 19:28:32 ----A---- C:\WINDOWS\system32\fontext.dll
2010-06-21 19:28:32 ----A---- C:\WINDOWS\system32\fldrclnr.dll
2010-06-21 19:28:32 ----A---- C:\WINDOWS\system32\findstr.exe
2010-06-21 19:28:31 ----A---- C:\WINDOWS\system32\framebuf.dll
2010-06-21 19:28:31 ----A---- C:\WINDOWS\system32\forcedos.exe
2010-06-21 19:28:31 ----A---- C:\WINDOWS\system32\fontview.exe
2010-06-21 19:28:31 ----A---- C:\WINDOWS\system32\fontsub.dll
2010-06-21 19:28:30 ----A---- C:\WINDOWS\system32\glu32.dll
2010-06-21 19:28:30 ----A---- C:\WINDOWS\system32\gdi32.dll
2010-06-21 19:28:29 ----A---- C:\WINDOWS\system32\h323msp.dll
2010-06-21 19:28:29 ----A---- C:\WINDOWS\system32\grpconv.exe
2010-06-21 19:28:29 ----A---- C:\WINDOWS\system32\gpkrsrc.dll
2010-06-21 19:28:28 ----A---- C:\WINDOWS\system32\help.exe
2010-06-21 19:28:27 ----A---- C:\WINDOWS\system32\hlink.dll
2010-06-21 19:28:27 ----A---- C:\WINDOWS\system32\hid.dll
2010-06-21 19:28:27 ----A---- C:\WINDOWS\system32\hhsetup.dll
2010-06-21 19:28:26 ----A---- C:\WINDOWS\system32\hypertrm.dll
2010-06-21 19:28:26 ----A---- C:\WINDOWS\system32\htui.dll
2010-06-21 19:28:26 ----A---- C:\WINDOWS\system32\hotplug.dll
2010-06-21 19:28:26 ----A---- C:\WINDOWS\system32\hnetwiz.dll
2010-06-21 19:28:26 ----A---- C:\WINDOWS\system32\hnetcfg.dll
2010-06-21 19:28:25 ----A---- C:\WINDOWS\system32\icaapi.dll
2010-06-21 19:28:25 ----A---- C:\WINDOWS\system32\iasrad.dll
2010-06-21 19:28:24 ----A---- C:\WINDOWS\system32\idq.dll
2010-06-21 19:28:24 ----A---- C:\WINDOWS\system32\icwphbk.dll
2010-06-21 19:28:24 ----A---- C:\WINDOWS\system32\icwdial.dll
2010-06-21 19:28:24 ----A---- C:\WINDOWS\system32\icmp.dll
2010-06-21 19:28:24 ----A---- C:\WINDOWS\system32\icm32.dll
2010-06-21 19:28:24 ----A---- C:\WINDOWS\system32\iccvid.dll
2010-06-21 19:28:23 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2010-06-21 19:28:23 ----A---- C:\WINDOWS\system32\ieaksie.dll
2010-06-21 19:28:23 ----A---- C:\WINDOWS\system32\ieakeng.dll
2010-06-21 19:28:23 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2010-06-21 19:28:22 ----A---- C:\WINDOWS\system32\ils.dll
2010-06-21 19:28:22 ----A---- C:\WINDOWS\system32\igmpagnt.dll
2010-06-21 19:28:22 ----A---- C:\WINDOWS\system32\ifmon.dll
2010-06-21 19:28:22 ----A---- C:\WINDOWS\system32\iexpress.exe
2010-06-21 19:28:22 ----A---- C:\WINDOWS\system32\iesetup.dll
2010-06-21 19:28:22 ----A---- C:\WINDOWS\system32\iernonce.dll
2010-06-21 19:28:22 ----A---- C:\WINDOWS\system32\iepeers.dll
2010-06-21 19:28:21 ----A---- C:\WINDOWS\system32\inetcfg.dll
2010-06-21 19:28:21 ----A---- C:\WINDOWS\system32\imm32.dll
2010-06-21 19:28:21 ----A---- C:\WINDOWS\system32\imgutil.dll
2010-06-21 19:28:21 ----A---- C:\WINDOWS\system32\imeshare.dll
2010-06-21 19:28:21 ----A---- C:\WINDOWS\system32\imapi.exe
2010-06-21 19:28:20 ----A---- C:\WINDOWS\system32\inetpp.dll
2010-06-21 19:28:20 ----A---- C:\WINDOWS\system32\inetmib1.dll
2010-06-21 19:28:20 ----A---- C:\WINDOWS\system32\inetcomm.dll
2010-06-21 19:28:19 ----A---- C:\WINDOWS\system32\initpki.dll
2010-06-21 19:28:19 ----A---- C:\WINDOWS\system32\inetres.dll
2010-06-21 19:28:19 ----A---- C:\WINDOWS\system32\inetppui.dll
2010-06-21 19:28:18 ----A---- C:\WINDOWS\system32\inseng.dll
2010-06-21 19:28:18 ----A---- C:\WINDOWS\system32\input.dll
2010-06-21 19:28:17 ----A---- C:\WINDOWS\system32\ipmontr.dll
2010-06-21 19:28:17 ----A---- C:\WINDOWS\system32\iphlpapi.dll
2010-06-21 19:28:17 ----A---- C:\WINDOWS\system32\ipconfig.exe
2010-06-21 19:28:15 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2010-06-21 19:28:15 ----A---- C:\WINDOWS\system32\ippromon.dll
2010-06-21 19:28:15 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2010-06-21 19:28:14 ----A---- C:\WINDOWS\system32\ipsecsnp.dll
2010-06-21 19:28:13 ----A---- C:\WINDOWS\system32\ipsmsnap.dll
2010-06-21 19:28:13 ----A---- C:\WINDOWS\system32\ipsecsvc.dll
2010-06-21 19:28:12 ----A---- C:\WINDOWS\system32\irftp.exe
2010-06-21 19:28:12 ----A---- C:\WINDOWS\system32\ipxwan.dll
2010-06-21 19:28:12 ----A---- C:\WINDOWS\system32\ipxroute.exe
2010-06-21 19:28:12 ----A---- C:\WINDOWS\system32\ipv6mon.dll
2010-06-21 19:28:12 ----A---- C:\WINDOWS\system32\ipv6.exe
2010-06-21 19:28:11 ----A---- C:\WINDOWS\system32\itss.dll
2010-06-21 19:28:11 ----A---- C:\WINDOWS\system32\itircl.dll
2010-06-21 19:28:11 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2010-06-21 19:28:11 ----A---- C:\WINDOWS\system32\isign32.dll
2010-06-21 19:28:11 ----A---- C:\WINDOWS\system32\irmon.dll
2010-06-21 19:28:10 ----A---- C:\WINDOWS\system32\jgpl400.dll
2010-06-21 19:28:10 ----A---- C:\WINDOWS\system32\jgdw400.dll
2010-06-21 19:28:10 ----A---- C:\WINDOWS\system32\iyuv_32.dll
2010-06-21 19:28:10 ----A---- C:\WINDOWS\system32\ixsso.dll
2010-06-21 19:28:09 ----A---- C:\WINDOWS\system32\jscript.dll
2010-06-21 19:28:08 ----A---- C:\WINDOWS\system32\kbdnec.dll
2010-06-21 19:28:08 ----A---- C:\WINDOWS\system32\jsproxy.dll
2010-06-21 19:28:07 ----A---- C:\WINDOWS\system32\keymgr.dll
2010-06-21 19:28:07 ----A---- C:\WINDOWS\system32\kerberos.dll
2010-06-21 19:28:07 ----A---- C:\WINDOWS\system32\kd1394.dll
2010-06-21 19:28:06 ----A---- C:\WINDOWS\system32\laprxy.dll
2010-06-21 19:28:06 ----A---- C:\WINDOWS\system32\ksuser.dll
2010-06-21 19:28:06 ----A---- C:\WINDOWS\system32\krnl386.exe
2010-06-21 19:28:05 ----A---- C:\WINDOWS\system32\linkinfo.dll
2010-06-21 19:28:05 ----A---- C:\WINDOWS\system32\licwmi.dll
2010-06-21 19:28:05 ----A---- C:\WINDOWS\system32\licmgr10.dll
2010-06-21 19:28:05 ----A---- C:\WINDOWS\system32\licdll.dll
2010-06-21 19:28:04 ----A---- C:\WINDOWS\system32\localui.dll
2010-06-21 19:28:04 ----A---- C:\WINDOWS\system32\localsec.dll
2010-06-21 19:28:04 ----A---- C:\WINDOWS\system32\loadperf.dll
2010-06-21 19:28:04 ----A---- C:\WINDOWS\system32\lmrt.dll
2010-06-21 19:28:03 ----A---- C:\WINDOWS\system32\logonui.exe
2010-06-21 19:28:03 ----A---- C:\WINDOWS\system32\logagent.exe
2010-06-21 19:28:02 ----A---- C:\WINDOWS\system32\magnify.exe
2010-06-21 19:28:02 ----A---- C:\WINDOWS\system32\lsass.exe
2010-06-21 19:28:02 ----A---- C:\WINDOWS\system32\lprhelp.dll
2010-06-21 19:28:02 ----A---- C:\WINDOWS\system32\lpk.dll
2010-06-21 19:28:01 ----A---- C:\WINDOWS\system32\mcastmib.dll
2010-06-21 19:28:01 ----A---- C:\WINDOWS\system32\makecab.exe
2010-06-21 19:28:00 ----A---- C:\WINDOWS\system32\mciwave.dll
2010-06-21 19:28:00 ----A---- C:\WINDOWS\system32\mciseq.dll
2010-06-21 19:28:00 ----A---- C:\WINDOWS\system32\mciqtz32.dll
2010-06-21 19:28:00 ----A---- C:\WINDOWS\system32\mciavi32.dll
2010-06-21 19:27:59 ----A---- C:\WINDOWS\system32\mdminst.dll
2010-06-21 19:27:58 ----A---- C:\WINDOWS\system32\mfc40u.dll
2010-06-21 19:27:58 ----A---- C:\WINDOWS\system32\mf3216.dll
2010-06-21 19:27:54 ----A---- C:\WINDOWS\system32\mfc42.dll
2010-06-21 19:27:52 ----A---- C:\WINDOWS\system32\midimap.dll
2010-06-21 19:27:52 ----A---- C:\WINDOWS\system32\mfcsubs.dll
2010-06-21 19:27:52 ----A---- C:\WINDOWS\system32\mfc42u.dll
2010-06-21 19:27:51 ----A---- C:\WINDOWS\system32\mlang.dll
2010-06-21 19:27:51 ----A---- C:\WINDOWS\system32\mimefilt.dll
2010-06-21 19:27:51 ----A---- C:\WINDOWS\system32\miglibnt.dll
2010-06-21 19:27:50 ----A---- C:\WINDOWS\system32\mmcbase.dll
2010-06-21 19:27:50 ----A---- C:\WINDOWS\system32\mmc.exe
2010-06-21 19:27:49 ----A---- C:\WINDOWS\system32\mmcshext.dll
2010-06-21 19:27:49 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2010-06-21 19:27:48 ----A---- C:\WINDOWS\system32\mmfutil.dll
2010-06-21 19:27:47 ----A---- C:\WINDOWS\system32\modemui.dll
2010-06-21 19:27:47 ----A---- C:\WINDOWS\system32\mobsync.exe
2010-06-21 19:27:47 ----A---- C:\WINDOWS\system32\mobsync.dll
2010-06-21 19:27:47 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2010-06-21 19:27:47 ----A---- C:\WINDOWS\system32\mnmdd.dll
2010-06-21 19:27:47 ----A---- C:\WINDOWS\system32\mmsystem.dll
2010-06-21 19:27:46 ----A---- C:\WINDOWS\system32\mpr.dll
2010-06-21 19:27:46 ----A---- C:\WINDOWS\system32\mplay32.exe
2010-06-21 19:27:46 ----A---- C:\WINDOWS\system32\mpg4dmod.dll
2010-06-21 19:27:46 ----A---- C:\WINDOWS\system32\moricons.dll
2010-06-21 19:27:46 ----A---- C:\WINDOWS\system32\more.com
2010-06-21 19:27:45 ----A---- C:\WINDOWS\system32\msasn1.dll
2010-06-21 19:27:45 ----A---- C:\WINDOWS\system32\msapsspc.dll
2010-06-21 19:27:45 ----A---- C:\WINDOWS\system32\msafd.dll
2010-06-21 19:27:45 ----A---- C:\WINDOWS\system32\msacm32.dll
2010-06-21 19:27:45 ----A---- C:\WINDOWS\system32\mprdim.dll
2010-06-21 19:27:45 ----A---- C:\WINDOWS\system32\mprapi.dll
2010-06-21 19:27:44 ----A---- C:\WINDOWS\system32\msctfp.dll
2010-06-21 19:27:44 ----A---- C:\WINDOWS\system32\msctf.dll
2010-06-21 19:27:44 ----A---- C:\WINDOWS\system32\mscpxl32.dll
2010-06-21 19:27:44 ----A---- C:\WINDOWS\system32\mscpx32r.dll
2010-06-21 19:27:44 ----A---- C:\WINDOWS\system32\msconf.dll
2010-06-21 19:27:44 ----A---- C:\WINDOWS\system32\mscms.dll
2010-06-21 19:27:43 ----A---- C:\WINDOWS\system32\msdtctm.dll
2010-06-21 19:27:43 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2010-06-21 19:27:43 ----A---- C:\WINDOWS\system32\msdtclog.dll
2010-06-21 19:27:43 ----A---- C:\WINDOWS\system32\msdtc.exe
2010-06-21 19:27:43 ----A---- C:\WINDOWS\system32\msdmo.dll
2010-06-21 19:27:43 ----A---- C:\WINDOWS\system32\msdart.dll
2010-06-21 19:27:42 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2010-06-21 19:27:41 ----A---- C:\WINDOWS\system32\msexcl40.dll
2010-06-21 19:27:41 ----A---- C:\WINDOWS\system32\msexch40.dll
2010-06-21 19:27:41 ----A---- C:\WINDOWS\system32\msdxmlc.dll
2010-06-21 19:27:40 ----A---- C:\WINDOWS\system32\msgina.dll
2010-06-21 19:27:39 ----A---- C:\WINDOWS\system32\mshta.exe
2010-06-21 19:27:37 ----A---- C:\WINDOWS\system32\mshtmler.dll
2010-06-21 19:27:37 ----A---- C:\WINDOWS\system32\mshtmled.dll
2010-06-21 19:27:37 ----A---- C:\WINDOWS\system32\mshtml.dll
2010-06-21 19:27:36 ----A---- C:\WINDOWS\system32\msiexec.exe
2010-06-21 19:27:36 ----A---- C:\WINDOWS\system32\msieftp.dll
2010-06-21 19:27:36 ----A---- C:\WINDOWS\system32\msidle.dll
2010-06-21 19:27:36 ----A---- C:\WINDOWS\system32\msident.dll
2010-06-21 19:27:36 ----A---- C:\WINDOWS\system32\msi.dll
2010-06-21 19:27:35 ----A---- C:\WINDOWS\system32\msimsg.dll
2010-06-21 19:27:35 ----A---- C:\WINDOWS\system32\msimg32.dll
2010-06-21 19:27:35 ----A---- C:\WINDOWS\system32\msihnd.dll
2010-06-21 19:27:34 ----A---- C:\WINDOWS\system32\msisip.dll
2010-06-21 19:27:34 ----A---- C:\WINDOWS\system32\msimtf.dll
2010-06-21 19:27:33 ----A---- C:\WINDOWS\system32\msjint40.dll
2010-06-21 19:27:33 ----A---- C:\WINDOWS\system32\msjetoledb40.dll
2010-06-21 19:27:33 ----A---- C:\WINDOWS\system32\msjet40.dll
2010-06-21 19:27:32 ----A---- C:\WINDOWS\system32\msnetobj.dll
2010-06-21 19:27:32 ----A---- C:\WINDOWS\system32\msltus40.dll
2010-06-21 19:27:32 ----A---- C:\WINDOWS\system32\mslbui.dll
2010-06-21 19:27:32 ----A---- C:\WINDOWS\system32\msjtes40.dll
2010-06-21 19:27:32 ----A---- C:\WINDOWS\system32\msjter40.dll
2010-06-21 19:27:31 ----A---- C:\WINDOWS\system32\mspmsp.dll
2010-06-21 19:27:31 ----A---- C:\WINDOWS\system32\mspbde40.dll
2010-06-21 19:27:31 ----A---- C:\WINDOWS\system32\mspatcha.dll
2010-06-21 19:27:31 ----A---- C:\WINDOWS\system32\mspaint.exe
2010-06-21 19:27:31 ----A---- C:\WINDOWS\system32\msorcl32.dll
2010-06-21 19:27:31 ----A---- C:\WINDOWS\system32\msorc32r.dll
2010-06-21 19:27:31 ----A---- C:\WINDOWS\system32\msoert2.dll
2010-06-21 19:27:31 ----A---- C:\WINDOWS\system32\msoeacct.dll
2010-06-21 19:27:31 ----A---- C:\WINDOWS\system32\msnsspc.dll
2010-06-21 19:27:30 ----A---- C:\WINDOWS\system32\msrd3x40.dll
2010-06-21 19:27:30 ----A---- C:\WINDOWS\system32\msrd2x40.dll
2010-06-21 19:27:30 ----A---- C:\WINDOWS\system32\msrating.dll
2010-06-21 19:27:30 ----A---- C:\WINDOWS\system32\msprivs.dll
2010-06-21 19:27:29 ----A---- C:\WINDOWS\system32\mstext40.dll
2010-06-21 19:27:29 ----A---- C:\WINDOWS\system32\mstask.dll
2010-06-21 19:27:29 ----A---- C:\WINDOWS\system32\msscp.dll
2010-06-21 19:27:29 ----A---- C:\WINDOWS\system32\msrle32.dll
2010-06-21 19:27:29 ----A---- C:\WINDOWS\system32\msrepl40.dll
2010-06-21 19:27:28 ----A---- C:\WINDOWS\system32\msvbvm60.dll
2010-06-21 19:27:28 ----A---- C:\WINDOWS\system32\msutb.dll
2010-06-21 19:27:28 ----A---- C:\WINDOWS\system32\mstlsapi.dll
2010-06-21 19:27:28 ----A---- C:\WINDOWS\system32\mstinit.exe
2010-06-21 19:27:28 ----A---- C:\WINDOWS\system32\mstime.dll
2010-06-21 19:27:26 ----A---- C:\WINDOWS\system32\msvcrt.dll
2010-06-21 19:27:26 ----A---- C:\WINDOWS\system32\msvcp60.dll
2010-06-21 19:27:26 ----A---- C:\WINDOWS\system32\msvcirt.dll
2010-06-21 19:27:25 ----A---- C:\WINDOWS\system32\msvfw32.dll
2010-06-21 19:27:25 ----A---- C:\WINDOWS\system32\msvcrt40.dll
2010-06-21 19:27:24 ----A---- C:\WINDOWS\system32\msw3prt.dll
2010-06-21 19:27:24 ----A---- C:\WINDOWS\system32\msvidctl.dll
2010-06-21 19:27:23 ----A---- C:\WINDOWS\system32\mswdat10.dll
2010-06-21 19:27:21 ----A---- C:\WINDOWS\system32\mswmdm.dll
2010-06-21 19:27:21 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2010-06-21 19:27:20 ----A---- C:\WINDOWS\system32\mswstr10.dll
2010-06-21 19:27:20 ----A---- C:\WINDOWS\system32\mswsock.dll
2010-06-21 19:27:19 ----A---- C:\WINDOWS\system32\msxml.dll
2010-06-21 19:27:19 ----A---- C:\WINDOWS\system32\msxbde40.dll
2010-06-21 19:27:17 ----A---- C:\WINDOWS\system32\msxml2.dll
2010-06-21 19:27:16 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2010-06-21 19:27:16 ----A---- C:\WINDOWS\system32\mtxex.dll
2010-06-21 19:27:16 ----A---- C:\WINDOWS\system32\mtxdm.dll
2010-06-21 19:27:16 ----A---- C:\WINDOWS\system32\mtxclu.dll
2010-06-21 19:27:16 ----A---- C:\WINDOWS\system32\msyuv.dll
2010-06-21 19:27:16 ----A---- C:\WINDOWS\system32\msxml3.dll
2010-06-21 19:27:15 ----A---- C:\WINDOWS\system32\mtxoci.dll
2010-06-21 19:27:14 ----A---- C:\WINDOWS\system32\net.exe
2010-06-21 19:27:14 ----A---- C:\WINDOWS\system32\nddenb32.dll
2010-06-21 19:27:14 ----A---- C:\WINDOWS\system32\nddeapir.exe
2010-06-21 19:27:14 ----A---- C:\WINDOWS\system32\nddeapi.dll
2010-06-21 19:27:14 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2010-06-21 19:27:14 ----A---- C:\WINDOWS\system32\narrator.exe
2010-06-21 19:27:14 ----A---- C:\WINDOWS\system32\mydocs.dll
2010-06-21 19:27:13 ----A---- C:\WINDOWS\system32\netcfgx.dll
2010-06-21 19:27:13 ----A---- C:\WINDOWS\system32\netapi32.dll
2010-06-21 19:27:13 ----A---- C:\WINDOWS\system32\net1.exe
2010-06-21 19:27:12 ----A---- C:\WINDOWS\system32\netman.dll
2010-06-21 19:27:12 ----A---- C:\WINDOWS\system32\netlogon.dll
2010-06-21 19:27:12 ----A---- C:\WINDOWS\system32\netid.dll
2010-06-21 19:27:12 ----A---- C:\WINDOWS\system32\netdde.exe
2010-06-21 19:27:11 ----A---- C:\WINDOWS\system32\netsh.exe
2010-06-21 19:27:11 ----A---- C:\WINDOWS\system32\netsetup.exe
2010-06-21 19:27:11 ----A---- C:\WINDOWS\system32\netrap.dll
2010-06-21 19:27:11 ----A---- C:\WINDOWS\system32\netplwiz.dll
2010-06-21 19:27:10 ----A---- C:\WINDOWS\system32\netui1.dll
2010-06-21 19:27:10 ----A---- C:\WINDOWS\system32\netui0.dll
2010-06-21 19:27:10 ----A---- C:\WINDOWS\system32\netstat.exe
2010-06-21 19:27:10 ----A---- C:\WINDOWS\system32\netshell.dll
2010-06-21 19:27:09 ----A---- C:\WINDOWS\system32\npptools.dll
2010-06-21 19:27:09 ----A---- C:\WINDOWS\system32\notepad.exe
2010-06-21 19:27:09 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2010-06-21 19:27:09 ----A---- C:\WINDOWS\system32\nlhtml.dll
2010-06-21 19:27:09 ----A---- C:\WINDOWS\system32\newdev.dll
2010-06-21 19:27:09 ----A---- C:\WINDOWS\notepad.exe
2010-06-21 19:27:08 ----A---- C:\WINDOWS\system32\ntmsapi.dll
2010-06-21 19:27:08 ----A---- C:\WINDOWS\system32\ntmarta.dll
2010-06-21 19:27:08 ----A---- C:\WINDOWS\system32\ntlanman.dll
2010-06-21 19:27:08 ----A---- C:\WINDOWS\system32\ntdsapi.dll
2010-06-21 19:27:07 ----A---- C:\WINDOWS\system32\ntmsmgr.dll
2010-06-21 19:27:07 ----A---- C:\WINDOWS\system32\ntmsdba.dll
2010-06-21 19:27:06 ----A---- C:\WINDOWS\system32\oakley.dll
2010-06-21 19:27:06 ----A---- C:\WINDOWS\system32\ntvdmd.dll
2010-06-21 19:27:06 ----A---- C:\WINDOWS\system32\ntshrui.dll
2010-06-21 19:27:06 ----A---- C:\WINDOWS\system32\ntmssvc.dll
2010-06-21 19:27:05 ----A---- C:\WINDOWS\system32\odbc32.dll
2010-06-21 19:27:05 ----A---- C:\WINDOWS\system32\ocmanage.dll
2010-06-21 19:27:05 ----A---- C:\WINDOWS\system32\occache.dll
2010-06-21 19:27:05 ----A---- C:\WINDOWS\system32\objsel.dll
2010-06-21 19:27:04 ----A---- C:\WINDOWS\system32\odbcconf.dll
2010-06-21 19:27:04 ----A---- C:\WINDOWS\system32\odbcbcp.dll
2010-06-21 19:27:04 ----A---- C:\WINDOWS\system32\odbcad32.exe
2010-06-21 19:27:04 ----A---- C:\WINDOWS\system32\odbc32gt.dll
2010-06-21 19:27:03 ----A---- C:\WINDOWS\system32\odbcjt32.dll
2010-06-21 19:27:03 ----A---- C:\WINDOWS\system32\odbcji32.dll
2010-06-21 19:27:03 ----A---- C:\WINDOWS\system32\odbcint.dll
2010-06-21 19:27:03 ----A---- C:\WINDOWS\system32\odbccu32.dll
2010-06-21 19:27:03 ----A---- C:\WINDOWS\system32\odbccr32.dll
2010-06-21 19:27:03 ----A---- C:\WINDOWS\system32\odbccp32.dll
2010-06-21 19:27:03 ----A---- C:\WINDOWS\system32\odbcconf.exe
2010-06-21 19:27:02 ----A---- C:\WINDOWS\system32\odtext32.dll
2010-06-21 19:27:02 ----A---- C:\WINDOWS\system32\odpdx32.dll
2010-06-21 19:27:02 ----A---- C:\WINDOWS\system32\odfox32.dll
2010-06-21 19:27:02 ----A---- C:\WINDOWS\system32\odexl32.dll
2010-06-21 19:27:02 ----A---- C:\WINDOWS\system32\oddbse32.dll
2010-06-21 19:27:02 ----A---- C:\WINDOWS\system32\odbctrac.dll
2010-06-21 19:27:02 ----A---- C:\WINDOWS\system32\odbcp32r.dll
2010-06-21 19:27:01 ----A---- C:\WINDOWS\system32\ole32.dll
2010-06-21 19:27:01 ----A---- C:\WINDOWS\system32\offfilt.dll
2010-06-21 19:27:00 ----A---- C:\WINDOWS\system32\olepro32.dll
2010-06-21 19:27:00 ----A---- C:\WINDOWS\system32\oleprn.dll
2010-06-21 19:27:00 ----A---- C:\WINDOWS\system32\oledlg.dll
2010-06-21 19:27:00 ----A---- C:\WINDOWS\system32\olecli32.dll
2010-06-21 19:26:59 ----A---- C:\WINDOWS\system32\osuninst.dll
2010-06-21 19:26:59 ----A---- C:\WINDOWS\system32\osk.exe
2010-06-21 19:26:59 ----A---- C:\WINDOWS\system32\opengl32.dll
2010-06-21 19:26:58 ----A---- C:\WINDOWS\system32\perfos.dll
2010-06-21 19:26:58 ----A---- C:\WINDOWS\system32\perfnet.dll
2010-06-21 19:26:58 ----A---- C:\WINDOWS\system32\perfmon.exe
2010-06-21 19:26:58 ----A---- C:\WINDOWS\system32\perfdisk.dll
2010-06-21 19:26:58 ----A---- C:\WINDOWS\system32\pdh.dll
2010-06-21 19:26:58 ----A---- C:\WINDOWS\system32\pautoenr.dll
2010-06-21 19:26:58 ----A---- C:\WINDOWS\system32\packager.exe
2010-06-21 19:26:57 ----A---- C:\WINDOWS\system32\polstore.dll
2010-06-21 19:26:57 ----A---- C:\WINDOWS\system32\pngfilt.dll
2010-06-21 19:26:57 ----A---- C:\WINDOWS\system32\pjlmon.dll
2010-06-21 19:26:57 ----A---- C:\WINDOWS\system32\ping.exe
2010-06-21 19:26:57 ----A---- C:\WINDOWS\system32\pid.dll
2010-06-21 19:26:57 ----A---- C:\WINDOWS\system32\photowiz.dll
2010-06-21 19:26:57 ----A---- C:\WINDOWS\system32\perfproc.dll
2010-06-21 19:26:56 ----A---- C:\WINDOWS\system32\progman.exe
2010-06-21 19:26:56 ----A---- C:\WINDOWS\system32\profmap.dll
2010-06-21 19:26:56 ----A---- C:\WINDOWS\system32\powrprof.dll
2010-06-21 19:26:55 ----A---- C:\WINDOWS\system32\proquota.exe
2010-06-21 19:26:54 ----A---- C:\WINDOWS\system32\qasf.dll
2010-06-21 19:26:54 ----A---- C:\WINDOWS\system32\pstorsvc.dll
2010-06-21 19:26:54 ----A---- C:\WINDOWS\system32\pstorec.dll
2010-06-21 19:26:54 ----A---- C:\WINDOWS\system32\psbase.dll
2010-06-21 19:26:54 ----A---- C:\WINDOWS\system32\psapi.dll
2010-06-21 19:26:53 ----A---- C:\WINDOWS\system32\qcap.dll
2010-06-21 19:26:52 ----A---- C:\WINDOWS\system32\qdvd.dll
2010-06-21 19:26:52 ----A---- C:\WINDOWS\system32\qdv.dll
2010-06-21 19:26:51 ----A---- C:\WINDOWS\system32\qedit.dll
2010-06-21 19:26:50 ----A---- C:\WINDOWS\system32\qedwipes.dll
2010-06-21 19:26:49 ----A---- C:\WINDOWS\system32\quartz.dll
2010-06-21 19:26:49 ----A---- C:\WINDOWS\system32\qprocess.exe
2010-06-21 19:26:49 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2010-06-21 19:26:47 ----A---- C:\WINDOWS\system32\rasphone.exe
2010-06-21 19:26:47 ----A---- C:\WINDOWS\system32\rasmans.dll
2010-06-21 19:26:47 ----A---- C:\WINDOWS\system32\raschap.dll
2010-06-21 19:26:47 ----A---- C:\WINDOWS\system32\rasadhlp.dll
2010-06-21 19:26:47 ----A---- C:\WINDOWS\system32\racpldlg.dll
2010-06-21 19:26:47 ----A---- C:\WINDOWS\system32\query.dll
2010-06-21 19:26:46 ----A---- C:\WINDOWS\system32\rdchost.dll
2010-06-21 19:26:46 ----A---- C:\WINDOWS\system32\rcp.exe
2010-06-21 19:26:46 ----A---- C:\WINDOWS\system32\rcimlby.exe
2010-06-21 19:26:46 ----A---- C:\WINDOWS\system32\rcbdyctl.dll
2010-06-21 19:26:46 ----A---- C:\WINDOWS\system32\rastls.dll
2010-06-21 19:26:46 ----A---- C:\WINDOWS\system32\rassapi.dll
2010-06-21 19:26:46 ----A---- C:\WINDOWS\system32\rasppp.dll
2010-06-21 19:26:45 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2010-06-21 19:26:45 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2010-06-21 19:26:45 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2010-06-21 19:26:45 ----A---- C:\WINDOWS\system32\rdpdd.dll
2010-06-21 19:26:45 ----A---- C:\WINDOWS\system32\rdpclip.exe
2010-06-21 19:26:44 ----A---- C:\WINDOWS\system32\regsvc.dll
2010-06-21 19:26:44 ----A---- C:\WINDOWS\system32\regapi.dll
2010-06-21 19:26:44 ----A---- C:\WINDOWS\system32\reg.exe
2010-06-21 19:26:44 ----A---- C:\WINDOWS\system32\redir.exe
2010-06-21 19:26:44 ----A---- C:\WINDOWS\system32\rdshost.exe
2010-06-21 19:26:43 ----A---- C:\WINDOWS\system32\rexec.exe
2010-06-21 19:26:43 ----A---- C:\WINDOWS\system32\resutils.dll
2010-06-21 19:26:43 ----A---- C:\WINDOWS\system32\remotepg.dll
2010-06-21 19:26:43 ----A---- C:\WINDOWS\system32\regwizc.dll
2010-06-21 19:26:43 ----A---- C:\WINDOWS\system32\regsvr32.exe
2010-06-21 19:26:42 ----A---- C:\WINDOWS\system32\rsvpsp.dll
2010-06-21 19:26:42 ----A---- C:\WINDOWS\system32\rsmps.dll
2010-06-21 19:26:42 ----A---- C:\WINDOWS\system32\rsh.exe
2010-06-21 19:26:42 ----A---- C:\WINDOWS\system32\rsaenh.dll
2010-06-21 19:26:42 ----A---- C:\WINDOWS\system32\rpcss.dll
2010-06-21 19:26:42 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2010-06-21 19:26:42 ----A---- C:\WINDOWS\system32\riched20.dll
2010-06-21 19:26:41 ----A---- C:\WINDOWS\system32\rundll32.exe
2010-06-21 19:26:41 ----A---- C:\WINDOWS\system32\rtutils.dll
2010-06-21 19:26:41 ----A---- C:\WINDOWS\system32\rtipxmib.dll
2010-06-21 19:26:41 ----A---- C:\WINDOWS\system32\rtcshare.exe
2010-06-21 19:26:40 ----A---- C:\WINDOWS\system32\scecli.dll
2010-06-21 19:26:40 ----A---- C:\WINDOWS\system32\sccsccp.dll
2010-06-21 19:26:40 ----A---- C:\WINDOWS\system32\scarddlg.dll
2010-06-21 19:26:40 ----A---- C:\WINDOWS\system32\safrslv.dll
2010-06-21 19:26:40 ----A---- C:\WINDOWS\system32\safrdm.dll
2010-06-21 19:26:40 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2010-06-21 19:26:40 ----A---- C:\WINDOWS\system32\runonce.exe
2010-06-21 19:26:39 ----A---- C:\WINDOWS\system32\schedsvc.dll
2010-06-21 19:26:39 ----A---- C:\WINDOWS\system32\scesrv.dll
2010-06-21 19:26:38 ----A---- C:\WINDOWS\system32\seclogon.dll
2010-06-21 19:26:38 ----A---- C:\WINDOWS\system32\sdbinst.exe
2010-06-21 19:26:38 ----A---- C:\WINDOWS\system32\scrrun.dll
2010-06-21 19:26:38 ----A---- C:\WINDOWS\system32\scrobj.dll
2010-06-21 19:26:38 ----A---- C:\WINDOWS\system32\sclgntfy.dll
2010-06-21 19:26:37 ----A---- C:\WINDOWS\system32\setup.exe
2010-06-21 19:26:37 ----A---- C:\WINDOWS\system32\sethc.exe
2010-06-21 19:26:37 ----A---- C:\WINDOWS\system32\servdeps.dll
2010-06-21 19:26:37 ----A---- C:\WINDOWS\system32\sensapi.dll
2010-06-21 19:26:37 ----A---- C:\WINDOWS\system32\sens.dll
2010-06-21 19:26:37 ----A---- C:\WINDOWS\system32\sendmail.dll
2010-06-21 19:26:37 ----A---- C:\WINDOWS\system32\sendcmsg.dll
2010-06-21 19:26:37 ----A---- C:\WINDOWS\system32\security.dll
2010-06-21 19:26:37 ----A---- C:\WINDOWS\system32\secur32.dll
2010-06-21 19:26:36 ----A---- C:\WINDOWS\system32\sfc_os.dll
2010-06-21 19:26:36 ----A---- C:\WINDOWS\system32\sfc.dll
2010-06-21 19:26:35 ----A---- C:\WINDOWS\system32\shdoclc.dll
2010-06-21 19:26:35 ----A---- C:\WINDOWS\system32\sfcfiles.dll
2010-06-21 19:26:34 ----A---- C:\WINDOWS\system32\shdocvw.dll
2010-06-21 19:26:31 ----A---- C:\WINDOWS\system32\shimgvw.dll
2010-06-21 19:26:31 ----A---- C:\WINDOWS\system32\shimeng.dll
2010-06-21 19:26:31 ----A---- C:\WINDOWS\system32\shgina.dll
2010-06-21 19:26:31 ----A---- C:\WINDOWS\system32\shfolder.dll
2010-06-21 19:26:31 ----A---- C:\WINDOWS\system32\shell32.dll
2010-06-21 19:26:30 ----A---- C:\WINDOWS\system32\shmgrate.exe
2010-06-21 19:26:30 ----A---- C:\WINDOWS\system32\shmedia.dll
2010-06-21 19:26:30 ----A---- C:\WINDOWS\system32\shlwapi.dll
2010-06-21 19:26:29 ----A---- C:\WINDOWS\system32\shsvcs.dll
2010-06-21 19:26:29 ----A---- C:\WINDOWS\system32\shscrap.dll
2010-06-21 19:26:29 ----A---- C:\WINDOWS\system32\shrpubw.exe
2010-06-21 19:26:28 ----A---- C:\WINDOWS\system32\sigverif.exe
2010-06-21 19:26:28 ----A---- C:\WINDOWS\system32\sigtab.dll
2010-06-21 19:26:28 ----A---- C:\WINDOWS\system32\shutdown.exe
2010-06-21 19:26:27 ----A---- C:\WINDOWS\system32\skeys.exe
2010-06-21 19:26:26 ----A---- C:\WINDOWS\system32\slbcsp.dll
2010-06-21 19:26:26 ----A---- C:\WINDOWS\system32\slayerxp.dll
2010-06-21 19:26:25 ----A---- C:\WINDOWS\system32\smlogcfg.dll
2010-06-21 19:26:25 ----A---- C:\WINDOWS\system32\slbiop.dll
2010-06-21 19:26:24 ----A---- C:\WINDOWS\system32\snmpsnap.dll
2010-06-21 19:26:24 ----A---- C:\WINDOWS\system32\snmpapi.dll
2010-06-21 19:26:24 ----A---- C:\WINDOWS\system32\sndrec32.exe
2010-06-21 19:26:24 ----A---- C:\WINDOWS\system32\smlogsvc.exe
2010-06-21 19:26:23 ----A---- C:\WINDOWS\system32\sort.exe
2010-06-21 19:26:22 ----A---- C:\WINDOWS\system32\spoolsv.exe
2010-06-21 19:26:22 ----A---- C:\WINDOWS\system32\spoolss.dll
2010-06-21 19:26:22 ----A---- C:\WINDOWS\system32\spider.exe
2010-06-21 19:26:21 ----A---- C:\WINDOWS\system32\srrstr.dll
2010-06-21 19:26:21 ----A---- C:\WINDOWS\system32\srclient.dll
2010-06-21 19:26:21 ----A---- C:\WINDOWS\system32\sqlunirl.dll
2010-06-21 19:26:21 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2010-06-21 19:26:20 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2010-06-21 19:26:20 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2010-06-21 19:26:20 ----A---- C:\WINDOWS\system32\srsvc.dll
2010-06-21 19:26:18 ----A---- C:\WINDOWS\system32\stobject.dll
2010-06-21 19:26:18 ----A---- C:\WINDOWS\system32\stimon.exe
2010-06-21 19:26:18 ----A---- C:\WINDOWS\system32\sti_ci.dll
2010-06-21 19:26:18 ----A---- C:\WINDOWS\system32\sti.dll
2010-06-21 19:26:18 ----A---- C:\WINDOWS\system32\stclient.dll
2010-06-21 19:26:17 ----A---- C:\WINDOWS\system32\synceng.dll
2010-06-21 19:26:17 ----A---- C:\WINDOWS\system32\sxs.dll
2010-06-21 19:26:17 ----A---- C:\WINDOWS\system32\svchost.exe
2010-06-21 19:26:17 ----A---- C:\WINDOWS\system32\strmdll.dll
2010-06-21 19:26:17 ----A---- C:\WINDOWS\system32\storprop.dll
2010-06-21 19:26:16 ----A---- C:\WINDOWS\system32\t2embed.dll
2010-06-21 19:26:16 ----A---- C:\WINDOWS\system32\sysocmgr.exe
2010-06-21 19:26:16 ----A---- C:\WINDOWS\system32\syncui.dll
2010-06-21 19:26:15 ----A---- C:\WINDOWS\system32\tapi3.dll
2010-06-21 19:26:14 ----A---- C:\WINDOWS\system32\tcpmon.ini
2010-06-21 19:26:14 ----A---- C:\WINDOWS\system32\tcpmon.dll
2010-06-21 19:26:14 ----A---- C:\WINDOWS\system32\tcpmib.dll
2010-06-21 19:26:14 ----A---- C:\WINDOWS\system32\taskmgr.exe
2010-06-21 19:26:14 ----A---- C:\WINDOWS\system32\tapisrv.dll
2010-06-21 19:26:14 ----A---- C:\WINDOWS\system32\tapi32.dll
2010-06-21 19:26:13 ----A---- C:\WINDOWS\system32\tourstart.exe
2010-06-21 19:26:13 ----A---- C:\WINDOWS\system32\themeui.dll
2010-06-21 19:26:13 ----A---- C:\WINDOWS\system32\termsrv.dll
2010-06-21 19:26:13 ----A---- C:\WINDOWS\system32\termmgr.dll
2010-06-21 19:26:13 ----A---- C:\WINDOWS\system32\telnet.exe
2010-06-21 19:26:12 ----A---- C:\WINDOWS\system32\udhisapi.dll
2010-06-21 19:26:12 ----A---- C:\WINDOWS\system32\txflog.dll
2010-06-21 19:26:12 ----A---- C:\WINDOWS\system32\tsddd.dll
2010-06-21 19:26:12 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2010-06-21 19:26:12 ----A---- C:\WINDOWS\system32\trkwks.dll
2010-06-21 19:26:12 ----A---- C:\WINDOWS\system32\tree.com
2010-06-21 19:26:12 ----A---- C:\WINDOWS\system32\tracert.exe
2010-06-21 19:26:11 ----A---- C:\WINDOWS\system32\unimdmat.dll
2010-06-21 19:26:11 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
2010-06-21 19:26:11 ----A---- C:\WINDOWS\system32\umandlg.dll
2010-06-21 19:26:10 ----A---- C:\WINDOWS\system32\upnpui.dll
2010-06-21 19:26:10 ----A---- C:\WINDOWS\system32\upnphost.dll
2010-06-21 19:26:10 ----A---- C:\WINDOWS\system32\upnpcont.exe
2010-06-21 19:26:10 ----A---- C:\WINDOWS\system32\upnp.dll
2010-06-21 19:26:10 ----A---- C:\WINDOWS\system32\uniplat.dll
2010-06-21 19:26:09 ----A---- C:\WINDOWS\system32\usbui.dll
2010-06-21 19:26:09 ----A---- C:\WINDOWS\system32\usbmon.dll
2010-06-21 19:26:09 ----A---- C:\WINDOWS\system32\urlmon.dll
2010-06-21 19:26:09 ----A---- C:\WINDOWS\system32\url.dll
2010-06-21 19:26:09 ----A---- C:\WINDOWS\system32\ups.exe
2010-06-21 19:26:08 ----A---- C:\WINDOWS\system32\user32.dll
2010-06-21 19:26:07 ----A---- C:\WINDOWS\system32\vbajet32.dll
2010-06-21 19:26:07 ----A---- C:\WINDOWS\system32\uxtheme.dll
2010-06-21 19:26:07 ----A---- C:\WINDOWS\system32\utilman.exe
2010-06-21 19:26:07 ----A---- C:\WINDOWS\system32\usp10.dll
2010-06-21 19:26:07 ----A---- C:\WINDOWS\system32\userenv.dll
2010-06-21 19:26:06 ----A---- C:\WINDOWS\system32\verifier.dll
2010-06-21 19:26:06 ----A---- C:\WINDOWS\system32\vdmredir.dll
2010-06-21 19:26:06 ----A---- C:\WINDOWS\system32\vdmdbg.dll
2010-06-21 19:26:06 ----A---- C:\WINDOWS\system32\vbscript.dll
2010-06-21 19:26:05 ----A---- C:\WINDOWS\system32\vssapi.dll
2010-06-21 19:26:05 ----A---- C:\WINDOWS\system32\version.dll
2010-06-21 19:26:04 ----A---- C:\WINDOWS\system32\wavemsp.dll
2010-06-21 19:26:04 ----A---- C:\WINDOWS\system32\w32time.dll
2010-06-21 19:26:04 ----A---- C:\WINDOWS\system32\vssvc.exe
2010-06-21 19:26:03 ----A---- C:\WINDOWS\system32\webcheck.dll
2010-06-21 19:26:03 ----A---- C:\WINDOWS\system32\wdigest.dll
2010-06-21 19:26:02 ----A---- C:\WINDOWS\system32\webvw.dll
2010-06-21 19:26:02 ----A---- C:\WINDOWS\system32\webclnt.dll
2010-06-21 19:26:01 ----A---- C:\WINDOWS\system32\wiadefui.dll
2010-06-21 19:26:01 ----A---- C:\WINDOWS\system32\wiaacmgr.exe
2010-06-21 19:26:01 ----A---- C:\WINDOWS\system32\wextract.exe
2010-06-21 19:26:00 ----A---- C:\WINDOWS\system32\wiashext.dll
2010-06-21 19:26:00 ----A---- C:\WINDOWS\system32\wiaservc.dll
2010-06-21 19:26:00 ----A---- C:\WINDOWS\system32\wiascr.dll
2010-06-21 19:26:00 ----A---- C:\WINDOWS\system32\wiadss.dll
2010-06-21 19:25:59 ----A---- C:\WINDOWS\system32\wininet.dll
2010-06-21 19:25:59 ----A---- C:\WINDOWS\system32\wiavideo.dll
2010-06-21 19:25:58 ----A---- C:\WINDOWS\system32\winmm.dll
2010-06-21 19:25:58 ----A---- C:\WINDOWS\system32\winlogon.exe
2010-06-21 19:25:58 ----A---- C:\WINDOWS\system32\winipsec.dll
2010-06-21 19:25:57 ----A---- C:\WINDOWS\system32\winntbbu.dll
2010-06-21 19:25:56 ----A---- C:\WINDOWS\system32\winsta.dll
2010-06-21 19:25:56 ----A---- C:\WINDOWS\system32\winsrv.dll
2010-06-21 19:25:56 ----A---- C:\WINDOWS\system32\winscard.dll
2010-06-21 19:25:56 ----A---- C:\WINDOWS\system32\winrnr.dll
2010-06-21 19:25:55 ----A---- C:\WINDOWS\system32\winver.exe
2010-06-21 19:25:55 ----A---- C:\WINDOWS\system32\wintrust.dll
2010-06-21 19:25:54 ----A---- C:\WINDOWS\system32\wmadmod.dll
2010-06-21 19:25:54 ----A---- C:\WINDOWS\system32\wlnotify.dll
2010-06-21 19:25:54 ----A---- C:\WINDOWS\system32\wldap32.dll
2010-06-21 19:25:53 ----A---- C:\WINDOWS\system32\wmadmoe.dll
2010-06-21 19:25:52 ----A---- C:\WINDOWS\system32\wmasf.dll
2010-06-21 19:25:51 ----A---- C:\WINDOWS\system32\WMNetmgr.dll
2010-06-21 19:25:51 ----A---- C:\WINDOWS\system32\wmi.dll
2010-06-21 19:25:51 ----A---- C:\WINDOWS\system32\wmdmps.dll
2010-06-21 19:25:51 ----A---- C:\WINDOWS\system32\wmdmlog.dll
2010-06-21 19:25:50 ----A---- C:\WINDOWS\system32\wmpcore.dll
2010-06-21 19:25:50 ----A---- C:\WINDOWS\system32\wmpcd.dll
2010-06-21 19:25:49 ----A---- C:\WINDOWS\system32\wmploc.dll
2010-06-21 19:25:47 ----A---- C:\WINDOWS\system32\wmpui.dll
2010-06-21 19:25:47 ----A---- C:\WINDOWS\system32\wmpshell.dll
2010-06-21 19:25:45 ----A---- C:\WINDOWS\system32\wmsdmod.dll
2010-06-21 19:25:44 ----A---- C:\WINDOWS\system32\wmstream.dll
2010-06-21 19:25:44 ----A---- C:\WINDOWS\system32\wmsdmoe.dll
2010-06-21 19:25:43 ----A---- C:\WINDOWS\system32\WMVCore.dll
2010-06-21 19:25:41 ----A---- C:\WINDOWS\system32\wmvdmod.dll
2010-06-21 19:25:40 ----A---- C:\WINDOWS\system32\wpabaln.exe
2010-06-21 19:25:40 ----A---- C:\WINDOWS\system32\wow32.dll
2010-06-21 19:25:39 ----A---- C:\WINDOWS\system32\wshcon.dll
2010-06-21 19:25:39 ----A---- C:\WINDOWS\system32\wscript.exe
2010-06-21 19:25:39 ----A---- C:\WINDOWS\system32\ws2help.dll
2010-06-21 19:25:39 ----A---- C:\WINDOWS\system32\ws2_32.dll
2010-06-21 19:25:39 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2010-06-21 19:25:38 ----A---- C:\WINDOWS\system32\wshrm.dll
2010-06-21 19:25:38 ----A---- C:\WINDOWS\system32\wshirda.dll
2010-06-21 19:25:38 ----A---- C:\WINDOWS\system32\wship6.dll
2010-06-21 19:25:38 ----A---- C:\WINDOWS\system32\wshext.dll
2010-06-21 19:25:37 ----A---- C:\WINDOWS\system32\wsock32.dll
2010-06-21 19:25:37 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2010-06-21 19:25:37 ----A---- C:\WINDOWS\system32\wshtcpip.dll
2010-06-21 19:25:36 ----A---- C:\WINDOWS\system32\xcopy.exe
2010-06-21 19:25:36 ----A---- C:\WINDOWS\system32\xactsrv.dll
2010-06-21 19:25:36 ----A---- C:\WINDOWS\system32\wzcsvc.dll
2010-06-21 19:25:36 ----A---- C:\WINDOWS\system32\wzcsapi.dll
2010-06-21 19:25:36 ----A---- C:\WINDOWS\system32\wzcdlg.dll
2010-06-21 19:25:36 ----A---- C:\WINDOWS\system32\wtsapi32.dll
2010-06-21 19:25:36 ----A---- C:\WINDOWS\system32\wstdecod.dll
2010-06-21 19:25:35 ----A---- C:\WINDOWS\system32\zipfldr.dll
2010-06-21 19:25:35 ----A---- C:\WINDOWS\system32\xolehlp.dll
2010-06-21 19:25:35 ----A---- C:\WINDOWS\system32\xenroll.dll
2010-06-21 19:25:25 ----A---- C:\WINDOWS\system32\advapi32.dll
2010-06-21 19:25:24 ----A---- C:\WINDOWS\system32\autoconv.exe
2010-06-21 19:25:24 ----A---- C:\WINDOWS\system32\autochk.exe
2010-06-21 19:25:23 ----A---- C:\WINDOWS\system32\comctl32.dll
2010-06-21 19:25:23 ----A---- C:\WINDOWS\system32\cmd.exe
2010-06-21 19:25:23 ----A---- C:\WINDOWS\system32\cacls.exe
2010-06-21 19:25:22 ----A---- C:\WINDOWS\system32\format.com
2010-06-21 19:25:22 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2010-06-21 19:25:22 ----A---- C:\WINDOWS\system32\csrsrv.dll
2010-06-21 19:25:22 ----A---- C:\WINDOWS\system32\comdlg32.dll
2010-06-21 19:25:21 ----A---- C:\WINDOWS\system32\imagehlp.dll
2010-06-21 19:25:21 ----A---- C:\WINDOWS\system32\ftp.exe
2010-06-21 19:25:20 ----A---- C:\WINDOWS\system32\locator.exe
2010-06-21 19:25:20 ----A---- C:\WINDOWS\system32\localspl.dll
2010-06-21 19:25:20 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2010-06-21 19:25:20 ----A---- C:\WINDOWS\system32\kernel32.dll
2010-06-21 19:25:19 ----A---- C:\WINDOWS\system32\lsasrv.dll
2010-06-21 19:25:18 ----A---- C:\WINDOWS\system32\msv1_0.dll
2010-06-21 19:25:18 ----A---- C:\WINDOWS\system32\msgsvc.dll
2010-06-21 19:25:18 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2010-06-21 19:25:17 ----A---- C:\WINDOWS\system32\ntprint.dll
2010-06-21 19:25:17 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2010-06-21 19:25:17 ----A---- C:\WINDOWS\system32\ntdll.dll
2010-06-21 19:25:17 ----A---- C:\WINDOWS\system32\nslookup.exe
2010-06-21 19:25:16 ----A---- C:\WINDOWS\system32\nwprovau.dll
2010-06-21 19:25:16 ----A---- C:\WINDOWS\system32\ntvdm.exe
2010-06-21 19:25:15 ----A---- C:\WINDOWS\system32\oleaut32.dll
2010-06-21 19:25:14 ----A---- C:\WINDOWS\system32\olecnv32.dll
2010-06-21 19:25:13 ----A---- C:\WINDOWS\system32\perfctrs.dll
2010-06-21 19:25:12 ----A---- C:\WINDOWS\system32\rasauto.dll
2010-06-21 19:25:12 ----A---- C:\WINDOWS\system32\rasapi32.dll
2010-06-21 19:25:12 ----A---- C:\WINDOWS\system32\printui.dll
2010-06-21 19:25:11 ----A---- C:\WINDOWS\system32\samsrv.dll
2010-06-21 19:25:11 ----A---- C:\WINDOWS\system32\samlib.dll
2010-06-21 19:25:11 ----A---- C:\WINDOWS\system32\rshx32.dll
2010-06-21 19:25:11 ----A---- C:\WINDOWS\system32\rastapi.dll
2010-06-21 19:25:11 ----A---- C:\WINDOWS\system32\rasman.dll
2010-06-21 19:25:11 ----A---- C:\WINDOWS\system32\rasdlg.dll
2010-06-21 19:25:10 ----A---- C:\WINDOWS\system32\services.exe
2010-06-21 19:25:10 ----A---- C:\WINDOWS\system32\schannel.dll
2010-06-21 19:25:10 ----A---- C:\WINDOWS\system32\scardsvr.exe
2010-06-21 19:25:10 ----A---- C:\WINDOWS\system32\savedump.exe
2010-06-21 19:25:09 ----A---- C:\WINDOWS\system32\sessmgr.exe
2010-06-21 19:25:08 ----A---- C:\WINDOWS\system32\smss.exe
2010-06-21 19:25:08 ----A---- C:\WINDOWS\system32\setupapi.dll
2010-06-21 19:25:07 ----A---- C:\WINDOWS\system32\srvsvc.dll
2010-06-21 19:25:06 ----A---- C:\WINDOWS\system32\userinit.exe
2010-06-21 19:25:06 ----A---- C:\WINDOWS\system32\untfs.dll
2010-06-21 19:25:06 ----A---- C:\WINDOWS\system32\ulib.dll
2010-06-21 19:25:06 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2010-06-21 19:25:06 ----A---- C:\WINDOWS\system32\syssetup.dll
2010-06-21 19:25:04 ----A---- C:\WINDOWS\system32\wkssvc.dll
2010-06-21 19:25:04 ----A---- C:\WINDOWS\system32\win32spl.dll
2010-06-21 19:24:38 ----A---- C:\ntdetect.com
2010-06-21 19:24:37 ----A---- C:\WINDOWS\system32\HAL.DLL
2010-06-21 19:24:35 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2010-06-21 19:24:33 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2010-06-21 19:00:24 ----D---- C:\000e55a71bd05f0e73
2010-06-21 18:17:16 ----D---- C:\WINDOWS\ServicePackFiles
2010-06-21 18:17:15 ----D---- C:\WINDOWS\ehome
2010-06-21 18:17:06 ----N---- C:\WINDOWS\system32\wmvcore2.dll
2010-06-21 18:15:20 ----A---- C:\WINDOWS\system32\dbmsadsn.dll
2010-06-21 18:15:19 ----A---- C:\WINDOWS\system32\dbmsvinn.dll
2010-06-21 18:14:50 ----A---- C:\WINDOWS\system32\mindex.dll
2010-06-21 18:14:33 ----A---- C:\WINDOWS\system32\msisam11.dll
2010-06-21 18:14:23 ----A---- C:\WINDOWS\system32\msuni11.dll
2010-06-21 18:13:48 ----A---- C:\WINDOWS\system32\sccbase.dll
2010-06-21 18:13:18 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2010-06-21 18:13:00 ----A---- C:\WINDOWS\system32\wmpstub.exe
2010-06-21 18:12:57 ----A---- C:\WINDOWS\system32\wmv8dmod.dll
2010-06-21 18:12:54 ----A---- C:\WINDOWS\system32\wmvdmoe.dll
2010-06-21 18:10:14 ----A---- C:\WINDOWS\001118_.tmp
2010-06-21 18:07:56 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-06-20 22:23:52 ----D---- C:\Documents and Settings\user\Dane aplikacji\Macromedia
2010-06-20 22:14:31 ----D---- C:\Documents and Settings\user\Dane aplikacji\Opera
2010-06-20 22:14:16 ----D---- C:\Program Files\Opera
2010-06-20 22:02:45 ----D---- C:\WINDOWS\system32\bits
2010-06-20 22:02:35 ----HDC---- C:\WINDOWS\$NtUninstallKB842773$
2010-06-20 21:59:39 ----A---- C:\WINDOWS\system32\wups2.dll
2010-06-20 21:59:39 ----A---- C:\WINDOWS\system32\wups.dll
2010-06-20 21:59:39 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2010-06-20 21:59:39 ----A---- C:\WINDOWS\system32\wucltui.dll
2010-06-20 21:59:38 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2010-06-20 21:59:37 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2010-06-20 21:59:37 ----A---- C:\WINDOWS\system32\wuapi.dll
2010-06-20 21:57:54 ----D---- C:\WINDOWS\SoftwareDistribution
2010-06-20 20:07:12 ----A---- C:\WINDOWS\WINCMD.INI
2010-06-20 20:03:46 ----SHD---- C:\RECYCLER
2010-06-20 17:04:55 ----ASH---- C:\Documents and Settings\user\Dane aplikacji\desktop.ini
2010-06-20 17:04:53 ----D---- C:\Documents and Settings\user\Dane aplikacji\InterTrust
2010-06-20 17:04:53 ----D---- C:\Documents and Settings\user\Dane aplikacji\Identities
2010-06-20 17:04:53 ----D---- C:\Documents and Settings\user\Dane aplikacji\Adobe
2010-06-20 17:04:52 ----SD---- C:\Documents and Settings\user\Dane aplikacji\Microsoft
2010-06-20 17:04:52 ----D---- C:\Documents and Settings\user\Dane aplikacji\Symantec
2010-06-19 22:26:43 ----D---- C:\WINDOWS\system32\dla
2010-06-19 22:26:43 ----A---- C:\WINDOWS\wininit.ini
2010-06-19 22:26:43 ----A---- C:\WINDOWS\system32\tfswapi.dll
2010-06-19 22:26:43 ----A---- C:\WINDOWS\dla.exe
2010-06-19 22:26:42 ----D---- C:\Program Files\HP DLA
2010-06-19 22:26:32 ----D---- C:\Program Files\HP RecordNow
2010-06-19 22:26:06 ----D---- C:\Program Files\InterVideo

======List of files/folders modified in the last 3 months======

2010-07-04 12:58:39 ----D---- C:\WINDOWS\Temp
2010-07-04 12:58:27 ----RD---- C:\Program Files
2010-07-04 12:44:59 ----HD---- C:\WINDOWS\inf
2010-07-04 12:37:37 ----D---- C:\WINDOWS
2010-07-04 12:37:35 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-04 12:29:42 ----AD---- C:\WINDOWS\system32
2010-07-04 12:28:06 ----RSHD---- C:\WINDOWS\system32\dllcache
2010-07-04 12:28:06 ----D---- C:\Program Files\Outlook Express
2010-07-04 11:09:08 ----SHD---- C:\WINDOWS\Installer
2010-07-04 10:31:21 ----RSD---- C:\WINDOWS\Fonts
2010-07-04 10:29:10 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-07-04 10:24:24 ----D---- C:\WINDOWS\WinSxS
2010-07-04 10:06:37 ----A---- C:\WINDOWS\imsins.BAK
2010-07-04 10:00:54 ----D---- C:\WINDOWS\system32\drivers
2010-07-03 22:44:04 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-06-25 20:33:49 ----D---- C:\WINDOWS\AppPatch
2010-06-23 14:06:37 ----D---- C:\Program Files\Hewlett-Packard
2010-06-23 08:09:20 ----D---- C:\Program Files\Common Files\Adobe
2010-06-22 20:29:56 ----D---- C:\Program Files\Common Files
2010-06-22 20:27:34 ----SD---- C:\WINDOWS\Tasks
2010-06-22 20:12:54 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Symantec
2010-06-22 07:29:22 ----D---- C:\WINDOWS\Debug
2010-06-21 23:11:23 ----D---- C:\WINDOWS\system32\config
2010-06-21 23:04:59 ----SD---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
2010-06-21 23:04:59 ----D---- C:\WINDOWS\PCHEALTH
2010-06-21 22:32:45 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-21 22:29:43 ----A---- C:\WINDOWS\OEWABLog.txt
2010-06-21 22:28:30 ----A---- C:\WINDOWS\win.ini
2010-06-21 22:28:29 ----D---- C:\Program Files\Windows Media Player
2010-06-21 22:28:05 ----D---- C:\WINDOWS\system32\inetsrv
2010-06-21 22:26:43 ----A---- C:\WINDOWS\setuplog.txt
2010-06-21 22:26:35 ----D---- C:\WINDOWS\system32\wbem
2010-06-21 22:25:39 ----SHD---- C:\System Volume Information
2010-06-21 22:25:31 ----D---- C:\WINDOWS\system32\Setup
2010-06-21 22:25:31 ----D---- C:\Program Files\Messenger
2010-06-21 22:22:57 ----D---- C:\WINDOWS\system32\CatRoot
2010-06-21 22:22:42 ----D---- C:\WINDOWS\security
2010-06-21 22:17:55 ----RASH---- C:\boot.ini
2010-06-21 22:10:56 ----D---- C:\WINDOWS\Help
2010-06-21 22:10:23 ----D---- C:\WINDOWS\ime
2010-06-21 22:09:49 ----D---- C:\WINDOWS\system32\usmt
2010-06-21 22:09:49 ----D---- C:\WINDOWS\system32\oobe
2010-06-21 22:09:46 ----D---- C:\Program Files\Movie Maker
2010-06-21 22:09:46 ----D---- C:\Program Files\Internet Explorer
2010-06-21 22:09:42 ----D---- C:\WINDOWS\Media
2010-06-21 22:02:57 ----D---- C:\WINDOWS\system32\Restore
2010-06-21 22:02:56 ----D---- C:\WINDOWS\system32\npp
2010-06-21 22:02:54 ----D---- C:\WINDOWS\msagent
2010-06-21 22:02:50 ----D---- C:\WINDOWS\srchasst
2010-06-21 22:02:48 ----D---- C:\Program Files\NetMeeting
2010-06-21 22:02:45 ----D---- C:\WINDOWS\system32\Com
2010-06-21 22:02:40 ----D---- C:\Program Files\Windows NT
2010-06-21 22:02:31 ----D---- C:\Program Files\Common Files\System
2010-06-21 22:01:49 ----D---- C:\WINDOWS\system
2010-06-21 21:58:08 ----RD---- C:\WINDOWS\Web
2010-06-21 21:54:35 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-06-20 21:59:42 ----HD---- C:\Program Files\WindowsUpdate
2010-06-20 21:57:54 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-06-20 17:04:51 ----D---- C:\Documents and Settings
2010-06-19 22:26:06 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-19 22:22:21 ----D---- C:\WINDOWS\Registration
2010-06-19 22:18:29 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2002-01-28 5589]
R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2002-01-28 22963]
R1 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-30 12032]
R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2002-02-12 40096]
R2 HPGate;HPGate; C:\WINDOWS\System32\Drivers\HPGate.sys [2002-04-19 6848]
R2 irda;Protokół IrDA; C:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-14 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2001-10-22 9855]
R2 StreamDispatcher;StreamDispatcher; C:\WINDOWS\System32\DRIVERS\strmdisp.sys [2002-03-27 34224]
R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2002-03-14 23607]
R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2002-03-14 34743]
R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2002-03-14 4119]
R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2002-03-14 2203]
R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2002-03-14 52758]
R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2002-03-14 13847]
R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2002-03-14 6327]
R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2002-03-14 88758]
R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2002-03-14 94679]
R3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2002-04-22 426624]
R3 CALIAUD;HP ALI 3D Environmental Audio; C:\WINDOWS\system32\drivers\caliaud.sys [2002-04-12 321504]
R3 CALIHALA;CALIHALA; C:\WINDOWS\system32\drivers\calihal.sys [2002-04-12 225504]
R3 CmBatt;Sterownik baterii Microsoft o metodzie kontroli ACPI; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 DP83815;National Semiconductor Corp. DP83815 NDIS 5.0 Miniport Driver; C:\WINDOWS\System32\DRIVERS\DP83815.SYS [2002-05-20 16064]
R3 HPCI;HP Configuration Interface; C:\WINDOWS\System32\DRIVERS\hpci.sys [2002-01-30 14472]
R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2002-03-27 1171616]
R3 HSFHWALI;HSFHWALI; C:\WINDOWS\System32\DRIVERS\HSFHWALI.sys [2002-03-27 153380]
R3 KBFiltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\KBFiltr.sys [2002-04-01 14643]
R3 MODEMCSA;Urządzenie filtru strumieniowego usługi Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\System32\DRIVERS\SynTP.sys [2002-04-12 252880]
R3 usbhub;Koncentrator z obsługą USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Sterownik Miniport otwartego kontrolera hosta USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2002-03-27 594960]
S3 ALiIRDA;ALi Infrared Device Driver; C:\WINDOWS\System32\DRIVERS\aliirda.sys [2001-12-17 26112]
S3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 LEX_NIC_SERVICE;IEEE 802.11 Wireless NIC Win2000 Driver; C:\WINDOWS\System32\DRIVERS\Express.sys [2002-01-18 57344]
S3 mouhid;Sterownik myszy HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-26 12160]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2002-04-22 118784]
R2 Browser Defender Update Service;Browser Defender Update Service; C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe [2010-06-18 198608]
R2 HPConfig;HP Configuration Interface Service; C:\WINDOWS\system32\HPConfig.exe [2002-03-14 151552]
R2 Irmon;Monitor podczerwieni; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\PC Tools Security\pctsAuxs.exe [2010-03-11 366840]
R2 sdCoreService;PC Tools Security Service; C:\Program Files\PC Tools Security\pctsSvc.exe [2010-03-15 1142224]
R3 RadioSvr;RadioSvr; C:\WINDOWS\system32\RadioSvr.exe [2002-03-25 122880]
S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S2 HpRfDev;HP RF Device Service; C:\WINDOWS\system32\HpRfDev.exe [2002-01-18 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------
[/log]

Co mam teraz zrobić?

Gość
komentarz
komentarz

pokaz swiezy log z otl'a

Tomek01
komentarz
komentarz (edytowane)

A po co Ci kolejny log z OTL ?
Przecież tu wszystko pięknie widać a nowy będzie się różnić tylko jednym szczegółem.

gosia1995
komentarz
komentarz

oto on
[log]OTL logfile created on: 2010-07-04 19:16:04 - Run 2
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\user\Moje dokumenty
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

254,00 Mb Total Physical Memory | 35,00 Mb Available Physical Memory | 14,00% Memory free
657,00 Mb Paging File | 71,00 Mb Available in Paging File | 11,00% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 27,92 Gb Total Space | 17,51 Gb Free Space | 62,70% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HEWLETT-DUT2OTV
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-07-03 14:29:44 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\OTL.exe
PRC - [2010-06-26 10:49:39 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-06-26 10:49:39 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-06-18 17:00:10 | 000,198,608 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2010-05-11 11:51:52 | 001,287,120 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsTray.exe
PRC - [2010-03-15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsSvc.exe
PRC - [2010-03-11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsAuxs.exe
PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 22:51:32 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2002-04-22 22:00:16 | 000,282,624 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\system32\atiptaxx.exe
PRC - [2002-04-22 20:13:58 | 000,118,784 | ---- | M] () -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2002-04-20 13:56:36 | 000,077,824 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Hewlett-Packard\One-Touch\ONETOUCH.EXE
PRC - [2002-04-12 13:54:22 | 000,126,976 | R--- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2002-04-12 13:53:14 | 000,536,576 | R--- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2002-03-27 12:18:44 | 000,004,608 | ---- | M] (Conexant Systems) -- C:\WINDOWS\system32\carpserv.exe
PRC - [2002-03-25 18:38:38 | 000,122,880 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\RadioSvr.exe
PRC - [2002-03-14 13:12:46 | 000,151,552 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\HPConfig.exe
PRC - [2002-03-14 03:25:00 | 000,102,455 | ---- | M] (VERITAS Software, Inc.) -- C:\WINDOWS\system32\dla\tfswctrl.exe
PRC - [2002-03-07 18:57:50 | 000,061,440 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-07-03 14:29:44 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\OTL.exe
MOD - [2010-02-26 07:16:18 | 000,154,160 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\smum32.dll
MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-04-15 16:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-06-17 21:03:15 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 22:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2002-04-12 13:54:00 | 000,065,536 | R--- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- -- (gupdate) Usługa Google Update (gupdate)
SRV - [2010-06-18 17:00:10 | 000,198,608 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010-03-15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2010-03-11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2002-03-25 18:38:38 | 000,122,880 | ---- | M] (Hewlett-Packard) [On_Demand | Running] -- C:\WINDOWS\system32\RadioSvr.exe -- (RadioSvr)
SRV - [2002-03-14 13:12:46 | 000,151,552 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPConfig.exe -- (HPConfig)
SRV - [2002-01-18 18:33:40 | 000,069,632 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\WINDOWS\system32\HpRfDev.exe -- (HpRfDev)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-03-29 10:06:14 | 000,218,592 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2002-05-20 10:51:26 | 000,016,064 | ---- | M] (National Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DP83815.sys -- (DP83815)
DRV - [2002-04-22 21:20:22 | 000,426,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2002-04-19 10:36:54 | 000,006,848 | ---- | M] (Hewlett-Packard Co.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Hpgate.sys -- (HPGate)
DRV - [2002-04-12 17:38:08 | 000,225,504 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\calihal.sys -- (CALIHALA)
DRV - [2002-04-12 17:33:28 | 000,321,504 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\caliaud.sys -- (CALIAUD)
DRV - [2002-04-12 13:42:04 | 000,252,880 | R--- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2002-04-01 17:05:08 | 000,014,643 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KBFILTR.SYS -- (KBFiltr)
DRV - [2002-03-27 12:18:52 | 000,034,224 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\strmdisp.sys -- (StreamDispatcher)
DRV - [2002-03-27 12:17:26 | 000,153,380 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWALI.sys -- (HSFHWALI)
DRV - [2002-03-27 12:16:14 | 001,171,616 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2002-03-27 12:10:00 | 000,594,960 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2002-03-14 03:25:00 | 000,094,679 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2002-03-14 03:25:00 | 000,088,758 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2002-03-14 03:25:00 | 000,052,758 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2002-03-14 03:25:00 | 000,034,743 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2002-03-14 03:25:00 | 000,023,607 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2002-03-14 03:25:00 | 000,013,847 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2002-03-14 03:25:00 | 000,006,327 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2002-03-14 03:25:00 | 000,004,119 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2002-03-14 03:25:00 | 000,002,203 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2002-02-15 03:21:00 | 000,078,048 | ---- | M] (VERITAS Software, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2002-02-12 02:56:00 | 000,040,096 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2002-01-30 13:33:42 | 000,014,472 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hpci.sys -- (HPCI)
DRV - [2002-01-28 17:04:04 | 000,005,589 | ---- | M] (VERITAS Software, Inc.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2002-01-28 17:03:18 | 000,022,963 | ---- | M] (VERITAS Software, Inc.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2002-01-18 12:00:00 | 000,057,344 | ---- | M] (LAN-Express) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Express.sys -- (LEX_NIC_SERVICE)
DRV - [2001-12-17 23:54:32 | 000,026,112 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aliirda.sys -- (ALiIRDA)
DRV - [2001-10-30 04:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001-08-31 17:49:18 | 000,030,733 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ALiAGP.sys -- (ALiAGP)
DRV - [2001-08-17 21:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com/info/homepage-o
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com/info/homepage-o
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com/info/homepage-o
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com/info/homepage-o
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:2.0.1

FF - HKLM\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\ [2010-06-22 15:54:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-07-03 22:27:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-07-03 22:13:21 | 000,000,000 | ---D | M]

[2010-07-03 22:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Extensions
[2010-07-03 22:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\u1b59a8k.default\extensions
[2010-07-03 22:13:25 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-06-26 09:59:22 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-06-26 09:59:22 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-06-26 09:59:22 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-06-26 09:59:22 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-06-26 09:59:22 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-06-26 09:59:22 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-30 04:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [CARPService] C:\WINDOWS\System32\carpserv.exe (Conexant Systems)
O4 - HKLM..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe (Hewlett-Packard)
O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [QT4HPOT] C:\Program Files\Hewlett-Packard\One-Touch\ONETOUCH.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005..\Run: [EXPLORER.EXE] C:\WINDOWS\explorer.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005..\Run: [wsctf.exe] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O15 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\..Trusted Domains: ([]msn in Mój komputer)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1277063856334 (WUWebControl Class)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.243.39.61
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (EXPLORER.EXE) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002-06-14 13:49:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010-07-04 12:57:32 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2002-06-14 13:33:32 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-07-04 12:58:27 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010-07-04 12:58:25 | 000,000,000 | ---D | C] -- C:\rsit
[2010-07-04 12:57:32 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010-07-04 11:09:09 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010-07-03 23:47:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\Pobieranie
[2010-07-03 23:38:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\MSN6
[2010-07-03 23:38:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\MSN6
[2010-07-03 22:27:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla
[2010-07-03 21:27:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Mozilla
[2010-07-03 21:25:39 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010-07-03 14:33:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Kopia Moje obrazy
[2010-07-03 14:31:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit\Zdjęcia
[2010-07-03 14:29:41 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\OTL.exe
[2010-06-23 15:58:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010-06-23 15:58:39 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010-06-23 14:06:53 | 000,143,360 | R--- | C] (Zenographics) -- C:\WINDOWS\apptune1020.exe
[2010-06-23 14:06:44 | 000,086,016 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZSPOOL.DLL
[2010-06-23 14:06:44 | 000,086,016 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZLhp1020.dll
[2010-06-23 14:06:44 | 000,028,672 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\IMF32.DLL
[2010-06-23 14:06:44 | 000,024,576 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZTAG32.DLL
[2010-06-23 14:06:43 | 000,028,672 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\zlm.dll
[2010-06-23 14:06:31 | 000,000,000 | -H-D | C] -- C:\Program Files\Zenographics
[2010-06-23 13:53:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Opera
[2010-06-23 13:53:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Opera
[2010-06-22 22:38:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files
[2010-06-22 22:29:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Moje wideo
[2010-06-22 22:17:35 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010-06-22 20:15:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010-06-22 15:54:50 | 000,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
[2010-06-22 15:54:49 | 001,435,600 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
[2010-06-22 15:54:49 | 000,264,144 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll
[2010-06-22 15:54:36 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010-06-22 15:54:21 | 000,218,592 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2010-06-22 15:54:21 | 000,088,040 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2010-06-22 15:53:55 | 000,063,360 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2010-06-22 15:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010-06-22 15:53:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\PC Tools
[2010-06-22 15:53:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Tools
[2010-06-22 15:53:18 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security
[2010-06-22 15:05:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google
[2010-06-22 07:40:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
[2010-06-22 07:39:33 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010-06-22 07:39:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google
[2010-06-21 23:31:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-06-21 23:29:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\Notesy programu OneNote
[2010-06-21 23:07:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010-06-21 23:06:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010-06-21 22:58:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2010-06-21 22:57:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft Help
[2010-06-21 22:56:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010-06-21 22:56:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
[2010-06-21 22:52:33 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010-06-21 22:27:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo
[2010-06-21 22:26:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010-06-21 22:09:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-pl
[2010-06-21 22:09:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\provisioning
[2010-06-21 22:09:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010-06-21 22:09:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl
[2010-06-21 22:09:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\peernet
[2010-06-21 19:51:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010-06-21 19:46:18 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-06-21 19:46:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-06-21 19:29:47 | 000,050,688 | ---- | C] (Grupa robocza Twain) -- C:\WINDOWS\twain_32.dll
[2010-06-21 19:00:24 | 000,000,000 | ---D | C] -- C:\000e55a71bd05f0e73
[2010-06-21 18:17:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010-06-21 18:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2010-06-21 18:07:56 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010-06-20 22:23:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Macromedia
[2010-06-20 22:14:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Opera
[2010-06-20 22:14:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Opera
[2010-06-20 22:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2010-06-20 22:02:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010-06-20 21:57:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010-06-20 20:06:49 | 001,074,896 | ---- | C] (C. Ghisler & Co.) -- C:\Documents and Settings\user\Pulpit\TOTALCMD.EXE
[2010-06-20 20:04:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit\Moje Koffane!!!
[2010-06-20 20:03:46 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010-06-20 17:04:53 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user\Cookies
[2010-06-20 17:04:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\InterTrust
[2010-06-20 17:04:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Identities
[2010-06-20 17:04:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Adobe
[2010-06-20 17:04:52 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user\Dane aplikacji\Microsoft
[2010-06-20 17:04:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\SendTo
[2010-06-20 17:04:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent
[2010-06-20 17:04:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Dane aplikacji
[2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Ulubione
[2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Moje obrazy
[2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty
[2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Moja muzyka
[2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Menu Start
[2010-06-20 17:04:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\Ustawienia lokalne
[2010-06-20 17:04:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\Szablony
[2010-06-20 17:04:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\PrintHood
[2010-06-20 17:04:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\NetHood
[2010-06-20 17:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Symantec
[2010-06-20 17:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit
[2010-06-20 17:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\My eBooks
[2010-06-20 17:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-06-19 22:26:44 | 000,078,048 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\drvmcdb.sys
[2010-06-19 22:26:44 | 000,040,096 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\drvnddm.sys
[2010-06-19 22:26:44 | 000,005,589 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\sscdbhk5.sys
[2010-06-19 22:26:43 | 000,098,354 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\dla.exe
[2010-06-19 22:26:43 | 000,061,494 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\tfswapi.dll
[2010-06-19 22:26:43 | 000,022,963 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\ssrtln.sys
[2010-06-19 22:26:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dla
[2010-06-19 22:26:42 | 000,000,000 | ---D | C] -- C:\Program Files\HP DLA
[2010-06-19 22:26:32 | 000,000,000 | ---D | C] -- C:\Program Files\HP RecordNow
[2010-06-19 22:26:06 | 000,000,000 | ---D | C] -- C:\Program Files\InterVideo
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-07-04 18:44:06 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-07-04 15:44:10 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-07-04 15:43:53 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-07-04 15:43:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-07-04 15:42:04 | 001,048,576 | -H-- | M] () -- C:\Documents and Settings\user\NTUSER.DAT
[2010-07-04 15:42:04 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\user\ntuser.ini
[2010-07-04 15:40:55 | 003,754,866 | -H-- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-07-04 12:28:38 | 000,148,400 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-07-04 10:06:37 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-07-03 22:14:08 | 000,001,612 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2010-07-03 21:27:51 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010-07-03 14:29:44 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\OTL.exe
[2010-07-03 13:36:51 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-06-23 15:32:39 | 000,009,728 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-06-22 15:54:12 | 000,001,692 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\PC Tools AntiVirus Free.lnk
[2010-06-22 15:19:51 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-06-21 23:19:10 | 000,028,264 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-06-21 22:32:45 | 000,763,814 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-06-21 22:32:45 | 000,356,068 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-06-21 22:32:45 | 000,311,938 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-06-21 22:32:45 | 000,049,910 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-06-21 22:32:45 | 000,040,326 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-06-21 22:29:17 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010-06-21 22:28:30 | 000,000,519 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-06-21 22:17:55 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010-06-21 21:57:20 | 000,047,564 | ---- | M] () -- C:\ntdetect.com
[2010-06-21 21:57:19 | 000,251,152 | ---- | M] () -- C:\ntldr
[2010-06-20 22:14:25 | 000,000,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2010-06-20 20:07:38 | 000,000,313 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2010-06-19 22:26:44 | 000,000,132 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010-06-19 22:26:13 | 000,001,667 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\InterVideo WinDVD.lnk
[2010-06-19 22:24:46 | 000,001,182 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010-06-19 22:24:42 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\NTUSER.DAT
[2010-06-19 22:18:29 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-06-18 17:00:16 | 000,149,456 | ---- | M] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
[2010-06-18 17:00:12 | 001,435,600 | ---- | M] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
[2010-06-18 17:00:12 | 000,264,144 | ---- | M] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll
[2010-06-18 17:00:02 | 000,767,952 | ---- | M] () -- C:\WINDOWS\BDTSupport.dll
[2010-05-10 14:14:18 | 000,000,192 | ---- | M] () -- C:\WINDOWS\UDB.zip
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-07-03 22:14:08 | 000,001,612 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2010-07-03 21:27:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010-06-23 14:06:43 | 000,206,768 | R--- | C] () -- C:\WINDOWS\System32\hp1022.img
[2010-06-23 14:06:43 | 000,128,612 | R--- | C] () -- C:\WINDOWS\System32\hp1020.img
[2010-06-23 14:06:42 | 000,574,100 | R--- | C] () -- C:\WINDOWS\System32\hp1022n.img
[2010-06-23 14:06:42 | 000,397,312 | R--- | C] () -- C:\WINDOWS\System32\zshp1020.exe
[2010-06-23 14:06:42 | 000,106,496 | R--- | C] () -- C:\WINDOWS\System32\vshp1020.dll
[2010-06-23 14:06:41 | 000,007,578 | R--- | C] () -- C:\WINDOWS\System32\ZSHP1020.HLP
[2010-06-22 22:30:19 | 000,009,728 | ---- | C] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-06-22 15:54:51 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2010-06-22 15:54:50 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml
[2010-06-22 15:54:50 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml
[2010-06-22 15:54:50 | 000,000,192 | ---- | C] () -- C:\WINDOWS\UDB.zip
[2010-06-22 15:54:50 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip
[2010-06-22 15:54:36 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2010-06-22 15:54:21 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2010-06-22 15:54:21 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2010-06-22 15:54:12 | 000,001,692 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\PC Tools AntiVirus Free.lnk
[2010-06-22 15:53:55 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat
[2010-06-22 07:39:55 | 000,001,032 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-06-22 07:39:54 | 000,001,028 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-06-21 22:28:22 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010-06-21 22:10:47 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2010-06-21 22:10:47 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2010-06-21 22:10:47 | 000,001,714 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2010-06-21 22:10:47 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2010-06-21 22:10:46 | 000,693,932 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2010-06-21 22:10:46 | 000,071,460 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2010-06-21 22:10:46 | 000,027,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2010-06-21 22:10:45 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2010-06-21 22:10:45 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2010-06-21 22:10:45 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2010-06-21 22:10:45 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2010-06-21 22:10:45 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2010-06-21 22:10:45 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2010-06-21 22:10:45 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2010-06-21 22:10:45 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2010-06-21 22:10:44 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2010-06-21 22:10:44 | 000,058,350 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2010-06-21 22:10:43 | 000,034,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2010-06-21 22:10:43 | 000,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2010-06-21 22:10:43 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2010-06-21 22:10:43 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2010-06-21 22:10:43 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2010-06-21 22:10:43 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2010-06-21 22:10:43 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2010-06-21 22:10:43 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2010-06-21 22:10:43 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2010-06-21 22:10:42 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2010-06-21 22:10:42 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2010-06-21 22:10:42 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2010-06-21 22:10:42 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2010-06-21 22:10:42 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2010-06-21 22:10:42 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2010-06-21 22:10:42 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2010-06-21 22:10:42 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2010-06-21 22:10:42 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2010-06-21 22:10:42 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2010-06-21 22:10:42 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2010-06-21 22:10:42 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2010-06-21 22:10:42 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2010-06-21 22:10:42 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2010-06-21 22:10:42 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2010-06-21 22:10:41 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2010-06-21 22:10:41 | 000,089,253 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2010-06-21 22:10:41 | 000,066,160 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2010-06-21 22:10:41 | 000,001,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2010-06-21 22:10:41 | 000,001,482 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2010-06-21 22:10:41 | 000,001,479 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2010-06-21 22:10:41 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2010-06-21 22:10:41 | 000,001,471 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2010-06-21 22:10:41 | 000,001,463 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2010-06-21 22:10:41 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2010-06-21 22:10:41 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2010-06-21 22:10:41 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2010-06-21 22:10:41 | 000,001,041 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2010-06-21 22:10:41 | 000,000,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2010-06-21 22:10:41 | 000,000,822 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2010-06-21 22:10:41 | 000,000,808 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2010-06-21 22:10:41 | 000,000,792 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2010-06-21 22:10:41 | 000,000,786 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2010-06-21 22:10:41 | 000,000,738 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2010-06-21 22:10:40 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2010-06-21 22:10:40 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2010-06-21 22:10:40 | 000,001,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2010-06-21 22:10:40 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2010-06-21 22:10:39 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2010-06-21 22:10:39 | 000,036,644 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2010-06-21 22:10:39 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2010-06-21 22:10:39 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2010-06-21 22:10:39 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2010-06-21 22:10:38 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2010-06-21 22:10:38 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2010-06-21 22:10:37 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2010-06-21 22:10:37 | 000,184,137 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2010-06-21 22:10:37 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2010-06-21 22:10:37 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2010-06-21 22:10:37 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2010-06-21 22:10:37 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2010-06-21 22:10:37 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2010-06-21 22:10:37 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2010-06-21 22:10:37 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2010-06-21 22:10:37 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2010-06-21 22:10:36 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2010-06-21 22:10:24 | 000,239,616 | ---- | C] () -- C:\WINDOWS\System32\wstrenderer.ax
[2010-06-21 22:10:24 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\wstpager.ax
[2010-06-21 22:10:24 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\vbicodec.ax
[2010-06-21 22:09:59 | 000,118,272 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax
[2010-06-21 21:58:03 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2010-06-21 21:58:02 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010-06-21 19:35:53 | 000,046,306 | ---- | C] () -- C:\WINDOWS\System32\ieuinit.inf
[2010-06-21 19:28:59 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2010-06-21 19:28:48 | 000,053,920 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe
[2010-06-21 19:28:17 | 000,956,990 | ---- | C] () -- C:\WINDOWS\System32\instcat.sql
[2010-06-21 19:27:46 | 000,148,992 | ---- | C] () -- C:\WINDOWS\System32\mpg2splt.ax
[2010-06-21 19:27:03 | 000,004,310 | ---- | C] () -- C:\WINDOWS\System32\odbcconf.rsp
[2010-06-21 19:26:44 | 000,003,346 | ---- | C] () -- C:\WINDOWS\System32\redir.exe
[2010-06-21 19:26:02 | 001,356,288 | ---- | C] () -- C:\WINDOWS\System32\webfldrs.msi
[2010-06-21 19:25:20 | 000,265,948 | ---- | C] () -- C:\WINDOWS\System32\locale.nls
[2010-06-21 19:25:07 | 000,023,044 | ---- | C] () -- C:\WINDOWS\System32\sorttbls.nls
[2010-06-21 19:24:38 | 000,047,564 | ---- | C] () -- C:\ntdetect.com
[2010-06-21 19:24:37 | 000,251,152 | ---- | C] () -- C:\ntldr
[2010-06-21 18:17:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010-06-20 22:14:25 | 000,000,602 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2010-06-20 20:07:12 | 000,000,313 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2010-06-20 17:04:52 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\user\ntuser.ini
[2010-06-20 17:04:51 | 001,048,576 | -H-- | C] () -- C:\Documents and Settings\user\NTUSER.DAT
[2010-06-20 17:04:51 | 000,020,480 | -H-- | C] () -- C:\Documents and Settings\user\ntuser.dat.LOG
[2010-06-19 22:26:43 | 000,000,132 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010-06-19 22:26:12 | 000,001,667 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\InterVideo WinDVD.lnk
[2010-06-19 22:24:41 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT
[2010-06-19 22:24:41 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT.LOG
[2010-06-19 22:24:35 | 000,001,805 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\MSN Explorer.lnk
[2002-06-14 14:25:13 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2002-06-14 14:00:40 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2002-03-06 17:01:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2001-08-31 15:33:58 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\VxDMDcDlg.dll
[1980-01-01 00:00:00 | 000,406,775 | ---- | C] () -- C:\WINDOWS\System32\ati3duag.dll
[1980-01-01 00:00:00 | 000,000,988 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[color=#E56717]========== LOP Check ==========[/color]

[2002-06-14 14:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\InterTrust
[2010-06-21 19:46:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-07-04 19:02:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2002-06-14 14:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\InterTrust
[2010-06-23 13:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Opera
[2002-06-14 14:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\InterTrust
[2010-06-20 22:14:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Opera

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2002-06-14 13:49:20 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-06-21 22:17:55 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2001-10-30 04:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2002-06-14 13:24:20 | 000,000,084 | -HS- | M] () -- C:\BOOTLOG.TXT
[2002-06-14 13:49:20 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2002-03-12 18:13:58 | 000,065,271 | RHS- | M] () -- C:\DRVSPACE.BIN
[1999-11-09 13:02:34 | 000,000,497 | ---- | M] () -- C:\HPSUPPT.TXT
[2002-06-14 13:50:30 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2002-06-14 13:50:30 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010-06-21 21:57:20 | 000,047,564 | ---- | M] () -- C:\ntdetect.com
[2010-06-21 21:57:19 | 000,251,152 | ---- | M] () -- C:\ntldr
[2010-07-04 19:22:43 | 452,984,832 | -HS- | M] () -- C:\pagefile.sys
[2002-06-14 13:56:36 | 000,000,098 | RH-- | M] () -- C:\version.inf
[2001-10-30 04:00:00 | 000,000,010 | ---- | M] () -- C:\WIN51
[2001-10-30 04:00:00 | 000,000,010 | ---- | M] () -- C:\WIN51IP


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\000e55a71bd05f0e73\i386\sp3.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2001-08-17 21:58:00 | 000,025,472 | ---- | M] (Microsoft Corporation) MD5=65880045C51AA36184841CEE915A61DF -- C:\WINDOWS\SoftwareDistribution\Download\43ab4310d3c682d7f669ad4db86a272d\backup\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\000e55a71bd05f0e73\i386\sp3.cab:atapi.sys
[2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp1.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2002-08-29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\43ab4310d3c682d7f669ad4db86a272d\backup\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-10-30 04:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\000e55a71bd05f0e73\i386\sp3.cab:cdrom.sys
[2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp1.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\43ab4310d3c682d7f669ad4db86a272d\backup\cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2002-08-29 01:27:56 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=6506E033AD04CFEC9EE56DBEFD1083DD -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2002-09-20 18:03:48 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=29B2476DBB81A31473F76DD2E0B9360C -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2002-08-29 02:09:26 | 000,167,552 | ---- | M] (Microsoft Corporation) MD5=3B350E5A2A5E951453F3993275A4523A -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe
[2002-02-21 11:48:30 | 000,431,616 | ---- | M] (Microsoft Corporation) MD5=84ABBAB7802780D90AC79C0FE8584ECD -- C:\I386\WINLOGON.EXE
[2002-09-20 18:05:50 | 000,519,168 | ---- | M] (Microsoft Corporation) MD5=8B6E6BB5D451F8BBC0621203B687D993 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

[color=#A23BEC]< >[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 168 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:A8ADE5D8
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:430C6D84
< End of report >
[/log]

Tomek01
komentarz
komentarz

Poczekamy w takim razie co kolega Cyni widzi innego w tym logu OTL niż w poprzednim.

Gość
komentarz
komentarz

Uruchom [b]OTL[/b] i w oknie [b]Custom Scans/Fixes[/b] wklej to:
[quote]
:OTL
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O4 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005..\Run: [wsctf.exe] File not found
O3 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
SRV - File not found [Auto | Stopped] -- -- (gupdate) Usługa Google Update (gupdate)
@Alternate Data Stream - 168 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:A8ADE5D8
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:430C6D84

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"="explorer.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EXPLORER.EXE"=-
[HKEY_USERS\S-1-5-21-527237240-630328440-839522115-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"=-

:Commands
[emptytemp]
[Reboot]
[/quote]
Kliknij w [color="#000000"][b]Run Fix[/b][/color]. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.

Następnie uruchom [b]OTL[/b] ponownie, tym razem kliknij "[b][color="blue"]Run Scan[/color][/b]".

[color="#ff0000"]//kolor czerwony jest zarezerwowany dla moderatorów i administracji
//zapoznaj się z regulaminem, kolejne takie przypadki będą "nagrodzone" warnem
//raaz[/color]

gosia1995
komentarz
komentarz

to jest ten ostani log
[log]OTL logfile created on: 2010-07-04 21:52:16 - Run 3
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\user\Moje dokumenty
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

254,00 Mb Total Physical Memory | 68,00 Mb Available Physical Memory | 27,00% Memory free
625,00 Mb Paging File | 187,00 Mb Available in Paging File | 30,00% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 27,92 Gb Total Space | 18,21 Gb Free Space | 65,22% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HEWLETT-DUT2OTV
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-07-03 14:29:44 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\OTL.exe
PRC - [2010-06-26 10:49:39 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-06-18 17:00:10 | 000,198,608 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2010-05-11 11:51:52 | 001,287,120 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsTray.exe
PRC - [2010-03-15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsSvc.exe
PRC - [2010-03-11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsAuxs.exe
PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 22:51:32 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2002-04-22 22:00:16 | 000,282,624 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\system32\atiptaxx.exe
PRC - [2002-04-22 20:13:58 | 000,118,784 | ---- | M] () -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2002-04-20 13:56:36 | 000,077,824 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Hewlett-Packard\One-Touch\ONETOUCH.EXE
PRC - [2002-04-12 13:54:22 | 000,126,976 | R--- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2002-04-12 13:53:14 | 000,536,576 | R--- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2002-03-27 12:18:44 | 000,004,608 | ---- | M] (Conexant Systems) -- C:\WINDOWS\system32\carpserv.exe
PRC - [2002-03-25 18:38:38 | 000,122,880 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\RadioSvr.exe
PRC - [2002-03-14 13:12:46 | 000,151,552 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\HPConfig.exe
PRC - [2002-03-14 03:25:00 | 000,102,455 | ---- | M] (VERITAS Software, Inc.) -- C:\WINDOWS\system32\dla\tfswctrl.exe
PRC - [2002-03-07 18:57:50 | 000,061,440 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-07-03 14:29:44 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\OTL.exe
MOD - [2010-04-16 18:09:02 | 000,669,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2010-04-16 18:09:01 | 001,509,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll
MOD - [2010-04-16 18:09:01 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2010-02-26 07:16:18 | 000,154,160 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\smum32.dll
MOD - [2009-12-24 09:04:53 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll
MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-04-15 16:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-10-15 18:36:55 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2008-06-20 19:48:53 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll
MOD - [2008-06-17 21:03:15 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:51:00 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2008-04-14 22:51:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2008-04-14 22:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-14 22:50:42 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:40 | 000,278,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstask.dll
MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 22:50:38 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 22:50:36 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2008-04-14 22:50:34 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 22:50:18 | 000,602,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2008-04-14 22:50:18 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll
MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 22:50:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 22:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2002-04-12 13:54:00 | 000,065,536 | R--- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- -- (gupdate) Usługa Google Update (gupdate)
SRV - [2010-06-18 17:00:10 | 000,198,608 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010-03-15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2010-03-11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2002-03-25 18:38:38 | 000,122,880 | ---- | M] (Hewlett-Packard) [On_Demand | Running] -- C:\WINDOWS\system32\RadioSvr.exe -- (RadioSvr)
SRV - [2002-03-14 13:12:46 | 000,151,552 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPConfig.exe -- (HPConfig)
SRV - [2002-01-18 18:33:40 | 000,069,632 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\WINDOWS\system32\HpRfDev.exe -- (HpRfDev)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-03-29 10:06:14 | 000,218,592 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2002-05-20 10:51:26 | 000,016,064 | ---- | M] (National Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DP83815.sys -- (DP83815)
DRV - [2002-04-22 21:20:22 | 000,426,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2002-04-19 10:36:54 | 000,006,848 | ---- | M] (Hewlett-Packard Co.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Hpgate.sys -- (HPGate)
DRV - [2002-04-12 17:38:08 | 000,225,504 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\calihal.sys -- (CALIHALA)
DRV - [2002-04-12 17:33:28 | 000,321,504 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\caliaud.sys -- (CALIAUD)
DRV - [2002-04-12 13:42:04 | 000,252,880 | R--- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2002-04-01 17:05:08 | 000,014,643 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KBFILTR.SYS -- (KBFiltr)
DRV - [2002-03-27 12:18:52 | 000,034,224 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\strmdisp.sys -- (StreamDispatcher)
DRV - [2002-03-27 12:17:26 | 000,153,380 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWALI.sys -- (HSFHWALI)
DRV - [2002-03-27 12:16:14 | 001,171,616 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2002-03-27 12:10:00 | 000,594,960 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2002-03-14 03:25:00 | 000,094,679 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2002-03-14 03:25:00 | 000,088,758 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2002-03-14 03:25:00 | 000,052,758 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2002-03-14 03:25:00 | 000,034,743 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2002-03-14 03:25:00 | 000,023,607 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2002-03-14 03:25:00 | 000,013,847 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2002-03-14 03:25:00 | 000,006,327 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2002-03-14 03:25:00 | 000,004,119 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2002-03-14 03:25:00 | 000,002,203 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2002-02-15 03:21:00 | 000,078,048 | ---- | M] (VERITAS Software, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2002-02-12 02:56:00 | 000,040,096 | ---- | M] (VERITAS Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2002-01-30 13:33:42 | 000,014,472 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hpci.sys -- (HPCI)
DRV - [2002-01-28 17:04:04 | 000,005,589 | ---- | M] (VERITAS Software, Inc.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2002-01-28 17:03:18 | 000,022,963 | ---- | M] (VERITAS Software, Inc.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2002-01-18 12:00:00 | 000,057,344 | ---- | M] (LAN-Express) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Express.sys -- (LEX_NIC_SERVICE)
DRV - [2001-12-17 23:54:32 | 000,026,112 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aliirda.sys -- (ALiIRDA)
DRV - [2001-10-30 04:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001-08-31 17:49:18 | 000,030,733 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ALiAGP.sys -- (ALiAGP)
DRV - [2001-08-17 21:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com/info/homepage-o
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com/info/homepage-o
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com/info/homepage-o
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com/info/homepage-o
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:2.0.1

FF - HKLM\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\ [2010-06-22 15:54:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-07-03 22:27:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-07-03 22:13:21 | 000,000,000 | ---D | M]

[2010-07-03 22:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Extensions
[2010-07-03 22:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\u1b59a8k.default\extensions
[2010-07-03 22:13:25 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-06-26 09:59:22 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-06-26 09:59:22 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-06-26 09:59:22 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-06-26 09:59:22 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-06-26 09:59:22 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-06-26 09:59:22 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-30 04:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [CARPService] C:\WINDOWS\System32\carpserv.exe (Conexant Systems)
O4 - HKLM..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe (Hewlett-Packard)
O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [QT4HPOT] C:\Program Files\Hewlett-Packard\One-Touch\ONETOUCH.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O15 - HKU\S-1-5-21-97400744-2752991226-3942243025-1005\..Trusted Domains: ([]msn in Mój komputer)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1277063856334 (WUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.243.39.61
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (EXPLORER.EXE) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002-06-14 13:49:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010-07-04 12:57:32 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2002-06-14 13:33:32 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-07-04 21:28:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010-07-04 21:04:10 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-07-04 12:58:27 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010-07-04 12:58:25 | 000,000,000 | ---D | C] -- C:\rsit
[2010-07-04 12:57:32 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010-07-04 11:09:09 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010-07-03 23:47:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\Pobieranie
[2010-07-03 23:38:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\MSN6
[2010-07-03 23:38:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\MSN6
[2010-07-03 22:27:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla
[2010-07-03 21:27:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Mozilla
[2010-07-03 21:25:39 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010-07-03 14:33:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Kopia Moje obrazy
[2010-07-03 14:31:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit\Zdjęcia
[2010-07-03 14:29:41 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\OTL.exe
[2010-06-23 15:58:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010-06-23 15:58:39 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010-06-23 14:06:53 | 000,143,360 | R--- | C] (Zenographics) -- C:\WINDOWS\apptune1020.exe
[2010-06-23 14:06:44 | 000,086,016 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZSPOOL.DLL
[2010-06-23 14:06:44 | 000,086,016 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZLhp1020.dll
[2010-06-23 14:06:44 | 000,028,672 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\IMF32.DLL
[2010-06-23 14:06:44 | 000,024,576 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZTAG32.DLL
[2010-06-23 14:06:43 | 000,028,672 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\zlm.dll
[2010-06-23 14:06:31 | 000,000,000 | -H-D | C] -- C:\Program Files\Zenographics
[2010-06-23 13:53:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Opera
[2010-06-23 13:53:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Opera
[2010-06-22 22:38:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files
[2010-06-22 22:29:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Moje wideo
[2010-06-22 22:17:35 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010-06-22 20:15:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010-06-22 15:54:50 | 000,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
[2010-06-22 15:54:49 | 001,435,600 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
[2010-06-22 15:54:49 | 000,264,144 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll
[2010-06-22 15:54:36 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010-06-22 15:54:21 | 000,218,592 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2010-06-22 15:54:21 | 000,088,040 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2010-06-22 15:53:55 | 000,063,360 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2010-06-22 15:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010-06-22 15:53:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\PC Tools
[2010-06-22 15:53:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Tools
[2010-06-22 15:53:18 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security
[2010-06-22 15:05:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google
[2010-06-22 07:40:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
[2010-06-22 07:39:33 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010-06-22 07:39:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google
[2010-06-21 23:31:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-06-21 23:29:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\Notesy programu OneNote
[2010-06-21 23:07:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010-06-21 23:06:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010-06-21 22:58:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2010-06-21 22:57:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft Help
[2010-06-21 22:56:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010-06-21 22:56:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
[2010-06-21 22:52:33 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010-06-21 22:27:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo
[2010-06-21 22:26:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010-06-21 22:09:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-pl
[2010-06-21 22:09:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\provisioning
[2010-06-21 22:09:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010-06-21 22:09:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl
[2010-06-21 22:09:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\peernet
[2010-06-21 19:51:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010-06-21 19:46:18 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-06-21 19:46:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-06-21 19:29:47 | 000,050,688 | ---- | C] (Grupa robocza Twain) -- C:\WINDOWS\twain_32.dll
[2010-06-21 19:00:24 | 000,000,000 | ---D | C] -- C:\000e55a71bd05f0e73
[2010-06-21 18:17:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010-06-21 18:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2010-06-21 18:07:56 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010-06-20 22:23:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Macromedia
[2010-06-20 22:14:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Opera
[2010-06-20 22:14:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Opera
[2010-06-20 22:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2010-06-20 22:02:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010-06-20 21:57:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010-06-20 20:06:49 | 001,074,896 | ---- | C] (C. Ghisler & Co.) -- C:\Documents and Settings\user\Pulpit\TOTALCMD.EXE
[2010-06-20 20:04:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit\Moje Koffane!!!
[2010-06-20 20:03:46 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010-06-20 17:04:53 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user\Cookies
[2010-06-20 17:04:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\InterTrust
[2010-06-20 17:04:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Identities
[2010-06-20 17:04:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Adobe
[2010-06-20 17:04:52 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user\Dane aplikacji\Microsoft
[2010-06-20 17:04:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\SendTo
[2010-06-20 17:04:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent
[2010-06-20 17:04:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Dane aplikacji
[2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Ulubione
[2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Moje obrazy
[2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty
[2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Moja muzyka
[2010-06-20 17:04:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Menu Start
[2010-06-20 17:04:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\Ustawienia lokalne
[2010-06-20 17:04:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\Szablony
[2010-06-20 17:04:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\PrintHood
[2010-06-20 17:04:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\NetHood
[2010-06-20 17:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Symantec
[2010-06-20 17:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit
[2010-06-20 17:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\My eBooks
[2010-06-20 17:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-06-19 22:26:44 | 000,078,048 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\drvmcdb.sys
[2010-06-19 22:26:44 | 000,040,096 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\drvnddm.sys
[2010-06-19 22:26:44 | 000,005,589 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\sscdbhk5.sys
[2010-06-19 22:26:43 | 000,098,354 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\dla.exe
[2010-06-19 22:26:43 | 000,061,494 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\tfswapi.dll
[2010-06-19 22:26:43 | 000,022,963 | ---- | C] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\ssrtln.sys
[2010-06-19 22:26:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dla
[2010-06-19 22:26:42 | 000,000,000 | ---D | C] -- C:\Program Files\HP DLA
[2010-06-19 22:26:32 | 000,000,000 | ---D | C] -- C:\Program Files\HP RecordNow
[2010-06-19 22:26:06 | 000,000,000 | ---D | C] -- C:\Program Files\InterVideo

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-07-04 21:44:01 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-07-04 21:17:56 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-07-04 21:15:26 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-07-04 21:15:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-07-04 21:14:38 | 001,048,576 | -H-- | M] () -- C:\Documents and Settings\user\NTUSER.DAT
[2010-07-04 21:14:16 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\user\ntuser.ini
[2010-07-04 15:40:55 | 003,754,866 | -H-- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-07-04 12:28:38 | 000,148,400 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-07-04 10:06:37 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-07-03 22:14:08 | 000,001,612 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2010-07-03 21:27:51 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010-07-03 14:29:44 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\OTL.exe
[2010-07-03 13:36:51 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-06-23 15:32:39 | 000,009,728 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-06-22 15:54:12 | 000,001,692 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\PC Tools AntiVirus Free.lnk
[2010-06-22 15:19:51 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-06-21 23:19:10 | 000,028,264 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-06-21 22:32:45 | 000,763,814 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-06-21 22:32:45 | 000,356,068 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-06-21 22:32:45 | 000,311,938 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-06-21 22:32:45 | 000,049,910 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-06-21 22:32:45 | 000,040,326 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-06-21 22:29:17 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010-06-21 22:28:30 | 000,000,519 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-06-21 22:17:55 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010-06-21 21:57:20 | 000,047,564 | ---- | M] () -- C:\ntdetect.com
[2010-06-21 21:57:19 | 000,251,152 | ---- | M] () -- C:\ntldr
[2010-06-20 22:14:25 | 000,000,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2010-06-20 20:07:38 | 000,000,313 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2010-06-19 22:26:44 | 000,000,132 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010-06-19 22:26:13 | 000,001,667 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\InterVideo WinDVD.lnk
[2010-06-19 22:24:46 | 000,001,182 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010-06-19 22:24:42 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\NTUSER.DAT
[2010-06-19 22:18:29 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-06-18 17:00:16 | 000,149,456 | ---- | M] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
[2010-06-18 17:00:12 | 001,435,600 | ---- | M] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
[2010-06-18 17:00:12 | 000,264,144 | ---- | M] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll
[2010-06-18 17:00:02 | 000,767,952 | ---- | M] () -- C:\WINDOWS\BDTSupport.dll
[2010-05-10 14:14:18 | 000,000,192 | ---- | M] () -- C:\WINDOWS\UDB.zip

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-07-03 22:14:08 | 000,001,612 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2010-07-03 21:27:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010-06-23 14:06:43 | 000,206,768 | R--- | C] () -- C:\WINDOWS\System32\hp1022.img
[2010-06-23 14:06:43 | 000,128,612 | R--- | C] () -- C:\WINDOWS\System32\hp1020.img
[2010-06-23 14:06:42 | 000,574,100 | R--- | C] () -- C:\WINDOWS\System32\hp1022n.img
[2010-06-23 14:06:42 | 000,397,312 | R--- | C] () -- C:\WINDOWS\System32\zshp1020.exe
[2010-06-23 14:06:42 | 000,106,496 | R--- | C] () -- C:\WINDOWS\System32\vshp1020.dll
[2010-06-23 14:06:41 | 000,007,578 | R--- | C] () -- C:\WINDOWS\System32\ZSHP1020.HLP
[2010-06-22 22:30:19 | 000,009,728 | ---- | C] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-06-22 15:54:51 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2010-06-22 15:54:50 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml
[2010-06-22 15:54:50 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml
[2010-06-22 15:54:50 | 000,000,192 | ---- | C] () -- C:\WINDOWS\UDB.zip
[2010-06-22 15:54:50 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip
[2010-06-22 15:54:36 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2010-06-22 15:54:21 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2010-06-22 15:54:21 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2010-06-22 15:54:12 | 000,001,692 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\PC Tools AntiVirus Free.lnk
[2010-06-22 15:53:55 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat
[2010-06-22 07:39:55 | 000,001,032 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-06-22 07:39:54 | 000,001,028 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-06-21 22:28:22 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010-06-21 22:10:47 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2010-06-21 22:10:47 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2010-06-21 22:10:47 | 000,001,714 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2010-06-21 22:10:47 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2010-06-21 22:10:46 | 000,693,932 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2010-06-21 22:10:46 | 000,071,460 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2010-06-21 22:10:46 | 000,027,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2010-06-21 22:10:45 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2010-06-21 22:10:45 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2010-06-21 22:10:45 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2010-06-21 22:10:45 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2010-06-21 22:10:45 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2010-06-21 22:10:45 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2010-06-21 22:10:45 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2010-06-21 22:10:45 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2010-06-21 22:10:44 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2010-06-21 22:10:44 | 000,058,350 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2010-06-21 22:10:43 | 000,034,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2010-06-21 22:10:43 | 000,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2010-06-21 22:10:43 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2010-06-21 22:10:43 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2010-06-21 22:10:43 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2010-06-21 22:10:43 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2010-06-21 22:10:43 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2010-06-21 22:10:43 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2010-06-21 22:10:43 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2010-06-21 22:10:42 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2010-06-21 22:10:42 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2010-06-21 22:10:42 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2010-06-21 22:10:42 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2010-06-21 22:10:42 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2010-06-21 22:10:42 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2010-06-21 22:10:42 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2010-06-21 22:10:42 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2010-06-21 22:10:42 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2010-06-21 22:10:42 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2010-06-21 22:10:42 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2010-06-21 22:10:42 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2010-06-21 22:10:42 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2010-06-21 22:10:42 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2010-06-21 22:10:42 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2010-06-21 22:10:41 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2010-06-21 22:10:41 | 000,089,253 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2010-06-21 22:10:41 | 000,066,160 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2010-06-21 22:10:41 | 000,001,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2010-06-21 22:10:41 | 000,001,482 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2010-06-21 22:10:41 | 000,001,479 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2010-06-21 22:10:41 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2010-06-21 22:10:41 | 000,001,471 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2010-06-21 22:10:41 | 000,001,463 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2010-06-21 22:10:41 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2010-06-21 22:10:41 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2010-06-21 22:10:41 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2010-06-21 22:10:41 | 000,001,041 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2010-06-21 22:10:41 | 000,000,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2010-06-21 22:10:41 | 000,000,822 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2010-06-21 22:10:41 | 000,000,808 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2010-06-21 22:10:41 | 000,000,792 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2010-06-21 22:10:41 | 000,000,786 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2010-06-21 22:10:41 | 000,000,738 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2010-06-21 22:10:40 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2010-06-21 22:10:40 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2010-06-21 22:10:40 | 000,001,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2010-06-21 22:10:40 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2010-06-21 22:10:39 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2010-06-21 22:10:39 | 000,036,644 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2010-06-21 22:10:39 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2010-06-21 22:10:39 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2010-06-21 22:10:39 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2010-06-21 22:10:38 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2010-06-21 22:10:38 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2010-06-21 22:10:37 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2010-06-21 22:10:37 | 000,184,137 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2010-06-21 22:10:37 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2010-06-21 22:10:37 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2010-06-21 22:10:37 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2010-06-21 22:10:37 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2010-06-21 22:10:37 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2010-06-21 22:10:37 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2010-06-21 22:10:37 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2010-06-21 22:10:37 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2010-06-21 22:10:36 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2010-06-21 22:10:24 | 000,239,616 | ---- | C] () -- C:\WINDOWS\System32\wstrenderer.ax
[2010-06-21 22:10:24 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\wstpager.ax
[2010-06-21 22:10:24 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\vbicodec.ax
[2010-06-21 22:09:59 | 000,118,272 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax
[2010-06-21 21:58:03 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2010-06-21 21:58:02 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010-06-21 19:35:53 | 000,046,306 | ---- | C] () -- C:\WINDOWS\System32\ieuinit.inf
[2010-06-21 19:28:59 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2010-06-21 19:28:48 | 000,053,920 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe
[2010-06-21 19:28:17 | 000,956,990 | ---- | C] () -- C:\WINDOWS\System32\instcat.sql
[2010-06-21 19:27:46 | 000,148,992 | ---- | C] () -- C:\WINDOWS\System32\mpg2splt.ax
[2010-06-21 19:27:03 | 000,004,310 | ---- | C] () -- C:\WINDOWS\System32\odbcconf.rsp
[2010-06-21 19:26:44 | 000,003,346 | ---- | C] () -- C:\WINDOWS\System32\redir.exe
[2010-06-21 19:26:02 | 001,356,288 | ---- | C] () -- C:\WINDOWS\System32\webfldrs.msi
[2010-06-21 19:25:20 | 000,265,948 | ---- | C] () -- C:\WINDOWS\System32\locale.nls
[2010-06-21 19:25:07 | 000,023,044 | ---- | C] () -- C:\WINDOWS\System32\sorttbls.nls
[2010-06-21 19:24:38 | 000,047,564 | ---- | C] () -- C:\ntdetect.com
[2010-06-21 19:24:37 | 000,251,152 | ---- | C] () -- C:\ntldr
[2010-06-21 18:17:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010-06-20 22:14:25 | 000,000,602 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2010-06-20 20:07:12 | 000,000,313 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2010-06-20 17:04:52 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\user\ntuser.ini
[2010-06-20 17:04:51 | 001,048,576 | -H-- | C] () -- C:\Documents and Settings\user\NTUSER.DAT
[2010-06-20 17:04:51 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\user\ntuser.dat.LOG
[2010-06-19 22:26:43 | 000,000,132 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010-06-19 22:26:12 | 000,001,667 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\InterVideo WinDVD.lnk
[2010-06-19 22:24:41 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT
[2010-06-19 22:24:41 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT.LOG
[2010-06-19 22:24:35 | 000,001,805 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\MSN Explorer.lnk
[2002-06-14 14:25:13 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2002-06-14 14:00:40 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2002-03-06 17:01:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2001-08-31 15:33:58 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\VxDMDcDlg.dll
[1980-01-01 00:00:00 | 000,406,775 | ---- | C] () -- C:\WINDOWS\System32\ati3duag.dll
[1980-01-01 00:00:00 | 000,000,988 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[color=#E56717]========== LOP Check ==========[/color]

[2002-06-14 14:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\InterTrust
[2010-06-21 19:46:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-07-04 21:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2002-06-14 14:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\InterTrust
[2010-06-23 13:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Opera
[2002-06-14 14:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\InterTrust
[2010-06-20 22:14:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Opera

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2002-06-14 13:49:20 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-06-21 22:17:55 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2001-10-30 04:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2002-06-14 13:24:20 | 000,000,084 | -HS- | M] () -- C:\BOOTLOG.TXT
[2002-06-14 13:49:20 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2002-03-12 18:13:58 | 000,065,271 | RHS- | M] () -- C:\DRVSPACE.BIN
[1999-11-09 13:02:34 | 000,000,497 | ---- | M] () -- C:\HPSUPPT.TXT
[2002-06-14 13:50:30 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2002-06-14 13:50:30 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010-06-21 21:57:20 | 000,047,564 | ---- | M] () -- C:\ntdetect.com
[2010-06-21 21:57:19 | 000,251,152 | ---- | M] () -- C:\ntldr
[2010-07-04 21:15:17 | 402,653,184 | -HS- | M] () -- C:\pagefile.sys
[2002-06-14 13:56:36 | 000,000,098 | RH-- | M] () -- C:\version.inf
[2001-10-30 04:00:00 | 000,000,010 | ---- | M] () -- C:\WIN51
[2001-10-30 04:00:00 | 000,000,010 | ---- | M] () -- C:\WIN51IP


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\000e55a71bd05f0e73\i386\sp3.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2001-08-17 21:58:00 | 000,025,472 | ---- | M] (Microsoft Corporation) MD5=65880045C51AA36184841CEE915A61DF -- C:\WINDOWS\SoftwareDistribution\Download\43ab4310d3c682d7f669ad4db86a272d\backup\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\000e55a71bd05f0e73\i386\sp3.cab:atapi.sys
[2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp1.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2002-08-29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\43ab4310d3c682d7f669ad4db86a272d\backup\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-10-30 04:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\000e55a71bd05f0e73\i386\sp3.cab:cdrom.sys
[2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp1.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\43ab4310d3c682d7f669ad4db86a272d\backup\cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2002-08-29 01:27:56 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=6506E033AD04CFEC9EE56DBEFD1083DD -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2002-09-20 18:03:48 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=29B2476DBB81A31473F76DD2E0B9360C -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2002-08-29 02:09:26 | 000,167,552 | ---- | M] (Microsoft Corporation) MD5=3B350E5A2A5E951453F3993275A4523A -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe
[2002-02-21 11:48:30 | 000,431,616 | ---- | M] (Microsoft Corporation) MD5=84ABBAB7802780D90AC79C0FE8584ECD -- C:\I386\WINLOGON.EXE
[2002-09-20 18:05:50 | 000,519,168 | ---- | M] (Microsoft Corporation) MD5=8B6E6BB5D451F8BBC0621203B687D993 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 168 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:A8ADE5D8
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:430C6D84
< End of report >
[/log]

Zobaczę, bo może już jest wszystko ok.

Gość
komentarz
komentarz

log jest czysty

cleanup w otl wcisnij

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.