problem z wirusem i internetem

**Posty:** 82 · przez **nomik** 24 Gru 2007, 18:25

podaje loga:

Kod: Zaznacz wszystko: Deckard's System Scanner v20071014.68 Run by bedik on 2007-12-24 17:14:53 Computer is in Normal Mode. -------------------------------------------------------------------------------- [color=red]Percentage of Memory in Use: 82% (more than 75%).[/color] [color=red]Total Physical Memory: 128 MiB (512 MiB recommended).[/color] -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2007-12-24 17:15:57 Platform: Windows XP (5.01.2600) MSIE: Internet Explorer (6.00.2600.0000) Boot mode: Normal Running processes: C:\WINDOWS\system32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\explorer.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\OpenOffice.org 2.2\program\soffice.exe C:\Program Files\OpenOffice.org 2.2\program\soffice.bin C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\DialNet\WrOS.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\Documents and Settings\bedik\Pulpit\dss.exe C:\hijack\hijackthis.com C:\WINDOWS\system32\notepad.exe R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://home.microsoft.com/access/autosearch.asp?p=%s R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [a-winpoet-service] "C:\Program Files\DialNet\winpppoverethernet.exe" O4 - HKLM\..\Run: [z-wrdialer] "C:\Program Files\DialNet\wrdialer.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg .exe" /tray O4 - HKCU\..\Run: [z-WrDialer] C:\Program Files\DialNet\WrDialer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O18 - Protocol: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\system32\msvidctl.dll O23 - Service: Distributed Allocated Memory Unit - Unknown owner - C:\WINDOWS\system32\dllcache\mravsc32.exe O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: WinPPPoverEthernet - Fine Point Technologies, Inc. - C:\Program Files\DialNet\WrOS.exe -- End of file - 3897 bytes -- Files created between 2007-11-24 and 2007-12-24 ----------------------------- 2007-12-24 15:39:34 0 d-------- C:\Program Files\Sunbelt Software 2007-12-24 14:42:11 15411 --a------ C:\Program Files\TMPfilm o pszczołach( bee movie)lektor pl.dat 2007-12-23 22:41:21 14487 --a------ C:\Program Files\TMPTaniec Zmysłów - Step Up 2006 Lektor PL.dat 2007-12-23 22:39:53 13836 --a------ C:\Program Files\TMPGrey's Anatomy - Season 3 Episode 15.dat 2007-12-23 22:23:30 0 d-------- C:\WINDOWS\RegisteredPackages 2007-12-23 22:20:40 0 d-------- C:\Program Files\Winamp 2007-12-23 18:37:50 0 d-------- C:\hijack 2007-12-23 16:05:06 81920 ---hs---- C:\WINDOWS\System32\Wseclayer.exe 2007-12-23 16:04:32 458752 --a------ C:\WINDOWS\System32\hqghumea.dll 2007-12-22 21:39:44 0 d-------- C:\My Downloads 2007-12-22 21:39:41 0 d-------- C:\Program Files\BearShare 2007-12-22 19:58:26 10921 --ahs---- C:\WINDOWS\System32\lnnmp.ini2 2007-12-22 18:58:25 9239 --ahs---- C:\WINDOWS\System32\gghhk.ini2 2007-12-22 18:58:22 337920 --a------ C:\WINDOWS\System32\khhgg.exe 2007-12-22 18:43:36 64902 --a------ C:\WINDOWS\System32\Isass .exe <Not Verified; ; csrss> 2007-12-22 18:42:13 24064 -ra------ C:\WINDOWS\System32\TFTP1972 2007-12-22 18:42:13 0 -ra------ C:\WINDOWS\System32\TFTP1524 2007-12-22 18:42:01 64902 --a------ C:\WINDOWS\System32\juwyzx .exe <Not Verified; ; csrss> 2007-12-22 17:41:48 0 d---s---- C:\WINDOWS\System32\Microsoft 2007-12-22 17:30:25 2112 --a------ C:\WINDOWS\System32\tmp.reg 2007-12-22 17:29:36 81920 --a------ C:\WINDOWS\System32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix> 2007-12-22 17:29:35 25600 --a------ C:\WINDOWS\System32\WS2Fix.exe 2007-12-22 17:29:35 289144 --a------ C:\WINDOWS\System32\VCCLSID.exe <Not Verified; S!Ri; > 2007-12-22 17:29:31 51200 --a------ C:\WINDOWS\System32\dumphive.exe 2007-12-22 17:29:29 288417 --a------ C:\WINDOWS\System32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS> 2007-12-22 17:29:22 53248 --a------ C:\WINDOWS\System32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility> 2007-12-22 17:12:15 0 d-------- C:\WINDOWS\ERUNT 2007-12-20 18:27:12 0 d-------- C:\Program Files\uTorrent 2007-12-16 23:11:58 0 d-------- C:\Program Files\Common Files\Nero 2007-12-16 23:11:25 997888 --a------ C:\WINDOWS\System32\wmvdmoe2.dll <Not Verified; Microsoft Corporation; Microsoft® Windows Media Services> 2007-12-16 23:11:25 892416 --a------ C:\WINDOWS\System32\wmspdmoe.dll <Not Verified; Microsoft Corporation; Microsoft® Windows Media Services> 2007-12-16 23:11:25 1111040 --a------ C:\WINDOWS\System32\wmsdmoe2.dll <Not Verified; Microsoft Corporation; Microsoft® Windows Media Services> 2007-12-16 23:09:14 364544 -----n--- C:\WINDOWS\System32\TwnLib4.dll <Not Verified; Pegasus Imaging Corp.; TwnLib4> 2007-12-16 23:09:14 106496 --a------ C:\WINDOWS\System32\TwnLib20.dll <Not Verified; Pegasus Software; TWNLIB20> 2007-12-16 23:09:06 471040 -----n--- C:\WINDOWS\System32\ImagXRA7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7> 2007-12-16 23:09:06 262144 -----n--- C:\WINDOWS\System32\ImagXR7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7> 2007-12-16 23:09:06 1568768 -----n--- C:\WINDOWS\System32\ImagX7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7> 2007-12-16 23:05:51 0 d-------- C:\Program Files\Common Files\Ahead 2007-12-16 23:05:49 0 d-------- C:\Program Files\Ahead 2007-12-16 17:44:41 0 d-------- C:\Program Files\Common Files\Hewlett-Packard 2007-12-16 17:43:32 77824 -ra------ C:\WINDOWS\System32\HPZIDS01.dll 2007-12-16 17:43:30 48128 --a------ C:\WINDOWS\System32\hpzll054.dll <Not Verified; Hewlett-Packard Company; Language Monitor> 2007-12-16 17:42:31 57344 --a------ C:\WINDOWS\System32\HPZisn12.dll <Not Verified; HP; HP SNMP Windows> 2007-12-16 17:42:31 94208 --a------ C:\WINDOWS\System32\HPZipt12.dll <Not Verified; HP; HP SNMP Windows> 2007-12-16 17:42:31 204800 --a------ C:\WINDOWS\System32\HPZipr12.dll <Not Verified; HP; HP PmlRtl> 2007-12-16 17:42:31 69632 --a------ C:\WINDOWS\System32\HPZipm12.exe <Not Verified; HP; HP PML> 2007-12-16 17:42:31 65536 --a------ C:\WINDOWS\System32\HPZinw12.exe <Not Verified; HP; HP Dot4Net Windows> 2007-12-16 17:42:31 282680 --a------ C:\WINDOWS\System32\HPZidr12.dll <Not Verified; HP; HP Dot4Rtl> 2007-12-16 17:40:55 0 d-------- C:\Program Files\HP 2007-12-16 13:38:10 0 d-------- C:\Program Files\OpenOffice.org 2.2 2007-12-16 13:37:29 0 d-------- C:\Program Files\Common Files\Java 2007-12-16 13:37:28 0 d-------- C:\Program Files\Java 2007-12-14 22:58:55 0 d-------- C:\Program Files\Gadu-Gadu 2007-12-14 22:32:40 0 d-------- C:\Program Files\IrfanView 2007-12-14 22:16:49 0 d-------- C:\WINDOWS\System32\appmgmt 2007-12-14 21:52:58 0 d-------- C:\!KillBox 2007-12-14 21:38:24 0 d-------- C:\VundoFix Backups 2007-12-14 21:36:19 0 d-------- C:\WINDOWS 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\WinSxS 2007-12-14 21:36:19 0 dr------- C:\WINDOWS\Web 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\twain_32 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\system32 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\wins 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\wbem 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\usmt 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\spool 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\ShellExt 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\Setup 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\ras 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\oobe 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\npp 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\mui 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\inetsrv 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\IME 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\icsxml 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\ias 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\export 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\drivers 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\drivers\etc 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\drivers\disdn 2007-12-14 21:36:19 0 dr-hs--c- C:\WINDOWS\System32\dllcache 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\dhcp 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\config 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\3com_dmi 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\3076 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\2052 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\1054 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\1045 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\1042 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\1041 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\1037 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\1033 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\1031 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\1028 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\1025 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\system 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\security 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\Resources 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\repair 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\mui 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\msapps 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\msagent 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\Media 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\java 2007-12-14 21:36:19 0 d--h----- C:\WINDOWS\inf 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\ime 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\Help 2007-12-14 21:36:19 0 dr--s---- C:\WINDOWS\Fonts 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\Driver Cache 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\Debug 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\Cursors 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\Connection Wizard 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\Config 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\AppPatch 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\addins 2007-12-14 21:30:39 1158 --a------ C:\WINDOWS\mozver.dat 2007-12-14 21:25:46 0 --a------ C:\WINDOWS\nsreg.dat 2007-12-14 21:21:43 16768 --a------ C:\WINDOWS\System32\tcpip_patcher.sys <Not Verified; www.kceasy.com; KCeasy tcpip.sys patcher> 2007-12-14 21:20:59 71175 --ah----- C:\WINDOWS\System32\hdyhllu.exe <Not Verified; ; csrss> 2007-12-14 21:15:47 30336 --a------ C:\WINDOWS\System32\drivers\fpd.sys <Not Verified; Politecnico di Torino; NPF Driver> 2007-12-14 21:15:32 1056768 --a------ C:\WINDOWS\System32\ROBOEX32.DLL <Not Verified; Blue Sky Software Corporation.; RoboHELP Classic 2000> 2007-12-14 21:15:32 52214 --a------ C:\WINDOWS\System32\drivers\WrKPoET2000.sys 2007-12-14 21:15:30 0 d-------- C:\Program Files\DialNet 2007-12-14 21:15:28 0 d--h----- C:\Program Files\InstallShield Installation Information 2007-12-14 21:10:09 0 d-------- C:\WINDOWS\ShellNew 2007-12-14 21:03:32 53248 -ra------ C:\WINDOWS\SOUNDMAN.EXE 2007-12-14 21:03:31 654604 -ra------ C:\WINDOWS\System32\drivers\ALCXWDM.SYS <Not Verified; Avance Logic, Inc.; Windows (R) WDM driver for Avance AC'97 Audio> 2007-12-14 21:01:28 0 d-------- C:\WINDOWS\Profiles 2007-12-14 21:01:27 0 d-------- C:\Program Files\Common Files\Adobe 2007-12-14 21:01:23 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller> 2007-12-14 21:01:11 0 d-------- C:\Program Files\directx 2007-12-14 21:00:51 0 d-------- C:\WINDOWS\nview 2007-12-14 21:00:49 0 d-------- C:\WINDOWS\System32\ReinstallBackups 2007-12-14 21:00:42 0 d-------- C:\Program Files\Common Files\InstallShield 2007-12-14 20:59:20 0 d--hs---- C:\WINDOWS\Installer 2007-12-14 20:58:17 0 d--hs---- C:\System Volume Information 2007-12-14 20:58:08 0 d-------- C:\WINDOWS\Prefetch 2007-12-14 20:54:01 0 d-------- C:\WINDOWS\System32\xircom 2007-12-14 20:54:01 0 d-------- C:\Program Files\microsoft frontpage 2007-12-14 20:53:19 0 -rahs---- C:\MSDOS.SYS 2007-12-14 20:53:19 0 -rahs---- C:\IO.SYS 2007-12-14 20:53:19 0 --a------ C:\CONFIG.SYS 2007-12-14 20:53:19 0 --a------ C:\AUTOEXEC.BAT 2007-12-14 20:51:43 0 dr------- C:\WINDOWS\Offline Web Pages 2007-12-14 20:51:43 0 d---s---- C:\WINDOWS\Downloaded Program Files 2007-12-14 20:51:13 0 d-------- C:\WINDOWS\srchasst 2007-12-14 20:51:02 0 d-------- C:\WINDOWS\System32\Macromed 2007-12-14 20:51:02 0 d-------- C:\WINDOWS\System32\DirectX 2007-12-14 20:50:46 0 d-------- C:\Program Files\Movie Maker 2007-12-14 20:50:09 0 d-------- C:\WINDOWS\System32\Restore 2007-12-14 20:50:06 32768 --a------ C:\WINDOWS\System32\mnmsrvc.exe <Not Verified; Microsoft Corporation; Windows® NetMeeting®> 2007-12-14 20:50:02 0 d-------- C:\WINDOWS\PCHEALTH 2007-12-14 20:49:53 0 d---s---- C:\WINDOWS\Tasks 2007-12-14 20:49:53 9728 --a------ C:\WINDOWS\System32\mstinit.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® - Harmonogram zadań> 2007-12-14 20:49:49 0 d-------- C:\Program Files\Common Files\MSSoap 2007-12-14 20:48:56 21856 --a------ C:\WINDOWS\System32\emptyregdb.dat 2007-12-14 20:48:39 0 d-------- C:\WINDOWS\Registration 2007-12-14 20:48:31 0 d--h----- C:\Program Files\WindowsUpdate 2007-12-14 20:48:31 0 d-------- C:\Program Files\Usługi online 2007-12-14 20:48:23 0 d-------- C:\Program Files\Messenger 2007-12-14 20:48:11 0 d-------- C:\Program Files\MSN Gaming Zone 2007-12-14 20:47:59 189952 --a------ C:\WINDOWS\System32\accwiz.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:58 118272 --a------ C:\WINDOWS\System32\mplay32.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:56 0 d-------- C:\Program Files\Windows NT 2007-12-14 20:47:55 342016 --a------ C:\WINDOWS\System32\mspaint.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:48 99328 --a------ C:\WINDOWS\System32\clipbrd.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:47 80896 --a------ C:\WINDOWS\System32\charmap.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:46 534016 --a------ C:\WINDOWS\System32\spider.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:46 57344 --a------ C:\WINDOWS\System32\sol.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:46 115200 --a------ C:\WINDOWS\System32\calc.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:45 128000 --a------ C:\WINDOWS\System32\mshearts.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:45 55808 --a------ C:\WINDOWS\System32\freecell.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:43 131072 --a------ C:\WINDOWS\System32\sessmgr.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:43 387072 --a------ C:\WINDOWS\System32\mstsc.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:41 22528 --a------ C:\WINDOWS\System32\msg.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:40 0 d-------- C:\WINDOWS\System32\MsDtc 2007-12-14 20:47:40 15872 --a------ C:\WINDOWS\System32\logoff.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:38 6144 --a------ C:\WINDOWS\System32\msdtc.exe <Not Verified; Microsoft Corporation; Microsoft Distributed Transaction Coordinator> 2007-12-14 20:47:37 5120 --a------ C:\WINDOWS\System32\dcomcnfg.exe <Not Verified; Microsoft Corporation; COM Services> 2007-12-14 20:47:37 0 d-------- C:\WINDOWS\System32\Com 2007-12-14 20:42:31 0 d-------- C:\Program Files\Common Files\ODBC 2007-12-14 20:42:27 0 dr------- C:\Program Files 2007-12-14 20:42:27 0 d-------- C:\Program Files\Common Files 2007-12-14 20:42:27 0 d-------- C:\Program Files\Common Files\SpeechEngines 2007-12-14 20:42:05 15360 --a------ C:\WINDOWS\TASKMAN.EXE <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:42:05 67072 --a------ C:\WINDOWS\NOTEPAD.EXE <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:41:43 0 d-------- C:\WINDOWS\System32\CatRoot2 2007-12-14 20:41:43 0 d-------- C:\WINDOWS\System32\CatRoot 2007-12-14 20:41:23 0 d-------- C:\Documents and Settings -- Find3M Report --------------------------------------------------------------- 2007-12-24 17:14:13 0 d-------- C:\Documents and Settings\bedik\Dane aplikacji\OpenOffice.org2 2007-12-24 17:12:42 0 d-------- C:\Documents and Settings\bedik\Dane aplikacji\uTorrent 2007-12-24 15:36:53 15411 --a------ C:\Program Files\TMPfilm o pszczołach( bee movie)lektor pl.dat.bak 2007-12-24 15:36:51 732829696 --a------ C:\Program Files\TMPfilm o pszczołach( bee movie)lektor pl.avi 2007-12-24 15:36:50 13836 --a------ C:\Program Files\TMPGrey's Anatomy - Season 3 Episode 15.dat.bak 2007-12-24 15:36:48 366942524 --a------ C:\Program Files\TMPGrey's Anatomy - Season 3 Episode 15.avi 2007-12-24 14:42:18 8968 --a------ C:\Program Files\TMPfilm o pszczołach( bee movie)lektor pl.tiger 2007-12-24 13:18:00 14487 --a------ C:\Program Files\TMPTaniec Zmysłów - Step Up 2006 Lektor PL.dat.bak 2007-12-23 22:41:33 8968 --a------ C:\Program Files\TMPTaniec Zmysłów - Step Up 2006 Lektor PL.tiger 2007-12-23 22:41:29 733933568 --a------ C:\Program Files\TMPTaniec Zmysłów - Step Up 2006 Lektor PL.avi 2007-12-22 17:17:36 355830 --a------ C:\WINDOWS\System32\perfh015.dat 2007-12-22 17:17:35 49712 --a------ C:\WINDOWS\System32\perfc015.dat 2007-12-21 11:53:26 0 d-------- C:\Documents and Settings\bedik\Dane aplikacji\Image Zone Express 2007-12-19 22:47:05 61440 --a------ C:\WINDOWS\System32\wextract.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:45:50 104448 --a------ C:\WINDOWS\System32\sysocmgr.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:45:19 103424 --a------ C:\WINDOWS\System32\rsnotify.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:45:10 11776 --a------ C:\WINDOWS\System32\rasautou.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:44:57 33792 --a------ C:\WINDOWS\System32\ping6.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:44:56 14336 --a------ C:\WINDOWS\System32\perfmon.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:44:56 15360 --a------ C:\WINDOWS\System32\pentnt.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:44:56 22528 --a------ C:\WINDOWS\System32\pathping.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:44:55 53248 --a------ C:\WINDOWS\System32\packager.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:44:55 41472 --a------ C:\WINDOWS\System32\osuninst.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:44:55 212992 --a------ C:\WINDOWS\System32\osk.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:44:47 64000 --a------ C:\WINDOWS\System32\openfiles.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:44:45 32768 --a------ C:\WINDOWS\System32\odbcad32.exe <Not Verified; Microsoft Corporation; Microsoft Open Database Connectivity> 2007-12-19 22:44:45 128512 --a------ C:\WINDOWS\System32\nwscript.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:44:43 31744 --a------ C:\WINDOWS\System32\ntsd.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:44:42 74752 --a------ C:\WINDOWS\System32\nslookup.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:44:41 32256 --a------ C:\WINDOWS\System32\netstat.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:44:40 327680 --a------ C:\WINDOWS\System32\netsetup.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:44:39 115200 --a------ C:\WINDOWS\System32\net1.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:44:38 4096 --a------ C:\WINDOWS\System32\nddeapir.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:43:54 21504 --a------ C:\WINDOWS\System32\nbtstat.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:54 52736 --a------ C:\WINDOWS\System32\narrator.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:50 6656 --a------ C:\WINDOWS\System32\msswchx.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:49 24064 --a------ C:\WINDOWS\System32\mshta.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:43:47 13824 --a------ C:\WINDOWS\System32\mrinfo.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:47 97792 --a------ C:\WINDOWS\System32\mqtgsvc.exe <Not Verified; Microsoft Corporation; Microsoft Message Queue> 2007-12-19 22:43:47 4608 --a------ C:\WINDOWS\System32\mqsvc.exe <Not Verified; Microsoft Corporation; Microsoft Message Queue> 2007-12-19 22:43:46 17408 --a------ C:\WINDOWS\System32\mqbkup.exe <Not Verified; Microsoft Corporation; Microsoft Message Queue> 2007-12-19 22:43:46 22016 --a------ C:\WINDOWS\System32\mpnotify.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:43:45 8192 --a------ C:\WINDOWS\System32\mountvol.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:45 136192 --a------ C:\WINDOWS\System32\mobsync.exe <Not Verified; Microsoft Corporation; Menedżer synchronizacji firmy Microsoft> 2007-12-19 22:43:44 52224 --a------ C:\WINDOWS\System32\migpwd.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:26 40960 --a------ C:\WINDOWS\System32\MAPISRVR.EXE <Not Verified; Microsoft Corporation; Microsoft Exchange> 2007-12-19 22:43:25 79360 --a------ C:\WINDOWS\System32\makecab.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:43:25 68096 --a------ C:\WINDOWS\System32\magnify.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:25 8192 --a------ C:\WINDOWS\System32\lpr.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:24 6144 --a------ C:\WINDOWS\System32\lpq.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:23 56832 --a------ C:\WINDOWS\System32\logman.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:22 5120 --a------ C:\WINDOWS\System32\lodctr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:43:21 9728 --a------ C:\WINDOWS\System32\label.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:43:19 22528 --a------ C:\WINDOWS\System32\ipxroute.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:18 59904 --a------ C:\WINDOWS\System32\ipv6.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:18 45056 --a------ C:\WINDOWS\System32\ipsec6.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:17 50688 --a------ C:\WINDOWS\System32\ipconfig.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:12 8192 --a------ C:\WINDOWS\System32\hostname.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:01 14848 --a------ C:\WINDOWS\System32\help.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:59 58368 --a------ C:\WINDOWS\System32\gpupdate.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:59 114688 --a------ C:\WINDOWS\System32\gpresult.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:58 56832 --a------ C:\WINDOWS\System32\getmac.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:14 62976 --a------ C:\WINDOWS\System32\fsutil.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:13 7168 --a------ C:\WINDOWS\System32\forcedos.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:13 19456 --a------ C:\WINDOWS\System32\fontview.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:12 3072 --a------ C:\WINDOWS\System32\fixmapi.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:42:12 9728 --a------ C:\WINDOWS\System32\finger.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:11 26112 --a------ C:\WINDOWS\System32\findstr.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:10 9216 --a------ C:\WINDOWS\System32\find.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:42:09 14848 --a------ C:\WINDOWS\System32\fc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:42:08 40960 --a------ C:\WINDOWS\System32\extrac32.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:07 16384 --a------ C:\WINDOWS\System32\expand.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:06 9216 --a------ C:\WINDOWS\System32\eventvwr.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:06 80896 --a------ C:\WINDOWS\System32\eventtriggers.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:05 49664 --a------ C:\WINDOWS\System32\eventcreate.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:05 179712 --a------ C:\WINDOWS\System32\eudcedit.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:04 39424 --a------ C:\WINDOWS\System32\esentutl.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:42:01 786432 --a------ C:\WINDOWS\System32\dxdiag.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:00 15872 --a------ C:\WINDOWS\System32\dvdupgrd.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:41:58 47104 --a------ C:\WINDOWS\System32\drwtsn32.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:41:57 59392 --a------ C:\WINDOWS\System32\dpvsetup.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:41:57 18944 --a------ C:\WINDOWS\System32\dpnsvr.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:41:56 26112 --a------ C:\WINDOWS\System32\dplaysvr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:41:56 10752 --a------ C:\WINDOWS\System32\doskey.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:41:56 14336 --a------ C:\WINDOWS\System32\dmremote.exe <Not Verified; Microsoft Corp.; Logical Disk Manager for Windows NT> 2007-12-19 22:41:55 4608 --a------ C:\WINDOWS\System32\dllhst3g.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:41:55 18432 --a------ C:\WINDOWS\System32\diskperf.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:41:55 146944 --a------ C:\WINDOWS\System32\diskpart.exe <Not Verified; Microsoft Corporation; Aplikacja Diskpart firmy Microsoft Corporation> 2007-12-19 22:41:54 79360 --a------ C:\WINDOWS\System32\diantz.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:41:53 73216 --a------ C:\WINDOWS\System32\dfrgfat.exe <Not Verified; Microsoft Corp. i Executive Software International, Inc.; Defragmentator dysków systemu Windows> 2007-12-19 22:41:53 27648 --a------ C:\WINDOWS\System32\ddeshare.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:40:01 17920 --a------ C:\WINDOWS\System32\compact.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:40:00 15872 --a------ C:\WINDOWS\System32\comp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:39:59 55808 --a------ C:\WINDOWS\System32\cmstp.exe <Not Verified; Microsoft Corporation; Menedżer połączeń firmy Microsoft(R)> 2007-12-19 22:39:57 35840 --a------ C:\WINDOWS\System32\cmmon32.exe <Not Verified; Microsoft Corporation; Menedżer połączeń firmy Microsoft(R)> 2007-12-19 22:39:56 41472 --a------ C:\WINDOWS\System32\cmdl32.exe <Not Verified; Microsoft Corporation; Menedżer połączeń firmy Microsoft(R)> 2007-12-19 22:39:53 62464 --a------ C:\WINDOWS\System32\cleanmgr.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:39:52 7680 --a------ C:\WINDOWS\System32\ckcnv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:39:51 45056 --a------ C:\WINDOWS\System32\cipher.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:39:51 8192 --a------ C:\WINDOWS\System32\cidaemon.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:39:51 11264 --a------ C:\WINDOWS\System32\chkntfs.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:39:50 11776 --a------ C:\WINDOWS\System32\chkdsk.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:39:28 19456 --a------ C:\WINDOWS\System32\cacls.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:39:26 5120 --a------ C:\WINDOWS\System32\bootvrfy.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:39:26 4608 --a------ C:\WINDOWS\System32\bootok.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:39:25 148480 --a------ C:\WINDOWS\System32\bootcfg.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:39:23 10240 --a------ C:\WINDOWS\System32\atmadm.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:39:23 23040 --a------ C:\WINDOWS\System32\at.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:39:22 33792 --a------ C:\WINDOWS\System32\asr_ldm.exe <Not Verified; Microsoft Corp.; Menedżer dysków logicznych dla systemu Windows NT> 2007-12-19 22:39:21 27136 --a------ C:\WINDOWS\System32\asr_fmt.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:39:21 19968 --a------ C:\WINDOWS\System32\arp.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:39:19 84992 --a------ C:\WINDOWS\System32\ahui.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:39:18 4096 --a------ C:\WINDOWS\System32\actmovie.exe <Not Verified; Microsoft Corporation; DirectShow> 2007-12-19 22:33:22 25600 --a------ C:\WINDOWS\twunk_32.exe <Not Verified; Twain Working Group; Twain Thunker> 2007-12-19 21:01:20 29696 --a------ C:\WINDOWS\System32\lights.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 21:01:19 8192 --a------ C:\WINDOWS\System32\control.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 19:55:05 15872 --a------ C:\WINDOWS\System32\ping.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 19:35:50 60416 --a------ C:\WINDOWS\System32\driverquery.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 19:25:39 9216 --a------ C:\WINDOWS\System32\print.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-18 21:35:41 109568 --a------ C:\WINDOWS\System32\defrag.exe <Not Verified; Microsoft Corp. and Executive Software International, Inc.; Windows Disk Defragmenter> 2007-12-17 19:43:20 99840 --a------ C:\WINDOWS\System32\iexpress.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-17 19:43:20 13824 --a------ C:\WINDOWS\System32\convert.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-16 23:12:52 26624 --a------ C:\WINDOWS\hh.exe <Not Verified; Microsoft Corporation; HTML Help> 2007-12-16 23:05:04 268800 --a------ C:\WINDOWS\winhlp32.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-16 19:18:23 26624 --a------ C:\WINDOWS\System32\lnkstub.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-16 18:30:03 37888 --a------ C:\WINDOWS\System32\grpconv.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-16 18:01:41 0 d-------- C:\Documents and Settings\bedik\Dane aplikacji\HP 2007-12-16 17:43:08 416768 --a------ C:\WINDOWS\System32\wiaacmgr.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-16 17:40:26 12288 --a------ C:\WINDOWS\System32\runonce.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-16 17:40:11 11264 --a------ C:\WINDOWS\System32\attrib.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-16 15:44:22 1157120 --a------ C:\WINDOWS\System32\ntbackup.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-16 15:32:53 102400 --a------ C:\WINDOWS\System32\cscript.exe <Not Verified; Microsoft Corporation; Microsoft (r) Windows Script Host> 2007-12-16 15:32:17 396288 --a------ C:\WINDOWS\System32\ntvdm.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-16 14:20:50 346624 --a------ C:\WINDOWS\System32\tourstart.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-16 13:37:18 0 d-------- C:\Documents and Settings\bedik\Dane aplikacji\Sun 2007-12-14 23:29:47 0 d-------- C:\Documents and Settings\bedik\Dane aplikacji\Gadu-Gadu 2007-12-14 22:33:45 67072 --a------ C:\WINDOWS\System32\notepad.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:21:30 10240 --a------ C:\WINDOWS\System32\regsvr32.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:21:29 774656 --a------ C:\WINDOWS\System32\mmc.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:21:27 13312 --a------ C:\WINDOWS\System32\ctfmon.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-14 22:21:24 277504 --a------ C:\WINDOWS\System32\vssvc.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:21:23 16384 --a------ C:\WINDOWS\System32\ups.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-14 22:21:23 62976 --a------ C:\WINDOWS\System32\tlntsvr.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:21:22 87552 --a------ C:\WINDOWS\System32\smlogsvc.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:21:21 95744 --a------ C:\WINDOWS\System32\scardsvr.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:21:21 132608 --a------ C:\WINDOWS\System32\rsvp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-14 22:21:21 68096 --a------ C:\WINDOWS\System32\locator.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-14 22:21:18 109568 --a------ C:\WINDOWS\System32\netdde.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:21:12 42496 --a------ C:\WINDOWS\System32\ftp.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:21:12 205312 --a------ C:\WINDOWS\System32\dmadmin.exe <Not Verified; Microsoft Corp., Veritas Software; Menedżer dysków logicznych dla systemu Windows NT> 2007-12-14 22:21:12 30720 --a------ C:\WINDOWS\System32\clipsrv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-14 22:21:11 5120 --a------ C:\WINDOWS\System32\cisvc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-14 22:21:10 40960 --a------ C:\WINDOWS\System32\alg.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-14 22:20:21 77824 --a------ C:\WINDOWS\System32\usrmlnka.exe <Not Verified; U.S. Robotics Corporation; U.S. Robotics Modem Driver> 2007-12-14 22:20:20 207360 --a------ C:\WINDOWS\System32\progman.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:09:41 63488 --a------ C:\WINDOWS\System32\msiexec.exe <Not Verified; Microsoft Corporation; Windows Installer - Unicode> 2007-12-14 22:08:21 132608 --a------ C:\WINDOWS\System32\taskmgr.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:05:46 382976 --a------ C:\WINDOWS\System32\cmd.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:03:48 61440 --a------ C:\WINDOWS\System32\usrprbda.exe <Not Verified; U.S. Robotics Corporation; U.S. Robotics modem> 2007-12-14 22:03:47 23040 --a------ C:\WINDOWS\System32\proxycfg.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-14 22:03:47 45568 --a------ C:\WINDOWS\System32\proquota.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:02:55 219648 --a------ C:\WINDOWS\System32\logon.scr <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:02:54 504832 --a------ C:\WINDOWS\System32\logonui.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:02:53 118784 --a------ C:\WINDOWS\System32\imapi.exe <Not Verified; Microsoft Corporation; Moduł IMAPI> 2007-12-14 22:02:51 30208 --a------ C:\WINDOWS\System32\dumprep.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-14 22:02:48 31744 --a------ C:\WINDOWS\System32\rundll32.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:02:32 22016 --a------ C:\WINDOWS\System32\userinit.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:02:31 83968 --a------ C:\WINDOWS\System32\netsh.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 21:30:59 0 d-------- C:\Documents and Settings\bedik\Dane aplikacji\Macromedia 2007-12-14 21:30:58 0 d-------- C:\Documents and Settings\bedik\Dane aplikacji\Adobe 2007-12-14 21:25:41 0 d-------- C:\Documents and Settings\bedik\Dane aplikacji\Mozilla 2007-12-14 21:15:20 0 d-------- C:\Documents and Settings\bedik\Dane aplikacji\InstallShield 2007-12-14 21:08:19 0 d-------- C:\Documents and Settings\bedik\Dane aplikacji\Microsoft Web Folders 2007-12-14 20:59:17 0 d-------- C:\Documents and Settings\bedik\Dane aplikacji\Identities 2007-12-14 20:41:57 62 --ahs---- C:\Documents and Settings\bedik\Dane aplikacji\desktop.ini -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="NvQTwk" [] "nwiz"="nwiz.exe" [2007-12-14 22:02 C:\WINDOWS\system32\nwiz.exe] "a-winpoet-service"="C:\Program Files\DialNet\winpppoverethernet.exe" [] "z-wrdialer"="C:\Program Files\DialNet\wrdialer.exe" [] "egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0\bin\jusched.exe" [] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg .exe" [2007-12-24 16:53] "z-WrDialer"="C:\Program Files\DialNet\WrDialer.exe" [] C:\Documents and Settings\bedik\Menu Start\Programy\Autostart\ OpenOffice.org 2.2.lnk - C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe [2007-02-02 17:54:56] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 19:05:56] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Authentication Packages"= msv1_0 C:\\WINDOWS\\System32\\pmnnl -- End of Deckard's System Scanner: finished at 2007-12-24 17:23:58 ------------

[quote][/quote]

**Posty:** 18165 · przez **wojtas** 24 Gru 2007, 20:00

wykonales to co jest podane w tym temacie ??

Pobierz i uruchom narzędzie
The Avenger
Zaznacz opcję Input script manually i kliknij na Lupkę z prawej strony. W okienku, które się otworzy wklejasz:

Files to delete:

C:\WINDOWS\System32\Wseclayer.exe
C:\WINDOWS\System32\hqghumea.dll
C:\WINDOWS\System32\lnnmp.ini2
C:\WINDOWS\System32\gghhk.ini2
C:\WINDOWS\System32\khhgg.exe
C:\WINDOWS\System32\Isass .exe
C:\WINDOWS\System32\TFTP1972
C:\WINDOWS\System32\TFTP1524
C:\WINDOWS\System32\juwyzx .exe
C:\WINDOWS\System32\hdyhllu.exe
C:\WINDOWS\system32\dllcache\mravsc32.exe

Folders to delete:

C:\WINDOWS\System32\TFTP1972
C:\WINDOWS\System32\TFTP1524

Drivers to unload:

Distributed Allocated Memory Unit

Klikasz Done, a następnie zielone światełko i zgadzasz się na restart klikając OK.

wklej do notatnika:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Authentication Packages"=-
"Authentication Packages"=hex(7):6d,00,73,00,76,00,31,00,5f,00,30,00,00,00,00,\
00

Z menu Notatnika >>> Plik >>> Zapisz jako >>> Ustaw rozszerzenie na Wszystkie pliki >>> Zapisz jako FIX.REG >>> uruchom ten plik

Kasujesz ręcznie z dysku plik: C:\Avenger\backup.zip i wklejasz na forum raport: C:\avenger.txt + log z dssa

**Posty:** 82 · przez **nomik** 25 Gru 2007, 15:36

wojtas19162 napisał(a):wykonales to co jest podane w tym temacie ??

tak, a oto logi:
avenger.txt
Kod: Zaznacz wszystko
Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\nsbpqxdw ******************* Script file located at: \??\C:\Program Files\dhcxekpp.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: File C:\WINDOWS\System32\Wseclayer.exe deleted successfully. File C:\WINDOWS\System32\hqghumea.dll deleted successfully. File C:\WINDOWS\System32\lnnmp.ini2 deleted successfully. File C:\WINDOWS\System32\gghhk.ini2 deleted successfully. File C:\WINDOWS\System32\khhgg.exe deleted successfully. File C:\WINDOWS\System32\Isass .exe deleted successfully. File C:\WINDOWS\System32\TFTP1972 deleted successfully. File C:\WINDOWS\System32\TFTP1524 deleted successfully. File C:\WINDOWS\System32\juwyzx .exe deleted successfully. File C:\WINDOWS\System32\hdyhllu.exe deleted successfully. File C:\WINDOWS\system32\dllcache\mravsc32.exe not found! Deletion of file C:\WINDOWS\system32\dllcache\mravsc32.exe failed! Could not process line: C:\WINDOWS\system32\dllcache\mravsc32.exe Status: 0xc0000034 Folder C:\WINDOWS\System32\TFTP1972 not found! Deletion of folder C:\WINDOWS\System32\TFTP1972 failed! Could not process line: C:\WINDOWS\System32\TFTP1972 Status: 0xc0000034 Folder C:\WINDOWS\System32\TFTP1524 not found! Deletion of folder C:\WINDOWS\System32\TFTP1524 failed! Could not process line: C:\WINDOWS\System32\TFTP1524 Status: 0xc0000034 Driver Distributed Allocated Memory Unit unloaded successfully. Completed script processing. ******************* Finished! Terminate.

dss

Kod: Zaznacz wszystko
Deckard's System Scanner v20071014.68 Run by bedik on 2007-12-25 14:26:36 Computer is in Normal Mode. -------------------------------------------------------------------------------- [color=red]Percentage of Memory in Use: 94% (more than 75%).[/color] [color=red]Total Physical Memory: 128 MiB (512 MiB recommended).[/color] -- HijackThis (run as bedik.exe) ----------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:29, on 2007-12-25 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\logonui.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\OpenOffice.org 2.2\program\soffice.exe C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\HPZipm12.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\DialNet\WrOS.EXE C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\BearShare\BearShare.exe C:\Documents and Settings\bedik\Pulpit\dss.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\bedik.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [a-winpoet-service] "C:\Program Files\DialNet\winpppoverethernet.exe" O4 - HKLM\..\Run: [z-wrdialer] "C:\Program Files\DialNet\wrdialer.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg .exe" /tray O4 - HKCU\..\Run: [z-WrDialer] C:\Program Files\DialNet\WrDialer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O17 - HKLM\System\CCS\Services\Tcpip\..\{629572AC-CC2B-4CA8-A00C-F8AD5120C074}: NameServer = 217.30.129.149 217.30.137.200 O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: WinPPPoverEthernet - Fine Point Technologies, Inc. - C:\Program Files\DialNet\WrOS.EXE -- End of file - 3640 bytes -- Files created between 2007-11-25 and 2007-12-25 ----------------------------- 2007-12-25 14:28:38 0 d-------- C:\Program Files\Trend Micro 2007-12-25 14:19:55 0 --------- C:\WINDOWS\System32\drivers\wl 2007-12-24 22:02:07 14356 --a------ C:\Program Files\TMPGreys Anatomy - Season 3 Episode 17.dat 2007-12-24 22:00:33 15032 --a------ C:\Program Files\TMPGrey's Anatomy - Season 3 - Episode 16 -.dat 2007-12-24 15:39:34 0 d-------- C:\Program Files\Sunbelt Software 2007-12-24 14:42:11 15059 --a------ C:\Program Files\TMPfilm o pszczołach( bee movie)lektor pl.dat 2007-12-23 22:41:21 14096 --a------ C:\Program Files\TMPTaniec Zmysłów - Step Up 2006 Lektor PL.dat 2007-12-23 22:23:30 0 d-------- C:\WINDOWS\RegisteredPackages 2007-12-23 22:20:40 0 d-------- C:\Program Files\Winamp 2007-12-23 18:37:50 0 d-------- C:\hijack 2007-12-22 21:39:44 0 d-------- C:\My Downloads 2007-12-22 21:39:41 0 d-------- C:\Program Files\BearShare 2007-12-22 17:41:48 0 d---s---- C:\WINDOWS\System32\Microsoft 2007-12-22 17:30:25 2112 --a------ C:\WINDOWS\System32\tmp.reg 2007-12-22 17:29:36 81920 --a------ C:\WINDOWS\System32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix> 2007-12-22 17:29:35 25600 --a------ C:\WINDOWS\System32\WS2Fix.exe 2007-12-22 17:29:35 289144 --a------ C:\WINDOWS\System32\VCCLSID.exe <Not Verified; S!Ri; > 2007-12-22 17:29:31 51200 --a------ C:\WINDOWS\System32\dumphive.exe 2007-12-22 17:29:29 288417 --a------ C:\WINDOWS\System32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS> 2007-12-22 17:29:22 53248 --a------ C:\WINDOWS\System32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility> 2007-12-22 17:12:15 0 d-------- C:\WINDOWS\ERUNT 2007-12-20 18:27:12 0 d-------- C:\Program Files\uTorrent 2007-12-16 23:11:58 0 d-------- C:\Program Files\Common Files\Nero 2007-12-16 23:11:25 997888 --a------ C:\WINDOWS\System32\wmvdmoe2.dll <Not Verified; Microsoft Corporation; Microsoft® Windows Media Services> 2007-12-16 23:11:25 892416 --a------ C:\WINDOWS\System32\wmspdmoe.dll <Not Verified; Microsoft Corporation; Microsoft® Windows Media Services> 2007-12-16 23:11:25 1111040 --a------ C:\WINDOWS\System32\wmsdmoe2.dll <Not Verified; Microsoft Corporation; Microsoft® Windows Media Services> 2007-12-16 23:09:14 364544 -----n--- C:\WINDOWS\System32\TwnLib4.dll <Not Verified; Pegasus Imaging Corp.; TwnLib4> 2007-12-16 23:09:14 106496 --a------ C:\WINDOWS\System32\TwnLib20.dll <Not Verified; Pegasus Software; TWNLIB20> 2007-12-16 23:09:06 471040 -----n--- C:\WINDOWS\System32\ImagXRA7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7> 2007-12-16 23:09:06 262144 -----n--- C:\WINDOWS\System32\ImagXR7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7> 2007-12-16 23:09:06 1568768 -----n--- C:\WINDOWS\System32\ImagX7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7> 2007-12-16 23:05:51 0 d-------- C:\Program Files\Common Files\Ahead 2007-12-16 23:05:49 0 d-------- C:\Program Files\Ahead 2007-12-16 17:44:41 0 d-------- C:\Program Files\Common Files\Hewlett-Packard 2007-12-16 17:43:32 77824 -ra------ C:\WINDOWS\System32\HPZIDS01.dll 2007-12-16 17:43:30 48128 --a------ C:\WINDOWS\System32\hpzll054.dll <Not Verified; Hewlett-Packard Company; Language Monitor> 2007-12-16 17:42:31 57344 --a------ C:\WINDOWS\System32\HPZisn12.dll <Not Verified; HP; HP SNMP Windows> 2007-12-16 17:42:31 94208 --a------ C:\WINDOWS\System32\HPZipt12.dll <Not Verified; HP; HP SNMP Windows> 2007-12-16 17:42:31 204800 --a------ C:\WINDOWS\System32\HPZipr12.dll <Not Verified; HP; HP PmlRtl> 2007-12-16 17:42:31 69632 --a------ C:\WINDOWS\System32\HPZipm12.exe <Not Verified; HP; HP PML> 2007-12-16 17:42:31 65536 --a------ C:\WINDOWS\System32\HPZinw12.exe <Not Verified; HP; HP Dot4Net Windows> 2007-12-16 17:42:31 282680 --a------ C:\WINDOWS\System32\HPZidr12.dll <Not Verified; HP; HP Dot4Rtl> 2007-12-16 17:40:55 0 d-------- C:\Program Files\HP 2007-12-16 13:38:10 0 d-------- C:\Program Files\OpenOffice.org 2.2 2007-12-16 13:37:29 0 d-------- C:\Program Files\Common Files\Java 2007-12-16 13:37:28 0 d-------- C:\Program Files\Java 2007-12-14 22:58:55 0 d-------- C:\Program Files\Gadu-Gadu 2007-12-14 22:32:40 0 d-------- C:\Program Files\IrfanView 2007-12-14 22:16:49 0 d-------- C:\WINDOWS\System32\appmgmt 2007-12-14 21:52:58 0 d-------- C:\!KillBox 2007-12-14 21:38:24 0 d-------- C:\VundoFix Backups 2007-12-14 21:36:19 0 d-------- C:\WINDOWS 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\WinSxS 2007-12-14 21:36:19 0 dr------- C:\WINDOWS\Web 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\twain_32 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\system32 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\wins 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\wbem 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\usmt 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\spool 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\ShellExt 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\Setup 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\ras 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\oobe 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\npp 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\mui 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\inetsrv 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\IME 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\icsxml 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\ias 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\export 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\drivers 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\drivers\etc 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\drivers\disdn 2007-12-14 21:36:19 0 dr-hs--c- C:\WINDOWS\System32\dllcache 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\dhcp 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\config 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\3com_dmi 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\3076 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\2052 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\1054 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\1045 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\1042 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\1041 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\1037 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\1033 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\1031 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\1028 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\System32\1025 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\system 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\security 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\Resources 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\repair 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\mui 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\msapps 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\msagent 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\Media 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\java 2007-12-14 21:36:19 0 d--h----- C:\WINDOWS\inf 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\ime 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\Help 2007-12-14 21:36:19 0 dr--s---- C:\WINDOWS\Fonts 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\Driver Cache 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\Debug 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\Cursors 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\Connection Wizard 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\Config 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\AppPatch 2007-12-14 21:36:19 0 d-------- C:\WINDOWS\addins 2007-12-14 21:30:39 1158 --a------ C:\WINDOWS\mozver.dat 2007-12-14 21:25:46 0 --a------ C:\WINDOWS\nsreg.dat 2007-12-14 21:21:43 16768 --a------ C:\WINDOWS\System32\tcpip_patcher.sys <Not Verified; www.kceasy.com; KCeasy tcpip.sys patcher> 2007-12-14 21:15:47 30336 --a------ C:\WINDOWS\System32\drivers\fpd.sys <Not Verified; Politecnico di Torino; NPF Driver> 2007-12-14 21:15:32 1056768 --a------ C:\WINDOWS\System32\ROBOEX32.DLL <Not Verified; Blue Sky Software Corporation.; RoboHELP Classic 2000> 2007-12-14 21:15:32 52214 --a------ C:\WINDOWS\System32\drivers\WrKPoET2000.sys 2007-12-14 21:15:30 0 d-------- C:\Program Files\DialNet 2007-12-14 21:15:28 0 d--h----- C:\Program Files\InstallShield Installation Information 2007-12-14 21:10:09 0 d-------- C:\WINDOWS\ShellNew 2007-12-14 21:03:32 53248 -ra------ C:\WINDOWS\SOUNDMAN.EXE 2007-12-14 21:03:31 654604 -ra------ C:\WINDOWS\System32\drivers\ALCXWDM.SYS <Not Verified; Avance Logic, Inc.; Windows (R) WDM driver for Avance AC'97 Audio> 2007-12-14 21:01:28 0 d-------- C:\WINDOWS\Profiles 2007-12-14 21:01:27 0 d-------- C:\Program Files\Common Files\Adobe 2007-12-14 21:01:23 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller> 2007-12-14 21:01:11 0 d-------- C:\Program Files\directx 2007-12-14 21:00:51 0 d-------- C:\WINDOWS\nview 2007-12-14 21:00:49 0 d-------- C:\WINDOWS\System32\ReinstallBackups 2007-12-14 21:00:42 0 d-------- C:\Program Files\Common Files\InstallShield 2007-12-14 20:59:20 0 d--hs---- C:\WINDOWS\Installer 2007-12-14 20:58:17 0 d--hs---- C:\System Volume Information 2007-12-14 20:58:08 0 d-------- C:\WINDOWS\Prefetch 2007-12-14 20:54:01 0 d-------- C:\WINDOWS\System32\xircom 2007-12-14 20:54:01 0 d-------- C:\Program Files\microsoft frontpage 2007-12-14 20:53:19 0 -rahs---- C:\MSDOS.SYS 2007-12-14 20:53:19 0 -rahs---- C:\IO.SYS 2007-12-14 20:53:19 0 --a------ C:\CONFIG.SYS 2007-12-14 20:53:19 0 --a------ C:\AUTOEXEC.BAT 2007-12-14 20:51:43 0 dr------- C:\WINDOWS\Offline Web Pages 2007-12-14 20:51:43 0 d---s---- C:\WINDOWS\Downloaded Program Files 2007-12-14 20:51:13 0 d-------- C:\WINDOWS\srchasst 2007-12-14 20:51:02 0 d-------- C:\WINDOWS\System32\Macromed 2007-12-14 20:51:02 0 d-------- C:\WINDOWS\System32\DirectX 2007-12-14 20:50:46 0 d-------- C:\Program Files\Movie Maker 2007-12-14 20:50:09 0 d-------- C:\WINDOWS\System32\Restore 2007-12-14 20:50:06 32768 --a------ C:\WINDOWS\System32\mnmsrvc.exe <Not Verified; Microsoft Corporation; Windows® NetMeeting®> 2007-12-14 20:50:02 0 d-------- C:\WINDOWS\PCHEALTH 2007-12-14 20:49:53 0 d---s---- C:\WINDOWS\Tasks 2007-12-14 20:49:53 9728 --a------ C:\WINDOWS\System32\mstinit.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® - Harmonogram zadań> 2007-12-14 20:49:49 0 d-------- C:\Program Files\Common Files\MSSoap 2007-12-14 20:48:56 21856 --a------ C:\WINDOWS\System32\emptyregdb.dat 2007-12-14 20:48:39 0 d-------- C:\WINDOWS\Registration 2007-12-14 20:48:31 0 d--h----- C:\Program Files\WindowsUpdate 2007-12-14 20:48:31 0 d-------- C:\Program Files\Usługi online 2007-12-14 20:48:23 0 d-------- C:\Program Files\Messenger 2007-12-14 20:48:11 0 d-------- C:\Program Files\MSN Gaming Zone 2007-12-14 20:47:59 189952 --a------ C:\WINDOWS\System32\accwiz.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:58 118272 --a------ C:\WINDOWS\System32\mplay32.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:56 0 d-------- C:\Program Files\Windows NT 2007-12-14 20:47:55 342016 --a------ C:\WINDOWS\System32\mspaint.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:48 99328 --a------ C:\WINDOWS\System32\clipbrd.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:47 80896 --a------ C:\WINDOWS\System32\charmap.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:46 534016 --a------ C:\WINDOWS\System32\spider.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:46 57344 --a------ C:\WINDOWS\System32\sol.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:46 115200 --a------ C:\WINDOWS\System32\calc.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:45 128000 --a------ C:\WINDOWS\System32\mshearts.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:45 55808 --a------ C:\WINDOWS\System32\freecell.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:43 131072 --a------ C:\WINDOWS\System32\sessmgr.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:43 387072 --a------ C:\WINDOWS\System32\mstsc.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:41 22528 --a------ C:\WINDOWS\System32\msg.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:40 0 d-------- C:\WINDOWS\System32\MsDtc 2007-12-14 20:47:40 15872 --a------ C:\WINDOWS\System32\logoff.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:47:38 6144 --a------ C:\WINDOWS\System32\msdtc.exe <Not Verified; Microsoft Corporation; Microsoft Distributed Transaction Coordinator> 2007-12-14 20:47:37 5120 --a------ C:\WINDOWS\System32\dcomcnfg.exe <Not Verified; Microsoft Corporation; COM Services> 2007-12-14 20:47:37 0 d-------- C:\WINDOWS\System32\Com 2007-12-14 20:42:31 0 d-------- C:\Program Files\Common Files\ODBC 2007-12-14 20:42:27 0 dr------- C:\Program Files 2007-12-14 20:42:27 0 d-------- C:\Program Files\Common Files 2007-12-14 20:42:27 0 d-------- C:\Program Files\Common Files\SpeechEngines 2007-12-14 20:42:05 15360 --a------ C:\WINDOWS\TASKMAN.EXE <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:42:05 67072 --a------ C:\WINDOWS\NOTEPAD.EXE <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 20:41:43 0 d-------- C:\WINDOWS\System32\CatRoot2 2007-12-14 20:41:43 0 d-------- C:\WINDOWS\System32\CatRoot 2007-12-14 20:41:23 0 d-------- C:\Documents and Settings -- Find3M Report --------------------------------------------------------------- 2007-12-25 14:31:40 365945112 --a------ C:\Program Files\TMPGreys Anatomy - Season 3 Episode 17.avi 2007-12-25 14:31:40 367033188 --a------ C:\Program Files\TMPGrey's Anatomy - Season 3 - Episode 16 -.avi 2007-12-25 14:31:35 732829696 --a------ C:\Program Files\TMPfilm o pszczołach( bee movie)lektor pl.avi 2007-12-25 14:31:29 14385 --a------ C:\Program Files\TMPGreys Anatomy - Season 3 Episode 17.dat.bak 2007-12-25 14:31:27 3390 --a------ C:\Program Files\TMPGrey's Anatomy - Season 3 Episode 20 - Time After Time.dat 2007-12-25 14:31:25 15115 --a------ C:\Program Files\TMPfilm o pszczołach( bee movie)lektor pl.dat.bak 2007-12-25 14:31:24 15015 --a------ C:\Program Files\TMPGrey's Anatomy - Season 3 - Episode 16 -.dat.bak 2007-12-25 14:31:13 757 --a------ C:\Program Files\TMPGrey's Anatomy - Season 3, Episode 19.HDTV.XviD-XOR.dat 2007-12-25 14:30:59 4247 --a------ C:\Program Files\TMPGrey's Anatomy - Season 3 - Episode 18 - Scars And Souvenirs.dat 2007-12-25 14:29:23 733933568 --a------ C:\Program Files\TMPTaniec Zmysłów - Step Up 2006 Lektor PL.avi 2007-12-25 14:29:19 14070 --a------ C:\Program Files\TMPTaniec Zmysłów - Step Up 2006 Lektor PL.dat.bak 2007-12-25 14:22:37 0 d-------- C:\Documents and Settings\bedik\Dane aplikacji\OpenOffice.org2 2007-12-24 21:58:21 0 d-------- C:\Documents and Settings\bedik\Dane aplikacji\uTorrent 2007-12-24 14:42:18 8968 --a------ C:\Program Files\TMPfilm o pszczołach( bee movie)lektor pl.tiger 2007-12-23 22:41:33 8968 --a------ C:\Program Files\TMPTaniec Zmysłów - Step Up 2006 Lektor PL.tiger 2007-12-22 17:17:36 355830 --a------ C:\WINDOWS\System32\perfh015.dat 2007-12-22 17:17:35 49712 --a------ C:\WINDOWS\System32\perfc015.dat 2007-12-21 11:53:26 0 d-------- C:\Documents and Settings\bedik\Dane aplikacji\Image Zone Express 2007-12-19 22:47:05 61440 --a------ C:\WINDOWS\System32\wextract.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:45:50 104448 --a------ C:\WINDOWS\System32\sysocmgr.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:45:19 103424 --a------ C:\WINDOWS\System32\rsnotify.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:45:10 11776 --a------ C:\WINDOWS\System32\rasautou.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:44:57 33792 --a------ C:\WINDOWS\System32\ping6.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:44:56 14336 --a------ C:\WINDOWS\System32\perfmon.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:44:56 15360 --a------ C:\WINDOWS\System32\pentnt.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:44:56 22528 --a------ C:\WINDOWS\System32\pathping.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:44:55 53248 --a------ C:\WINDOWS\System32\packager.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:44:55 41472 --a------ C:\WINDOWS\System32\osuninst.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:44:55 212992 --a------ C:\WINDOWS\System32\osk.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:44:47 64000 --a------ C:\WINDOWS\System32\openfiles.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:44:45 32768 --a------ C:\WINDOWS\System32\odbcad32.exe <Not Verified; Microsoft Corporation; Microsoft Open Database Connectivity> 2007-12-19 22:44:45 128512 --a------ C:\WINDOWS\System32\nwscript.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:44:43 31744 --a------ C:\WINDOWS\System32\ntsd.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:44:42 74752 --a------ C:\WINDOWS\System32\nslookup.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:44:41 32256 --a------ C:\WINDOWS\System32\netstat.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:44:40 327680 --a------ C:\WINDOWS\System32\netsetup.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:44:39 115200 --a------ C:\WINDOWS\System32\net1.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:44:38 4096 --a------ C:\WINDOWS\System32\nddeapir.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:43:54 21504 --a------ C:\WINDOWS\System32\nbtstat.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:54 52736 --a------ C:\WINDOWS\System32\narrator.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:50 6656 --a------ C:\WINDOWS\System32\msswchx.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:49 24064 --a------ C:\WINDOWS\System32\mshta.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:43:47 13824 --a------ C:\WINDOWS\System32\mrinfo.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:47 97792 --a------ C:\WINDOWS\System32\mqtgsvc.exe <Not Verified; Microsoft Corporation; Microsoft Message Queue> 2007-12-19 22:43:47 4608 --a------ C:\WINDOWS\System32\mqsvc.exe <Not Verified; Microsoft Corporation; Microsoft Message Queue> 2007-12-19 22:43:46 17408 --a------ C:\WINDOWS\System32\mqbkup.exe <Not Verified; Microsoft Corporation; Microsoft Message Queue> 2007-12-19 22:43:46 22016 --a------ C:\WINDOWS\System32\mpnotify.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:43:45 8192 --a------ C:\WINDOWS\System32\mountvol.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:45 136192 --a------ C:\WINDOWS\System32\mobsync.exe <Not Verified; Microsoft Corporation; Menedżer synchronizacji firmy Microsoft> 2007-12-19 22:43:44 52224 --a------ C:\WINDOWS\System32\migpwd.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:26 40960 --a------ C:\WINDOWS\System32\MAPISRVR.EXE <Not Verified; Microsoft Corporation; Microsoft Exchange> 2007-12-19 22:43:25 79360 --a------ C:\WINDOWS\System32\makecab.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:43:25 68096 --a------ C:\WINDOWS\System32\magnify.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:25 8192 --a------ C:\WINDOWS\System32\lpr.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:24 6144 --a------ C:\WINDOWS\System32\lpq.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:23 56832 --a------ C:\WINDOWS\System32\logman.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:22 5120 --a------ C:\WINDOWS\System32\lodctr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:43:21 9728 --a------ C:\WINDOWS\System32\label.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:43:19 22528 --a------ C:\WINDOWS\System32\ipxroute.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:18 59904 --a------ C:\WINDOWS\System32\ipv6.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:18 45056 --a------ C:\WINDOWS\System32\ipsec6.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:17 50688 --a------ C:\WINDOWS\System32\ipconfig.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:12 8192 --a------ C:\WINDOWS\System32\hostname.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:43:01 14848 --a------ C:\WINDOWS\System32\help.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:59 58368 --a------ C:\WINDOWS\System32\gpupdate.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:59 114688 --a------ C:\WINDOWS\System32\gpresult.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:58 56832 --a------ C:\WINDOWS\System32\getmac.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:14 62976 --a------ C:\WINDOWS\System32\fsutil.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:13 7168 --a------ C:\WINDOWS\System32\forcedos.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:13 19456 --a------ C:\WINDOWS\System32\fontview.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:12 3072 --a------ C:\WINDOWS\System32\fixmapi.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:42:12 9728 --a------ C:\WINDOWS\System32\finger.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:11 26112 --a------ C:\WINDOWS\System32\findstr.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:10 9216 --a------ C:\WINDOWS\System32\find.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:42:09 14848 --a------ C:\WINDOWS\System32\fc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:42:08 40960 --a------ C:\WINDOWS\System32\extrac32.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:07 16384 --a------ C:\WINDOWS\System32\expand.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:06 9216 --a------ C:\WINDOWS\System32\eventvwr.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:06 80896 --a------ C:\WINDOWS\System32\eventtriggers.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:05 49664 --a------ C:\WINDOWS\System32\eventcreate.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:05 179712 --a------ C:\WINDOWS\System32\eudcedit.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:04 39424 --a------ C:\WINDOWS\System32\esentutl.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:42:01 786432 --a------ C:\WINDOWS\System32\dxdiag.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:42:00 15872 --a------ C:\WINDOWS\System32\dvdupgrd.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:41:58 47104 --a------ C:\WINDOWS\System32\drwtsn32.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:41:57 59392 --a------ C:\WINDOWS\System32\dpvsetup.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:41:57 18944 --a------ C:\WINDOWS\System32\dpnsvr.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:41:56 26112 --a------ C:\WINDOWS\System32\dplaysvr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:41:56 10752 --a------ C:\WINDOWS\System32\doskey.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:41:56 14336 --a------ C:\WINDOWS\System32\dmremote.exe <Not Verified; Microsoft Corp.; Logical Disk Manager for Windows NT> 2007-12-19 22:41:55 4608 --a------ C:\WINDOWS\System32\dllhst3g.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:41:55 18432 --a------ C:\WINDOWS\System32\diskperf.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:41:55 146944 --a------ C:\WINDOWS\System32\diskpart.exe <Not Verified; Microsoft Corporation; Aplikacja Diskpart firmy Microsoft Corporation> 2007-12-19 22:41:54 79360 --a------ C:\WINDOWS\System32\diantz.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:41:53 73216 --a------ C:\WINDOWS\System32\dfrgfat.exe <Not Verified; Microsoft Corp. i Executive Software International, Inc.; Defragmentator dysków systemu Windows> 2007-12-19 22:41:53 27648 --a------ C:\WINDOWS\System32\ddeshare.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:40:01 17920 --a------ C:\WINDOWS\System32\compact.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:40:00 15872 --a------ C:\WINDOWS\System32\comp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:39:59 55808 --a------ C:\WINDOWS\System32\cmstp.exe <Not Verified; Microsoft Corporation; Menedżer połączeń firmy Microsoft(R)> 2007-12-19 22:39:57 35840 --a------ C:\WINDOWS\System32\cmmon32.exe <Not Verified; Microsoft Corporation; Menedżer połączeń firmy Microsoft(R)> 2007-12-19 22:39:56 41472 --a------ C:\WINDOWS\System32\cmdl32.exe <Not Verified; Microsoft Corporation; Menedżer połączeń firmy Microsoft(R)> 2007-12-19 22:39:53 62464 --a------ C:\WINDOWS\System32\cleanmgr.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:39:52 7680 --a------ C:\WINDOWS\System32\ckcnv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:39:51 45056 --a------ C:\WINDOWS\System32\cipher.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:39:51 8192 --a------ C:\WINDOWS\System32\cidaemon.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:39:51 11264 --a------ C:\WINDOWS\System32\chkntfs.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:39:50 11776 --a------ C:\WINDOWS\System32\chkdsk.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:39:28 19456 --a------ C:\WINDOWS\System32\cacls.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:39:26 5120 --a------ C:\WINDOWS\System32\bootvrfy.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:39:26 4608 --a------ C:\WINDOWS\System32\bootok.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-19 22:39:25 148480 --a------ C:\WINDOWS\System32\bootcfg.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:39:23 10240 --a------ C:\WINDOWS\System32\atmadm.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:39:23 23040 --a------ C:\WINDOWS\System32\at.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:39:22 33792 --a------ C:\WINDOWS\System32\asr_ldm.exe <Not Verified; Microsoft Corp.; Menedżer dysków logicznych dla systemu Windows NT> 2007-12-19 22:39:21 27136 --a------ C:\WINDOWS\System32\asr_fmt.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:39:21 19968 --a------ C:\WINDOWS\System32\arp.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:39:19 84992 --a------ C:\WINDOWS\System32\ahui.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 22:39:18 4096 --a------ C:\WINDOWS\System32\actmovie.exe <Not Verified; Microsoft Corporation; DirectShow> 2007-12-19 22:33:22 25600 --a------ C:\WINDOWS\twunk_32.exe <Not Verified; Twain Working Group; Twain Thunker> 2007-12-19 21:01:20 29696 --a------ C:\WINDOWS\System32\lights.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 21:01:19 8192 --a------ C:\WINDOWS\System32\control.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 19:55:05 15872 --a------ C:\WINDOWS\System32\ping.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 19:35:50 60416 --a------ C:\WINDOWS\System32\driverquery.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-19 19:25:39 9216 --a------ C:\WINDOWS\System32\print.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-18 21:35:41 109568 --a------ C:\WINDOWS\System32\defrag.exe <Not Verified; Microsoft Corp. and Executive Software International, Inc.; Windows Disk Defragmenter> 2007-12-17 19:43:20 99840 --a------ C:\WINDOWS\System32\iexpress.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-17 19:43:20 13824 --a------ C:\WINDOWS\System32\convert.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-16 23:12:52 26624 --a------ C:\WINDOWS\hh.exe <Not Verified; Microsoft Corporation; HTML Help> 2007-12-16 23:05:04 268800 --a------ C:\WINDOWS\winhlp32.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-16 19:18:23 26624 --a------ C:\WINDOWS\System32\lnkstub.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-16 18:30:03 37888 --a------ C:\WINDOWS\System32\grpconv.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-16 18:01:41 0 d-------- C:\Documents and Settings\bedik\Dane aplikacji\HP 2007-12-16 17:43:08 416768 --a------ C:\WINDOWS\System32\wiaacmgr.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-16 17:40:26 12288 --a------ C:\WINDOWS\System32\runonce.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-16 17:40:11 11264 --a------ C:\WINDOWS\System32\attrib.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-16 15:44:22 1157120 --a------ C:\WINDOWS\System32\ntbackup.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-16 15:32:53 102400 --a------ C:\WINDOWS\System32\cscript.exe <Not Verified; Microsoft Corporation; Microsoft (r) Windows Script Host> 2007-12-16 15:32:17 396288 --a------ C:\WINDOWS\System32\ntvdm.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-16 14:20:50 346624 --a------ C:\WINDOWS\System32\tourstart.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-16 13:37:18 0 d-------- C:\Documents and Settings\bedik\Dane aplikacji\Sun 2007-12-14 23:29:47 0 d-------- C:\Documents and Settings\bedik\Dane aplikacji\Gadu-Gadu 2007-12-14 22:33:45 67072 --a------ C:\WINDOWS\System32\notepad.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:21:30 10240 --a------ C:\WINDOWS\System32\regsvr32.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:21:29 774656 --a------ C:\WINDOWS\System32\mmc.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:21:27 13312 --a------ C:\WINDOWS\System32\ctfmon.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-14 22:21:24 277504 --a------ C:\WINDOWS\System32\vssvc.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:21:23 16384 --a------ C:\WINDOWS\System32\ups.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-14 22:21:23 62976 --a------ C:\WINDOWS\System32\tlntsvr.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:21:22 87552 --a------ C:\WINDOWS\System32\smlogsvc.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:21:21 95744 --a------ C:\WINDOWS\System32\scardsvr.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:21:21 132608 --a------ C:\WINDOWS\System32\rsvp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-14 22:21:21 68096 --a------ C:\WINDOWS\System32\locator.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-14 22:21:18 109568 --a------ C:\WINDOWS\System32\netdde.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:21:12 42496 --a------ C:\WINDOWS\System32\ftp.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:21:12 205312 --a------ C:\WINDOWS\System32\dmadmin.exe <Not Verified; Microsoft Corp., Veritas Software; Menedżer dysków logicznych dla systemu Windows NT> 2007-12-14 22:21:12 30720 --a------ C:\WINDOWS\System32\clipsrv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-14 22:21:11 5120 --a------ C:\WINDOWS\System32\cisvc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-14 22:21:10 40960 --a------ C:\WINDOWS\System32\alg.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-14 22:20:21 77824 --a------ C:\WINDOWS\System32\usrmlnka.exe <Not Verified; U.S. Robotics Corporation; U.S. Robotics Modem Driver> 2007-12-14 22:20:20 207360 --a------ C:\WINDOWS\System32\progman.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:09:41 63488 --a------ C:\WINDOWS\System32\msiexec.exe <Not Verified; Microsoft Corporation; Windows Installer - Unicode> 2007-12-14 22:08:21 132608 --a------ C:\WINDOWS\System32\taskmgr.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:05:46 382976 --a------ C:\WINDOWS\System32\cmd.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:03:48 61440 --a------ C:\WINDOWS\System32\usrprbda.exe <Not Verified; U.S. Robotics Corporation; U.S. Robotics modem> 2007-12-14 22:03:47 23040 --a------ C:\WINDOWS\System32\proxycfg.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-14 22:03:47 45568 --a------ C:\WINDOWS\System32\proquota.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:02:55 219648 --a------ C:\WINDOWS\System32\logon.scr <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:02:54 504832 --a------ C:\WINDOWS\System32\logonui.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:02:53 118784 --a------ C:\WINDOWS\System32\imapi.exe <Not Verified; Microsoft Corporation; Moduł IMAPI> 2007-12-14 22:02:51 30208 --a------ C:\WINDOWS\System32\dumprep.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2007-12-14 22:02:48 31744 --a------ C:\WINDOWS\System32\rundll32.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:02:32 22016 --a------ C:\WINDOWS\System32\userinit.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 22:02:31 83968 --a------ C:\WINDOWS\System32\netsh.exe <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®> 2007-12-14 21:30:59 0 d-------- C:\Documents and Settings\bedik\Dane aplikacji\Macromedia 2007-12-14 21:30:58 0 d-------- C:\Documents and Settings\bedik\Dane aplikacji\Adobe 2007-12-14 21:25:41 0 d-------- C:\Documents and Settings\bedik\Dane aplikacji\Mozilla 2007-12-14 21:15:20 0 d-------- C:\Documents and Settings\bedik\Dane aplikacji\InstallShield 2007-12-14 21:08:19 0 d-------- C:\Documents and Settings\bedik\Dane aplikacji\Microsoft Web Folders 2007-12-14 20:59:17 0 d-------- C:\Documents and Settings\bedik\Dane aplikacji\Identities 2007-12-14 20:41:57 62 --ahs---- C:\Documents and Settings\bedik\Dane aplikacji\desktop.ini -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="NvQTwk" [] "nwiz"="nwiz.exe" [2007-12-14 22:02 C:\WINDOWS\system32\nwiz.exe] "a-winpoet-service"="C:\Program Files\DialNet\winpppoverethernet.exe" [] "z-wrdialer"="C:\Program Files\DialNet\wrdialer.exe" [] "egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0\bin\jusched.exe" [] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg .exe" [2007-12-24 16:53] "z-WrDialer"="C:\Program Files\DialNet\WrDialer.exe" [] C:\Documents and Settings\bedik\Menu Start\Programy\Autostart\ OpenOffice.org 2.2.lnk - C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe [2007-02-02 17:54:56] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 19:05:56] -- End of Deckard's System Scanner: finished at 2007-12-25 14:33:26
------------

**Posty:** 18165 · przez **wojtas** 25 Gru 2007, 15:45

jest juz czysto

pozdrawiam zycze Wesolych Swiat i udanego Sylwka

**Posty:** 82 · przez **nomik** 25 Gru 2007, 15:52

wielkie dzięki za wszystko wojtas 19162! jestes the best:-) równiez zycze wesołych swiat i jak najlepszej zabawy w Sylwestrową Noc:-))

problem z wirusem i internetem

Kto jest na forum