prosze o sprawdzenie loga

[M@+]

Witam, mam o to taki problem... komputer mi bardzo tnie... czasami otwierają się jakies spyware stronki... Ogolnie komputer bardzo mi zwolnił, internet takze.
Hijackthis :

Logfile of HijackThis v1.99.1
Scan saved at 15:20:39, on 2007-04-18
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvraidservice.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Steam\Steam.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Winamp\winamp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Radek\Pulpit\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://wp.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1176694273578
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Silent Runners :

"Silent Runners.vbs", revision R50, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"CTFMON.EXE" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
"Gadu-Gadu" = ""C:\Program Files\Gadu-Gadu\gg.exe" /tray" ["sms-express.com"]
"Steam" = ""C:\Program Files\Steam\Steam.exe" -silent" ["Valve Corporation"]

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"NVRaidService" = "C:\WINDOWS\system32\nvraidservice.exe" ["NVIDIA Corporation"]
"(Default)" = "(empty string)" [file not found]
"CTHelper" = "CTHELPER.EXE" ["Creative Technology Ltd"]
"CTxfiHlp" = "CTXFIHLP.EXE" ["Creative Technology Ltd"]
"UpdReg" = "C:\WINDOWS\UpdReg.EXE" ["Creative Technology Ltd."]
"Logitech Hardware Abstraction Layer" = "KHALMNPR.EXE" ["Logitech Inc."]
"NeroFilterCheck" = "C:\WINDOWS\system32\NeroCheck.exe" ["Ahead Software Gmbh"]
"nwiz" = "nwiz.exe /install" ["NVIDIA Corporation"]
"NVIDIA nTune" = ""C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear" ["NVIDIA"]
"NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{0309638F-93F8-44D3-84CF-240EB1AB7F1F}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\wvuvvur.dll" [null data]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "AcroIEHlprObj Class"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{67C55A8D-E808-4caa-9EA7-F77102DE0BB6}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\pnedqesy.dll" [null data]
{6DE66B12-9232-4313-8F70-7F22C48D2274}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\onnuetrp.dll" [null data]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID} = "SSVHelper Class"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll" ["Sun Microsystems, Inc."]
{90A66135-4DEF-41C2-9DFA-23E48947B1EB}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\ssttt.dll" [null data]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"
-> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"
\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
"{EFA24E62-B078-11d0-89E4-00C04FC9E26E}" = "History Band"
-> {HKLM...CLSID} = "History Band"
\InProcServer32\(Default) = "C:\WINDOWS\system32\shdocvw.dll" [MS]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office10\msohev.dll" [MS]
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"
-> {HKLM...CLSID} = "RealOne Player Context Menu Class"
\InProcServer32\(Default) = "C:\Program Files\Real\RealPlayer\rpshell.dll" ["RealNetworks, Inc."]
"{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class"
-> {HKLM...CLSID} = "DesktopContext Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]
"{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper"
-> {HKLM...CLSID} = "NVIDIA CPL Extension"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]
"{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"
-> {HKLM...CLSID} = "Desktop Explorer"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu"
-> {HKLM...CLSID} = "nView Desktop Context Menu"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}" = "AVG7 Shell Extension"
-> {HKLM...CLSID} = "AVG7 Shell Extension Class"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG7\avgse.dll" ["GRISOFT, s.r.o."]
"{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}" = "AVG7 Find Extension"
-> {HKLM...CLSID} = "AVG7 Find Extension Class"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG7\avgse.dll" ["GRISOFT, s.r.o."]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
<<!>> "{0309638F-93F8-44D3-84CF-240EB1AB7F1F}" = "*_" (unwritable string)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\wvuvvur.dll" [null data]

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
<<!>> ssttt\DLLName = "C:\WINDOWS\system32\ssttt.dll" [null data]
<<!>> wvuvvur\DLLName = "wvuvvur.dll" [null data]

HKLM\Software\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
AVG7 Shell Extension\(Default) = "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"
-> {HKLM...CLSID} = "AVG7 Shell Extension Class"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG7\avgse.dll" ["GRISOFT, s.r.o."]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
AVG7 Shell Extension\(Default) = "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"
-> {HKLM...CLSID} = "AVG7 Shell Extension Class"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG7\avgse.dll" ["GRISOFT, s.r.o."]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]


Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------

Note: detected settings may not have any effect.

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\

"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Shutdown: Allow system to be shut down without having to log on}

"undockwithoutlogon" = (REG_DWORD) hex:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Devices: Allow undock without having to log on}


Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\WINDOWS\web\wallpaper\Idylla.bmp"

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\WINDOWS\web\wallpaper\Idylla.bmp"


Enabled Screen Saver:
---------------------

HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "C:\WINDOWS\System32\logon.scr" [MS]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 15
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05


Toolbars, Explorer Bars, Extensions:
------------------------------------

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Sun Java Console"
"CLSIDExtension" = "{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}"
-> {HKCU...CLSID} = "Java Plug-in 1.6.0_01"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll" ["Sun Microsystems, Inc."]
-> {HKLM...CLSID} = "Java Plug-in 1.6.0_01"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll" ["Sun Microsystems, Inc."]

{E2E2DD38-D088-4134-82B7-F2BA38496583}\
"MenuText" = "@xpsp3res.dll,-20001"
"Exec" = "%windir%\Network Diagnostic\xpnetdiag.exe" [MS]

{FB5F1910-F110-11D2-BB9E-00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Windows Messenger"
"Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

AVG E-mail Scanner, AVGEMS, "C:\PROGRA~1\Grisoft\AVG7\avgemc.exe" ["GRISOFT, s.r.o."]
AVG7 Alert Manager Server, Avg7Alrt, "C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe" ["GRISOFT, s.r.o."]
AVG7 Update Service, Avg7UpdSvc, "C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe" ["GRISOFT, s.r.o."]
Karta wydajności WMI, WmiApSrv, "C:\WINDOWS\system32\wbem\wmiapsrv.exe" [MS]
Kerio Personal Firewall 4, KPF4, ""C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe"" ["Kerio Technologies"]
nTune Service, nTuneService, "C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe /StartService" ["NVIDIA"]
NVIDIA Display Driver Service, NVSvc, "C:\WINDOWS\system32\nvsvc32.exe" ["NVIDIA Corporation"]
Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\system32\wdfmgr.exe" [MS]


----------
<<!>>: Suspicious data at a malware launch point.

+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ The search for DESKTOP.INI DLL launch points on all local fixed drives
took 16 seconds.
---------- (total run time: 45 seconds)

comboscan :
[quote]ComboScan v20070306.20 run by Radek on 2007-04-18 at 15:53:08
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created ComboScan Restore Point.


-- Last 5 Restore Point(s) --
33: 2007-04-18 14:53:10 UTC - RP33 - ComboScan Restore Point
32: 2007-04-17 23:12:18 UTC - RP32 - Spybot-S&D Spyware removal
31: 2007-04-17 22:55:05 UTC - RP31 - Spybot-S&D Spyware removal
30: 2007-04-17 18:10:18 UTC - RP30 - Installed Java(TM) SE Runtime Environment 6 Update 1
29: 2007-04-17 14:08:37 UTC - RP29 - Aktualizuj do niepodpisanego sterownika


-- First Restore Point --
1: 2007-04-16 04:17:32 UTC - RP1 - Punkt kontrolny systemu


Performed disk cleanup.


-- HijackThis (run as Radek.exe) -----------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 15:53:14, on 2007-04-18
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\nvraidservice.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Radek\Pulpit\comboscan.exe
C:\DOCUME~1\Radek\Pulpit\Radek.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://wp.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: (no name) - {0309638F-93F8-44D3-84CF-240EB1AB7F1F} - C:\WINDOWS\system32\wvuvvur.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - C:\WINDOWS\system32\pnedqesy.dll
O2 - BHO: (no name) - {6DE66B12-9232-4313-8F70-7F22C48D2274} - C:\WINDOWS\system32\onnuetrp.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {90A66135-4DEF-41C2-9DFA-23E48947B1EB} - C:\WINDOWS\system32\ssttt.dll
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1176694273578
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: ssttt - C:\WINDOWS\system32\ssttt.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: wvuvvur - C:\WINDOWS\SYSTEM32\wvuvvur.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe


-- File Associations -----------------------------------------------------------

.bat - batfile - "%1" %*
.chm - chm.file - "C:\WINDOWS\hh.exe" %1
.cmd - cmdfile - "%1" %*
.com - comfile - "%1" %*
.exe - exefile - "%1" %*
.hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - {00021401-0000-0000-C000-000000000046}
.pif - piffile - "%1" %*
.reg - regfile - regedit.exe "%1"
.scr - scrfile - "%1" /S
.txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

3R Arp1394 (Protokół klienta 1394 ARP) - C:\WINDOWS\system32\drivers\arp1394.sys
1R Avg7Core (AVG7 Kernel) - C:\WINDOWS\system32\drivers\avg7core.sys
1R Avg7RsW (AVG7 Wrap Driver) - C:\WINDOWS\system32\drivers\avg7rsw.sys
1R Avg7RsXP (AVG7 Resident Driver XP) - C:\WINDOWS\system32\drivers\avg7rsxp.sys
1R AvgClean (AVG7 Clean Driver) - C:\WINDOWS\system32\drivers\avgclean.sys
2R AvgTdi (AVG Network Redirector) - C:\WINDOWS\system32\drivers\avgtdi.sys
3R ctac32k (Creative AC3 Software Decoder) - C:\WINDOWS\system32\drivers\ctac32k.sys
3R ctaud2k (Creative Audio Driver (WDM)) - C:\WINDOWS\system32\drivers\ctaud2k.sys
3S ctdvda2k (Creative DVD-Audio Device Driver) - C:\WINDOWS\system32\drivers\ctdvda2k.sys
3R ctprxy2k (Creative Proxy Driver) - C:\WINDOWS\system32\drivers\ctprxy2k.sys
3R ctsfm2k (Creative SoundFont Management Device Driver) - C:\WINDOWS\system32\drivers\ctsfm2k.sys
3R emupia (E-mu Plug-in Architecture Driver) - C:\WINDOWS\system32\drivers\emupia2k.sys
3R ENTECH - C:\WINDOWS\system32\drivers\Entech.sys
1R fwdrv (Firewall Driver) - C:\WINDOWS\system32\drivers\fwdrv.sys
0R giveio - C:\WINDOWS\system32\giveio.sys
3R ha20x2k (Creative 20X HAL Driver) - C:\WINDOWS\system32\drivers\ha20x2k.sys
3R hidusb (Sterownik Microsoft klasy HID) - C:\WINDOWS\system32\drivers\hidusb.sys
1R intelppm (Sterownik procesora Intel) - C:\WINDOWS\system32\drivers\intelppm.sys
1R kbdhid (Sterownik klawiatury HID) - C:\WINDOWS\system32\drivers\kbdhid.sys
3R LHidKe (Logitech SetPoint HID Mouse Filter Driver) - C:\WINDOWS\system32\drivers\LHidKE.Sys
3R LMouKE (Logitech SetPoint Mouse Filter Driver) - C:\WINDOWS\system32\drivers\LMouKE.Sys
3R mouhid (Sterownik myszy HID) - C:\WINDOWS\system32\drivers\mouhid.sys
3R NIC1394 (Sterownik sieci 1394) - C:\WINDOWS\system32\drivers\nic1394.sys
3R nv - C:\WINDOWS\system32\drivers\nv4_mini.sys
0R nvatabus - C:\WINDOWS\system32\drivers\nvatabus.sys
3R NVENETFD (NVIDIA nForce Networking Controller Driver) - C:\WINDOWS\system32\drivers\NVENETFD.sys
3R nvnetbus (NVIDIA Network Bus Enumerator) - C:\WINDOWS\system32\drivers\nvnetbus.sys
3R NVR0Dev - C:\WINDOWS\nvoclock.sys
0R nvraid (NVIDIA nForce(tm) RAID Class Driver) - C:\WINDOWS\system32\drivers\nvraid.sys
0R ohci1394 (Kontroler hosta Texas Instruments IEEE 1394 zgodny z OHCI) - C:\WINDOWS\system32\drivers\ohci1394.sys
3R ossrv (Creative OS Services Driver) - C:\WINDOWS\system32\drivers\ctoss2k.sys
0R PxHelp20 - C:\WINDOWS\system32\drivers\PxHelp20.sys
3S RivaTuner32 - C:\Program Files\RivaTuner v2.0 Final Release\RivaTuner32.sys
0R sfdrv01a (StarForce Protection Environment Driver (version 1.x.a)) - C:\WINDOWS\system32\drivers\sfdrv01a.sys
0R sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - C:\WINDOWS\system32\drivers\sfhlp02.sys
0R speedfan - C:\WINDOWS\system32\speedfan.sys
0R sptd - C:\WINDOWS\system32\drivers\sptd.sys
3R usbccgp (Rodzajowy sterownik nadrzędny USB Microsoft) - C:\WINDOWS\system32\drivers\usbccgp.sys
3R usbehci (Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft) - C:\WINDOWS\system32\drivers\usbehci.sys
3R usbohci (Sterownik Miniport otwartego kontrolera hosta USB Microsoft) - C:\WINDOWS\system32\drivers\usbohci.sys
3S USBSTOR (Sterownik magazynu masowego USB) - C:\WINDOWS\system32\drivers\USBSTOR.SYS


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

3S aspnet_state (ASP.NET State Service) - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
2R Avg7Alrt (AVG7 Alert Manager Server) - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
2R Avg7UpdSvc (AVG7 Update Service) - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
2R AVGEMS (AVG E-mail Scanner) - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
3S clr_optimization_v2.0.50727_32 (.NET Runtime Optimization Service v2.0.50727_X86) - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
2R KPF4 (Kerio Personal Firewall 4) - "C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe"
2R nTuneService (nTune Service) - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe /StartService
2R NVSvc (NVIDIA Display Driver Service) - C:\WINDOWS\system32\nvsvc32.exe
2R UMWdf (Windows User Mode Driver Framework) - C:\WINDOWS\system32\wdfmgr.exe


-- Files created between 2007-03-18 and 2007-04-18 -----------------------------

2007-04-18 15:16:03 123972 --a------ C:\WINDOWS\system32\qohfbrqp.dll
2007-04-18 15:16:02 800557 ---hs---- C:\WINDOWS\system32\tttss.bak2<TTTSS~2.BAK>
2007-04-18 00:26:12 0 dr-h----- C:\$VAULT$.AVG
2007-04-18 00:16:17 3968 --a------ C:\WINDOWS\system32\drivers\avgclean.sys
2007-04-18 00:16:16 4960 --a------ C:\WINDOWS\system32\drivers\avgtdi.sys
2007-04-18 00:16:16 19392 --a------ C:\WINDOWS\system32\drivers\avgmfx86.sys
2007-04-18 00:16:15 27776 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys
2007-04-18 00:16:15 4224 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys
2007-04-18 00:16:14 775680 --a------ C:\WINDOWS\system32\drivers\avg7core.sys
2007-04-17 23:57:52 0 d-------- C:\Program Files\SkanerOnline<SKANER~1>
2007-04-17 23:48:04 125460 --a------ C:\WINDOWS\system32\onnuetrp.dll
2007-04-17 23:48:03 795781 ---hs---- C:\WINDOWS\system32\tttss.bak1<TTTSS~1.BAK>
2007-04-17 23:48:03 123972 --a------ C:\WINDOWS\system32\qpoxvlqq.dll
2007-04-17 23:48:03 48708 --a------ C:\WINDOWS\system32\pnedqesy.dll
2007-04-17 23:47:11 281172 ---hs---- C:\WINDOWS\system32\ssttt.dll
2007-04-17 23:42:09 26694 --a------ C:\WINDOWS\system32\wvuvvur.dll
2007-04-17 19:13:48 0 d-------- C:\WINDOWS\Sun
2007-04-17 19:13:27 0 d-------- C:\Program Files\Java
2007-04-17 19:10:28 0 d-------- C:\Program Files\Common Files\Java
2007-04-17 17:27:54 0 d-------- C:\WINDOWS\nview
2007-04-17 17:27:30 0 d-------- C:\NVIDIA
2007-04-17 15:08:39 356352 --a------ C:\WINDOWS\system32\nvudisp.exe
2007-04-17 15:08:01 6738656 --a------ C:\WINDOWS\system32\drivers\nv4_mini.sys
2007-04-17 15:08:00 5433216 --a------ C:\WINDOWS\system32\nv4_disp.dll
2007-04-17 02:29:39 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2007-04-16 20:34:49 0 d-------- C:\Program Files\Lavalys
2007-04-16 20:32:54 0 d-------- C:\Program Files\RivaTuner v2.0 Final Release<RIVATU~1.0FI>
2007-04-16 20:30:41 0 d-------- C:\Program Files\SpeedFan
2007-04-16 20:01:23 0 d-------- C:\Program Files\Techland
2007-04-16 19:54:30 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll<CMDLIN~1.DLL>
2007-04-16 19:54:14 2297552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2007-04-16 19:51:05 0 d-------- C:\Program Files\Ubisoft
2007-04-16 19:12:08 0 d-------- C:\Program Files\Common Files\xing shared<XINGSH~1>
2007-04-16 19:12:00 0 d-------- C:\Program Files\Real
2007-04-16 19:12:00 0 d-------- C:\Program Files\Common Files\Real
2007-04-16 19:11:08 0 d-------- C:\Fraps
2007-04-16 19:08:19 0 d-------- C:\Program Files\Driver Cleaner<DRIVER~1>
2007-04-16 19:05:40 0 d-------- C:\Program Files\The All-Seeing Eye<THEALL~1>
2007-04-16 19:03:23 0 d-------- C:\Program Files\Opera
2007-04-16 16:16:23 171280 --a------ C:\WINDOWS\system32\jit.dll
2007-04-16 16:16:23 139536 --a------ C:\WINDOWS\system32\javaee.dll
2007-04-16 16:16:23 313856 --a------ C:\WINDOWS\system32\dx3j.dll
2007-04-16 16:16:23 46352 --a------ C:\WINDOWS\setdebug.exe
2007-04-16 16:16:23 6550 --a------ C:\WINDOWS\jautoexp.dat
2007-04-16 16:16:22 113 --a------ C:\WINDOWS\system32\zonedon.reg
2007-04-16 16:16:22 113 --a------ C:\WINDOWS\system32\zonedoff.reg
2007-04-16 16:16:22 171792 --a------ C:\WINDOWS\system32\wjview.exe
2007-04-16 16:16:22 286992 --a------ C:\WINDOWS\system32\vmhelper.dll
2007-04-16 16:16:21 21264 --a------ C:\WINDOWS\system32\msjdbc10.dll
2007-04-16 16:16:21 947472 --a------ C:\WINDOWS\system32\msjava.dll
2007-04-16 16:16:21 154384 --a------ C:\WINDOWS\system32\msawt.dll
2007-04-16 16:16:21 172304 --a------ C:\WINDOWS\system32\jview.exe
2007-04-16 16:16:21 15120 --a------ C:\WINDOWS\system32\jdbgmgr.exe
2007-04-16 16:16:21 404752 --a------ C:\WINDOWS\system32\javart.dll
2007-04-16 16:16:21 63248 --a------ C:\WINDOWS\system32\javaprxy.dll
2007-04-16 16:16:21 187152 --a------ C:\WINDOWS\system32\javacypt.dll
2007-04-16 16:16:21 49424 --a------ C:\WINDOWS\system32\clspack.exe
2007-04-16 16:13:56 0 d-------- C:\WINDOWS\ShellNew
2007-04-16 15:58:05 0 d-------- C:\WINDOWS\system32\Futuremark<FUTURE~1>
2007-04-16 15:58:05 3972 --a------ C:\WINDOWS\system32\drivers\PciBus.sys
2007-04-16 15:58:05 5632 --a------ C:\WINDOWS\system32\drivers\Entech64.sys
2007-04-16 15:58:05 21664 --a------ C:\WINDOWS\system32\drivers\Entech.sys
2007-04-16 15:57:27 0 d-------- C:\Program Files\Futuremark<FUTURE~1>
2007-04-16 15:27:30 0 d-------- C:\Program Files\Steam
2007-04-16 14:57:01 0 d-------- C:\Program Files\MoorHunt
2007-04-16 14:55:47 0 dr--s---- C:\WINDOWS\assembly
2007-04-16 14:55:33 0 d-------- C:\WINDOWS\Microsoft.NET<MICROS~1.NET>
2007-04-16 14:16:31 0 d-------- C:\Program Files\VentriloMIX<VENTRI~1>
2007-04-16 14:16:21 0 d-------- C:\Program Files\SubEdit-Player<SUBEDI~1>
2007-04-16 14:14:46 0 d-------- C:\Program Files\Common Files\Skype
2007-04-16 14:14:40 0 d-------- C:\Program Files\Skype
2007-04-16 14:14:30 0 d-------- C:\Program Files\RegCleaner<REGCLE~1>
2007-04-16 14:14:26 0 d-------- C:\Program Files\mIRC
2007-04-16 14:13:55 0 d-------- C:\Program Files\HLSW
2007-04-16 14:12:29 0 d-------- C:\Program Files\eMule
2007-04-16 14:12:22 0 d-------- C:\Program Files\DC++<DC__~1>
2007-04-16 14:11:06 0 d-------- C:\Program Files\DAEMON Tools<DAEMON~1>
2007-04-16 14:10:06 639224 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-04-16 14:10:01 0 d-------- C:\Program Files\BitLord
2007-04-16 14:09:37 0 d-------- C:\Program Files\VideoLAN
2007-04-16 14:08:47 0 d-------- C:\Program Files\MyGlobalSearch<MYGLOB~1>
2007-04-16 14:08:47 0 d-------- C:\My Downloads<MYDOWN~1>
2007-04-16 06:07:24 3072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2007-04-16 06:07:17 21504 --a------ C:\WINDOWS\system32\hidserv.dll
2007-04-16 06:07:00 58624 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-04-16 06:06:46 6400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys
2007-04-16 06:06:43 77312 --a------ C:\WINDOWS\system32\usbui.dll
2007-04-16 06:06:04 0 d--hs---- C:\WINDOWS\Installer<INSTAL~1>
2007-04-16 06:06:04 0 d-------- C:\Program Files\Common Files\ODBC
2007-04-16 06:05:58 0 d-------- C:\Program Files\Common Files\SpeechEngines<SPEECH~1>
2007-04-16 06:05:56 0 dr------- C:\Program Files<PROGRA~1>
2007-04-16 06:05:54 6144 -ra------ C:\WINDOWS\system32\kbdtuq.dll
2007-04-16 06:05:54 6144 -ra------ C:\WINDOWS\system32\kbdtuf.dll
2007-04-16 06:05:54 5632 -ra------ C:\WINDOWS\system32\kbdazel.dll
2007-04-16 06:05:51 5632 -ra------ C:\WINDOWS\system32\kbdmon.dll
2007-04-16 06:05:51 5632 -ra------ C:\WINDOWS\system32\kbdkyr.dll
2007-04-16 06:05:48 8192 -ra------ C:\WINDOWS\system32\kbdhept.dll
2007-04-16 06:05:48 6656 -ra------ C:\WINDOWS\system32\kbdhela3.dll
2007-04-16 06:05:48 6144 -ra------ C:\WINDOWS\system32\kbdhela2.dll
2007-04-16 06:05:48 5632 -ra------ C:\WINDOWS\system32\kbdhe319.dll
2007-04-16 06:05:48 5632 -ra------ C:\WINDOWS\system32\kbdhe220.dll
2007-04-16 06:05:48 5632 -ra------ C:\WINDOWS\system32\kbdhe.dll
2007-04-16 06:05:48 6144 -ra------ C:\WINDOWS\system32\kbdgkl.dll
2007-04-16 06:05:46 6144 -ra------ C:\WINDOWS\system32\kbdlv1.dll
2007-04-16 06:05:46 6144 -ra------ C:\WINDOWS\system32\kbdlv.dll
2007-04-16 06:05:46 5632 -ra------ C:\WINDOWS\system32\kbdlt1.dll
2007-04-16 06:05:46 5632 -ra------ C:\WINDOWS\system32\kbdlt.dll
2007-04-16 06:05:46 6144 -ra------ C:\WINDOWS\system32\kbdest.dll
2007-04-16 06:05:42 6656 --a------ C:\WINDOWS\system32\kbdycl.dll
2007-04-16 06:05:42 6656 --a------ C:\WINDOWS\system32\kbdsl1.dll
2007-04-16 06:05:42 6656 --a------ C:\WINDOWS\system32\kbdsl.dll
2007-04-16 06:05:42 5632 --a------ C:\WINDOWS\system32\kbdro.dll
2007-04-16 06:05:42 5632 --a------ C:\WINDOWS\system32\kbdhu1.dll
2007-04-16 06:05:42 6656 --a------ C:\WINDOWS\system32\kbdhu.dll
2007-04-16 06:05:42 6656 --a------ C:\WINDOWS\system32\kbdcz2.dll
2007-04-16 06:05:42 6656 --a------ C:\WINDOWS\system32\kbdcz1.dll
2007-04-16 06:05:42 7168 --a------ C:\WINDOWS\system32\kbdcz.dll
2007-04-16 06:05:42 6656 --a------ C:\WINDOWS\system32\kbdcr.dll
2007-04-16 06:05:42 6656 --a------ C:\WINDOWS\system32\KBDAL.DLL
2007-04-16 06:05:41 24661 --a------ C:\WINDOWS\system32\spxcoins.dll
2007-04-16 06:05:41 13312 --a------ C:\WINDOWS\system32\irclass.dll
2007-04-16 06:05:41 85532 --a------ C:\WINDOWS\system32\dgsetup.dll
2007-04-16 06:05:41 176157 --a------ C:\WINDOWS\system32\dgrpsetu.dll
2007-04-16 06:05:40 103424 --a------ C:\WINDOWS\system32\EqnClass.Dll
2007-04-16 06:05:40 9168 --a------ C:\WINDOWS\system\VER.DLL
2007-04-16 06:05:40 19200 --a------ C:\WINDOWS\system\TAPI.DLL
2007-04-16 06:05:40 5120 --a------ C:\WINDOWS\system\SHELL.DLL
2007-04-16 06:05:39 24064 --a------ C:\WINDOWS\system\OLESVR.DLL
2007-04-16 06:05:39 83456 --a------ C:\WINDOWS\system\OLECLI.DLL
2007-04-16 06:05:39 127008 --a------ C:\WINDOWS\system\MSVIDEO.DLL
2007-04-16 06:05:38 15360 --a------ C:\WINDOWS\TASKMAN.EXE
2007-04-16 06:05:38 9936 --a------ C:\WINDOWS\system\LZEXPAND.DLL
2007-04-16 06:05:38 33376 --a------ C:\WINDOWS\system\COMMDLG.DLL
2007-04-16 06:05:38 109488 --a------ C:\WINDOWS\system\AVIFILE.DLL
2007-04-16 06:05:38 70096 --a------ C:\WINDOWS\system\AVICAP.DLL
2007-04-16 06:05:37 11264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2007-04-16 06:05:37 8704 --a------ C:\WINDOWS\system32\batt.dll
2007-04-16 06:05:37 69552 --a------ C:\WINDOWS\system\MMSYSTEM.DLL
2007-04-16 06:05:37 70144 --a------ C:\WINDOWS\NOTEPAD.EXE
2007-04-16 06:05:36 75776 --a------ C:\WINDOWS\system32\storprop.dll
2007-04-16 06:05:19 0 d-------- C:\WINDOWS\system32\CatRoot2
2007-04-16 06:05:19 0 d-------- C:\WINDOWS\system32\CatRoot
2007-04-16 06:04:28 0 d-------- C:\Documents and Settings<DOCUME~1>
2007-04-16 06:04:27 0 d--hs---- C:\System Volume Information<SYSTEM~1>
2007-04-16 05:59:32 0 d-------- C:\WINDOWS
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\WinSxS
2007-04-16 05:59:32 0 dr------- C:\WINDOWS\Web
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\twain_32
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\wins
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\wbem
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\usmt
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\spool
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\ShellExt
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\Setup
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\ras
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\oobe
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\npp
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\mui
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\inetsrv
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\IME
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\icsxml
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\ias
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\export
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\drivers
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\drivers\etc
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\drivers\disdn
2007-04-16 05:59:32 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\dhcp
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\config
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\3com_dmi
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\3076
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\2052
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\1054
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\1045
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\1042
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\1041
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\1037
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\1033
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\1031
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\1028
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system32\1025
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\system
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\security
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\Resources<RESOUR~1>
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\repair
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\Provisioning<PROVIS~1>
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\PeerNet
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\pchealth
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\OemDir
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\mui
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\msapps
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\msagent
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\Media
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\java
2007-04-16 05:59:32 0 d--h----- C:\WINDOWS\inf
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\ime
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\Help
2007-04-16 05:59:32 0 dr--s---- C:\WINDOWS\Fonts
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\ehome
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\Driver Cache<DRIVER~1>
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\Debug
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\Cursors
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\Connection Wizard<CONNEC~1>
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\Config
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\AppPatch
2007-04-16 05:59:32 0 d-------- C:\WINDOWS\addins
2007-04-16 05:37:15 12305905 -----n--- C:\AVG7QT.DAT
2007-04-16 05:37:15 1650 -r-hs---- C:\AVG7DB_F.DAT
2007-04-16 05:32:30 0 d-------- C:\Program Files\Grisoft
2007-04-16 05:31:12 0 d-------- C:\Program Files\Kerio
2007-04-16 05:22:54 0 d-------- C:\Program Files\Lavasoft
2007-04-16 05:21:22 125184 -----n--- C:\WINDOWS\system32\drivers\imagesrv.sys
2007-04-16 05:21:22 5504 -----n--- C:\WINDOWS\system32\drivers\imagedrv.sys
2007-04-16 05:21:13 106496 --a------ C:\WINDOWS\system32\TwnLib20.dll
2007-04-16 05:21:13 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe<NEROCH~1.EXE>
2007-04-16 05:21:13 471040 -----n--- C:\WINDOWS\system32\ImagXRA7.dll
2007-04-16 05:21:13 262144 -----n--- C:\WINDOWS\system32\ImagXR7.dll
2007-04-16 05:21:13 476320 -----n--- C:\WINDOWS\system32\ImagXpr7.dll
2007-04-16 05:21:13 1568768 -----n--- C:\WINDOWS\system32\ImagX7.dll
2007-04-16 05:21:13 0 d-------- C:\Program Files\Common Files\Ahead
2007-04-16 05:21:10 0 d-------- C:\Program Files\Ahead
2007-04-16 05:19:41 0 d-------- C:\WINDOWS\system32\ReinstallBackups<REINST~1>
2007-04-16 05:19:31 202240 -ra------ C:\WINDOWS\system32\fdco1ins.dll
2007-04-16 05:19:31 202240 --a------ C:\WINDOWS\system32\fdco1.dll
2007-04-16 05:19:30 52736 -ra------ C:\WINDOWS\system32\drivers\NVENETFD.sys
2007-04-16 05:19:28 110080 -ra------ C:\WINDOWS\system32\drivers\nvtcp.sys
2007-04-16 05:19:23 208896 --a------ C:\WINDOWS\system32\nvunrm.exe
2007-04-16 05:19:21 35840 -ra------ C:\WINDOWS\system32\nvconrm.dll
2007-04-16 05:19:21 261120 -ra------ C:\WINDOWS\system32\drivers\nvsnpu.sys
2007-04-16 05:19:21 1104896 -ra------ C:\WINDOWS\system32\drivers\nvnrm.sys
2007-04-16 05:19:21 18944 -ra------ C:\WINDOWS\system32\drivers\nvnetbus.sys
2007-04-16 05:19:21 10240 -ra------ C:\WINDOWS\system32\bdco1ins.dll
2007-04-16 05:19:21 10240 -ra------ C:\WINDOWS\system32\bdco1.dll
2007-04-16 05:19:21 0 d-------- C:\WINDOWS\NV17281652.TMP<NV1728~1.TMP>
2007-04-16 05:19:20 208896 -ra------ C:\WINDOWS\system32\nvusmb.exe
2007-04-16 05:19:14 208896 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2007-04-16 05:18:46 0 d-------- C:\Program Files\Common Files\InstallShield<INSTAL~1>
2007-04-16 05:17:51 0 d-------- C:\Program Files\Gadu-Gadu<GADU-G~1>
2007-04-16 05:17:15 115880 -----n--- C:\WINDOWS\system32\pxinsi64.exe
2007-04-16 05:17:15 129784 -----n--- C:\WINDOWS\system32\pxafs.dll
2007-04-16 05:17:15 36528 -----n--- C:\WINDOWS\system32\drivers\PxHelp20.sys
2007-04-16 05:17:15 2560 -----n--- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-04-16 05:17:15 2432 -----n--- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-04-16 05:17:06 0 d-------- C:\WINDOWS\RegisteredPackages<REGIST~2>
2007-04-16 05:16:43 0 d-------- C:\Program Files\Winamp
2007-04-16 05:16:42 0 d-------- C:\WINDOWS\SoftwareDistribution<SOFTWA~1>
2007-04-16 05:16:41 0 d-------- C:\WINDOWS\Prefetch
2007-04-16 05:15:04 0 d-------- C:\WINDOWS\pss
2007-04-16 05:13:49 0 d-------- C:\WINDOWS\system32\xircom
2007-04-16 05:13:49 0 d-------- C:\Program Files\microsoft frontpage<MICROS~1>
2007-04-16 05:13:39 0 d--h----- C:\WINDOWS\$hf_mig$
2007-04-16 05:13:30 0 -rahs---- C:\MSDOS.SYS
2007-04-16 05:13:30 0 -rahs---- C:\IO.SYS
2007-04-16 05:13:30 0 --a------ C:\CONFIG.SYS
2007-04-16 05:13:30 0 --a------ C:\AUTOEXEC.BAT
2007-04-16 05:13:27 13440 --a------ C:\WINDOWS\system32\drivers\L8042Kbd.SYS
2007-04-16 05:13:25 112128 --a------ C:\WINDOWS\system32\mapi32.dll
2007-04-16 05:13:22 68864 --a------ C:\WINDOWS\system32\drivers\LMouKE.Sys
2007-04-16 05:13:22 55040 --a------ C:\WINDOWS\system32\drivers\L8042MOU.SYS
2007-04-16 05:12:58 0 dr------- C:\WINDOWS\Offline Web Pages<OFFLIN~1>
2007-04-16 05:12:58 0 d---s---- C:\WINDOWS\Downloaded Program Files<DOWNLO~1>
2007-04-16 05:12:53 0 d--h----- C:\Program Files\WindowsUpdate<WINDOW~3>
2007-04-16 05:12:52 0 d-------- C:\Program Files\Usługi online<USUGIO~1>
2007-04-16 05:12:42 258352 --a------ C:\WINDOWS\system32\unicows.dll
2007-04-16 05:12:40 1047552 --a------ C:\WINDOWS\system32\MFC71u.dll
2007-04-16 05:12:39 0 d-------- C:\Program Files\Common Files\Logitech
2007-04-16 05:12:35 0 d-------- C:\WINDOWS\system32\DirectX
2007-04-16 05:12:34 26112 --a------ C:\WINDOWS\system32\drivers\LHidKE.Sys
2007-04-16 05:12:33 28160 --a------ C:\WINDOWS\KHALMNPR.Exe
2007-04-16 05:12:33 0 d-------- C:\Program Files\Logitech
2007-04-16 05:12:06 11264 --a------ C:\WINDOWS\system32\atrace.dll
2007-04-16 05:11:53 12288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2007-04-16 05:11:52 67584 --a------ C:\WINDOWS\system32\acctres.dll
2007-04-16 05:11:48 0 d---s---- C:\WINDOWS\Tasks
2007-04-16 05:11:48 16384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2007-04-16 05:11:47 0 d-------- C:\Program Files\Common Files\MSSoap
2007-04-16 05:11:39 0 d-------- C:\WINDOWS\srchasst
2007-04-16 05:11:37 0 d-------- C:\WINDOWS\system32\Macromed
2007-04-16 05:11:32 173536 --a------ C:\WINDOWS\system32\wuweb.dll
2007-04-16 05:11:32 128280 --a------ C:\WINDOWS\system32\wucltui.dll
2007-04-16 05:11:32 6656 --a------ C:\WINDOWS\system32\wuauserv.dll
2007-04-16 05:11:32 195352 --a------ C:\WINDOWS\system32\wuaueng1.dll
2007-04-16 05:11:31 41240 --a------ C:\WINDOWS\system32\wups.dll
2007-04-16 05:11:31 1343768 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-04-16 05:11:31 175384 --a------ C:\WINDOWS\system32\wuauclt1.exe
2007-04-16 05:11:30 125208 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-04-16 05:11:30 466200 --a------ C:\WINDOWS\system32\wuapi.dll
2007-04-16 05:11:30 18944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-04-16 05:11:30 7168 --a------ C:\WINDOWS\system32\bitsprx3.dll
2007-04-16 05:11:30 8192 --a------ C:\WINDOWS\system32\bitsprx2.dll
2007-04-16 05:11:29 382464 --a------ C:\WINDOWS\system32\qmgr.dll
2007-04-16 05:11:20 0 d-------- C:\Program Files\Movie Maker<MOVIEM~1>
2007-04-16 05:11:16 45568 --a------ C:\WINDOWS\system32\safrslv.dll
2007-04-16 05:11:16 29696 --a------ C:\WINDOWS\system32\safrdm.dll
2007-04-16 05:11:16 43520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2007-04-16 05:11:16 43520 --a------ C:\WINDOWS\system32\racpldlg.dll
2007-04-16 05:11:08 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2007-04-16 05:11:07 171008 --a------ C:\WINDOWS\system32\srsvc.dll
2007-04-16 05:11:07 240128 --a------ C:\WINDOWS\system32\srrstr.dll
2007-04-16 05:11:07 0 d-------- C:\WINDOWS\system32\Restore
2007-04-16 05:11:07 23040 --a------ C:\WINDOWS\system32\fltmc.exe
2007-04-16 05:11:07 128896 --a------ C:\WINDOWS\system32\drivers\fltmgr.sys
2007-04-16 05:11:06 67584 --a------ C:\WINDOWS\system32\srclient.dll
2007-04-16 05:11:06 81920 --a------ C:\WINDOWS\system32\ils.dll
2007-04-16 05:11:06 73472 --a------ C:\WINDOWS\system32\drivers\sr.sys
2007-04-16 05:11:05 28672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2007-04-16 05:11:05 69632 --a------ C:\WINDOWS\system32\msconf.dll
2007-04-16 05:11:05 32768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2007-04-16 05:11:05 34560 --a------ C:\WINDOWS\system32\mnmdd.dll
2007-04-16 05:11:05 32768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2007-04-16 05:11:01 105984 --a------ C:\WINDOWS\system32\msoert2.dll
2007-04-16 05:11:01 252928 --a------ C:\WINDOWS\system32\msoeacct.dll
2007-04-16 05:10:59 49664 --a------ C:\WINDOWS\system32\inetres.dll
2007-04-16 05:10:58 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-04-16 05:10:54 192000 --a------ C:\WINDOWS\system32\schedsvc.dll
2007-04-16 05:10:54 12288 --a------ C:\WINDOWS\system32\mstinit.exe
2007-04-16 05:10:54 278528 --a------ C:\WINDOWS\system32\mstask.dll
2007-04-16 05:10:53 86016 --a------ C:\WINDOWS\system32\isign32.dll
2007-04-16 05:10:53 278528 --a------ C:\WINDOWS\system32\inetcfg.dll
2007-04-16 05:10:53 65536 --a------ C:\WINDOWS\system32\icwphbk.dll
2007-04-16 05:10:53 73728 --a------ C:\WINDOWS\system32\icwdial.dll
2007-04-16 05:10:31 21856 --a------ C:\WINDOWS\system32\emptyregdb.dat<EMPTYR~1.DAT>
2007-04-16 05:10:29 0 d-------- C:\WINDOWS\Registration<REGIST~1>
2007-04-16 05:10:24 0 d-------- C:\Program Files\Messenger<MESSEN~1>
2007-04-16 05:10:19 5632 --a------ C:\WINDOWS\system32\write.exe
2007-04-16 05:10:19 0 d-------- C:\Program Files\MSN Gaming Zone<MSNGAM~1>
2007-04-16 05:10:10 139264 --a------ C:\WINDOWS\system32\sndvol32.exe
2007-04-16 05:10:10 44544 --a------ C:\WINDOWS\system32\hticons.dll
2007-04-16 05:10:09 73216 --a------ C:\WINDOWS\system32\avwav.dll
2007-04-16 05:10:09 231424 --a------ C:\WINDOWS\system32\avtapi.dll
2007-04-16 05:10:09 16384 --a------ C:\WINDOWS\system32\avmeter.dll
2007-04-16 05:10:08 35328 --a------ C:\WINDOWS\system32\winchat.exe
2007-04-16 05:10:01 605696 --a------ C:\WINDOWS\system32\getuname.dll
2007-04-16 05:10:00 57344 --a------ C:\WINDOWS\system32\sol.exe
2007-04-16 05:10:00 80896 --a------ C:\WINDOWS\system32\charmap.exe
2007-04-16 05:10:00 115200 --a------ C:\WINDOWS\system32\calc.exe
2007-04-16 05:09:59 119808 --a------ C:\WINDOWS\system32\winmine.exe
2007-04-16 05:09:59 128000 --a------ C:\WINDOWS\system32\mshearts.exe
2007-04-16 05:09:59 55808 --a------ C:\WINDOWS\system32\freecell.exe
2007-04-16 05:09:58 1225 --a------ C:\WINDOWS\system32\usrlogon.cmd
2007-04-16 05:09:58 17920 --a------ C:\WINDOWS\system32\tsshutdn.exe
2007-04-16 05:09:58 16384 --a------ C:\WINDOWS\system32\tskill.exe
2007-04-16 05:09:58 15360 --a------ C:\WINDOWS\system32\tsdiscon.exe
2007-04-16 05:09:58 15360 --a------ C:\WINDOWS\system32\tscon.exe
2007-04-16 05:09:58 15360 --a------ C:\WINDOWS\system32\shadow.exe
2007-04-16 05:09:58 16384 --a------ C:\WINDOWS\system32\rwinsta.exe
2007-04-16 05:09:58 9728 --a------ C:\WINDOWS\system32\reset.exe
2007-04-16 05:09:57 33792 --a------ C:\WINDOWS\system32\regini.exe
2007-04-16 05:09:57 4608 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2007-04-16 05:09:57 22528 --a------ C:\WINDOWS\system32\qwinsta.exe
2007-04-16 05:09:57 17408 --a------ C:\WINDOWS\system32\qappsrv.exe
2007-04-16 05:09:57 22528 --a------ C:\WINDOWS\system32\msg.exe
2007-04-16 05:09:57 15872 --a------ C:\WINDOWS\system32\logoff.exe
2007-04-16 05:09:57 15872 --a------ C:\WINDOWS\system32\cdmodem.dll
2007-04-16 05:09:56 25088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2007-04-16 05:09:56 4096 --a------ C:\WINDOWS\system32\mtxex.dll
2007-04-16 05:09:56 5120 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2007-04-16 05:09:55 54272 --a------ C:\WINDOWS\system32\stclient.dll
2007-04-16 05:09:55 20480 --a------ C:\WINDOWS\system32\mtxdm.dll
2007-04-16 05:09:55 147456 --a------ C:\WINDOWS\system32\comsnap.dll
2007-04-16 05:09:55 97792 --a------ C:\WINDOWS\system32\comrepl.dll
2007-04-16 05:09:55 25600 --a------ C:\WINDOWS\system32\comaddin.dll
2007-04-16 05:09:47 132608 --a------ C:\WINDOWS\system32\sndrec32.exe
2007-04-16 05:09:47 124928 --a------ C:\WINDOWS\system32\mplay32.exe
2007-04-16 05:09:47 187904 --a------ C:\WINDOWS\system32\accwiz.exe
2007-04-16 05:09:46 351744 --a------ C:\WINDOWS\system32\hypertrm.dll
2007-04-16 05:09:46 0 d-------- C:\Program Files\Windows NT<WINDOW~1>
2007-04-16 05:09:45 345088 --a------ C:\WINDOWS\system32\mspaint.exe
2007-04-16 05:09:45 103424 --a------ C:\WINDOWS\system32\clipbrd.exe
2007-04-16 05:09:44 539136 --a------ C:\WINDOWS\system32\spider.exe
2007-04-16 05:09:44 21896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2007-04-16 05:09:44 12040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2007-04-16 05:09:44 139528 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2007-04-16 05:09:43 94720 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2007-04-16 05:09:43 655360 --a------ C:\WINDOWS\system32\mstscax.dll
2007-04-16 05:09:43 408576 --a------ C:\WINDOWS\system32\mstsc.exe
2007-04-16 05:09:42 44544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2007-04-16 05:09:42 141824 --a------ C:\WINDOWS\system32\sessmgr.exe
2007-04-16 05:09:42 60928 --a------ C:\WINDOWS\system32\remotepg.dll
2007-04-16 05:09:42 67072 --a------ C:\WINDOWS\system32\rdshost.exe
2007-04-16 05:09:42 13824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2007-04-16 05:09:42 147968 --a------ C:\WINDOWS\system32\rdchost.dll
2007-04-16 05:09:41 296448 --a------ C:\WINDOWS\system32\termsrv.dll
2007-04-16 05:09:41 87176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2007-04-16 05:09:41 19968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2007-04-16 05:09:41 62464 --a------ C:\WINDOWS\system32\rdpclip.exe
2007-04-16 05:09:41 20992 --a------ C:\WINDOWS\system32\qprocess.exe
2007-04-16 05:09:40 91136 --a------ C:\WINDOWS\system32\mtxoci.dll
2007-04-16 05:09:40 161280 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2007-04-16 05:09:40 0 d-------- C:\WINDOWS\system32\MsDtc
2007-04-16 05:09:40 11264 --a------ C:\WINDOWS\system32\icaapi.dll
2007-04-16 05:09:40 38912 --a------ C:\WINDOWS\system32\cfgbkend.dll
2007-04-16 05:09:39 956416 --a------ C:\WINDOWS\system32\msdtctm.dll
2007-04-16 05:09:39 426496 --a------ C:\WINDOWS\system32\msdtcprx.dll
2007-04-16 05:09:38 11776 --a------ C:\WINDOWS\system32\xolehlp.dll
2007-04-16 05:09:38 58880 --a------ C:\WINDOWS\system32\msdtclog.dll
2007-04-16 05:09:38 6144 --a------ C:\WINDOWS\system32\msdtc.exe
2007-04-16 05:09:37 0 d-------- C:\WINDOWS\system32\Com
2007-04-16 05:09:37 60416 --a------ C:\WINDOWS\system32\colbact.dll
2007-04-16 05:09:37 110080 --a------ C:\WINDOWS\system32\clbcatex.dll
2007-04-16 05:09:37 85504 --a------ C:\WINDOWS\system32\catsrvps.dll
2007-04-16 05:09:36 625152 --a------ C:\WINDOWS\system32\catsrvut.dll
2007-04-16 05:09:36 225792 --a------ C:\WINDOWS\system32\catsrv.dll
2007-04-16 05:09:35 1267200 --a------ C:\WINDOWS\system32\comsvcs.dll
2007-04-16 05:09:34 540160 --a------ C:\WINDOWS\system32\comuid.dll
2007-04-16 05:09:34 498688 --a------ C:\WINDOWS\system32\clbcatq.dll
2007-04-16 05:09:23 56320 --a------ C:\WINDOWS\system32\servdeps.dll
2007-04-16 05:09:23 17920 --a------ C:\WINDOWS\system32\mmfutil.dll
2007-04-16 05:09:23 58880 --a------ C:\WINDOWS\system32\licwmi.dll
2007-04-16 05:09:23 187904 --a------ C:\WINDOWS\system32\cmprops.dll
2007-04-16 05:09:21 196864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2007-04-16 05:09:20 40840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2007-04-16 05:08:52 41984 -----n--- C:\WINDOWS\Ctregrun.exe
2007-04-16 05:08:05 90112 -----n--- C:\WINDOWS\Updreg.EXE
2007-04-16 05:07:59 0 d-------- C:\Program Files\Creative
2007-04-16 05:07:48 233472 --a------ C:\WINDOWS\system32\wrap_oal.dll
2007-04-16 05:07:48 81920 --a------ C:\WINDOWS\system32\OpenAL32.dll
2007-04-16 05:07:47 82944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2007-04-16 05:07:47 6400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2007-04-16 05:07:46 52864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2007-04-16 05:07:44 54272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2007-04-16 05:07:43 172416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2007-04-16 05:07:43 2944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2007-04-16 05:07:43 142464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2007-04-16 05:07:42 60800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2007-04-16 05:07:42 7552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys
2007-04-16 05:07:41 4992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys
2007-04-16 05:07:41 5376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2007-04-16 05:07:37 4096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-04-16 05:07:37 145792 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-04-16 05:07:36 60288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-04-16 05:07:13 0 d-------- C:\WINDOWS\system32\Data
2007-04-16 05:07:13 11776 --a------ C:\WINDOWS\INRES.DLL
2007-04-16 05:07:13 3072 --a------ C:\WINDOWS\CTXFIRES.DLL
2007-04-16 05:07:13 10240 --a------ C:\WINDOWS\CTDCRES.DLL
2007-04-16 05:00:29 217088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2007-04-16 05:00:29 765952 --a------ C:\WINDOWS\system32\xvidcore.dll
2007-04-16 05:00:29 1565480 --a------ C:\WINDOWS\system32\wmv9vcm.dll
2007-04-16 05:00:28 180224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2007-04-16 05:00:28 200704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-04-16 05:00:28 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-04-16 05:00:28 1044480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-04-16 05:00:28 10752 --a------ C:\WINDOWS\system32\ff_vfw.dll
2007-04-16 05:00:28 196608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-04-16 05:00:28 73728 --a------ C:\WINDOWS\system32\dpl100.dll
2007-04-16 05:00:28 639066 --a------ C:\WINDOWS\system32\divx.dll
2007-04-16 05:00:27 0 d-------- C:\Program Files\K-Lite Codec Pack<K-LITE~1>
2007-04-16 04:50:28 1277 --a------ C:\WINDOWS\mozver.dat
2007-04-16 04:49:28 0 --a------ C:\WINDOWS\nsreg.dat
2007-04-16 04:49:22 0 d-------- C:\Program Files\Mozilla Firefox<MOZILL~1>
2007-04-16 04:47:03 0 d-------- C:\WINDOWS\ie7updates<IE7UPD~1>
2007-04-16 04:43:43 0 d-------- C:\WINDOWS\WBEM
2007-04-16 04:43:42 0 d-------- C:\WINDOWS\system32\pl-pl
2007-04-16 04:43:34 0 d--h---c- C:\WINDOWS\ie7
2007-04-16 04:43:14 121856 -----n--- C:\WINDOWS\system32\xmllite.dll
2007-04-16 04:43:05 0 d-------- C:\WINDOWS\network diagnostic<NETWOR~1>
2007-04-16 04:32:52 22752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2007-04-16 04:32:52 0 d-------- C:\WINDOWS\system32\PreInstall<PREINS~1>
2007-04-16 04:31:33 18200 --a------ C:\WINDOWS\system32\wups2.dll
2007-04-16 04:31:33 0 d-------- C:\WINDOWS\system32\SoftwareDistribution<SOFTWA~1>
2007-04-16 04:23:24 0 d-------- C:\Program Files\Common Files\Adobe
2007-04-16 04:22:14 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-04-16 04:22:09 0 d-------- C:\Program Files\NVIDIA Corporation<NVIDIA~1>
2007-04-16 04:19:57 446464 --a------ C:\WINDOWS\system32\CapabilityTable.exe<CAPABI~1.EXE>
2007-04-16 04:19:53 4096 --a------ C:\WINDOWS\system32\NvSataConnectionzht.dll<NV7B18~1.DLL>
2007-04-16 04:19:53 4096 --a------ C:\WINDOWS\system32\NvSataConnectionzhc.dll<NV77D7~1.DLL>
2007-04-16 04:19:53 4096 --a------ C:\WINDOWS\system32\NvSataConnectiontr.dll<NVC0F8~1.DLL>
2007-04-16 04:19:53 4096 --a------ C:\WINDOWS\system32\NvSataConnectionth.dll<NV90F0~1.DLL>
2007-04-16 04:19:53 4096 --a------ C:\WINDOWS\system32\NvSataConnectionsv.dll<NVDCE8~1.DLL>
2007-04-16 04:19:53 4096 --a------ C:\WINDOWS\system32\NvSataConnectionsl.dll<NVACE0~1.DLL>
2007-04-16 04:19:53 4096 --a------ C:\WINDOWS\system32\NvSataConnectionsk.dll<NVACEC~1.DLL>
2007-04-16 04:19:53 4096 --a------ C:\WINDOWS\system32\NvSataConnectionru.dll<NVC8E4~1.DLL>
2007-04-16 04:19:53 4096 --a------ C:\WINDOWS\system32\

[prog]

Daj jeszcze silentrunners i comboscan.

[M@+]

witam czy uzyskam pomoc ??

[prog]

1.Użyj WWDC :
http://www.firewallleaktester.com/wwdc.htm
Zmień opcje z disable na enable. Uruchom ponownie komputer.
Tak powinny wyglądać porty (NetBIOS może być żółty) :
http://www.firewallleaktester.com/images_site/wwdc.jpg

2.Zastosuj te automaty:

=> http://www.atribune.org/ccount/click.php?id=4
=> http://securityresponse.symantec.com/avcenter/FixVundo.exe
=> http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe

Skanujesz i usuwasz póki nic nie znajdzie. Potem dajesz logi z comboscan i silentrunners.