ok pousuwałem i powiem ze jest lepiej jeszcze nie wyskoczył błąd mam nadzieje ze nie wyskoczy nowe logi :
- Kod: Zaznacz wszystko
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 12:17:30, on 2007-04-20
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe
c:\program files\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\PROGRA~1\NEOSTR~1\TaskBarIcon.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe
c:\program files\panda software\panda antivirus + firewall 2007\WebProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\neostrada tp\neostradatp.exe
C:\Program Files\neostrada tp\ComComp.exe
C:\PROGRA~1\NEOSTR~1\Toaster.exe
C:\PROGRA~1\NEOSTR~1\Inactivity.exe
C:\PROGRA~1\NEOSTR~1\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\neostrada tp\Watch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\psimreal.exe
C:\Documents and Settings\aversion\Pulpit\HiJackThis_v2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = neostrada tp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} (SignActivX Control) - https://www.bph.pl/sezam/components/SignActivX.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2C6D8FE1-0D02-4CCB-AB8E-5B5BDBEBF25F}: NameServer = 194.204.159.1 217.98.63.164
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
O23 - Service: Panda Network Manager (PNMSRV) - Unknown owner - c:\program files\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe
O23 - Service: Panda TPSrv (TPSrv) - Unknown owner - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe
--
End of file - 6147 bytes
- Kod: Zaznacz wszystko
"Silent Runners.vbs", revision R50, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
---------------------------------
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"Gadu-Gadu" = ""C:\Program Files\Gadu-Gadu\gg.exe" /tray" ["Gadu-Gadu S.A."]
"ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"ATIPTA" = "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" ["ATI Technologies, Inc."]
"WOOWATCH" = "C:\PROGRA~1\NEOSTR~1\Watch.exe" ["France Télécom R&D"]
"APVXDWIN" = ""C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE" /s" ["Panda Software International"]
"WOOTASKBARICON" = "C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe" ["France Télécom R&D"]
"NeroFilterCheck" = "C:\WINDOWS\system32\NeroCheck.exe" ["Ahead Software Gmbh"]
"TrojanScanner" = "C:\Program Files\Trojan Remover\Trjscan.exe" ["Simply Super Software"]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Adobe PDF Reader Link Helper"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Spybot - Search & Destroy\SDHelper.dll" ["Safer Networking Limited"]
{E5A1691B-D188-4419-AD02-90002030B8EE}\(Default) = (no title provided)
-> {HKLM...CLSID} = "FlashFXP Helper for Internet Explorer"
\InProcServer32\(Default) = "C:\PROGRA~1\FlashFXP\IEFlash.dll" ["IniCom Networks, Inc."]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"
-> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"
\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]
"{5E2121EE-0300-11D4-8D3B-444553540000}" = "Catalyst Context Menu extension"
-> {HKLM...CLSID} = "SimpleShlExt Class"
\InProcServer32\(Default) = "C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll" [empty string]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
"{65756541-C65C-11CD-0000-4B656E696100}" = "Panda Antivirus"
-> {HKLM...CLSID} = "Panda Antivirus"
\InProcServer32\(Default) = "C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\ShellTit.DLL" ["Panda Software International"]
"{52B87208-9CCF-42C9-B88E-069281105805}" = "Trojan Remover Shell Extension"
-> {HKLM...CLSID} = "Trojan Remover Shell Extension"
\InProcServer32\(Default) = "C:\PROGRA~1\TROJAN~1\Trshlex.dll" [file not found]
HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
"WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
-> {HKLM...CLSID} = "WPDShServiceObj Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\WPDShServiceObj.dll" [MS]
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
<<!>> AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]
HKLM\Software\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
EncodeDivXExt\(Default) = "{E9F5B111-CACC-4FD4-81FD-4EB4FD6765A3}"
-> {HKLM...CLSID} = "EncodeDivXContextMenu Class"
\InProcServer32\(Default) = "C:\Program Files\DivX\Dr.DivX\EncodeDivXExt.dll" [empty string]
Panda Antivirus\(Default) = "{65756541-C65C-11CD-0000-4B656E696100}"
-> {HKLM...CLSID} = "Panda Antivirus"
\InProcServer32\(Default) = "C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\ShellTit.DLL" ["Panda Software International"]
Trojan Remover\(Default) = "{52B87208-9CCF-42C9-B88E-069281105805}"
-> {HKLM...CLSID} = "Trojan Remover Shell Extension"
\InProcServer32\(Default) = "C:\PROGRA~1\TROJAN~1\Trshlex.dll" [file not found]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
Panda Antivirus\(Default) = "{65756541-C65C-11CD-0000-4B656E696100}"
-> {HKLM...CLSID} = "Panda Antivirus"
\InProcServer32\(Default) = "C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\ShellTit.DLL" ["Panda Software International"]
Trojan Remover\(Default) = "{52B87208-9CCF-42C9-B88E-069281105805}"
-> {HKLM...CLSID} = "Trojan Remover Shell Extension"
\InProcServer32\(Default) = "C:\PROGRA~1\TROJAN~1\Trshlex.dll" [file not found]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------
Note: detected settings may not have any effect.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\
"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Shutdown: Allow system to be shut down without having to log on}
"undockwithoutlogon" = (REG_DWORD) hex:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Devices: Allow undock without having to log on}
Active Desktop and Wallpaper:
-----------------------------
Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\WINDOWS\web\wallpaper\Idylla.bmp"
Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\WINDOWS\web\wallpaper\Idylla.bmp"
Enabled Screen Saver:
---------------------
HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "C:\WINDOWS\System32\logon.scr" [MS]
Startup items in "aversion" & "All Users" startup folders:
----------------------------------------------------------
C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
"ATI CATALYST System Tray" -> shortcut to: "C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe SystemTray" [null data]
Enabled Scheduled Tasks:
------------------------
"XoftSpy" -> launches: "C:\Program Files\XoftSpy\XoftSpy.exe -t" ["ParetoLogic Inc."]
Winsock2 Service Provider DLLs:
-------------------------------
Namespace Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
Transport Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
c:\program files\panda software\panda antivirus + firewall 2007\pavlsp.dll ["Panda Software International"], 01 - 03, 19
%SystemRoot%\system32\mswsock.dll [MS], 04 - 06, 09 - 18
%SystemRoot%\system32\rsvpsp.dll [MS], 07 - 08
Miscellaneous IE Hijack Points
------------------------------
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\
<<H>> "{08C06D61-F1F3-4799-86F8-BE1A89362C85}" = (no title provided)
-> {HKLM...CLSID} = "Search Class"
\InProcServer32\(Default) = "C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL" [empty string]
Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------
Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\System32\Ati2evxx.exe" ["ATI Technologies Inc."]
France Telecom Routing Table Service, FTRTSVC, "C:\WINDOWS\System32\FTRTSVC.exe" ["France Telecom"]
Panda anti-virus service, PAVSRV, ""C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe"" ["Panda Software International"]
Panda Function Service, PAVFNSVR, ""C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe"" ["Panda Software International"]
Panda IManager Service, PSIMSVC, ""C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe"" ["Panda Software"]
Panda Network Manager, PNMSRV, ""c:\program files\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE"" ["Panda Software International"]
Panda Process Protection Service, PavPrSrv, ""C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe"" ["Panda Software"]
Panda TPSrv, TPSrv, ""C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe"" ["Panda Software"]
----------
<<!>>: Suspicious data at a malware launch point.
<<H>>: Suspicious data at a browser hijack point.
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer "No" at the
first message box and "Yes" at the second message box.
---------- (total run time: 43 seconds, including 3 seconds for message boxes)
[code]ComboScan v20070306.20 run by aversion on 2007-04-20 at 12:24:20
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created ComboScan Restore Point.
-- Last 5 Restore Point(s) --
11: 2007-04-20 10:24:22 UTC - RP11 - ComboScan Restore Point
10: 2007-04-19 23:56:25 UTC - RP10 - Installed Windows XP KB926239.
9: 2007-04-19 23:56:16 UTC - RP9 - Installed Windows XP MSCompPackV1.
8: 2007-04-19 23:55:17 UTC - RP8 - Installed Windows XP Wudf01000.
7: 2007-04-19 23:54:59 UTC - RP7 - Installed Windows Media Player 11
-- First Restore Point --
1: 2007-04-19 18:07:09 UTC - RP1 - Punkt kontrolny systemu
Performed disk cleanup.
-- HijackThis (run as aversion.exe) --------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 12:25:20, on 2007-04-20
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe
c:\program files\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\PROGRA~1\NEOSTR~1\TaskBarIcon.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe
c:\program files\panda software\panda antivirus + firewall 2007\WebProxy.exe
C:\Program Files\neostrada tp\neostradatp.exe
C:\Program Files\neostrada tp\ComComp.exe
C:\PROGRA~1\NEOSTR~1\Toaster.exe
C:\PROGRA~1\NEOSTR~1\Inactivity.exe
C:\PROGRA~1\NEOSTR~1\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\neostrada tp\Watch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\psimreal.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\aversion\Pulpit\comboscan.exe
D:\DOWNLO~1\HIJACK~1\aversion.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = neostrada tp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} (SignActivX Control) - https://www.bph.pl/sezam/components/SignActivX.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2C6D8FE1-0D02-4CCB-AB8E-5B5BDBEBF25F}: NameServer = 194.204.159.1 217.98.63.164
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - c:\program files\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe
-- HijackThis Fixed Entries (D:\DOWNLO~1\HIJACK~1\backups\) --------------------
backup-20061027-080641-521 O16 - DPF: {4539348E-01D7-11D5-9A39-0080C8D85044} (GameDesire Slots 90th) - http://67.15.101.3/g_bin/pl/slots90_2_0_0_30.cab
backup-20061027-080641-838 O16 - DPF: {ECEAD8AE-01D6-11D5-9A39-0080C8D85044} (GameDesire Slots 80th) - http://67.15.101.3/g_bin/pl/slots80_2_0_0_30.cab
backup-20061027-080641-925 O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} (SignActivX Control) - https://www.bph.pl/pi/components/SignActivX.cab
backup-20061027-080642-389 O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
backup-20061027-080642-584 O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} (GameDesire Snooker) - http://67.15.101.3/g_bin/pl/snooker_2_0_0_28.cab
backup-20061027-080642-637 O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - http://67.15.101.3/g_bin/pl/billard8_2_0_0_28.cab
backup-20061027-080642-781 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
backup-20061123-161122-398 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
backup-20070107-225614-190 O4 - Global Startup: Przyspieszenie uruchomienia programu AutoCAD.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
backup-20070107-225614-278 O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
backup-20070107-225614-358 O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - http://67.15.101.3/g_bin/pl/billard8_2_0_0_28.cab
backup-20070107-225614-373 O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} (SignActivX Control) - https://www.bph.pl/pi/components/SignActivX.cab
backup-20070107-225614-428 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
backup-20070107-225614-742 O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
backup-20070107-225614-947 O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
backup-20070107-225614-957 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
backup-20070219-014801-133 O11 - Options group: [INTERNATIONAL] International*
backup-20070219-014801-234 O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
backup-20070219-014801-560 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
backup-20070219-014802-111 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1169140292687
backup-20070219-014802-221 O16 - DPF: {18506D80-9B80-11D4-82C2-0080C8D7ED4A} (GameDesire Roulette) - http://67.15.101.3/g_bin/pl/roulette_2_0_0_21.cab
backup-20070219-014802-512 O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
backup-20070219-014802-900 O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
backup-20070227-184715-158 O20 - Winlogon Notify: avldr - D:\WINDOWS\SYSTEM32\avldr.dll
backup-20070317-152035-204 O11 - Options group: [INTERNATIONAL] International*
backup-20070317-152035-504 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
backup-20070317-152035-860 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
backup-20070405-114100-110 O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
backup-20070405-114100-193 O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe
backup-20070405-114100-326 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1175637337703
backup-20070405-172339-189 O17 - HKLM\System\CCS\Services\Tcpip\..\{B868E783-FC13-4451-BCC7-841F844144CF}: NameServer = 194.204.159.1 217.98.63.164
backup-20070405-172339-584 O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
backup-20070405-172339-845 O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
backup-20070405-172339-987 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
backup-20070405-172531-629 O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
backup-20070405-173244-784 O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
backup-20070419-222830-222 O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
backup-20070419-222831-525 O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
-- File Associations -----------------------------------------------------------
.bat - batfile - "%1" %*
.chm - chm.file - "C:\WINDOWS\hh.exe" %1
.cmd - cmdfile - "%1" %*
.com - comfile - "%1" %*
.exe - exefile - "%1" %*
.hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - {00021401-0000-0000-C000-000000000046}
.pif - piffile - "%1" %*
.reg - regfile - regedit.exe "%1"
.scr - scrfile - "%1" /S
.txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
1R AmdK7 (Sterownik procesora AMD K7) - C:\WINDOWS\system32\drivers\amdk7.sys
1R APPFLT (App Filter Plugin) - C:\WINDOWS\system32\drivers\APPFLT.SYS
3R ati2mtag - C:\WINDOWS\system32\drivers\ati2mtag.sys
2R cpoint (Panda CPoint Driver) - C:\WINDOWS\system32\drivers\cpoint.sys
0R d347bus - C:\WINDOWS\system32\drivers\d347bus.sys
0R d347prt - C:\WINDOWS\system32\drivers\d347prt.sys
1R DSAFLT (DSA Filter Plugin) - C:\WINDOWS\system32\drivers\dsaflt.sys
3R e4usbaw (USB ADSL2 WAN Adapter) - C:\WINDOWS\system32\drivers\e4usbaw.sys
2R ElbyCDIO (ElbyCDIO Driver) - C:\WINDOWS\system32\drivers\ElbyCDIO.sys
3R ElbyDelay - C:\WINDOWS\system32\drivers\ElbyDelay.sys
1R FNETMON (NetMon Filter Plugin) - C:\WINDOWS\system32\drivers\fnetmon.sys
3R hamachi (Hamachi Network Interface) - C:\WINDOWS\system32\drivers\hamachi.sys
3R hidusb (Sterownik Microsoft klasy HID) - C:\WINDOWS\system32\drivers\hidusb.sys
1R IDSFLT (Ids Filter Plugin) - C:\WINDOWS\system32\drivers\idsflt.sys
2S IKANLOADER2 (General Purpose USB Driver (e4ldr.sys)) - C:\WINDOWS\system32\drivers\e4ldr.sys
3R mouhid (Sterownik myszy HID) - C:\WINDOWS\system32\drivers\mouhid.sys
0R netflt (Panda Net Driver [NDIS Layer]) - C:\WINDOWS\system32\drivers\netflt.sys
1R NETFLTDI (Panda Net Driver [TDI Layer]) - C:\WINDOWS\system32\drivers\netfltdi.sys
0R nvatabus - C:\WINDOWS\system32\drivers\nvatabus.sys
0R nv_agp (NVIDIA nForce AGP Bus Filter) - C:\WINDOWS\system32\drivers\nv_agp.SYS
2R PAVDRV - C:\WINDOWS\system32\drivers\pavdrv51.sys
2R PavProc (Panda Process Protection Driver) - C:\WINDOWS\system32\drivers\PavProc.sys
3S PCANDIS5 (PCANDIS5 NDIS Protocol Driver) - C:\WINDOWS\system32\PCANDIS5.SYS
0R PxHelp20 - C:\WINDOWS\system32\drivers\PxHelp20.sys
1R ShldDrv (Panda File Shield Driver) - C:\WINDOWS\system32\drivers\ShldDrv.sys
1R SMSFLT (SMS Filter Plugin) - C:\WINDOWS\system32\drivers\smsflt.sys
3R usbehci (Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft) - C:\WINDOWS\system32\drivers\usbehci.sys
3R usbohci (Sterownik Miniport otwartego kontrolera hosta USB Microsoft) - C:\WINDOWS\system32\drivers\usbohci.sys
3S USBSTOR (Sterownik magazynu masowego USB) - C:\WINDOWS\system32\drivers\USBSTOR.SYS
2R windev-75e9-2499 - C:\WINDOWS\system32\windev-75e9-2499.sys
1R WNMFLT (Wifi Monitor Filter Plugin) - C:\WINDOWS\system32\drivers\wnmflt.sys
1R WS2IFSL (Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0) - C:\WINDOWS\system32\drivers\ws2ifsl.sys
3S WudfPf (Windows Driver Foundation - User-mode Driver Framework Platform Driver) - C:\WINDOWS\system32\drivers\WudfPf.sys
3S WudfRd (Windows Driver Foundation - User-mode Driver Framework Reflector) - C:\WINDOWS\system32\drivers\WudfRd.sys
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
3S aspnet_state (ASP.NET State Service) - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
2R Ati HotKey Poller - C:\WINDOWS\System32\Ati2evxx.exe
2S ATI Smart - C:\WINDOWS\system32\ati2sgag.exe
2R FTRTSVC (France Telecom Routing Table Service) - C:\WINDOWS\System32\FTRTSVC.exe
2R PAVFNSVR (Panda Function Service) - "C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe"
2R PavPrSrv (Panda Process Protection Service) - "C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe"
2R PAVSRV (Panda anti-virus service) - "C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe"
2R PNMSRV (Panda Network Manager) - "c:\program files\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE"
2R PSIMSVC (Panda IManager Service) - "C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe"
2R TPSrv (Panda TPSrv) - "C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe"
-- Scheduled Tasks -------------------------------------------------------------
2007-04-19 20:01:58 354 --a------ C:\WINDOWS\Tasks\XoftSpy.job
-- Files created between 2007-03-20 and 2007-04-20 -----------------------------
2007-04-20 00:31:36 0 d-------- C:\Afghan.Knights.2006.DVDRip.XviD-ZN<AFGHAN~1.XVI>
2007-04-20 00:05:30 0 d-------- C:\indigenes<INDIGE~1>
2007-04-19 23:19:47 0 d-------- C:\Program Files\Trojan Remover<TROJAN~1>
2007-04-19 22:53:59 0 d-------- C:\WINDOWS\WBEM
2007-04-19 22:53:58 0 d-------- C:\WINDOWS\system32\pl-pl
2007-04-19 22:53:36 0 d--h---c- C:\WINDOWS\ie7
2007-04-19 22:52:36 121856 -----n--- C:\WINDOWS\system32\xmllite.dll
2007-04-19 19:16:31 0 d-------- C:\WINDOWS\system32\lobcdcfm
2007-04-17 02:13:45 0 d-------- C:\Program Files\Windows Media Connect 2<WINDOW~4>
2007-04-17 02:12:56 0 d-------- C:\WINDOWS\system32\LogFiles
2007-04-17 02:12:56 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2007-04-16 22:42:43 0 d-------- C:\FIFA 2007 PL<FIFA20~1>
2007-04-16 22:03:37 0 d-------- C:\Program Files\XoftSpy
2007-04-14 22:23:59 0 d-------- C:\Program Files\NAPI-PROJEKT<NAPI-P~1>
2007-04-14 21:23:29 0 d-------- C:\Program Files\ElcomSoft<ELCOMS~1>
2007-04-14 10:32:21 56 -r-hs---- C:\WINDOWS\system32\B1C3A4239E.sys<B1C3A4~1.SYS>
2007-04-14 10:32:19 0 d-------- C:\Program Files\DivX
2007-04-14 10:31:44 0 d-------- C:\Program Files\DirectShow Pack<DIRECT~1>
2007-04-14 10:11:09 0 d-------- C:\Program Files\Winamp
2007-04-13 22:40:01 545 --a------ C:\WINDOWS\UC.PIF
2007-04-13 22:40:01 545 --a------ C:\WINDOWS\RAR.PIF
2007-04-13 22:40:01 545 --a------ C:\WINDOWS\PKZIP.PIF
2007-04-13 22:40:01 545 --a------ C:\WINDOWS\PKUNZIP.PIF
2007-04-13 22:40:01 545 --a------ C:\WINDOWS\NOCLOSE.PIF
2007-04-13 22:40:01 545 --a------ C:\WINDOWS\LHA.PIF
2007-04-13 22:40:01 545 --a------ C:\WINDOWS\ARJ.PIF
2007-04-13 22:40:01 0 d-------- C:\totalcmd
2007-04-13 19:48:02 0 d-------- C:\kalkulatory<KALKUL~1>
2007-04-13 16:58:43 0 --a------ C:\WINDOWS\umeqo.exe
2007-04-12 19:21:23 0 d-------- C:\taxi 4<TAXI4~1>
2007-04-11 18:20:45 0 d-------- C:\Program Files\Common Files\Adobe
2007-04-11 17:51:57 125184 -----n--- C:\WINDOWS\system32\drivers\imagesrv.sys
2007-04-11 17:51:57 5504 -----n--- C:\WINDOWS\system32\drivers\imagedrv.sys
2007-04-11 17:51:44 106496 --a------ C:\WINDOWS\system32\TwnLib20.dll
2007-04-11 17:51:44 471040 -----n--- C:\WINDOWS\system32\ImagXRA7.dll
2007-04-11 17:51:44 262144 -----n--- C:\WINDOWS\system32\ImagXR7.dll
2007-04-11 17:51:44 476320 -----n--- C:\WINDOWS\system32\ImagXpr7.dll
2007-04-11 17:51:44 1568768 -----n--- C:\WINDOWS\system32\ImagX7.dll
2007-04-11 17:51:43 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe<NEROCH~1.EXE>
2007-04-11 17:51:43 0 d-------- C:\Program Files\Common Files\Ahead
2007-04-11 17:51:36 0 d-------- C:\Program Files\Ahead
2007-04-11 10:08:15 0 d-------- C:\Program Files\Common Files\NSV
2007-04-09 11:50:17 0 d-------- C:\Program Files\B2BPOKER
2007-04-09 02:55:02 0 d-------- C:\The.Marsh.2006.DVDRip.XViD-ESPiSE<THEMAR~1.XVI>
2007-04-08 22:22:26 145408 --a------ C:\WINDOWS\setreg.exe
2007-04-08 22:22:26 335872 --a------ C:\WINDOWS\Property.exe
2007-04-08 22:22:26 155712 --a------ C:\WINDOWS\GetWinVer.exe<GETWIN~1.EXE>
2007-04-08 22:22:26 291840 --a------ C:\WINDOWS\FCVAP64.dll
2007-04-08 22:22:26 86016 --a------ C:\WINDOWS\EZFRD64.dll
2007-04-08 22:22:26 0 d-------- C:\Program Files\PC DUAL SHOCK<PCDUAL~1>
2007-04-07 10:47:25 0 d-------- C:\Program Files\Teamspeak2_RC2<TEAMSP~1>
2007-04-07 10:36:47 2829 --a------ C:\WINDOWS\War3Unin.pif
2007-04-07 10:36:47 76641 --a------ C:\WINDOWS\War3Unin.dat
2007-04-07 10:36:46 139264 --a------ C:\WINDOWS\War3Unin.exe
2007-04-07 02:18:12 0 d-------- C:\filmy
2007-04-07 00:55:28 0 d-------- C:\Program Files\Azureus
2007-04-06 22:11:24 0 d-------- C:\Program Files\Hamachi
2007-04-06 22:03:40 1168 --a------ C:\WINDOWS\mozver.dat
2007-04-06 19:35:13 26056 --a------ C:\WINDOWS\system32\drivers\hamachi.sys
2007-04-06 15:59:44 5248 --a------ C:\WINDOWS\system32\drivers\d347prt.sys
2007-04-06 15:59:44 155136 --a------ C:\WINDOWS\system32\drivers\d347bus.sys
2007-04-06 15:59:43 0 d-------- C:\Program Files\D-Tools
2007-04-06 15:59:33 0 d-------- C:\WINDOWS\Downloaded Installations<DOWNLO~2>
2007-04-06 15:56:03 0 d-------- C:\Program Files\Elaborate Bytes<ELABOR~1>
2007-04-06 13:11:01 115880 -----n--- C:\WINDOWS\system32\pxinsi64.exe
2007-04-06 13:11:01 129784 -----n--- C:\WINDOWS\system32\pxafs.dll
2007-04-06 13:11:01 36528 -----n--- C:\WINDOWS\system32\drivers\PxHelp20.sys
2007-04-06 13:11:01 2560 -----n--- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-04-06 13:11:01 2432 -----n--- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-04-06 07:08:19 0 d-------- C:\The.Dukes.Of.Hazzard.The.Beginning.2006.iNT.DVDRip.XviD.AC3-DiDaKe<THEDUK~1.AC3>
2007-04-06 03:51:17 0 d-------- C:\My.Wife.Is.A.Gangster.3.2006.DVDRip.XviD.AC3.iNT.2CD-Skye<MYWIFE~1.2CD>
2007-04-06 00:33:40 0 d-------- C:\Ed.Gein.The.Butcher.Of.Plainfield.Complete.2007.STV.iNT.DVDRip.XviD.AC3-DiDaKe<EDGEIN~1.AC3>
2007-04-06 00:31:35 0 d-------- C:\Program Files\FlashFXP
2007-04-06 00:10:01 0 d-------- C:\Program Files\SubEdit-Player<SUBEDI~1>
2007-04-06 00:09:25 0 d-------- C:\Program Files\AC3Filter<AC3FIL~1>
2007-04-06 00:09:16 0 d-------- C:\Program Files\Real Alternative<REALAL~1>
2007-04-06 00:09:16 0 d-------- C:\Program Files\Media Player Classic<MEDIAP~1>
2007-04-06 00:09:02 10752 --a------ C:\WINDOWS\system32\ff_vfw.dll
2007-04-06 00:09:01 0 d-------- C:\Program Files\ffdshow
2007-04-05 23:59:49 0 --a------ C:\WINDOWS\nsreg.dat
2007-04-05 23:59:06 0 d-------- C:\Program Files\Mozilla Firefox<MOZILL~1>
2007-04-05 23:19:18 0 d-------- C:\Program Files\Gadu-Gadu<GADU-G~1>
2007-04-05 23:14:44 71552 --a------ C:\WINDOWS\system32\drivers\pavdrv51.sys
2007-04-05 23:14:28 273904 --a------ C:\WINDOWS\system32\drivers\APPFCONT.DAT
2007-04-05 23:14:27 0 d-------- C:\WINDOWS\system32\PAV
2007-04-05 23:14:27 499712 --a------ C:\WINDOWS\system32\MSVCP71.DLL
2007-04-05 23:14:27 16256 --a------ C:\WINDOWS\system32\drivers\wnmflt.sys
2007-04-05 23:14:27 23296 --a------ C:\WINDOWS\system32\drivers\smsflt.sys
2007-04-05 23:14:27 103936 --a------ C:\WINDOWS\system32\drivers\netfltdi.sys
2007-04-05 23:14:27 141312 --a------ C:\WINDOWS\system32\drivers\netflt.sys
2007-04-05 23:14:27 185472 --a------ C:\WINDOWS\system32\drivers\idsflt.sys
2007-04-05 23:14:27 9216 --a------ C:\WINDOWS\system32\drivers\fnetmon.sys
2007-04-05 23:14:27 36864 --a------ C:\WINDOWS\system32\drivers\dsaflt.sys
2007-04-05 23:14:27 44544 --a------ C:\WINDOWS\system32\drivers\APPFLT.SYS
2007-04-05 23:14:19 139264 --a------ C:\WINDOWS\system32\TpUtil.dll
2007-04-05 23:14:19 101888 --a------ C:\WINDOWS\system32\SYSTOOLS.DLL
2007-04-05 23:14:19 245760 --a------ C:\WINDOWS\system32\PavSHook.dll
2007-04-05 23:14:19 57344 --a------ C:\WINDOWS\system32\pavipc.dll
2007-04-05 23:14:19 16640 --a------ C:\WINDOWS\system32\drivers\cpoint.sys
2007-04-05 23:14:18 45056 --a------ C:\WINDOWS\system32\avldr.dll
2007-04-05 23:13:59 0 d-------- C:\Program Files\Panda Software<PANDAS~1>
2007-04-05 23:13:45 26752 --a------ C:\WINDOWS\system32\drivers\ShldDrv.sys
2007-04-05 23:13:45 165120 --a------ C:\WINDOWS\system32\drivers\PavProc.sys
2007-04-05 23:13:45 0 d-------- C:\Program Files\Common Files\Panda Software<PANDAS~1>
2007-04-05 23:13:01 718 --a------ C:\WINDOWS\unins001.dat
2007-04-05 23:00:29 0 d-------- C:\WINDOWS\pss
2007-04-05 23:00:02 0 d--h----- C:\WINDOWS\$hf_mig$
2007-04-05 22:14:26 0 d-------- C:\WINDOWS\system32\ActiveScan<ACTIVE~1>
2007-04-05 21:41:18 0 d-------- C:\WINDOWS\SoftwareDistribution<SOFTWA~1>
2007-04-05 21:41:13 0 d-------- C:\WINDOWS\Prefetch
2007-04-05 21:35:24 221184 --a------ C:\WINDOWS\system32\wmpns.dll
2007-04-05 21:34:46 12800 -----n--- C:\WINDOWS\system32\spiisupd.exe
2007-04-05 21:34:46 40832 -----n--- C:\WINDOWS\system32\drivers\irbus.sys
2007-04-05 21:34:46 9728 -----n--- C:\WINDOWS\system32\comsdupd.exe
2007-04-05 21:34:46 32768 -----n--- C:\WINDOWS\system32\asr_pfu.exe
2007-04-05 21:34:45 327040 -----n--- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2007-04-05 21:34:45 34735 -----n--- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2007-04-05 21:34:45 29455 -----n--- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2007-04-05 21:34:45 36463 -----n--- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2007-04-05 21:34:45 21343 -----n--- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2007-04-05 21:34:45 26367 -----n--- C:\WINDOWS\system32\drivers\ati1snxx.sys
2007-04-05 21:34:45 63663 -----n--- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2007-04-05 21:34:45 30671 -----n--- C:\WINDOWS\system32\drivers\ati1raxx.sys
2007-04-05 21:34:45 12047 -----n--- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2007-04-05 21:34:45 11615 -----n--- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2007-04-05 21:34:45 56623 -----n--- C:\WINDOWS\system32\drivers\ati1btxx.sys
2007-04-05 21:34:45 41472 -----n--- C:\WINDOWS\system32\drivers\amdk7.sys
2007-04-05 21:34:45 43008 -----n--- C:\WINDOWS\system32\drivers\amdagp.sys
2007-04-05 21:34:45 42752 -----n--- C:\WINDOWS\system32\drivers\alim1541.sys
2007-04-05 21:34:45 44928 -----n--- C:\WINDOWS\system32\drivers\agpcpq.sys
2007-04-05 21:34:45 42368 -----n--- C:\WINDOWS\system32\drivers\agp440.sys
2007-04-05 21:34:45 3775 -----n--- C:\WINDOWS\system32\drivers\adv11nt5.dll
2007-04-05 21:34:45 3711 -----n--- C:\WINDOWS\system32\drivers\adv09nt5.dll
2007-04-05 21:34:45 3135 -----n--- C:\WINDOWS\system32\drivers\adv08nt5.dll
2007-04-05 21:34:45 3647 -----n--- C:\WINDOWS\system32\drivers\adv07nt5.dll
2007-04-05 21:34:45 3615 -----n--- C:\WINDOWS\system32\drivers\adv05nt5.dll
2007-04-05 21:34:45 3967 -----n--- C:\WINDOWS\system32\drivers\adv02nt5.dll
2007-04-05 21:34:45 4255 -----n--- C:\WINDOWS\system32\drivers\adv01nt5.dll
2007-04-05 21:34:44 126686 -----n--- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2007-04-05 21:34:44 15488 -----n--- C:\WINDOWS\system32\drivers\mssmbios.sys
2007-04-05 21:34:44 11868 -----n--- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2007-04-05 21:34:44 29056 -----n--- C:\WINDOWS\system32\drivers\ip6fw.sys
2007-04-05 21:34:44 40320 -----n--- C:\WINDOWS\system32\drivers\intelppm.sys
2007-04-05 21:34:44 263040 -----n--- C:\WINDOWS\system32\drivers\http.sys
2007-04-05 21:34:44 1041536 -----n--- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2007-04-05 21:34:44 685056 -----n--- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2007-04-05 21:34:44 220032 -----n--- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2007-04-05 21:34:44 15104 -----n--- C:\WINDOWS\system32\drivers\hidir.sys
2007-04-05 21:34:44 25728 -----n--- C:\WINDOWS\system32\drivers\hidbth.sys
2007-04-05 21:34:44 46464 -----n--- C:\WINDOWS\system32\drivers\gagp30kx.sys
2007-04-05 21:34:44 124800 -----n--- C:\WINDOWS\system32\drivers\fltmgr.sys
2007-04-05 21:34:44 15423 -----n--- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2007-04-05 21:34:44 18944 -----n--- C:\WINDOWS\system32\drivers\bthusb.sys
2007-04-05 21:34:44 35456 -----n--- C:\WINDOWS\system32\drivers\bthprint.sys
2007-04-05 21:34:44 275200 -----n--- C:\WINDOWS\system32\drivers\bthport.sys
2007-04-05 21:34:44 100992 -----n--- C:\WINDOWS\system32\drivers\bthpan.sys
2007-04-05 21:34:44 38016 -----n--- C:\WINDOWS\system32\drivers\bthmodem.sys
2007-04-05 21:34:44 17024 -----n--- C:\WINDOWS\system32\drivers\bthenum.sys
2007-04-05 21:34:44 17279 -----n--- C:\WINDOWS\system32\drivers\atv10nt5.dll
2007-04-05 21:34:44 14143 -----n--- C:\WINDOWS\system32\drivers\atv06nt5.dll
2007-04-05 21:34:44 25471 -----n--- C:\WINDOWS\system32\drivers\atv04nt5.dll
2007-04-05 21:34:44 11359 -----n--- C:\WINDOWS\system32\drivers\atv02nt5.dll
2007-04-05 21:34:44 21183 -----n--- C:\WINDOWS\system32\drivers\atv01nt5.dll
2007-04-05 21:34:44 63488 -----n--- C:\WINDOWS\system32\drivers\atinxsxx.sys
2007-04-05 21:34:44 31744 -----n--- C:\WINDOWS\system32\drivers\atinxbxx.sys
2007-04-05 21:34:44 73216 -----n--- C:\WINDOWS\system32\drivers\atintuxx.sys
2007-04-05 21:34:44 13824 -----n--- C:\WINDOWS\system32\drivers\atinttxx.sys
2007-04-05 21:34:44 28672 -----n--- C:\WINDOWS\system32\drivers\atinsnxx.sys
2007-04-05 21:34:44 104960 -----n--- C:\WINDOWS\system32\drivers\atinrvxx.sys
2007-04-05 21:34:44 52224 -----n--- C:\WINDOWS\system32\drivers\atinraxx.sys
2007-04-05 21:34:44 14336 -----n--- C:\WINDOWS\system32\drivers\atinpdxx.sys
2007-04-05 21:34:44 13824 -----n--- C:\WINDOWS\system32\drivers\atinmdxx.sys
2007-04-05 21:34:44 57856 -----n--- C:\WINDOWS\system32\drivers\atinbtxx.sys
2007-04-05 21:34:43 4096 -----n--- C:\WINDOWS\system32\dsprpres.dll
2007-04-05 21:34:43 25471 -----n--- C:\WINDOWS\system32\drivers\watv10nt.sys
2007-04-05 21:34:43 22271 -----n--- C:\WINDOWS\system32\drivers\watv06nt.sys
2007-04-05 21:34:43 11935 -----n--- C:\WINDOWS\system32\drivers\wadv11nt.sys
2007-04-05 21:34:43 11871 -----n--- C:\WINDOWS\system32\drivers\wadv09nt.sys
2007-04-05 21:34:43 11295 -----n--- C:\WINDOWS\system32\drivers\wadv08nt.sys
2007-04-05 21:34:43 11807 -----n--- C:\WINDOWS\system32\drivers\wadv07nt.sys
2007-04-05 21:34:43 13568 -----n--- C:\WINDOWS\system32\drivers\wacompen.sys
2007-04-05 21:34:43 42240 -----n--- C:\WINDOWS\system32\drivers\viaagp.sys
2007-04-05 21:34:43 11325 -----n--- C:\WINDOWS\system32\drivers\vchnt5.dll
2007-04-05 21:34:43 78464 -----n--- C:\WINDOWS\system32\drivers\usbvideo.sys
2007-04-05 21:34:43 26624 -----n--- C:\WINDOWS\system32\drivers\usbehci.sys
2007-04-05 21:34:43 12672 -----n--- C:\WINDOWS\system32\drivers\usb8023x.sys
2007-04-05 21:34:43 44672 -----n--- C:\WINDOWS\system32\drivers\uagp35.sys
2007-04-05 21:34:43 12416 -----n--- C:\WINDOWS\system32\drivers\tunmp.sys
2007-04-05 21:34:43 6016 -----n--- C:\WINDOWS\system32\drivers\smbali.sys
2007-04-05 21:34:43 13240 -----n--- C:\WINDOWS\system32\drivers\slwdmsup.sys
2007-04-05 21:34:43 95424 -----n--- C:\WINDOWS\system32\drivers\slnthal.sys
2007-04-05 21:34:43 404990 -----n--- C:\WINDOWS\system32\drivers\slntamr.sys
2007-04-05 21:34:43 129535 -----n--- C:\WINDOWS\system32\drivers\slnt7554.sys
2007-04-05 21:34:43 41088 -----n--- C:\WINDOWS\system32\drivers\sisagp.sys
2007-04-05 21:34:43 3901 -----n--- C:\WINDOWS\system32\drivers\siint5.dll
2007-04-05 21:34:43 10240 -----n--- C:\WINDOWS\system32\drivers\sffp_sd.sys
2007-04-05 21:34:43 11136 -----n--- C:\WINDOWS\system32\drivers\sffdisk.sys
2007-04-05 21:34:43 67584 -----n--- C:\WINDOWS\system32\drivers\sdbus.sys
2007-04-05 21:34:43 166912 -----n--- C:\WINDOWS\system32\drivers\s3gnbm.sys
2007-04-05 21:34:43 30080 -----n--- C:\WINDOWS\system32\drivers\rndismpx.sys
2007-04-05 21:34:43 59648 -----n--- C:\WINDOWS\system32\drivers\rfcomm.sys
2007-04-05 21:34:43 13776 -----n--- C:\WINDOWS\system32\drivers\recagent.sys
2007-04-05 21:34:43 1897408 -----n--- C:\WINDOWS\system32\drivers\nv4_mini.sys
2007-04-05 21:34:43 180360 -----n--- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2007-04-05 21:34:43 12672 -----n--- C:\WINDOWS\system32\drivers\mutohpen.sys
2007-04-05 21:34:43 452736 -----n--- C:\WINDOWS\system32\drivers\mtxparhm.sys
2007-04-05 21:34:43 1309184 -----n--- C:\WINDOWS\system32\drivers\mtlstrm.sys
2007-04-05 21:34:43 13824 -----n--- C:\WINDOWS\system32\cmsetacl.dll
2007-04-05 21:34:43 50688 -----n--- C:\WINDOWS\system32\btpanui.dll
2007-04-05 21:34:43 30208 -----n--- C:\WINDOWS\system32\bthserv.dll
2007-04-05 21:34:43 20992 -----n--- C:\WINDOWS\system32\bthci.dll
2007-04-05 21:34:43 71680 -----n--- C:\WINDOWS\system32\blastcln.exe
2007-04-05 21:34:43 7168 -----n--- C:\WINDOWS\system32\bitsprx3.dll
2007-04-05 21:34:43 8192 -----n--- C:\WINDOWS\system32\bitsprx2.dll
2007-04-05 21:34:43 14336 -----n--- C:\WINDOWS\system32\auditusr.exe
2007-04-05 21:34:43 32768 -----n--- C:\WINDOWS\system32\ativtmxx.dll
2007-04-05 21:34:43 870784 -----n--- C:\WINDOWS\system32\ati3d1ag.dll
2007-04-05 21:34:43 377984 -----n--- C:\WINDOWS\system32\ati2dvaa.dll
2007-04-05 21:34:42 134656 -----n--- C:\WINDOWS\system32\mssap.dll
2007-04-05 21:34:42 27136 -----n--- C:\WINDOWS\system32\mspmsnsv.dll
2007-04-05 21:34:42 537088 -----n--- C:\WINDOWS\system32\msftedit.dll
2007-04-05 21:34:42 118784 -----n--- C:\WINDOWS\system32\msdadiag.dll
2007-04-05 21:34:42 4096 -----n--- C:\WINDOWS\system32\MP4SDMOD.dll
2007-04-05 21:34:42 4096 -----n--- C:\WINDOWS\system32\MP43DMOD.dll
2007-04-05 21:34:42 86016 -----n--- C:\WINDOWS\system32\mdmxsdk.dll
2007-04-05 21:34:42 7168 -----n--- C:\WINDOWS\system32\kbdukx.dll
2007-04-05 21:34:42 7680 -----n--- C:\WINDOWS\system32\kbdsmsno.dll
2007-04-05 21:34:42 7680 -----n--- C:\WINDOWS\system32\kbdsmsfi.dll
2007-04-05 21:34:42 7168 -----n--- C:\WINDOWS\system32\kbdno1.dll
2007-04-05 21:34:42 6144 -----n--- C:\WINDOWS\system32\kbdmlt48.dll
2007-04-05 21:34:42 6144 -----n--- C:\WINDOWS\system32\kbdmlt47.dll
2007-04-05 21:34:42 5632 -----n--- C:\WINDOWS\system32\kbdmaori.dll
2007-04-05 21:34:42 6656 -----n--- C:\WINDOWS\system32\kbdinmal.dll
2007-04-05 21:34:42 6656 -----n--- C:\WINDOWS\system32\kbdinben.dll
2007-04-05 21:34:42 6144 -----n--- C:\WINDOWS\system32\kbdinbe1.dll
2007-04-05 21:34:42 7168 -----n--- C:\WINDOWS\system32\kbdfi1.dll
2007-04-05 21:34:42 78336 --a------ C:\WINDOWS\system32\ieencode.dll
2007-04-05 21:34:42 24576 -----n--- C:\WINDOWS\system32\httpapi.dll
2007-04-05 21:34:42 32285 -----n--- C:\WINDOWS\system32\hsfcisp2.dll
2007-04-05 21:34:42 7168 -----n--- C:\WINDOWS\system32\hccoin.dll
2007-04-05 21:34:42 60416 -----n--- C:\WINDOWS\system32\fwcfg.dll
2007-04-05 21:34:42 193024 -----n--- C:\WINDOWS\system32\fsquirt.exe
2007-04-05 21:34:42 22528 -----n--- C:\WINDOWS\system32\fltmc.exe
2007-04-05 21:34:42 16896 -----n--- C:\WINDOWS\system32\fltlib.dll
2007-04-05 21:34:42 186368 -----n--- C:\WINDOWS\system32\encdec.dll
2007-04-05 21:34:41 2953216 -----n--- C:\WINDOWS\system32\xpsp2res.dll
2007-04-05 21:34:41 194560 -----n--- C:\WINDOWS\system32\xpsp1res.dll
2007-04-05 21:34:41 427008 -----n--- C:\WINDOWS\system32\xpob2res.dll
2007-04-05 21:34:41 157184 --a------ C:\WINDOWS\system32\wmidx.dll
2007-04-05 21:34:41 227328 -----n--- C:\WINDOWS\system32\wmerror.dll
2007-04-05 21:34:41 17408 -----n--- C:\WINDOWS\system32\winshfhc.dll
2007-04-05 21:34:41 351232 -----n--- C:\WINDOWS\system32\winhttp.dll
2007-04-05 21:34:41 937984 -----n--- C:\WINDOWS\system32\winbrand.dll
2007-04-05 21:34:41 15872 -----n--- C:\WINDOWS\system32\w3ssl.dll
2007-04-05 21:34:41 44032 -----n--- C:\WINDOWS\system32\twext.dll
2007-04-05 21:34:41 75776 -----n--- C:\WINDOWS\system32\strmfilt.dll
2007-04-05 21:34:41 8192 -----n--- C:\WINDOWS\system32\smbinst.exe
2007-04-05 21:34:41 73796 -----n--- C:\WINDOWS\system32\slserv.exe
2007-04-05 21:34:41 32866 -----n--- C:\WINDOWS\system32\slrundll.exe
2007-04-05 21:34:41 188508 -----n--- C:\WINDOWS\system32\slgen.dll
2007-04-05 21:34:41 286792 -----n--- C:\WINDOWS\system32\slextspk.dll
2007-04-05 21:34:41 73832 -----n--- C:\WINDOWS\system32\slcoinst.dll
2007-04-05 21:34:41 29184 -----n--- C:\WINDOWS\system32\sdhcinst.dll
2007-04-05 21:34:41 159232 -----n--- C:\WINDOWS\system32\sbeio.dll
2007-04-05 21:34:41 270848 -----n--- C:\WINDOWS\system32\sbe.dll
2007-04-05 21:34:41 397056 -----n--- C:\WINDOWS\system32\s3gnb.dll
2007-04-05 21:34:41 49152 -----n--- C:\WINDOWS\system32\powercfg.exe
2007-04-05 21:34:41 48640 -----n--- C:\WINDOWS\system32\pnrpnsp.dll
2007-04-05 21:34:41 526848 -----n--- C:\WINDOWS\system32\p2psvc.dll
2007-04-05 21:34:41 88064 -----n--- C:\WINDOWS\system32\p2pnetsh.dll
2007-04-05 21:34:41 312320 -----n--- C:\WINDOWS\system32\p2pgraph.dll
2007-04-05 21:34:41 86016 -----n--- C:\WINDOWS\system32\p2pgasvc.dll
2007-04-05 21:34:41 116224 -----n--- C:\WINDOWS\system32\p2p.dll
2007-04-05 21:34:41 4274816 -----n--- C:\WINDOWS\system32\nv4_disp.dll
2007-04-05 21:34:41 1737856 -----n--- C:\WINDOWS\system32\mtxparhd.dll
2007-04-05 21:34:40 50176 -----n--- C:\WINDOWS\system32\xmlprovi.dll
2007-04-05 21:34:40 129536 -----n--- C:\WINDOWS\system32\xmlprov.dll
2007-04-05 21:34:40 120320 -----n--- C:\WINDOWS\system32\wuweb.dll
2007-04-05 21:34:40 36864 -----n--- C:\WINDOWS\system32\wups.dll
2007-04-05 21:34:40 113664 -----n--- C:\WINDOWS\system32\wucltui.dll
2007-04-05 21:34:40 184320 -----n--- C:\WINDOWS\system32\wuaueng1.dll
2007-04-05 21:34:40 168960 -----n--- C:\WINDOWS\system32\wuauclt1.exe
2007-04-05 21:34:40 431616 -----n--- C:\WINDOWS\system32\wuapi.dll
2007-04-05 21:34:40 108032 -----n--- C:\WINDOWS\system32\wshbth.dll
2007-04-05 21:34:40 8140
braciak mi powiedział ze kumpel siedział na stronach porno no i oczywiście coś musiało sie zepsuć przeskanowałem czym mogłem w spybocie znalazło trochę szmelcu który odrazu wywaliłem.
