Problem z plikiem copy.exe

12daro · 1 Maj 2007 21:25

miałem wirusa - używąc avg usunąłem go ale pojawił mi się problem przy otwieraniu dysków pojawia sie komunikat : windows nie może odnaleźć pliku copy.exe

można to jakoś naprawić??

Joan · 1 Maj 2007 23:13

daj logi hijack i silentrunners

12daro · 1 Maj 2007 23:51

Logfile of HijackThis v1.99.1 Scan saved at 01:48:41, on 2007-05-02 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\PowerS.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Gadu-Gadu\gg.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\irPC\irPC.exe C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\daro\Pulpit\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza F3 - REG:win.ini: load=C:\WINDOWS\svchost.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [nwiz] nwiz.exe /install O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM…\Run: [PowerS] C:\WINDOWS\PowerS.exe O4 - HKLM…\Run: [pdfFactory Pro Dispatcher v3] “C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe” /source=HKLM O4 - HKLM…\Run: [Adobe Photo Downloader] “C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe” O4 - HKLM…\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background O4 - HKCU…\Run: [skype] “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized O4 - Startup: irPC.lnk = C:\Program Files\irPC\irPC.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: BlueSoleil.lnk = ? O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip…{87E31DD0-E0C3-49A6-9D78-8F122FAD2669}: NameServer = 195.136.250.200,195.136.250.201 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Złączono Posta : 02.05.2007 (Sro) 1:53

przy uruchamianiu kompa wyskakuje jeszcze problem z svchost.exe

Złączono Posta : 02.05.2007 (Sro) 2:04

“Silent Runners.vbs”, revision R50, http://www.silentrunners.org/ Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by “{++}” Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} “CTFMON.EXE” = “C:\WINDOWS\system32\ctfmon.exe” [MS] “Gadu-Gadu” = ““C:\Program Files\Gadu-Gadu\gg.exe” /tray” [“Gadu-Gadu S.A.”] “MSMSGS” = ““C:\Program Files\Messenger\msmsgs.exe” /background” [MS] “Skype” = ““C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized” [“Skype Technologies S.A.”] HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++} “NeroFilterCheck” = “C:\WINDOWS\system32\NeroCheck.exe” [“Ahead Software Gmbh”] “SoundMan” = “SOUNDMAN.EXE” [“Avance Logic, Inc.”] “NvCplDaemon” = “RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup” [MS] “nwiz” = “nwiz.exe /install” [“NVIDIA Corporation”] “NvMediaCenter” = “RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit” [MS] “PowerS” = “C:\WINDOWS\PowerS.exe” [“prolink”] “pdfFactory Pro Dispatcher v3” = ““C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe” /source=HKLM” [“FinePrint Software, LLC”] “Adobe Photo Downloader” = ““C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe”” [“Adobe Systems Incorporated”] “AVG7_CC” = “C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP” [“GRISOFT, s.r.o.”] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}(Default) = (no title provided) -> {HKLM…CLSID} = “AcroIEHlprObj Class” \InProcServer32(Default) = “C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll” [“Adobe Systems Incorporated”] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ “{42071714-76d4-11d1-8b24-00a0c9068ff3}” = “Rozszerzenie CPL kadrowania wyświetlania” -> {HKLM…CLSID} = “Rozszerzenie CPL kadrowania wyświetlania” \InProcServer32(Default) = “deskpan.dll” [file not found] “{88895560-9AA2-1069-930E-00AA0030EBC8}” = “Rozszerzenie ikony HyperTerminalu” -> {HKLM…CLSID} = “HyperTerminal Icon Ext” \InProcServer32(Default) = “C:\WINDOWS\System32\hticons.dll” [“Hilgraeve, Inc.”] “{42042206-2D85-11D3-8CFF-005004838597}” = “Microsoft Office HTML Icon Handler” -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “C:\Program Files\Microsoft Office\OFFICE11\msohev.dll” [MS] “{CA5FEE26-14C1-4B5A-86E9-233FC0EE2682}” = “IZArc DragDrop Menu” -> {HKLM…CLSID} = “IZArc DragDrop Menu” \InProcServer32(Default) = “C:\PROGRA~1\IZArc\IZArcCM.dll” [null data] “{8D9D4D0D-FDDD-44CB-AAB2-6161FA0757C5}” = “IZArc Shell Context Menu” -> {HKLM…CLSID} = “IZArc Shell Context Menu” \InProcServer32(Default) = “C:\PROGRA~1\IZArc\IZArcCM.dll” [null data] “{cc86590a-b60a-48e6-996b-41d25ed39a1e}” = “Portable Media Devices Menu” -> {HKLM…CLSID} = “Portable Media Devices Menu” \InProcServer32(Default) = “C:\WINDOWS\system32\Audiodev.dll” [MS] “{A70C977A-BF00-412C-90B7-034C51DA2439}” = “NvCpl DesktopContext Class” -> {HKLM…CLSID} = “DesktopContext Class” \InProcServer32(Default) = “C:\WINDOWS\system32\nvcpl.dll” [“NVIDIA Corporation”] “{FFB699E0-306A-11d3-8BD1-00104B6F7516}” = “Play on my TV helper” -> {HKLM…CLSID} = “NVIDIA CPL Extension” \InProcServer32(Default) = “C:\WINDOWS\system32\nvcpl.dll” [“NVIDIA Corporation”] “{1CDB2949-8F65-4355-8456-263E7C208A5D}” = “Desktop Explorer” -> {HKLM…CLSID} = “Desktop Explorer” \InProcServer32(Default) = “C:\WINDOWS\system32\nvshell.dll” [“NVIDIA Corporation”] “{1E9B04FB-F9E5-4718-997B-B8DA88302A47}” = “Desktop Explorer Menu” -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “C:\WINDOWS\system32\nvshell.dll” [“NVIDIA Corporation”] “{1E9B04FB-F9E5-4718-997B-B8DA88302A48}” = “nView Desktop Context Menu” -> {HKLM…CLSID} = “nView Desktop Context Menu” \InProcServer32(Default) = “C:\WINDOWS\system32\nvshell.dll” [“NVIDIA Corporation”] “{4CCEFB41-18FA-11D3-9EF3-00A0C9E897FD}” = “Skladnik rozszerzenia powloki CorelDRAW” -> {HKLM…CLSID} = “CorelDRAW Shell Extension Component” \InProcServer32(Default) = “C:\Program Files\Corel\Corel Graphics 11\DRAW\CDRVIEWER\CrlShell110.dll” [null data] “{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}” = “AVG7 Shell Extension” -> {HKLM…CLSID} = “AVG7 Shell Extension Class” \InProcServer32(Default) = “C:\Program Files\Grisoft\AVG7\avgse.dll” [“GRISOFT, s.r.o.”] “{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}” = “AVG7 Find Extension” -> {HKLM…CLSID} = “AVG7 Find Extension Class” \InProcServer32(Default) = “C:\Program Files\Grisoft\AVG7\avgse.dll” [“GRISOFT, s.r.o.”] HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\ <> “load” = “C:\WINDOWS\svchost.exe” [file not found] HKLM\Software\Classes\PROTOCOLS\Filter\ <> text/xml\CLSID = “{807553E5-5146-11D5-A672-00B0D022E945}” -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL” [MS] HKLM\Software\Classes\Folder\shellex\ColumnHandlers\ {F9DB5320-233E-11D1-9F84-707F02C10627}(Default) = “PDF Column Info” -> {HKLM…CLSID} = “PDF Shell Extension” \InProcServer32(Default) = “C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll” [“Adobe Systems, Inc.”] HKLM\Software\Classes*\shellex\ContextMenuHandlers\ AVG7 Shell Extension(Default) = “{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}” -> {HKLM…CLSID} = “AVG7 Shell Extension Class” \InProcServer32(Default) = “C:\Program Files\Grisoft\AVG7\avgse.dll” [“GRISOFT, s.r.o.”] IZArcCM(Default) = “{8D9D4D0D-FDDD-44CB-AAB2-6161FA0757C5}” -> {HKLM…CLSID} = “IZArc Shell Context Menu” \InProcServer32(Default) = “C:\PROGRA~1\IZArc\IZArcCM.dll” [null data] HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ IZArcCM(Default) = “{8D9D4D0D-FDDD-44CB-AAB2-6161FA0757C5}” -> {HKLM…CLSID} = “IZArc Shell Context Menu” \InProcServer32(Default) = “C:\PROGRA~1\IZArc\IZArcCM.dll” [null data] HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ AVG7 Shell Extension(Default) = “{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}” -> {HKLM…CLSID} = “AVG7 Shell Extension Class” \InProcServer32(Default) = “C:\Program Files\Grisoft\AVG7\avgse.dll” [“GRISOFT, s.r.o.”] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\ “shutdownwithoutlogon” = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Shutdown: Allow system to be shut down without having to log on} “undockwithoutlogon” = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Devices: Allow undock without having to log on} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ “Wallpaper” = “C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp” Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ “Wallpaper” = “C:\Documents and Settings\daro\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp” Enabled Screen Saver: --------------------- HKCU\Control Panel\Desktop\ “SCRNSAVE.EXE” = “C:\WINDOWS\System32\logon.scr” [MS] Startup items in “daro” & “All Users” startup folders: ------------------------------------------------------ C:\Documents and Settings\daro\Menu Start\Programy\Autostart “irPC” -> shortcut to: “C:\Program Files\irPC\irPC.exe” [“www.ELMAK.pl”] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart “Adobe Reader Speed Launch” -> shortcut to: “C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe” [“Adobe Systems Incorporated”] “BlueSoleil” -> shortcut to: “C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe” [“IVT Corporation”] “Logitech SetPoint” -> shortcut to: “C:\Program Files\Logitech\SetPoint\SetPoint.exe” [“Logitech Inc.”] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS] 000000000002\LibraryPath = “%SystemRoot%\System32\winrnr.dll” [MS] 000000000003\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 16 %SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05 Toolbars, Explorer Bars, Extensions: ------------------------------------ Explorer Bars HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\ HKLM\Software\Classes\CLSID{FF059E31-CC5A-4E2E-BF3B-96E929D65503}(Default) = “&Badanie” Implemented Categories{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32(Default) = “C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL” [MS] Extensions (Tools menu items, main toolbar menu buttons) HKLM\Software\Microsoft\Internet Explorer\Extensions\ {92780B25-18CC-41C8-B9BE-3C9C571A8263}\ “ButtonText” = “Badanie” {FB5F1910-F110-11D2-BB9E-00C04F795683}\ “ButtonText” = “Messenger” “MenuText” = “Windows Messenger” “Exec” = “C:\Program Files\Messenger\msmsgs.exe” [MS] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Adobe Active File Monitor V4, AdobeActiveFileMonitor4.0, “C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe” [null data] AVG E-mail Scanner, AVGEMS, “C:\PROGRA~1\Grisoft\AVG7\avgemc.exe” [“GRISOFT, s.r.o.”] AVG7 Alert Manager Server, Avg7Alrt, “C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe” [“GRISOFT, s.r.o.”] AVG7 Update Service, Avg7UpdSvc, “C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe” [“GRISOFT, s.r.o.”] BlueSoleil Hid Service, BlueSoleil Hid Service, “C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe” [null data] LightScribeService Direct Disc Labeling Service, LightScribeService, ““C:\Program Files\Common Files\LightScribe\LSSrvc.exe”” [“Hewlett-Packard Company”] NVIDIA Display Driver Service, NVSvc, “C:\WINDOWS\system32\nvsvc32.exe” [“NVIDIA Corporation”] Windows User Mode Driver Framework, UMWdf, “C:\WINDOWS\system32\wdfmgr.exe” [MS] Print Monitors: --------------- HKLM\System\CurrentControlSet\Control\Print\Monitors\ FPP3:\Driver = “fppmon3.dll” [“FinePrint Software, LLC”] Microsoft Document Imaging Writer Monitor\Driver = “mdimon.dll” [MS] ---------- <>: Suspicious data at a malware launch point. + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + The search for DESKTOP.INI DLL launch points on all local fixed drives took 102 seconds. ---------- (total run time: 171 seconds)

Joan · 2 Maj 2007 00:12

usun wpis

Skan AVG AntySpyware 7.5 po update, wklej raport.

12daro · 2 Maj 2007 09:05

AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 11:03:36 2007-05-02 + Scan result: C:\System Volume Information_restore{9EAEA1EC-24E4-4854-A5AF-91EDF40C0AA0}\RP14\A0007668.exe -> Backdoor.Small.lo : No action taken. C:\System Volume Information_restore{9EAEA1EC-24E4-4854-A5AF-91EDF40C0AA0}\RP14\A0007681.exe -> Backdoor.Small.lo : No action taken. C:\System Volume Information_restore{9EAEA1EC-24E4-4854-A5AF-91EDF40C0AA0}\RP15\A0007833.exe -> Backdoor.Small.lo : No action taken. C:\System Volume Information_restore{9EAEA1EC-24E4-4854-A5AF-91EDF40C0AA0}\RP15\A0007849.exe -> Backdoor.Small.lo : No action taken. C:\System Volume Information_restore{9EAEA1EC-24E4-4854-A5AF-91EDF40C0AA0}\RP16\A0007862.exe -> Backdoor.Small.lo : No action taken. C:\System Volume Information_restore{9EAEA1EC-24E4-4854-A5AF-91EDF40C0AA0}\RP16\A0007856.exe -> Dropper.Small.apl : No action taken. C:\System Volume Information_restore{9EAEA1EC-24E4-4854-A5AF-91EDF40C0AA0}\RP16\A0007860.exe -> Dropper.Small.apl : No action taken. D:\System Volume Information_restore{9EAEA1EC-24E4-4854-A5AF-91EDF40C0AA0}\RP16\A0007863.exe -> Dropper.Small.apl : No action taken. F:\System Volume Information_restore{9EAEA1EC-24E4-4854-A5AF-91EDF40C0AA0}\RP16\A0007865.exe -> Dropper.Small.apl : No action taken. :mozilla.86:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.2o7 : No action taken. D:\z dysku\Documents and Settings\daro\Cookies\daro@2o7[2].txt -> TrackingCookie.2o7 : No action taken. D:\z dysku\Documents and Settings\daro\Cookies\daro@edsa.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken. :mozilla.102:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Adocean : No action taken. :mozilla.103:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Adocean : No action taken. :mozilla.112:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Adocean : No action taken. :mozilla.113:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Adocean : No action taken. :mozilla.116:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Adocean : No action taken. :mozilla.117:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Adocean : No action taken. :mozilla.26:C:\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\74iwy5cl.default\cookies.txt -> TrackingCookie.Adocean : No action taken. :mozilla.27:C:\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\74iwy5cl.default\cookies.txt -> TrackingCookie.Adocean : No action taken. :mozilla.44:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Adocean : No action taken. :mozilla.45:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Adocean : No action taken. :mozilla.50:C:\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\74iwy5cl.default\cookies.txt -> TrackingCookie.Adocean : No action taken. :mozilla.51:C:\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\74iwy5cl.default\cookies.txt -> TrackingCookie.Adocean : No action taken. :mozilla.69:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Adocean : No action taken. :mozilla.70:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Adocean : No action taken. C:\Documents and Settings\daro\Cookies\daro@ad.adocean[1].txt -> TrackingCookie.Adocean : No action taken. C:\Documents and Settings\daro\Cookies\daro@gde.adocean[2].txt -> TrackingCookie.Adocean : No action taken. C:\Documents and Settings\daro\Cookies\daro@my.adocean[2].txt -> TrackingCookie.Adocean : No action taken. D:\z dysku\Documents and Settings\daro\Cookies\daro@ad.adocean[1].txt -> TrackingCookie.Adocean : No action taken. D:\z dysku\Documents and Settings\daro\Cookies\daro@gde.adocean[2].txt -> TrackingCookie.Adocean : No action taken. D:\z dysku\Documents and Settings\daro\Cookies\daro@gg.adocean[1].txt -> TrackingCookie.Adocean : No action taken. D:\z dysku\Documents and Settings\daro\Cookies\daro@my.adocean[1].txt -> TrackingCookie.Adocean : No action taken. :mozilla.234:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken. :mozilla.235:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken. :mozilla.236:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken. :mozilla.237:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken. :mozilla.238:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken. :mozilla.239:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken. :mozilla.310:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Atdmt : No action taken. :mozilla.325:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Clickbank : No action taken. D:\z dysku\Documents and Settings\daro\Cookies\daro@clickbank[2].txt -> TrackingCookie.Clickbank : No action taken. :mozilla.179:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Com : No action taken. D:\z dysku\Documents and Settings\daro\Cookies\daro@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken. :mozilla.174:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Etracker : No action taken. :mozilla.10:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Gemius : No action taken. :mozilla.11:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Gemius : No action taken. :mozilla.6:C:\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\74iwy5cl.default\cookies.txt -> TrackingCookie.Gemius : No action taken. :mozilla.8:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Gemius : No action taken. :mozilla.9:C:\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\74iwy5cl.default\cookies.txt -> TrackingCookie.Gemius : No action taken. C:\Documents and Settings\daro\Cookies\daro@hit.gemius[2].txt -> TrackingCookie.Gemius : No action taken. D:\z dysku\Documents and Settings\daro\Cookies\daro@hit.gemius[1].txt -> TrackingCookie.Gemius : No action taken. :mozilla.249:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken. :mozilla.19:C:\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\74iwy5cl.default\cookies.txt -> TrackingCookie.Imrworldwide : No action taken. :mozilla.73:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Imrworldwide : No action taken. :mozilla.74:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Imrworldwide : No action taken. D:\z dysku\Documents and Settings\daro\Cookies\daro@ilead.itrack[1].txt -> TrackingCookie.Itrack : No action taken. :mozilla.272:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken. :mozilla.320:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Onestat : No action taken. :mozilla.321:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Onestat : No action taken. :mozilla.84:C:\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\74iwy5cl.default\cookies.txt -> TrackingCookie.Onestat : No action taken. :mozilla.85:C:\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\74iwy5cl.default\cookies.txt -> TrackingCookie.Onestat : No action taken. :mozilla.81:C:\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\74iwy5cl.default\cookies.txt -> TrackingCookie.Paypal : No action taken. :mozilla.268:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Revsci : No action taken. :mozilla.269:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Revsci : No action taken. :mozilla.270:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Revsci : No action taken. :mozilla.271:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Revsci : No action taken. :mozilla.304:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Ru4 : No action taken. :mozilla.305:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Ru4 : No action taken. D:\z dysku\Documents and Settings\daro\Cookies\daro@edge.ru4[2].txt -> TrackingCookie.Ru4 : No action taken. :mozilla.161:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Skype : No action taken. :mozilla.200:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Skype : No action taken. C:\Documents and Settings\daro\Cookies\daro@skype[1].txt -> TrackingCookie.Skype : No action taken. D:\z dysku\Documents and Settings\daro\Cookies\daro@skype[1].txt -> TrackingCookie.Skype : No action taken. :mozilla.157:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Statcounter : No action taken. :mozilla.158:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Statcounter : No action taken. D:\z dysku\Documents and Settings\daro\Cookies\daro@statcounter[2].txt -> TrackingCookie.Statcounter : No action taken. :mozilla.212:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Toplist : No action taken. :mozilla.32:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken. :mozilla.33:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken. :mozilla.71:C:\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\74iwy5cl.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken. :mozilla.72:C:\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\74iwy5cl.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken. C:\Documents and Settings\daro\Cookies\daro@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : No action taken. D:\z dysku\Documents and Settings\daro\Cookies\daro@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : No action taken. :mozilla.260:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Trafic : No action taken. :mozilla.46:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken. C:\Documents and Settings\daro\Cookies\daro@m.webtrends[1].txt -> TrackingCookie.Webtrends : No action taken. D:\z dysku\Documents and Settings\daro\Cookies\daro@m.webtrends[2].txt -> TrackingCookie.Webtrends : No action taken. :mozilla.286:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken. :mozilla.232:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken. :mozilla.233:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken. :mozilla.240:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Zedo : No action taken. :mozilla.241:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Zedo : No action taken. :mozilla.242:D:\z dysku\Documents and Settings\daro\Dane aplikacji\Mozilla\Firefox\Profiles\hpr6k2jz.default\cookies.txt -> TrackingCookie.Zedo : No action taken. C:\System Volume Information_restore{9EAEA1EC-24E4-4854-A5AF-91EDF40C0AA0}\RP14\A0007667.exe -> Trojan.Copier : No action taken. C:\System Volume Information_restore{9EAEA1EC-24E4-4854-A5AF-91EDF40C0AA0}\RP14\A0007680.exe -> Trojan.Copier : No action taken. C:\System Volume Information_restore{9EAEA1EC-24E4-4854-A5AF-91EDF40C0AA0}\RP15\A0007832.exe -> Trojan.Copier : No action taken. C:\System Volume Information_restore{9EAEA1EC-24E4-4854-A5AF-91EDF40C0AA0}\RP15\A0007848.exe -> Trojan.Copier : No action taken. C:\System Volume Information_restore{9EAEA1EC-24E4-4854-A5AF-91EDF40C0AA0}\RP16\A0007861.exe -> Trojan.Copier : No action taken. C:\System Volume Information_restore{9EAEA1EC-24E4-4854-A5AF-91EDF40C0AA0}\RP16\A0007857.exe -> Trojan.Copyself : No action taken. C:\System Volume Information_restore{9EAEA1EC-24E4-4854-A5AF-91EDF40C0AA0}\RP16\A0007858.exe -> Trojan.Copyself : No action taken. D:\System Volume Information_restore{9EAEA1EC-24E4-4854-A5AF-91EDF40C0AA0}\RP16\A0007859.exe -> Trojan.Copyself : No action taken. F:\System Volume Information_restore{9EAEA1EC-24E4-4854-A5AF-91EDF40C0AA0}\RP16\A0007864.exe -> Trojan.Copyself : No action taken. ::Report end

matio · 2 Maj 2007 09:09

Wyłącz a potem i włącz przywracanie systemu i przeczyść cookisy

12daro · 2 Maj 2007 09:21

jak mam przeczyścić coolisy?

squeet · 2 Maj 2007 09:32

Proszę o lekturę poniższych tematów:

http://forum.dobreprogramy.pl/viewtopic.php?t=36654

http://forum.dobreprogramy.pl/viewtopic.php?t=66889

Logi wstawiamy w tagach quote. Powyższe już sformatowałem, następne wklejaj już poprawnie.

Użyj aplikacji ATF Cleaner. Opis jak użyć jest tu:

http://forum.dobreprogramy.pl/viewtopic … 85#1005185

Czytać uważnie.

matio · 2 Maj 2007 09:37

Programem AVG AntySpyware 7.5 lub ręcznie: W Firefoksie -> Narzędzia -> Opcje -> Prywatność -> Zakładka "Ciasteczka -> “Wyczyść ciasteczka teraz”. Następnie w IE -> PPM na ikonę -> Właściwości -> “Usuń pliki cookies”

12daro · 2 Maj 2007 09:49

nadal to samo czyli windows nie może znaleźć copy.exe

problem znika po formacie dysku(partycji)

ale jak sobie poradzić z partycją gdzie jest system?

matio · 2 Maj 2007 10:03

Podobny problem: http://forum.dobreprogramy.pl/viewtopic.php?t=124261 , http://www.gry-online.pl/s043.asp?ID=6168631&N=1

12daro · 2 Maj 2007 10:13

problem faktycznie podobny ale nie rozwiązany

Złączono Posta : 02.05.2007 (Sro) 22:09

i coż. nikt nie pomoże?

golab05 · 8 Maj 2007 11:11

daj prawym “eksploruj” i usun z dysków (powinny byc luzem niewidoczne) pliki o nazwie autorun.inf powinno pomoc a raczej na bank pomoze bo wirus sobie utworzył cos jakby autorun do plytki:)

pozdro

12daro · 8 Maj 2007 21:15

niestety nie ma takiego pliku jak autorun.inf(nawet ukrytego)

Gutek · 8 Maj 2007 22:09

Daj log z Combofix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

12daro · 9 Maj 2007 18:51

“daro” - 2007-05-09 20:44:01 Dodatek Service Pack 2 ComboFix 07-05.09.V - Running from: “C:\Documents and Settings\daro\Pulpit” (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) c:\autorun.inf d:\autorun.inf f:\autorun.inf C:\WINDOWS\autorun.inf ((((((((((((((((((((((((((((((( Files Created from 2007-04-09 to 2007-05-09 )))))))))))))))))))))))))))))))))) 2007-05-09 17:52 2007-05-08 23:55 2007-05-06 22:25 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys 2007-05-06 22:25 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys 2007-05-06 22:25 129,784 --------- C:\WINDOWS\system32\pxafs.dll 2007-05-06 22:25 2007-05-02 18:27 2007-05-02 18:26 262,144 --a------ C:\DOCUME~1\ALLUSE~1\ntuser.dat 2007-05-02 18:23 6,550 --a------ C:\WINDOWS\jautoexp.dat 2007-05-02 18:23 46,352 --a------ C:\WINDOWS\setdebug.exe 2007-05-02 18:23 139,536 --a------ C:\WINDOWS\system32\javaee.dll 2007-05-02 18:22 113 --a------ C:\WINDOWS\system32\zonedon.reg 2007-05-02 18:22 113 --a------ C:\WINDOWS\system32\zonedoff.reg 2007-05-02 13:39 2007-05-02 13:39 2007-05-02 13:02 2007-05-02 11:41 2007-05-02 11:40 524,288 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT 2007-05-02 11:40 2007-05-02 11:40 2007-05-02 11:40 2007-05-02 11:40 2007-05-02 11:40 2007-05-02 11:40 2007-05-02 11:40 2007-05-02 10:16 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-05-02 10:09 2007-05-01 22:15 2007-05-01 15:22 2007-04-27 22:05 2007-04-26 23:19 2007-04-26 23:15 2007-04-26 23:15 2007-04-26 23:05 43,528 --------- C:\WINDOWS\system32\drivers\PxHelp20.sys 2007-04-26 23:05 109,568 --------- C:\WINDOWS\system32\pxinsi64.exe 2007-04-26 23:05 108,544 --------- C:\WINDOWS\system32\pxcpyi64.exe 2007-04-26 22:59 87,424 --a------ C:\WINDOWS\system32\drivers\irda.sys 2007-04-26 22:59 8,192 --a------ C:\WINDOWS\system32\wshirda.dll 2007-04-26 22:59 27,648 --a------ C:\WINDOWS\system32\irmon.dll 2007-04-26 22:59 27,136 -ra------ C:\WINDOWS\system32\drivers\MA-620.sys 2007-04-26 22:59 19,584 --a------ C:\WINDOWS\system32\drivers\rasirda.sys 2007-04-26 22:59 153,088 --a------ C:\WINDOWS\system32\irftp.exe 2007-04-26 22:50 307,200 --a------ C:\WINDOWS\IsUn0415.exe 2007-04-26 22:44 2007-04-26 22:41 82,148 --a------ C:\WINDOWS\system32\drivers\VcommMgr.sys 2007-04-26 22:41 77,824 -ra------ C:\WINDOWS\system32\drivers\SioUi2k.dll 2007-04-26 22:41 7,680 --a------ C:\WINDOWS\system32\btinstall.dll 2007-04-26 22:41 63,488 -ra------ C:\WINDOWS\system32\drivers\wssbtr1f.sys 2007-04-26 22:41 61,312 --a------ C:\WINDOWS\system32\drivers\VComm.sys 2007-04-26 22:41 54,784 --a------ C:\WINDOWS\system32\drivers\vfwwdm32.dll 2007-04-26 22:41 51,169 -ra------ C:\WINDOWS\system32\drivers\OXSER.SYS 2007-04-26 22:41 48,556 -ra------ C:\WINDOWS\system32\drivers\SktBt2k.sys 2007-04-26 22:41 48,076 -ra------ C:\WINDOWS\system32\drivers\Sio9502k.sys 2007-04-26 22:41 40,960 -ra------ C:\WINDOWS\system32\drivers\SCTray.exe 2007-04-26 22:41 28,207 --a------ C:\WINDOWS\system32\drivers\BTHidMgr.sys 2007-04-26 22:41 23,000 --a------ C:\WINDOWS\system32\drivers\btcusb.sys 2007-04-26 22:41 20,096 --a------ C:\WINDOWS\system32\drivers\blueletaudio.sys 2007-04-26 22:41 148,830 --a------ C:\WINDOWS\system32\drivers\bcbthub.sys 2007-04-26 22:41 13,304 --a------ C:\WINDOWS\system32\drivers\BTNetFilter.sys 2007-04-26 22:41 12,504 --a------ C:\WINDOWS\system32\drivers\VHIDMini.sys 2007-04-26 22:41 12,500 --a------ C:\WINDOWS\system32\drivers\vbtenum.sys 2007-04-26 22:41 116,021 --a------ C:\WINDOWS\system32\drivers\fw203x.sys 2007-04-26 22:41 10,804 --a------ C:\WINDOWS\system32\drivers\BtNetDrv.sys 2007-04-26 22:41 2007-04-25 23:15 307,200 --------- C:\WINDOWS\system32\fppmon3.dll 2007-04-25 23:15 122,880 --------- C:\WINDOWS\system32\fppr332.dll 2007-04-25 22:40 2,368 --a------ C:\WINDOWS\system32\SVKP.sys 2007-04-25 22:39 2007-04-25 22:35 804 --a------ C:\WINDOWS\TSCTVDIV.BIN 2007-04-25 22:30 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys 2007-04-25 22:30 65,536 --a------ C:\WINDOWS\system32\SNAP.DLL 2007-04-25 22:30 57,344 --a------ C:\WINDOWS\system32\DTVdrv.dll 2007-04-25 22:30 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys 2007-04-25 22:30 405,504 --a------ C:\WINDOWS\system32\TSCTVWDM.DLL 2007-04-25 22:30 32,768 --a------ C:\WINDOWS\system32\NVGPIO.DLL 2007-04-25 22:30 31,629 -ra------ C:\WINDOWS\system32\drivers\cx88tune.sys 2007-04-25 22:30 299,520 --a------ C:\WINDOWS\uninst.exe 2007-04-25 22:30 28,672 --a------ C:\WINDOWS\system32\NVAPI9X.DLL 2007-04-25 22:30 204,800 --a------ C:\WINDOWS\TVXAPP.EXE 2007-04-25 22:30 204,800 --a------ C:\WINDOWS\TVUNINST.EXE 2007-04-25 22:30 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS 2007-04-25 22:30 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys 2007-04-25 22:30 159,800 --a------ C:\WINDOWS\PS.exe 2007-04-25 22:30 159,800 --a------ C:\WINDOWS\PowerS.exe 2007-04-25 22:30 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys 2007-04-25 22:30 135,168 --a------ C:\WINDOWS\system32\34API.DLL 2007-04-25 22:30 12,188 --a------ C:\WINDOWS\system32\DTVdrvNT.sys 2007-04-25 22:30 11,884 -ra------ C:\WINDOWS\system32\drivers\cx88xbar.sys 2007-04-25 22:30 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys 2007-04-25 22:30 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys 2007-04-25 22:30 2007-04-25 22:30 2007-04-25 22:29 54,784 --a------ C:\WINDOWS\system32\vfwwdm32.dll 2007-04-25 22:29 201,051 -ra------ C:\WINDOWS\system32\drivers\cx88vid.sys 2007-04-25 22:10 921,600 --a------ C:\WINDOWS\system32\vorbisenc.dll 2007-04-25 22:10 237,568 --a------ C:\WINDOWS\system32\OggDS.dll 2007-04-25 22:09 45,056 --a------ C:\WINDOWS\system32\ogg.dll 2007-04-25 22:09 188,416 --a------ C:\WINDOWS\system32\vorbis.dll 2007-04-25 22:08 1,415,680 --a------ C:\WINDOWS\system32\WMV9VCM.dll 2007-04-25 22:07 245,760 --a------ C:\WINDOWS\system32\mplvpx.dll 2007-04-25 22:06 9,216 --a------ C:\WINDOWS\system32\cpuinf32.dll 2007-04-25 22:05 639,066 --a------ C:\WINDOWS\system32\DivX.dll 2007-04-25 22:03 765,952 --a------ C:\WINDOWS\system32\xvidcore.dll 2007-04-25 22:00 2007-04-25 21:43 2007-04-25 21:40 208,896 --a------ C:\WINDOWS\system32\nvudisp.exe 2007-04-25 21:40 2007-04-25 21:39 208,896 --a------ C:\WINDOWS\system32\NVUNINST.EXE 2007-04-25 21:39 2007-04-25 21:15 2007-04-25 18:06 1,277 --a------ C:\WINDOWS\mozver.dat 2007-04-25 16:24 2007-04-25 00:38 7,552 --a------ C:\WINDOWS\system32\drivers\SONYPVU1.SYS 2007-04-25 00:20 2007-04-25 00:15 545 --a------ C:\WINDOWS\UC.PIF 2007-04-25 00:15 545 --a------ C:\WINDOWS\RAR.PIF 2007-04-25 00:15 545 --a------ C:\WINDOWS\PKZIP.PIF 2007-04-25 00:15 545 --a------ C:\WINDOWS\PKUNZIP.PIF 2007-04-25 00:15 545 --a------ C:\WINDOWS\NOCLOSE.PIF 2007-04-25 00:15 545 --a------ C:\WINDOWS\LHA.PIF 2007-04-25 00:15 545 --a------ C:\WINDOWS\ARJ.PIF 2007-04-25 00:15 2007-04-25 00:13 2007-04-25 00:11 68,352 --a------ C:\WINDOWS\system32\drivers\LMouKE.Sys 2007-04-25 00:11 54,528 --a------ C:\WINDOWS\system32\drivers\L8042mou.Sys 2007-04-25 00:11 258,352 --a------ C:\WINDOWS\system32\unicows.dll 2007-04-25 00:11 13,056 --a------ C:\WINDOWS\system32\drivers\L8042Kbd.sys 2007-04-25 00:11 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll 2007-04-25 00:11 1,047,552 --a------ C:\WINDOWS\system32\MFC71u.dll 2007-04-25 00:11 2007-04-25 00:11 2007-04-25 00:01 306,688 --a------ C:\WINDOWS\IsUninst.exe 2007-04-25 00:01 2007-04-25 00:00 655,596 --a------ C:\WINDOWS\system32\drivers\ALCXWDM.SYS 2007-04-25 00:00 46,592 --a------ C:\WINDOWS\SOUNDMAN.EXE 2007-04-25 00:00 208,896 --------- C:\WINDOWS\alcupd.exe 2007-04-25 00:00 135,168 --------- C:\WINDOWS\alcrmv.exe 2007-04-25 00:00 2007-04-25 00:00 2007-04-25 00:00 2007-04-25 00:00 2007-04-24 23:44 2007-04-24 23:42 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll 2007-04-24 23:42 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll 2007-04-24 23:42 364,544 --------- C:\WINDOWS\system32\TwnLib4.dll 2007-04-24 23:42 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll 2007-04-24 23:42 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe 2007-04-24 23:42 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll 2007-04-24 23:42 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll 2007-04-24 23:41 2007-04-24 23:41 2007-04-24 23:33 2007-04-24 23:31 2007-04-24 23:30 2007-04-24 23:27 73,728 --a------ C:\WINDOWS\copyfstq.exe 2007-04-24 23:24 2007-04-24 23:23 2007-04-24 23:14 2007-04-24 23:13 2007-04-24 23:13 2007-04-24 23:13 2007-04-24 23:13 2007-04-24 23:11 0 --a------ C:\WINDOWS\nsreg.dat 2007-04-24 23:11 2007-04-24 23:08 2007-04-24 23:03 2007-04-24 23:02 2007-04-24 23:01 2007-04-24 23:01 2007-04-24 22:47 17,920 --a------ C:\WINDOWS\system32\mdimon.dll 2007-04-24 22:46 2007-04-24 22:41 2007-04-24 22:40 2007-04-24 22:40 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:30 2007-04-24 22:01 9,728 --------- C:\WINDOWS\system32\comsdupd.exe 2007-04-24 22:01 73,216 --------- C:\WINDOWS\system32\drivers\atintuxx.sys 2007-04-24 22:01 701,440 --------- C:\WINDOWS\system32\drivers\ati2mtag.sys 2007-04-24 22:01 685,056 --------- C:\WINDOWS\system32\drivers\hsfcxts2.sys 2007-04-24 22:01 67,584 --------- C:\WINDOWS\system32\drivers\sdbus.sys 2007-04-24 22:01 63,663 --------- C:\WINDOWS\system32\drivers\ati1rvxx.sys 2007-04-24 22:01 63,488 --------- C:\WINDOWS\system32\drivers\atinxsxx.sys 2007-04-24 22:01 59,648 --------- C:\WINDOWS\system32\drivers\rfcomm.sys 2007-04-24 22:01 57,856 --------- C:\WINDOWS\system32\drivers\atinbtxx.sys 2007-04-24 22:01 56,623 --------- C:\WINDOWS\system32\drivers\ati1btxx.sys 2007-04-24 22:01 52,224 --------- C:\WINDOWS\system32\drivers\atinraxx.sys 2007-04-24 22:01 46,464 --------- C:\WINDOWS\system32\drivers\gagp30kx.sys 2007-04-24 22:01 452,736 --------- C:\WINDOWS\system32\drivers\mtxparhm.sys 2007-04-24 22:01 44,928 --------- C:\WINDOWS\system32\drivers\agpcpq.sys 2007-04-24 22:01 43,008 --------- C:\WINDOWS\system32\drivers\amdagp.sys 2007-04-24 22:01 42,752 --------- C:\WINDOWS\system32\drivers\alim1541.sys 2007-04-24 22:01 42,368 --------- C:\WINDOWS\system32\drivers\agp440.sys 2007-04-24 22:01 40,832 --------- C:\WINDOWS\system32\drivers\irbus.sys 2007-04-24 22:01 40,320 --------- C:\WINDOWS\system32\drivers\intelppm.sys 2007-04-24 22:01 4,255 --------- C:\WINDOWS\system32\drivers\adv01nt5.dll 2007-04-24 22:01 38,016 --------- C:\WINDOWS\system32\drivers\bthmodem.sys 2007-04-24 22:01 36,463 --------- C:\WINDOWS\system32\drivers\ati1tuxx.sys 2007-04-24 22:01 35,456 --------- C:\WINDOWS\system32\drivers\bthprint.sys 2007-04-24 22:01 34,735 --------- C:\WINDOWS\system32\drivers\ati1xsxx.sys 2007-04-24 22:01 327,040 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys 2007-04-24 22:01 31,744 --------- C:\WINDOWS\system32\drivers\atinxbxx.sys 2007-04-24 22:01 30,671 --------- C:\WINDOWS\system32\drivers\ati1raxx.sys 2007-04-24 22:01 30,080 --------- C:\WINDOWS\system32\drivers\rndismpx.sys 2007-04-24 22:01 3,967 --------- C:\WINDOWS\system32\drivers\adv02nt5.dll 2007-04-24 22:01 3,901 --------- C:\WINDOWS\system32\drivers\siint5.dll 2007-04-24 22:01 3,775 --------- C:\WINDOWS\system32\drivers\adv11nt5.dll 2007-04-24 22:01 3,711 --------- C:\WINDOWS\system32\drivers\adv09nt5.dll 2007-04-24 22:01 3,647 --------- C:\WINDOWS\system32\drivers\adv07nt5.dll 2007-04-24 22:01 3,615 --------- C:\WINDOWS\system32\drivers\adv05nt5.dll 2007-04-24 22:01 3,135 --------- C:\WINDOWS\system32\drivers\adv08nt5.dll 2007-04-24 22:01 29,455 --------- C:\WINDOWS\system32\drivers\ati1xbxx.sys 2007-04-24 22:01 29,056 --------- C:\WINDOWS\system32\drivers\ip6fw.sys 2007-04-24 22:01 28,672 --------- C:\WINDOWS\system32\drivers\atinsnxx.sys 2007-04-24 22:01 275,200 --------- C:\WINDOWS\system32\drivers\bthport.sys 2007-04-24 22:01 262,784 --------- C:\WINDOWS\system32\drivers\http.sys 2007-04-24 22:01 26,367 --------- C:\WINDOWS\system32\drivers\ati1snxx.sys 2007-04-24 22:01 25,728 --------- C:\WINDOWS\system32\drivers\hidbth.sys 2007-04-24 22:01 25,471 --------- C:\WINDOWS\system32\drivers\atv04nt5.dll 2007-04-24 22:01 220,032 --------- C:\WINDOWS\system32\drivers\hsfbs2s2.sys 2007-04-24 22:01 21,343 --------- C:\WINDOWS\system32\drivers\ati1ttxx.sys 2007-04-24 22:01 21,183 --------- C:\WINDOWS\system32\drivers\atv01nt5.dll 2007-04-24 22:01 180,360 --------- C:\WINDOWS\system32\drivers\ntmtlfax.sys 2007-04-24 22:01 18,944 --------- C:\WINDOWS\system32\drivers\bthusb.sys 2007-04-24 22:01 17,279 --------- C:\WINDOWS\system32\drivers\atv10nt5.dll 2007-04-24 22:01 17,024 --------- C:\WINDOWS\system32\drivers\bthenum.sys 2007-04-24 22:01 166,912 --------- C:\WINDOWS\system32\drivers\s3gnbm.sys 2007-04-24 22:01 15,488 --------- C:\WINDOWS\system32\drivers\mssmbios.sys 2007-04-24 22:01 15,423 --------- C:\WINDOWS\system32\drivers\ch7xxnt5.dll 2007-04-24 22:01 15,104 --------- C:\WINDOWS\system32\drivers\hidir.sys 2007-04-24 22:01 14,336 --------- C:\WINDOWS\system32\drivers\atinpdxx.sys 2007-04-24 22:01 14,143 --------- C:\WINDOWS\system32\drivers\atv06nt5.dll 2007-04-24 22:01 13,824 --------- C:\WINDOWS\system32\drivers\atinttxx.sys 2007-04-24 22:01 13,824 --------- C:\WINDOWS\system32\drivers\atinmdxx.sys 2007-04-24 22:01 13,776 --------- C:\WINDOWS\system32\drivers\recagent.sys 2007-04-24 22:01 128,896 --------- C:\WINDOWS\system32\drivers\fltmgr.sys 2007-04-24 22:01 126,686 --------- C:\WINDOWS\system32\drivers\mtlmnt5.sys 2007-04-24 22:01 12,672 --------- C:\WINDOWS\system32\drivers\mutohpen.sys 2007-04-24 22:01 12,047 --------- C:\WINDOWS\system32\drivers\ati1pdxx.sys 2007-04-24 22:01 11,868 --------- C:\WINDOWS\system32\drivers\mdmxsdk.sys 2007-04-24 22:01 11,615 --------- C:\WINDOWS\system32\drivers\ati1mdxx.sys 2007-04-24 22:01 11,359 --------- C:\WINDOWS\system32\drivers\atv02nt5.dll 2007-04-24 22:01 11,136 --------- C:\WINDOWS\system32\drivers\sffdisk.sys 2007-04-24 22:01 104,960 --------- C:\WINDOWS\system32\drivers\atinrvxx.sys 2007-04-24 22:01 100,992 --------- C:\WINDOWS\system32\drivers\bthpan.sys 2007-04-24 22:01 10,240 --------- C:\WINDOWS\system32\drivers\sffp_sd.sys 2007-04-24 22:01 1,309,184 --------- C:\WINDOWS\system32\drivers\mtlstrm.sys 2007-04-24 22:01 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys 2007-04-24 22:00 95,424 --------- C:\WINDOWS\system32\drivers\slnthal.sys 2007-04-24 22:00 940,544 --a------ C:\WINDOWS\system32\wmspdmoe.dll 2007-04-24 22:00 88,064 --------- C:\WINDOWS\system32\p2pnetsh.dll 2007-04-24 22:00 870,784 --------- C:\WINDOWS\system32\ati3d1ag.dll 2007-04-24 22:00 86,016 --------- C:\WINDOWS\system32\p2pgasvc.dll 2007-04-24 22:00 86,016 --------- C:\WINDOWS\system32\mdmxsdk.dll 2007-04-24 22:00 81,920 --------- C:\WINDOWS\system32\ieencode.dll 2007-04-24 22:00 81,408 --------- C:\WINDOWS\system32\wscsvc.dll 2007-04-24 22:00 8,192 --------- C:\WINDOWS\system32\smbinst.exe 2007-04-24 22:00 8,192 --------- C:\WINDOWS\system32\bitsprx2.dll 2007-04-24 22:00 78,464 --------- C:\WINDOWS\system32\drivers\usbvideo.sys 2007-04-24 22:00 755,200 --------- C:\WINDOWS\system32\ir50_32.dll 2007-04-24 22:00 75,776 --------- C:\WINDOWS\system32\strmfilt.dll 2007-04-24 22:00 73,832 --------- C:\WINDOWS\system32\slcoinst.dll 2007-04-24 22:00 73,796 --------- C:\WINDOWS\system32\slserv.exe 2007-04-24 22:00 71,680 --------- C:\WINDOWS\system32\blastcln.exe 2007-04-24 22:00 7,680 --------- C:\WINDOWS\system32\kbdsmsno.dll 2007-04-24 22:00 7,680 --------- C:\WINDOWS\system32\kbdsmsfi.dll 2007-04-24 22:00 7,168 --------- C:\WINDOWS\system32\kbdukx.dll 2007-04-24 22:00 7,168 --------- C:\WINDOWS\system32\kbdno1.dll 2007-04-24 22:00 7,168 --------- C:\WINDOWS\system32\kbdfi1.dll 2007-04-24 22:00 7,168 --------- C:\WINDOWS\system32\hccoin.dll 2007-04-24 22:00 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll 2007-04-24 22:00 60,416 --------- C:\WINDOWS\system32\fwcfg.dll 2007-04-24 22:00 6,656 --------- C:\WINDOWS\system32\kbdinmal.dll 2007-04-24 22:00 6,656 --------- C:\WINDOWS\system32\kbdinben.dll 2007-04-24 22:00 6,144 --------- C:\WINDOWS\system32\kbdmlt48.dll 2007-04-24 22:00 6,144 --------- C:\WINDOWS\system32\kbdmlt47.dll 2007-04-24 22:00 6,144 --------- C:\WINDOWS\system32\kbdinbe1.dll 2007-04-24 22:00 6,016 --------- C:\WINDOWS\system32\drivers\smbali.sys 2007-04-24 22:00 526,848 --------- C:\WINDOWS\system32\p2psvc.dll 2007-04-24 22:00 516,768 --------- C:\WINDOWS\system32\ativvaxx.dll 2007-04-24 22:00 50,688 --------- C:\WINDOWS\system32\btpanui.dll 2007-04-24 22:00 50,176 --------- C:\WINDOWS\system32\xmlprovi.dll 2007-04-24 22:00 5,632 --------- C:\WINDOWS\system32\kbdmaori.dll 2007-04-24 22:00 49,152 --------- C:\WINDOWS\system32\powercfg.exe 2007-04-24 22:00 48,640 --------- C:\WINDOWS\system32\pnrpnsp.dll 2007-04-24 22:00 466,200 --a------ C:\WINDOWS\system32\wuapi.dll 2007-04-24 22:00 44,672 --------- C:\WINDOWS\system32\drivers\uagp35.sys 2007-04-24 22:00 44,032 --------- C:\WINDOWS\system32\twext.dll 2007-04-24 22:00 427,008 --------- C:\WINDOWS\system32\xpob2res.dll 2007-04-24 22:00 413,944 --a------ C:\WINDOWS\system32\wmspdmod.dll 2007-04-24 22:00 41,240 --a------ C:\WINDOWS\system32\wups.dll 2007-04-24 22:00 41,088 --------- C:\WINDOWS\system32\drivers\sisagp.sys 2007-04-24 22:00 404,990 --------- C:\WINDOWS\system32\drivers\slntamr.sys 2007-04-24 22:00 397,056 --------- C:\WINDOWS\system32\s3gnb.dll 2007-04-24 22:00 384,512 --------- C:\WINDOWS\system32\mp4sdmod.dll 2007-04-24 22:00 377,984 --------- C:\WINDOWS\system32\ati2dvaa.dll 2007-04-24 22:00 338,432 --------- C:\WINDOWS\system32\ir41_qcx.dll 2007-04-24 22:00 32,866 --------- C:\WINDOWS\system32\slrundll.exe 2007-04-24 22:00 32,866 --------- C:\WINDOWS\slrundll.exe 2007-04-24 22:00 32,768 --------- C:\WINDOWS\system32\ativtmxx.dll 2007-04-24 22:00 32,285 --------- C:\WINDOWS\system32\hsfcisp2.dll 2007-04-24 22:00 312,320 --------- C:\WINDOWS\system32\p2pgraph.dll 2007-04-24 22:00 310,272 --------- C:\WINDOWS\system32\mp43dmod.dll 2007-04-24 22:00 30,208 --------- C:\WINDOWS\system32\bthserv.dll 2007-04-24 22:00 29,184 --------- C:\WINDOWS\system32\sdhcinst.dll 2007-04-24 22:00 286,792 --------- C:\WINDOWS\system32\slextspk.dll 2007-04-24 22:00 282,624 --a------ C:\WINDOWS\system32\wmpdxm.dll 2007-04-24 22:00 26,624 --------- C:\WINDOWS\system32\drivers\usbehci.sys 2007-04-24 22:00 25,471 --------- C:\WINDOWS\system32\drivers\watv10nt.sys 2007-04-24 22:00 25,088 --a------ C:\WINDOWS\system32\MsPMSNSv.dll 2007-04-24 22:00 24,576 --------- C:\WINDOWS\system32\httpapi.dll 2007-04-24 22:00 23,040 --a------ C:\WINDOWS\system32\fltmc.exe 2007-04-24 22:00 229,376 --------- C:\WINDOWS\system32\ati2cqag.dll 2007-04-24 22:00 22,271 --------- C:\WINDOWS\system32\drivers\watv06nt.sys 2007-04-24 22:00 217,088 --a------ C:\WINDOWS\system32\wmerror.dll 2007-04-24 22:00 201,728 --------- C:\WINDOWS\system32\ati2dvag.dll 2007-04-24 22:00 200,192 --------- C:\WINDOWS\system32\ir50_qc.dll 2007-04-24 22:00 20,992 --------- C:\WINDOWS\system32\bthci.dll 2007-04-24 22:00 2,953,216 --------- C:\WINDOWS\system32\xpsp2res.dll 2007-04-24 22:00 2,113,536 --------- C:\WINDOWS\system32\dxdiagn.dll 2007-04-24 22:00 195,352 --a------ C:\WINDOWS\system32\wuaueng1.dll 2007-04-24 22:00 193,024 --------- C:\WINDOWS\system32\fsquirt.exe 2007-04-24 22:00 188,508 --------- C:\WINDOWS\system32\slgen.dll 2007-04-24 22:00 183,808 --------- C:\WINDOWS\system32\ir50_qcx.dll 2007-04-24 22:00 175,384 --a------ C:\WINDOWS\system32\wuauclt1.exe 2007-04-24 22:00 173,536 --a------ C:\WINDOWS\system32\wuweb.dll 2007-04-24 22:00 17,408 --------- C:\WINDOWS\system32\winshfhc.dll 2007-04-24 22:00 16,896 --a------ C:\WINDOWS\system32\fltlib.dll 2007-04-24 22:00 150,016 --a------ C:\WINDOWS\system32\wmidx.dll 2007-04-24 22:00 15,872 --------- C:\WINDOWS\system32\w3ssl.dll 2007-04-24 22:00 14,336 --------- C:\WINDOWS\system32\auditusr.exe 2007-04-24 22:00 135,168 --a------ C:\WINDOWS\system32\wmpasf.dll 2007-04-24 22:00 13,824 --------- C:\WINDOWS\system32\wscntfy.exe 2007-04-24 22:00 13,824 --------- C:\WINDOWS\system32\cmsetacl.dll 2007-04-24 22:00 13,568 --------- C:\WINDOWS\system32\drivers\wacompen.sys 2007-04-24 22:00 13,240 --------- C:\WINDOWS\system32\drivers\slwdmsup.sys 2007-04-24 22:00 129,536 --------- C:\WINDOWS\system32\xmlprov.dll 2007-04-24 22:00 129,535 --------- C:\WINDOWS\system32\drivers\slnt7554.sys 2007-04-24 22:00 128,280 --a------ C:\WINDOWS\system32\wucltui.dll 2007-04-24 22:00 120,320 --------- C:\WINDOWS\system32\ir41_qc.dll 2007-04-24 22:00 12,672 --------- C:\WINDOWS\system32\drivers\usb8023x.sys 2007-04-24 22:00 118,784 --------- C:\WINDOWS\system32\msdadiag.dll 2007-04-24 22:00 116,224 --------- C:\WINDOWS\system32\p2p.dll 2007-04-24 22:00 11,935 --------- C:\WINDOWS\system32\drivers\wadv11nt.sys 2007-04-24 22:00 11,871 --------- C:\WINDOWS\system32\drivers\wadv09nt.sys 2007-04-24 22:00 11,807 --------- C:\WINDOWS\system32\drivers\wadv07nt.sys 2007-04-24 22:00 11,325 --------- C:\WINDOWS\system32\drivers\vchnt5.dll 2007-04-24 22:00 11,295 --------- C:\WINDOWS\system32\drivers\wadv08nt.sys 2007-04-24 22:00 108,032 --------- C:\WINDOWS\system32\wshbth.dll 2007-04-24 22:00 1,888,992 --------- C:\WINDOWS\system32\ati3duag.dll 2007-04-24 22:00 1,737,856 --------- C:\WINDOWS\system32\mtxparhd.dll 2007-04-24 22:00 1,689,088 --------- C:\WINDOWS\system32\d3d9.dll 2007-04-24 22:00 1,119,744 --a------ C:\WINDOWS\system32\wmsdmoe2.dll 2007-04-24 22:00 1,003,008 --a------ C:\WINDOWS\system32\wmvdmoe2.dll 2007-04-24 22:00 2007-04-24 22:00 2007-04-24 21:52 2007-04-24 21:43 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe 2007-04-24 21:43 2007-04-24 21:41 2007-04-24 21:39 7,552 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys 2007-04-24 21:39 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys 2007-04-24 21:39 4,992 --a------ C:\WINDOWS\system32\drivers\mspqm.sys 2007-04-24 21:39 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys 2007-04-24 21:39 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys 2007-04-24 21:38 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys 2007-04-24 21:38 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys 2007-04-24 21:38 58,624 --a------ C:\WINDOWS\system32\drivers\redbook.sys 2007-04-24 21:38 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys 2007-04-24 21:38 52,864 --a------ C:\WINDOWS\system32\drivers\dmusic.sys 2007-04-24 21:38 5,376 --a------ C:\WINDOWS\system32\drivers\mspclock.sys 2007-04-24 21:38 4,527,488 --a------ C:\WINDOWS\system32\nv4_disp.dll 2007-04-24 21:38 3,994,624 --a------ C:\WINDOWS\system32\drivers\nv4_mini.sys 2007-04-24 21:38 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys 2007-04-24 21:38 172,416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys 2007-04-24 21:38 2007-04-24 21:37 77,312 --a------ C:\WINDOWS\system32\usbui.dll 2007-04-24 21:37 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys 2007-04-24 21:37 42,240 --a------ C:\WINDOWS\system32\drivers\viaagp.sys 2007-04-24 21:37 4,096 --a------ C:\WINDOWS\system32\ksuser.dll 2007-04-24 21:37 2,944 --a------ C:\WINDOWS\system32\drivers\msmpu401.sys 2007-04-24 21:37 145,792 --a------ C:\WINDOWS\system32\drivers\portcls.sys 2007-04-24 21:37 117,760 --a------ C:\WINDOWS\system32\drivers\e100b325.sys 2007-04-24 21:37 10,624 --a------ C:\WINDOWS\system32\drivers\gameenum.sys 2007-04-24 21:37 10,345 --a------ C:\WINDOWS\system32\drivers\hamachi.sys 2007-04-24 21:36 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL 2007-04-24 21:36 9,168 --a------ C:\WINDOWS\system\VER.DLL 2007-04-24 21:36 85,532 --a------ C:\WINDOWS\system32\dgsetup.dll 2007-04-24 21:36 83,456 --a------ C:\WINDOWS\system\OLECLI.DLL 2007-04-24 21:36 8,704 --a------ C:\WINDOWS\system32\batt.dll 2007-04-24 21:36 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll 2007-04-24 21:36 75,776 --a------ C:\WINDOWS\system32\storprop.dll 2007-04-24 21:36 70,144 --a------ C:\WINDOWS\notepad.exe 2007-04-24 21:36 70,096 --a------ C:\WINDOWS\system\AVICAP.DLL 2007-04-24 21:36 7,168 --a------ C:\WINDOWS\system32\kbdcz.dll 2007-04-24 21:36 69,552 --a------ C:\WINDOWS\system\mmsystem.dll 2007-04-24 21:36 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll 2007-04-24 21:36 6,656 --a------ C:\WINDOWS\system32\kbdycl.dll 2007-04-24 21:36 6,656 --a------ C:\WINDOWS\system32\kbdsl1.dll 2007-04-24 21:36 6,656 --a------ C:\WINDOWS\system32\kbdsl.dll 2007-04-24 21:36 6,656 --a------ C:\WINDOWS\system32\kbdhu.dll 2007-04-24 21:36 6,656 --a------ C:\WINDOWS\system32\kbdcz2.dll 2007-04-24 21:36 6,656 --a------ C:\WINDOWS\system32\kbdcz1.dll 2007-04-24 21:36 6,656 --a------ C:\WINDOWS\system32\kbdcr.dll 2007-04-24 21:36 6,656 --a------ C:\WINDOWS\system32\KBDAL.DLL 2007-04-24 21:36 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll 2007-04-24 21:36 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll 2007-04-24 21:36 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll 2007-04-24 21:36 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll 2007-04-24 21:36 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll 2007-04-24 21:36 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll 2007-04-24 21:36 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll 2007-04-24 21:36 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll 2007-04-24 21:36 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll 2007-04-24 21:36 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll 2007-04-24 21:36 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll 2007-04-24 21:36 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll 2007-04-24 21:36 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll 2007-04-24 21:36 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll 2007-04-24 21:36 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll 2007-04-24 21:36 5,632 --a------ C:\WINDOWS\system32\kbdro.dll 2007-04-24 21:36 5,632 --a------ C:\WINDOWS\system32\kbdhu1.dll 2007-04-24 21:36 5,120 --a------ C:\WINDOWS\system\SHELL.DLL 2007-04-24 21:36 33,376 --a------ C:\WINDOWS\system\COMMDLG.DLL 2007-04-24 21:36 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll 2007-04-24 21:36 24,064 --a------ C:\WINDOWS\system\OLESVR.DLL 2007-04-24 21:36 19,200 --a------ C:\WINDOWS\system\TAPI.DLL 2007-04-24 21:36 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll 2007-04-24 21:36 15,360 --a------ C:\WINDOWS\TASKMAN.EXE 2007-04-24 21:36 13,312 --a------ C:\WINDOWS\system32\irclass.dll 2007-04-24 21:36 127,008 --a------ C:\WINDOWS\system\MSVIDEO.DLL 2007-04-24 21:36 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys 2007-04-24 21:36 109,488 --a------ C:\WINDOWS\system\AVIFILE.DLL 2007-04-24 21:36 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll 2007-04-24 21:36 2007-04-24 21:36 2007-04-24 21:36 2007-04-24 21:36 2007-04-24 21:36 2007-04-24 21:36 2007-04-24 21:36 2007-04-24 21:36 2007-04-24 21:36 2007-04-24 21:36 2007-04-24 21:36 2007-04-24 21:36 2007-04-24 21:36 2007-04-24 21:36 2007-04-24 21:35 2007-04-24 21:35 2007-04-24 21:35 2007-04-24 21:35 2007-04-24 21:35 2007-04-24 20:59 198,424 --a------ C:\WINDOWS\system32\iuengine.dll 2007-04-24 20:52 2,883,584 --ah----- C:\DOCUME~1\daro\NTUSER.DAT 2007-04-24 20:52 2007-04-24 20:52 2007-04-24 20:52 2007-04-24 20:52 2007-04-24 20:52 2007-04-24 20:52 2007-04-24 20:52 2007-04-24 20:52 2007-04-24 20:51 262,144 --ah----- C:\DOCUME~1\NETWOR~1\NTUSER.DAT 2007-04-24 20:51 262,144 --ah----- C:\DOCUME~1\LOCALS~1\NTUSER.DAT 2007-04-24 20:51 2007-04-24 20:51 2007-04-24 20:51 2007-04-24 20:51 2007-04-24 20:51 2007-04-24 20:47 262,144 --ah----- C:\DOCUME~1\DEFAUL~1\NTUSER.DAT 2007-04-24 20:47 0 -rahs---- C:\MSDOS.SYS 2007-04-24 20:47 0 -rahs---- C:\IO.SYS 2007-04-24 20:47 0 --a------ C:\CONFIG.SYS 2007-04-24 20:47 0 --a------ C:\AUTOEXEC.BAT 2007-04-24 20:47 2007-04-24 20:47 2007-04-24 20:46 112,128 --a------ C:\WINDOWS\system32\mapi32.dll 2007-04-24 20:46 2007-04-24 20:45 2007-04-24 20:45 2007-04-24 20:45 2007-04-24 20:44 86,016 --a------ C:\WINDOWS\system32\isign32.dll 2007-04-24 20:44 81,920 --a------ C:\WINDOWS\system32\ils.dll 2007-04-24 20:44 73,728 --a------ C:\WINDOWS\system32\icwdial.dll 2007-04-24 20:44 73,472 --a------ C:\WINDOWS\system32\drivers\sr.sys 2007-04-24 20:44 69,632 --a------ C:\WINDOWS\system32\msconf.dll 2007-04-24 20:44 679,424 --a------ C:\WINDOWS\system32\inetcomm.dll 2007-04-24 20:44 67,584 --a------ C:\WINDOWS\system32\srclient.dll 2007-04-24 20:44 67,584 --a------ C:\WINDOWS\system32\acctres.dll 2007-04-24 20:44 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll 2007-04-24 20:44 49,664 --a------ C:\WINDOWS\system32\inetres.dll 2007-04-24 20:44 45,568 --a------ C:\WINDOWS\system32\safrslv.dll 2007-04-24 20:44 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll 2007-04-24 20:44 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll 2007-04-24 20:44 382,464 --a------ C:\WINDOWS\system32\qmgr.dll 2007-04-24 20:44 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll 2007-04-24 20:44 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe 2007-04-24 20:44 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll 2007-04-24 20:44 29,696 --a------ C:\WINDOWS\system32\safrdm.dll 2007-04-24 20:44 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll 2007-04-24 20:44 278,528 --a------ C:\WINDOWS\system32\mstask.dll 2007-04-24 20:44 278,528 --a------ C:\WINDOWS\system32\inetcfg.dll 2007-04-24 20:44 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll 2007-04-24 20:44 240,128 --a------ C:\WINDOWS\system32\srrstr.dll 2007-04-24 20:44 192,000 --a------ C:\WINDOWS\system32\schedsvc.dll 2007-04-24 20:44 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll 2007-04-24 20:44 171,008 --a------ C:\WINDOWS\system32\srsvc.dll 2007-04-24 20:44 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll 2007-04-24 20:44 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll 2007-04-24 20:44 12,288 --a------ C:\WINDOWS\system32\mstinit.exe 2007-04-24 20:44 11,264 --a------ C:\WINDOWS\system32\atrace.dll 2007-04-24 20:44 105,984 --a------ C:\WINDOWS\system32\msoert2.dll 2007-04-24 20:44 2007-04-24 20:44 2007-04-24 20:44 2007-04-24 20:44 2007-04-24 20:44 2007-04-24 20:44 2007-04-24 20:44 2007-04-24 20:43 73,216 --a------ C:\WINDOWS\system32\avwav.dll 2007-04-24 20:43 5,632 --a------ C:\WINDOWS\system32\write.exe 2007-04-24 20:43 44,544 --a------ C:\WINDOWS\system32\hticons.dll 2007-04-24 20:43 351,744 --a------ C:\WINDOWS\system32\hypertrm.dll 2007-04-24 20:43 35,328 --a------ C:\WINDOWS\system32\winchat.exe 2007-04-24 20:43 231,424 --a------ C:\WINDOWS\system32\avtapi.dll 2007-04-24 20:43 21,856 --a------ C:\WINDOWS\system32\emptyregdb.dat 2007-04-24 20:43 187,904 --a------ C:\WINDOWS\system32\accwiz.exe 2007-04-24 20:43 16,384 --a------ C:\WINDOWS\system32\avmeter.dll 2007-04-24 20:43 139,264 --a------ C:\WINDOWS\system32\sndvol32.exe 2007-04-24 20:43 132,608 --a------ C:\WINDOWS\system32\sndrec32.exe 2007-04-24 20:43 2007-04-24 20:43 2007-04-24 20:43 2007-04-24 20:43 2007-04-24 20:43 2007-04-24 20:42 97,792 --a------ C:\WINDOWS\system32\comrepl.dll 2007-04-24 20:42 956,416 --a------ C:\WINDOWS\system32\msdtctm.dll 2007-04-24 20:42 94,720 --a------ C:\WINDOWS\system32\tscfgwmi.dll 2007-04-24 20:42 91,136 --a------ C:\WINDOWS\system32\mtxoci.dll 2007-04-24 20:42 9,728 --a------ C:\WINDOWS\system32\reset.exe 2007-04-24 20:42 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll 2007-04-24 20:42 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll 2007-04-24 20:42 80,896 --a------ C:\WINDOWS\system32\charmap.exe 2007-04-24 20:42 67,072 --a------ C:\WINDOWS\system32\rdshost.exe 2007-04-24 20:42 655,360 --a------ C:\WINDOWS\system32\mstscax.dll 2007-04-24 20:42 625,152 --a------ C:\WINDOWS\system32\catsrvut.dll 2007-04-24 20:42 62,464 --a------ C:\WINDOWS\system32\rdpclip.exe 2007-04-24 20:42 605,696 --a------ C:\WINDOWS\system32\getuname.dll 2007-04-24 20:42 60,928 --a------ C:\WINDOWS\system32\remotepg.dll 2007-04-24 20:42 60,416 --a------ C:\WINDOWS\system32\colbact.dll 2007-04-24 20:42 6,656 --a------ C:\WINDOWS\system32\wuauserv.dll 2007-04-24 20:42 6,144 --a------ C:\WINDOWS\system32\msdtc.exe 2007-04-24 20:42 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll 2007-04-24 20:42 58,880 --a------ C:\WINDOWS\system32\licwmi.dll 2007-04-24 20:42 57,344 --a------ C:\WINDOWS\system32\sol.exe 2007-04-24 20:42 56,320 --a------ C:\WINDOWS\system32\servdeps.dll 2007-04-24 20:42 55,808 --a------ C:\WINDOWS\system32\freecell.exe 2007-04-24 20:42 540,160 --a------ C:\WINDOWS\system32\comuid.dll 2007-04-24 20:42 54,272 --a------ C:\WINDOWS\system32\stclient.dll 2007-04-24 20:42 539,136 --a------ C:\WINDOWS\system32\spider.exe 2007-04-24 20:42 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe 2007-04-24 20:42 498,688 --a------ C:\WINDOWS\system32\clbcatq.dll 2007-04-24 20:42 44,544 --a------ C:\WINDOWS\system32\tscupgrd.exe 2007-04-24 20:42 426,496 --a------ C:\WINDOWS\system32\msdtcprx.dll 2007-04-24 20:42 408,576 --a------ C:\WINDOWS\system32\mstsc.exe 2007-04-24 20:42 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys 2007-04-24 20:42 4,608 --a------ C:\WINDOWS\system32\rdpcfgex.dll 2007-04-24 20:42 4,096 --a------ C:\WINDOWS\system32\mtxex.dll 2007-04-24 20:42 38,912 --a------ C:\WINDOWS\system32\cfgbkend.dll 2007-04-24 20:42 345,088 --a------ C:\WINDOWS\system32\mspaint.exe 2007-04-24 20:42 33,792 --a------ C:\WINDOWS\system32\regini.exe 2007-04-24 20:42 296,448 --a------ C:\WINDOWS\system32\termsrv.dll 2007-04-24 20:42 25,600 --a------ C:\WINDOWS\system32\comaddin.dll 2007-04-24 20:42 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll 2007-04-24 20:42 225,792 --a------ C:\WINDOWS\system32\catsrv.dll 2007-04-24 20:42 22,528 --a------ C:\WINDOWS\system32\qwinsta.exe 2007-04-24 20:42 22,528 --a------ C:\WINDOWS\system32\msg.exe 2007-04-24 20:42 21,896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys 2007-04-24 20:42 20,992 --a------ C:\WINDOWS\system32\qprocess.exe 2007-04-24 20:42 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll 2007-04-24 20:42 196,864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys 2007-04-24 20:42 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll 2007-04-24 20:42 187,904 --a------ C:\WINDOWS\system32\cmprops.dll 2007-04-24 20:42 17,920 --a------ C:\WINDOWS\system32\tsshutdn.exe 2007-04-24 20:42 17,920 --a------ C:\WINDOWS\system32\mmfutil.dll 2007-04-24 20:42 17,408 --a------ C:\WINDOWS\system32\qappsrv.exe 2007-04-24 20:42 161,280 --a------ C:\WINDOWS\system32\msdtcuiu.dll 2007-04-24 20:42 16,384 --a------ C:\WINDOWS\system32\tskill.exe 2007-04-24 20:42 16,384 --a------ C:\WINDOWS\system32\rwinsta.exe 2007-04-24 20:42 15,872 --a------ C:\WINDOWS\system32\logoff.exe 2007-04-24 20:42 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll 2007-04-24 20:42 15,360 --a------ C:\WINDOWS\system32\tsdiscon.exe 2007-04-24 20:42 15,360 --a------ C:\WINDOWS\system32\tscon.exe 2007-04-24 20:42 15,360 --a------ C:\WINDOWS\system32\shadow.exe 2007-04-24 20:42 147,968 --a------ C:\WINDOWS\system32\rdchost.dll 2007-04-24 20:42 147,456 --a------ C:\WINDOWS\system32\comsnap.dll 2007-04-24 20:42 141,824 --a------ C:\WINDOWS\system32\sessmgr.exe 2007-04-24 20:42 139,528 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys 2007-04-24 20:42 13,824 --a------ C:\WINDOWS\system32\rdsaddin.exe 2007-04-24 20:42 128,000 --a------ C:\WINDOWS\system32\mshearts.exe 2007-04-24 20:42 125,208 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-04-24 20:42 124,928 --a------ C:\WINDOWS\system32\mplay32.exe 2007-04-24 20:42 12,040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys 2007-04-24 20:42 119,808 --a------ C:\WINDOWS\system32\winmine.exe 2007-04-24 20:42 115,200 --a------ C:\WINDOWS\system32\calc.exe 2007-04-24 20:42 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll 2007-04-24 20:42 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll 2007-04-24 20:42 11,264 --a------ C:\WINDOWS\system32\icaapi.dll 2007-04-24 20:42 103,424 --a------ C:\WINDOWS\system32\clipbrd.exe 2007-04-24 20:42 1,343,768 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-04-24 20:42 1,267,200 --a------ C:\WINDOWS\system32\comsvcs.dll 2007-04-24 20:42 1,225 --a------ C:\WINDOWS\system32\usrlogon.cmd 2007-04-24 20:42 2007-04-24 20:42 2007-04-24 20:42 (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-05-02 16:33:42 49,712 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-05-02 16:33:42 355,830 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-04-24 18:45:40 -------- d-----w C:\Program Files\Usługi online 2007-03-17 13:45:36 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll 2007-03-08 15:38:47 579,072 ----a-w C:\WINDOWS\system32\user32.dll 2007-03-08 15:38:47 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll 2007-03-08 15:38:47 281,600 ----a-w C:\WINDOWS\system32\gdi32.dll 2007-03-08 15:37:33 1,843,840 ----a-w C:\WINDOWS\system32\win32k.sys (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] “{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}”=“C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll” “{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}”=“C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll” [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] “NeroFilterCheck”=“C:\WINDOWS\system32\NeroCheck.exe” “SoundMan”=“SOUNDMAN.EXE” “NvCplDaemon”=“RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup” “nwiz”=“nwiz.exe /install” “NvMediaCenter”=“RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit” “PowerS”=“C:\WINDOWS\PowerS.exe” “pdfFactory Pro Dispatcher v3”="“C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe” /source=HKLM" “Adobe Photo Downloader”="“C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe”" “AVG7_CC”=“C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP” “!AVG Anti-Spyware”="“C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe” /minimized" “SunJavaUpdateSched”="“C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe”" “WinampAgent”=“C:\Program Files\Winamp\winampa.exe” [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] “CTFMON.EXE”=“C:\WINDOWS\system32\ctfmon.exe” “Gadu-Gadu”="“C:\Program Files\Gadu-Gadu\gg.exe” /tray" “MSMSGS”="“C:\Program Files\Messenger\msmsgs.exe” /background" “Skype”="“C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized" “eMuleAutoStart”=“C:\Program Files\eMule\emule.exe -AutoStart” [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] “{57B86673-276A-48B2-BAE7-C6DBB3020EB8}”=“C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll” HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa Authentication Packages msv1_0\0\0 Security Packages kerberos\0msv1_0\0schannel\0wdigest\0\0 Notification Packages scecli\0\0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost] LocalService Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService DnsCache\0\0 rpcss RpcSs\0\0 imgsvc StiSvc\0\0 termsvcs TermService\0\0 HTTPFilter HTTPFilter\0\0 DcomLaunch DcomLaunch\0TermService\0\0 HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2{5d8b99a4-f2a2-11db-aebd-806d6172696f}] Shell\AutoRun\command C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2{5d8b99a5-f2a2-11db-aebd-806d6172696f}] Shell\AutoRun\command C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2{f1b8d4e0-f2a3-11db-a908-806d6172696f}] Shell\AutoRun\command C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe ******************************************************************** catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-05-09 20:47:03 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden services … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 ******************************************************************** Completion time: 2007-05-09 20:47:08 C:\ComboFix-quarantined-files.txt … 2007-05-09 20:47

Złączono Posta : 09.05.2007 (Sro) 21:16

dziekuje combofix rozwiązał problem i już wszystko śmiga

dzięki

Gutek · 9 Maj 2007 20:38

Uwaga: Jak wklejasz loga to obejmuj go znacznikiem (tagiem) CODE lub QUOTE

Otwórz Notatnik i wklej w nim to:

Plik >>> Zapisz jako >>> Ustaw rozszerzenie z TXT na Wszystkie pliki >>> zapisz pod nazwą FIX.REG >>> kliknij podwójnie zrobiony plik i potwierdź >>> reset kompa

kacper197 · 11 Maj 2007 13:30

dzięki Gutek. identyczny (jw) problem miałem