Wielkie dzięki, wklejam loga i czekam na dalsze wskazówki. Pozdrawiam
ComboFix 08-08-16.01 - Administrator 2008-08-17 17:07:02.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.1.1250.1.1045.18.107 [GMT 2:00]
Running from: C:\Documents and Settings\Administrator\Pulpit\ComboFix.exe
Command switches used :: C:\Documents and Settings\Administrator\Pulpit\CFScript.txt
* Created a new restore point
[color="red"][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED [img]http://www.forum.tweaks.pl/public/style_emoticons/default/excl.gif[/img][/b][/color]
FILE ::
C:\Documents and Settings\Administrator\fdfg.exe
C:\Documents and Settings\ASIA\ccaap.exe
C:\Documents and Settings\ASIA\ch32.exe
C:\Documents and Settings\ASIA\lat.exe
C:\Documents and Settings\ASIA\tam32.exe
C:\Documents and Settings\ASIA\v91.exe
C:\Documents and Settings\ASIA\woa32.exe
C:\Documents and Settings\ASIA\x.bat
C:\Documents and Settings\ASIA\yb2.exe
C:\WINDOWS\mrofinu1001186.exexe
C:\WINDOWS\system32\4.tmp
C:\WINDOWS\system32\helperl1svchost.exe
C:\WINDOWS\system32\helperl4svchost.exe
C:\WINDOWS\system32\helperll6.exe
C:\WINDOWS\system32\helpermnew2win.exe
C:\WINDOWS\System32\MYBHO.DLL
C:\WINDOWS\wmssvc.exe
C:\WINDOWS\wuaucpl.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft\SystemCertificates\My
C:\Documents and Settings\Administrator\fdfg.exe
C:\Documents and Settings\ASIA\ccaap.exe
C:\Documents and Settings\ASIA\ch32.exe
C:\Documents and Settings\ASIA\Dane aplikacji\Microsoft\SystemCertificates\My
C:\Documents and Settings\ASIA\lat.exe
C:\Documents and Settings\ASIA\tam32.exe
C:\Documents and Settings\ASIA\v91.exe
C:\Documents and Settings\ASIA\woa32.exe
C:\Documents and Settings\ASIA\x.bat
C:\Documents and Settings\ASIA\yb2.exe
C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft\SystemCertificates\My
C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft\SystemCertificates\My
C:\Program Files\Common Files\ppatch~1
C:\Program Files\Common Files\ppatch~1\??pPatch\
C:\Program Files\Common Files\ppatch~1\fast.exe
C:\Program Files\Common Files\Yazzle1560OinAdmin.exe
C:\Program Files\Common Files\Yazzle1560OinUninstaller.exe
C:\Program Files\inetget2
C:\WINDOWS\17PHolmes1001186.exe
C:\WINDOWS\b128.exe
C:\WINDOWS\b152.exe
C:\WINDOWS\mrofinu1001186.exe
C:\WINDOWS\mrofinu1001186.exe.tmp
C:\WINDOWS\system32\ciadmi.dll
C:\WINDOWS\system32\helperl1svchost.exe
C:\WINDOWS\system32\helperl4svchost.exe
C:\WINDOWS\system32\helperll6.exe
C:\WINDOWS\system32\helpermnew2win.exe
C:\WINDOWS\System32\MYBHO.DLL
C:\WINDOWS\wmssvc.exe
C:\WINDOWS\wuaucpl.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_DP1112
-------\Legacy_L2
-------\Legacy_MNEW2WIN
-------\Legacy_NET_SERVICE
-------\Legacy_NSMS
-------\Legacy_NTRCS
-------\Legacy_REMOTE_MAP_MANAGER
-------\Legacy_REMOTE_READER_MACHINE
-------\Legacy_SPOOLSVC213
-------\Legacy_TIME
-------\Legacy_WGAREG
-------\Legacy_WIN32KERNEL
-------\Legacy_WIN32_LOGIN
-------\Legacy_WTIME
-------\Service_DP1112
-------\Service_l2
-------\Service_mnew2win
-------\Service_NET Service
-------\Service_nsms
-------\Service_ntrcs
-------\Service_Remote Map Manager
-------\Service_Remote Reader Machine
-------\Service_SpoolSvc213
-------\Service_Time
-------\Service_wgareg
-------\Service_Win32 Login
-------\Service_Win32Kernel
-------\Service_WTime
((((((((((((((((((((((((( Files Created from 2008-07-17 to 2008-08-17 )))))))))))))))))))))))))))))))
.
2008-08-16 12:44 . 2008-08-16 12:44 46,080 --ah----- C:\WINDOWS\system32\zkumy.exe
2008-08-16 12:43 . 2008-08-16 12:43 0 --a------ C:\WINDOWS\system32\B.tmp
2008-08-13 13:54 . 2008-08-13 13:54 <DIR> d-------- C:\Program Files\Google
2008-08-13 13:53 . 2008-08-13 13:57 <DIR> d-------- C:\Program Files\Picasa2
2008-08-12 17:47 . 2008-08-12 17:48 <DIR> d-------- C:\Program Files\a-squared HiJackFree
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-17 13:54 --------- d-----w C:\Program Files\Tlen.pl
2008-08-16 14:35 --------- d-----w C:\Documents and Settings\Administrator\Dane aplikacji\Skype
2008-08-12 15:49 --------- d-----w C:\Program Files\Trend Micro
2007-10-13 14:51 17,144 ----a-w C:\Documents and Settings\Administrator\Dane aplikacji\GDIPFONTCACHEV1.DAT
2007-02-20 11:02 31 ----a-w C:\Documents and Settings\Administrator\getfile.dat
2006-07-16 15:02 31 ----a-w C:\Documents and Settings\ASIA\getfile.dat
.
------- Sigcheck -------
2002-09-20 19:05 1015296 925387582296260489564ae2aa284322 C:\WINDOWS\explorer.exe
2002-09-20 19:05 1015296 1a99a4e504e5cbaa19d554b42f034594 C:\WINDOWS\system32\dllcache\explorer.exe
2002-09-20 19:05 23040 4187d9d4d94fcd138ce9ae352d5a9f3c C:\WINDOWS\system32\ctfmon.exe
2002-09-20 19:05 23040 07f4a458e913beb87f1b75bc99987efd C:\WINDOWS\system32\dllcache\ctfmon.exe
2002-09-20 19:05 152064 23c0106b37d81b6e2606b500677e9061 C:\WINDOWS\system32\wuauclt.exe
2002-09-20 19:05 152064 b42ad01455d2c18351b95d45c813b1ad C:\WINDOWS\system32\dllcache\wuauclt.exe
2002-09-20 19:05 32256 0d55bb6aec2e7361cad1d396b98f5a35 C:\WINDOWS\system32\userinit.exe
2002-09-20 19:05 32256 edbe5fd297b5fdae18c2e29a3b9f1ad9 C:\WINDOWS\system32\dllcache\userinit.exe
.
((((((((((((((((((((((((((((( snapshot@2008-08-16_12.43.41.67 )))))))))))))))))))))))))))))))))))))))))
.
- 2003-05-11 14:26:44 89,600 -c----w C:\WINDOWS\$NtUninstallKB822603$\spuninst\spuninst.exe
+ 2003-05-11 14:26:44 99,328 -c----w C:\WINDOWS\$NtUninstallKB822603$\spuninst\spuninst.exe
- 2005-10-20 18:02:28 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-20 18:02:28 173,056 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE
- 2005-10-20 18:02:28 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2005-10-20 18:02:28 173,056 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
- 2002-09-20 17:05:48 249,856 ----a-w C:\WINDOWS\inf\unregmp2.exe
+ 2002-09-20 17:05:48 262,144 ----a-w C:\WINDOWS\inf\unregmp2.exe
- 2007-10-23 00:59:17 167,936 ----a-r C:\WINDOWS\Installer\{90280415-6000-11D3-8CFE-0050048383C9}\accicons.exe
+ 2007-10-23 00:59:17 180,224 ----a-r C:\WINDOWS\Installer\{90280415-6000-11D3-8CFE-0050048383C9}\accicons.exe
- 2007-10-23 00:59:17 2,560 ----a-r C:\WINDOWS\Installer\{90280415-6000-11D3-8CFE-0050048383C9}\cagicon.exe
+ 2007-10-23 00:59:17 12,288 ----a-r C:\WINDOWS\Installer\{90280415-6000-11D3-8CFE-0050048383C9}\cagicon.exe
- 2007-10-23 00:59:17 81,920 ----a-r C:\WINDOWS\Installer\{90280415-6000-11D3-8CFE-0050048383C9}\fpicon.exe
+ 2007-10-23 00:59:17 94,208 ----a-r C:\WINDOWS\Installer\{90280415-6000-11D3-8CFE-0050048383C9}\fpicon.exe
- 2007-10-23 00:59:17 34,304 ----a-r C:\WINDOWS\Installer\{90280415-6000-11D3-8CFE-0050048383C9}\misc.exe
+ 2007-10-23 00:59:17 44,032 ----a-r C:\WINDOWS\Installer\{90280415-6000-11D3-8CFE-0050048383C9}\misc.exe
- 2007-10-23 00:59:17 114,688 ----a-r C:\WINDOWS\Installer\{90280415-6000-11D3-8CFE-0050048383C9}\outicon.exe
+ 2007-10-23 00:59:17 126,976 ----a-r C:\WINDOWS\Installer\{90280415-6000-11D3-8CFE-0050048383C9}\outicon.exe
- 2007-10-23 00:59:17 30,720 ----a-r C:\WINDOWS\Installer\{90280415-6000-11D3-8CFE-0050048383C9}\pptico.exe
+ 2007-10-23 00:59:17 40,448 ----a-r C:\WINDOWS\Installer\{90280415-6000-11D3-8CFE-0050048383C9}\pptico.exe
- 2007-10-23 00:59:16 45,056 ----a-r C:\WINDOWS\Installer\{90280415-6000-11D3-8CFE-0050048383C9}\wordicon.exe
+ 2007-10-23 00:59:16 57,344 ----a-r C:\WINDOWS\Installer\{90280415-6000-11D3-8CFE-0050048383C9}\wordicon.exe
- 2007-10-23 00:59:16 90,112 ----a-r C:\WINDOWS\Installer\{90280415-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2007-10-23 00:59:16 102,400 ----a-r C:\WINDOWS\Installer\{90280415-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2002-01-02 18:34:42 63,488 ----a-w C:\WINDOWS\LastGood.Tmp\System32\amstream.dll
+ 2002-09-20 17:03:38 1,180,672 ----a-w C:\WINDOWS\LastGood.Tmp\System32\d3d8.dll
+ 2002-01-02 18:34:52 8,192 ----a-w C:\WINDOWS\LastGood.Tmp\System32\d3d8thk.dll
+ 2002-01-02 18:34:52 436,224 ----a-w C:\WINDOWS\LastGood.Tmp\System32\d3dim.dll
+ 2002-01-02 18:34:52 791,040 ----a-w C:\WINDOWS\LastGood.Tmp\System32\d3dim700.dll
+ 2002-01-02 18:34:52 34,816 ----a-w C:\WINDOWS\LastGood.Tmp\System32\d3dpmesh.dll
+ 2002-01-02 18:34:52 590,336 ----a-w C:\WINDOWS\LastGood.Tmp\System32\d3dramp.dll
+ 2002-01-02 18:34:52 350,208 ----a-w C:\WINDOWS\LastGood.Tmp\System32\d3drm.dll
+ 2002-01-02 18:34:52 47,616 ----a-w C:\WINDOWS\LastGood.Tmp\System32\d3dxof.dll
+ 2002-09-20 17:03:40 253,440 ----a-w C:\WINDOWS\LastGood.Tmp\System32\ddraw.dll
+ 2002-01-02 18:34:54 24,064 ----a-w C:\WINDOWS\LastGood.Tmp\System32\ddrawex.dll
+ 2002-01-02 18:34:54 51,712 ----a-w C:\WINDOWS\LastGood.Tmp\System32\devenum.dll
+ 2002-01-02 18:34:54 394,752 ----a-w C:\WINDOWS\LastGood.Tmp\System32\diactfrm.dll
+ 2002-01-02 18:34:54 44,032 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dimap.dll
+ 2002-09-20 17:03:40 156,160 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dinput.dll
+ 2002-09-20 17:03:40 173,056 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dinput8.dll
+ 2002-12-11 23:14:32 64,512 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\amstream.dll
+ 2004-07-09 03:27:28 1,201,152 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\d3d8.dll
+ 2002-12-11 23:14:32 8,192 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\d3d8thk.dll
+ 2002-01-02 18:34:52 436,224 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\d3dim.dll
+ 2003-05-30 08:00:02 797,184 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\d3dim700.dll
+ 2002-01-02 18:34:52 34,816 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\d3dpmesh.dll
+ 2002-01-02 18:34:52 590,336 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\d3dramp.dll
+ 2002-01-02 18:34:52 350,208 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\d3drm.dll
+ 2002-01-02 18:34:52 47,616 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\d3dxof.dll
+ 2004-07-09 03:27:28 292,864 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\ddraw.dll
+ 2002-12-11 23:14:32 24,064 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\ddrawex.dll
+ 2002-01-02 18:34:54 51,712 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\devenum.dll
+ 2002-01-02 18:34:54 394,752 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\diactfrm.dll
+ 2002-01-02 18:34:54 44,032 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dimap.dll
+ 2002-09-20 17:03:40 156,160 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dinput.dll
+ 2002-09-20 17:03:40 173,056 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dinput8.dll
+ 2002-12-11 23:14:32 27,136 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dmband.dll
+ 2002-12-11 23:14:32 58,368 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dmcompos.dll
+ 2004-07-09 03:27:28 181,248 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dmime.dll
+ 2002-12-11 23:14:32 33,280 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dmloader.dll
+ 2002-12-11 23:14:32 76,800 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dmscript.dll
+ 2002-12-11 23:14:32 98,816 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dmstyle.dll
+ 2002-12-11 23:14:32 100,864 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dmsynth.dll
+ 2004-07-09 03:27:28 122,880 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dmusic.dll
+ 2002-12-11 23:14:32 28,160 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dplaysvr.exe
+ 2004-07-09 03:27:28 230,400 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dplayx.dll
+ 2002-12-11 23:14:32 77,824 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dpmodemx.dll
+ 2002-12-11 23:14:32 3,072 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dpnaddr.dll
+ 2002-12-11 23:14:32 723,968 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dpnet.dll
+ 2003-03-24 08:00:02 32,768 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dpnhpast.dll
+ 2002-09-20 17:03:40 56,320 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dpnhupnp.dll
+ 2002-12-11 23:14:32 3,072 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dpnlobby.dll
+ 2002-12-11 23:14:32 16,896 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dpnsvr.exe
+ 2002-12-11 23:14:32 19,968 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dpvacm.dll
+ 2002-12-11 23:14:32 381,952 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dpvoice.dll
+ 2002-12-11 23:14:32 80,896 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dpvsetup.exe
+ 2002-12-11 23:14:32 112,128 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dpvvox.dll
+ 2004-07-09 03:27:28 79,360 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dpwsockx.dll
+ 2002-12-11 23:14:32 186,880 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dsdmo.dll
+ 2002-12-11 23:14:32 491,520 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dsdmoprp.dll
+ 2002-01-02 18:35:12 338,944 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dsound.dll
+ 2002-12-11 23:14:32 1,294,336 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dsound3d.dll
+ 2002-12-11 23:14:32 18,432 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dswave.dll
+ 2002-12-11 23:14:32 602,624 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dx7vb.dll
+ 2003-05-30 08:00:02 1,189,888 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dx8vb.dll
+ 2002-01-02 18:35:12 10,496 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dxapi.sys
+ 2004-07-09 03:27:28 974,848 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\dxdiag.exe
+ 2002-01-02 18:35:16 77,312 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\gcdef.dll
+ 2002-12-11 23:14:32 34,304 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\mciqtz32.dll
+ 2002-01-02 18:35:40 11,264 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\msdmo.dll
+ 2002-09-20 17:04:32 1,223,168 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\msvidctl.dll
+ 2002-12-11 23:14:32 324,096 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\mswebdvd.dll
+ 2002-12-11 15:34:40 241,664 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\qasf.dll
+ 2002-12-11 23:14:32 257,024 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\qcap.dll
+ 2004-07-09 03:27:28 316,928 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\qdv.dll
+ 2004-07-09 03:27:28 470,528 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\qdvd.dll
+ 2002-12-11 23:14:32 1,798,144 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\qedit.dll
+ 2002-12-11 23:14:32 733,184 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\qedwipes.dll
+ 2002-09-20 17:04:40 1,146,368 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\quartz.dll
+ 2002-01-02 18:36:40 46,592 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DLLCache\wstdecod.dll
+ 2002-09-20 17:03:40 26,112 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dmband.dll
+ 2002-09-20 17:03:40 57,344 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dmcompos.dll
+ 2002-09-20 17:03:40 172,544 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dmime.dll
+ 2002-09-20 17:03:40 31,744 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dmloader.dll
+ 2002-09-20 17:03:40 77,312 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dmscript.dll
+ 2002-09-20 17:03:40 110,080 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dmstyle.dll
+ 2002-01-02 18:34:56 99,840 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dmsynth.dll
+ 2002-09-20 17:03:40 94,720 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dmusic.dll
+ 2002-01-02 18:34:56 26,112 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dplaysvr.exe
+ 2002-01-02 18:34:56 212,992 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dplayx.dll
+ 2002-01-02 18:34:56 21,504 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dpmodemx.dll
+ 2002-01-02 18:34:56 26,112 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dpnaddr.dll
+ 2002-09-20 17:03:40 156,672 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dpnet.dll
+ 2002-09-20 17:03:40 29,696 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dpnhpast.dll
+ 2002-09-20 17:03:40 56,320 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dpnhupnp.dll
+ 2002-01-02 18:34:56 38,400 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dpnlobby.dll
+ 2002-01-02 18:34:56 18,944 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dpnsvr.exe
+ 2002-01-02 18:34:56 24,064 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dpvacm.dll
+ 2002-09-20 17:03:40 206,848 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dpvoice.dll
+ 2002-09-20 17:05:20 58,368 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dpvsetup.exe
+ 2002-01-02 18:34:56 113,152 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dpvvox.dll
+ 2002-09-20 17:03:40 49,664 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dpwsockx.dll
+ 2002-01-02 18:35:12 10,496 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DRIVERS\dxapi.sys
+ 2002-09-20 17:18:00 131,712 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DRIVERS\ks.sys
+ 2002-08-29 00:27:12 7,040 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DRIVERS\mskssrv.sys
+ 2001-08-17 20:48:42 5,120 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DRIVERS\mspclock.sys
+ 2001-08-17 20:48:46 4,608 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DRIVERS\mspqm.sys
+ 2002-09-20 17:18:00 44,416 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DRIVERS\stream.sys
+ 2002-01-02 18:35:12 3,840 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DRIVERS\swenum.sys
+ 2002-08-28 23:32:54 28,160 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DRIVERS\usbccgp.sys
+ 2003-07-03 15:50:46 25,216 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DRIVERS\usbehci.sys
+ 2002-08-29 00:32:50 51,968 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DRIVERS\usbhub.sys
+ 2002-08-29 00:32:52 135,552 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DRIVERS\usbport.sys
+ 2002-08-29 00:32:50 19,328 ----a-w C:\WINDOWS\LastGood.Tmp\System32\DRIVERS\usbuhci.sys
+ 2007-03-30 15:07:42 267,864 ----a-r C:\WINDOWS\LastGood.Tmp\System32\DRVSTORE\hpodcsla_AA90739FE6CE6410E6FD075E7696EADED8A3F90D\hpzids01.dll
+ 2007-03-08 04:20:45 309,760 ----a-r C:\WINDOWS\LastGood.Tmp\System32\DRVSTORE\hposcu10_4FC8229DA1D7F81E72322B6F2DBB249746ABAFD7\drivers\dot4\Win2000\difxapi.dll
+ 2007-03-08 04:20:46 364,544 ----a-r C:\WINDOWS\LastGood.Tmp\System32\DRVSTORE\hposcu10_4FC8229DA1D7F81E72322B6F2DBB249746ABAFD7\drivers\dot4\Win2000\hppldcoi.dll
+ 2007-03-17 16:11:12 229,376 ----a-r C:\WINDOWS\LastGood.Tmp\System32\DRVSTORE\hposcu10_4FC8229DA1D7F81E72322B6F2DBB249746ABAFD7\drivers\scanner\x32\hpotpusd.dll
+ 2007-03-17 16:11:12 569,344 ----a-r C:\WINDOWS\LastGood.Tmp\System32\DRVSTORE\hposcu10_4FC8229DA1D7F81E72322B6F2DBB249746ABAFD7\drivers\scanner\x32\hpotscl3.dll
+ 2007-03-17 16:11:13 303,104 ----a-r C:\WINDOWS\LastGood.Tmp\System32\DRVSTORE\hposcu10_4FC8229DA1D7F81E72322B6F2DBB249746ABAFD7\drivers\scanner\x32\hpovst10.dll
+ 2007-03-17 16:11:13 675,840 ----a-r C:\WINDOWS\LastGood.Tmp\System32\DRVSTORE\hposcu10_4FC8229DA1D7F81E72322B6F2DBB249746ABAFD7\drivers\scanner\x32\hpowiax3.dll
+ 2007-03-08 04:20:48 49,920 ----a-r C:\WINDOWS\LastGood.Tmp\System32\DRVSTORE\hpzid413_F75AD070CF6AC37359152FFE52115AEC89378C94\drivers\dot4\Win2000\HPZid412.sys
+ 2007-03-08 04:20:45 309,760 ----a-r C:\WINDOWS\LastGood.Tmp\System32\DRVSTORE\hpzipa13_DB40AE39DB38AD8D2AF2D8E4340ABA1C191DE2CE\drivers\dot4\Win2000\difxapi.dll
+ 2007-03-08 04:20:46 364,544 ----a-r C:\WINDOWS\LastGood.Tmp\System32\DRVSTORE\hpzipa13_DB40AE39DB38AD8D2AF2D8E4340ABA1C191DE2CE\drivers\dot4\Win2000\hppldcoi.dll
+ 2007-03-08 04:20:48 49,920 ----a-r C:\WINDOWS\LastGood.Tmp\System32\DRVSTORE\hpzipa13_DB40AE39DB38AD8D2AF2D8E4340ABA1C191DE2CE\drivers\dot4\Win2000\HPZid412.sys
+ 2007-03-08 04:20:49 16,496 ----a-r C:\WINDOWS\LastGood.Tmp\System32\DRVSTORE\hpzipa13_DB40AE39DB38AD8D2AF2D8E4340ABA1C191DE2CE\drivers\dot4\Win2000\HPzipr12.sys
+ 2007-03-08 04:20:50 21,568 ----a-r C:\WINDOWS\LastGood.Tmp\System32\DRVSTORE\hpzipa13_DB40AE39DB38AD8D2AF2D8E4340ABA1C191DE2CE\drivers\dot4\Win2000\HPZius12.sys
+ 2007-03-08 04:20:37 282,624 ----a-r C:\WINDOWS\LastGood.Tmp\System32\DRVSTORE\hpzipa13_DB40AE39DB38AD8D2AF2D8E4340ABA1C191DE2CE\HPZc3212.dll
+ 2007-03-08 04:20:49 16,496 ----a-r C:\WINDOWS\LastGood.Tmp\System32\DRVSTORE\hpzipr13_9B62D8E7E43E761D5D4A9F1967C0FC868E8BC390\drivers\dot4\Win2000\HPZipr12.sys
+ 2007-03-08 04:20:45 309,760 ----a-r C:\WINDOWS\LastGood.Tmp\System32\DRVSTORE\hpzius13_9B9B07948B5298EA9F9D379B539EC8677D74FF6B\drivers\dot4\Win2000\difxapi.dll
+ 2007-03-08 04:20:46 364,544 ----a-r C:\WINDOWS\LastGood.Tmp\System32\DRVSTORE\hpzius13_9B9B07948B5298EA9F9D379B539EC8677D74FF6B\drivers\dot4\Win2000\hppldcoi.dll
+ 2007-03-08 04:20:48 49,920 ----a-r C:\WINDOWS\LastGood.Tmp\System32\DRVSTORE\hpzius13_9B9B07948B5298EA9F9D379B539EC8677D74FF6B\drivers\dot4\Win2000\hpzid412.sys
+ 2007-03-08 04:20:49 16,496 ----a-r C:\WINDOWS\LastGood.Tmp\System32\DRVSTORE\hpzius13_9B9B07948B5298EA9F9D379B539EC8677D74FF6B\drivers\dot4\Win2000\hpzipr12.sys
+ 2007-03-08 04:20:50 21,568 ----a-r C:\WINDOWS\LastGood.Tmp\System32\DRVSTORE\hpzius13_9B9B07948B5298EA9F9D379B539EC8677D74FF6B\drivers\dot4\Win2000\HPZius12.sys
+ 2007-03-08 04:20:52 16,800 ----a-r C:\WINDOWS\LastGood.Tmp\System32\DRVSTORE\hpzius13_9B9B07948B5298EA9F9D379B539EC8677D74FF6B\drivers\dot4\WinxP\Hppaufd0.sys
+ 2007-03-08 04:20:37 282,624 ----a-r C:\WINDOWS\LastGood.Tmp\System32\DRVSTORE\hpzius13_9B9B07948B5298EA9F9D379B539EC8677D74FF6B\HPZc3212.dll
+ 2002-01-02 18:35:12 165,888 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dsdmo.dll
+ 2002-01-02 18:35:12 67,584 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dsdmoprp.dll
+ 2002-01-02 18:35:12 338,944 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dsound.dll
+ 2002-01-02 18:35:12 1,293,824 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dsound3d.dll
+ 2002-01-02 18:35:12 16,896 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dswave.dll
+ 2002-01-02 18:35:12 595,456 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dx7vb.dll
+ 2002-01-02 18:35:12 1,185,792 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dx8vb.dll
+ 2002-09-20 17:05:20 794,624 ----a-w C:\WINDOWS\LastGood.Tmp\System32\dxdiag.exe
+ 2002-09-20 17:03:48 12,288 ----a-w C:\WINDOWS\LastGood.Tmp\System32\encapi.dll
+ 2002-01-02 18:35:16 77,312 ----a-w C:\WINDOWS\LastGood.Tmp\System32\gcdef.dll
+ 2001-10-26 16:27:02 4,096 ----a-w C:\WINDOWS\LastGood.Tmp\System32\ksuser.dll
+ 2002-01-02 18:35:32 33,280 ----a-w C:\WINDOWS\LastGood.Tmp\System32\mciqtz32.dll
+ 2002-01-02 18:35:40 11,264 ----a-w C:\WINDOWS\LastGood.Tmp\System32\msdmo.dll
+ 2002-09-20 17:04:32 1,223,168 ----a-w C:\WINDOWS\LastGood.Tmp\System32\msvidctl.dll
+ 2002-09-20 17:04:32 193,024 ----a-w C:\WINDOWS\LastGood.Tmp\System32\mswebdvd.dll
+ 2002-01-02 18:35:12 16,384 ----a-w C:\WINDOWS\LastGood.Tmp\System32\msyuv.dll
+ 2002-09-20 17:18:00 31,744 ----a-w C:\WINDOWS\LastGood.Tmp\System32\pid.dll
+ 2002-12-11 15:34:40 241,664 ----a-w C:\WINDOWS\LastGood.Tmp\System32\qasf.dll
+ 2002-09-20 17:04:40 184,832 ----a-w C:\WINDOWS\LastGood.Tmp\System32\qcap.dll
+ 2002-01-02 18:36:10 266,752 ----a-w C:\WINDOWS\LastGood.Tmp\System32\qdv.dll
+ 2002-09-20 17:04:40 358,400 ----a-w C:\WINDOWS\LastGood.Tmp\System32\qdvd.dll
+ 2002-09-20 17:04:40 512,512 ----a-w C:\WINDOWS\LastGood.Tmp\System32\qedit.dll
+ 2002-01-02 18:36:10 734,208 ----a-w C:\WINDOWS\LastGood.Tmp\System32\qedwipes.dll
+ 2002-09-20 17:04:40 1,146,368 ----a-w C:\WINDOWS\LastGood.Tmp\System32\quartz.dll
+ 2002-01-02 18:36:40 46,592 ----a-w C:\WINDOWS\LastGood.Tmp\System32\wstdecod.dll
+ 2006-02-03 07:41:26 14,032 ----a-w C:\WINDOWS\LastGood.Tmp\System32\x3daudio1_0.dll
- 2000-08-31 06:00:00 28,672 ----a-w C:\WINDOWS\Nircmd.exe
+ 2000-08-31 06:00:00 38,400 ----a-w C:\WINDOWS\Nircmd.exe
- 2002-01-02 18:35:56 67,072 ----a-w C:\WINDOWS\NOTEPAD.EXE
+ 2002-01-02 18:35:56 76,800 ----a-w C:\WINDOWS\NOTEPAD.EXE
- 2002-09-20 17:05:26 742,400 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpCtr.exe
+ 2002-09-20 17:05:26 752,128 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpCtr.exe
- 2002-09-20 17:05:40 137,216 ----a-w C:\WINDOWS\regedit.exe
+ 2002-09-20 17:05:40 146,944 ----a-w C:\WINDOWS\regedit.exe
- 2002-12-11 23:14:32 28,160 -c--a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dplaysvr.exe
+ 2002-12-11 23:14:32 37,888 -c--a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dplaysvr.exe
- 2002-12-11 23:14:32 16,896 -c--a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnsvr.exe
+ 2002-12-11 23:14:32 26,624 -c--a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnsvr.exe
- 2002-12-11 23:14:32 80,896 -c--a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvsetup.exe
+ 2002-12-11 23:14:32 90,624 -c--a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvsetup.exe
- 2004-07-09 03:27:28 974,848 -c--a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdiag.exe
+ 2004-07-09 03:27:28 987,136 -c--a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdiag.exe
- 2002-12-11 23:14:32 46,592 -c--a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdllreg.exe
+ 2002-12-11 23:14:32 56,320 -c--a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdllreg.exe
- 2000-08-31 06:00:00 98,816 ----a-w C:\WINDOWS\sed.exe
+ 2000-08-31 06:00:00 108,544 ----a-w C:\WINDOWS\sed.exe
- 2004-01-09 01:54:06 65,536 ------w C:\WINDOWS\soundman.exe
+ 2004-01-09 01:54:06 75,264 ------w C:\WINDOWS\soundman.exe
- 2000-08-31 06:00:00 161,792 ----a-w C:\WINDOWS\swreg.exe
+ 2000-08-31 06:00:00 171,520 ----a-w C:\WINDOWS\swreg.exe
- 2006-08-20 18:30:03 4,356 -c--a-w C:\WINDOWS\system32\11101072ld.exe
+ 2006-08-20 18:30:03 23,812 -c--a-w C:\WINDOWS\system32\11101072ld.exe
- 2006-10-25 08:01:35 4,356 -c--a-w C:\WINDOWS\system32\1141242ld.exe
+ 2006-10-25 08:01:35 14,084 -c--a-w C:\WINDOWS\system32\1141242ld.exe
- 2006-08-17 16:02:35 11,616 -c--a-w C:\WINDOWS\system32\1169522ld.exe
+ 2006-08-17 16:02:35 21,344 -c--a-w C:\WINDOWS\system32\1169522ld.exe
- 2006-08-27 11:13:49 11,616 -c--a-w C:\WINDOWS\system32\12187482ld.exe
+ 2006-08-27 11:13:49 21,344 -c--a-w C:\WINDOWS\system32\12187482ld.exe
- 2006-08-25 18:14:29 11,616 -c--a-w C:\WINDOWS\system32\13126702ld.exe
+ 2006-08-25 18:14:29 21,344 -c--a-w C:\WINDOWS\system32\13126702ld.exe
- 2006-08-17 16:14:56 11,616 -c--a-w C:\WINDOWS\system32\13156362ld.exe
+ 2006-08-17 16:14:56 21,344 -c--a-w C:\WINDOWS\system32\13156362ld.exe
- 2006-08-17 17:16:37 11,616 -c--a-w C:\WINDOWS\system32\14598222ld.exe
+ 2006-08-17 17:16:37 31,072 -c--a-w C:\WINDOWS\system32\14598222ld.exe
- 2006-08-22 08:15:48 11,616 -c--a-w C:\WINDOWS\system32\1461712ld.exe
+ 2006-08-22 08:15:48 31,072 -c--a-w C:\WINDOWS\system32\1461712ld.exe
- 2006-08-17 15:15:27 11,616 -c--a-w C:\WINDOWS\system32\1487562ld.exe
+ 2006-08-17 15:15:27 31,072 -c--a-w C:\WINDOWS\system32\1487562ld.exe
- 2006-09-21 18:03:19 11,616 -c--a-w C:\WINDOWS\system32\1491372ld.exe
+ 2006-09-21 18:03:19 31,072 -c--a-w C:\WINDOWS\system32\1491372ld.exe
- 2006-08-18 15:17:43 11,616 -c--a-w C:\WINDOWS\system32\15122852ld.exe
+ 2006-08-18 15:17:43 31,072 -c--a-w C:\WINDOWS\system32\15122852ld.exe
- 2006-09-24 21:17:45 11,616 -c--a-w C:\WINDOWS\system32\16151982ld.exe
+ 2006-09-24 21:17:45 31,072 -c--a-w C:\WINDOWS\system32\16151982ld.exe
- 2006-09-01 18:17:48 11,616 -c--a-w C:\WINDOWS\system32\16375712ld.exe
+ 2006-09-01 18:17:48 40,800 -c--a-w C:\WINDOWS\system32\16375712ld.exe
- 2006-08-27 17:18:18 11,616 -c--a-w C:\WINDOWS\system32\16447042ld.exe
+ 2006-08-27 17:18:18 31,072 -c--a-w C:\WINDOWS\system32\16447042ld.exe
- 2006-08-17 16:18:20 11,616 -c--a-w C:\WINDOWS\system32\1716912ld.exe
+ 2006-08-17 16:18:20 31,072 -c--a-w C:\WINDOWS\system32\1716912ld.exe
- 2006-08-20 14:19:44 11,616 -c--a-w C:\WINDOWS\system32\17208682ld.exe
+ 2006-08-20 14:19:44 31,072 -c--a-w C:\WINDOWS\system32\17208682ld.exe
- 2006-08-17 14:18:51 11,616 -c--a-w C:\WINDOWS\system32\17316812ld.exe
+ 2006-08-17 14:18:51 31,072 -c--a-w C:\WINDOWS\system32\17316812ld.exe
- 2006-08-17 15:20:20 11,616 -c--a-w C:\WINDOWS\system32\1918272ld.exe
+ 2006-08-17 15:20:20 31,072 -c--a-w C:\WINDOWS\system32\1918272ld.exe
- 2006-08-24 08:21:22 11,616 -c--a-w C:\WINDOWS\system32\20129192ld.exe
+ 2006-08-24 08:21:22 31,072 -c--a-w C:\WINDOWS\system32\20129192ld.exe
- 2006-09-02 17:22:27 17,424 -c--a-w C:\WINDOWS\system32\21353612ld.exe
+ 2006-09-02 17:22:27 36,880 -c--a-w C:\WINDOWS\system32\21353612ld.exe
+ 2006-08-27 17:12:45 30,636 -c--a-w C:\WINDOWS\system32\21503862ld.exe
- 2006-08-17 14:24:33 11,616 -c--a-w C:\WINDOWS\system32\2229192ld.exe
+ 2006-08-17 14:24:33 31,072 -c--a-w C:\WINDOWS\system32\2229192ld.exe
- 2006-08-17 15:24:24 11,616 -c--a-w C:\WINDOWS\system32\22373872ld.exe
+ 2006-08-17 15:24:24 31,072 -c--a-w C:\WINDOWS\system32\22373872ld.exe
- 2006-08-27 12:05:27 11,616 -c--a-w C:\WINDOWS\system32\228492ld.exe
+ 2006-08-27 12:05:27 31,072 -c--a-w C:\WINDOWS\system32\228492ld.exe
- 2006-08-26 12:24:59 11,616 -c--a-w C:\WINDOWS\system32\23266662ld.exe
+ 2006-08-26 12:24:59 31,072 -c--a-w C:\WINDOWS\system32\23266662ld.exe
- 2006-11-24 16:26:31 11,616 -c--a-w C:\WINDOWS\system32\24113792ld.exe
+ 2006-11-24 16:26:31 31,072 -c--a-w C:\WINDOWS\system32\24113792ld.exe
- 2006-08-15 18:24:29 4,356 -c--a-w C:\WINDOWS\system32\2422482ld.exe
+ 2006-08-15 18:24:29 23,812 -c--a-w C:\WINDOWS\system32\2422482ld.exe
- 2006-08-17 14:04:24 11,616 -c--a-w C:\WINDOWS\system32\2454172ld.exe
+ 2006-08-17 14:04:24 31,072 -c--a-w C:\WINDOWS\system32\2454172ld.exe
- 2006-08-17 16:26:23 11,616 -c--a-w C:\WINDOWS\system32\2495562ld.exe
+ 2006-08-17 16:26:23 31,072 -c--a-w C:\WINDOWS\system32\2495562ld.exe
- 2006-08-19 13:03:53 11,616 -c--a-w C:\WINDOWS\system32\2536502ld.exe
+ 2006-08-19 13:03:53 31,072 -c--a-w C:\WINDOWS\system32\2536502ld.exe
- 2006-08-17 15:04:36 11,616 -c--a-w C:\WINDOWS\system32\2584122ld.exe
+ 2006-08-17 15:04:36 31,072 -c--a-w C:\WINDOWS\system32\2584122ld.exe
- 2006-08-17 14:27:56 11,616 -c--a-w C:\WINDOWS\system32\2637152ld.exe
+ 2006-08-17 14:27:56 31,072 -c--a-w C:\WINDOWS\system32\2637152ld.exe
- 2006-08-17 17:27:58 11,616 -c--a-w C:\WINDOWS\system32\26482272ld.exe
+ 2006-08-17 17:27:58 31,072 -c--a-w C:\WINDOWS\system32\26482272ld.exe
- 2006-08-27 10:29:19 11,616 -c--a-w C:\WINDOWS\system32\27595442ld.exe
+ 2006-08-27 10:29:19 31,072 -c--a-w C:\WINDOWS\system32\27595442ld.exe
- 2006-08-24 21:30:44 11,616 -c--a-w C:\WINDOWS\system32\2817932ld.exe
+ 2006-08-24 21:30:44 31,072 -c--a-w C:\WINDOWS\system32\2817932ld.exe
- 2006-08-23 21:32:15 11,616 -c--a-w C:\WINDOWS\system32\28281152ld.exe
+ 2006-08-23 21:32:15 31,072 -c--a-w C:\WINDOWS\system32\28281152ld.exe
- 2006-08-17 15:31:07 11,616 -c--a-w C:\WINDOWS\system32\29477362ld.exe
+ 2006-08-17 15:31:07 31,072 -c--a-w C:\WINDOWS\system32\29477362ld.exe
- 2006-08-17 16:31:33 11,616 -c--a-w C:\WINDOWS\system32\30147412ld.exe
+ 2006-08-17 16:31:33 31,072 -c--a-w C:\WINDOWS\system32\30147412ld.exe
- 2006-08-17 14:31:33 11,616 -c--a-w C:\WINDOWS\system32\3027712ld.exe
+ 2006-08-17 14:31:33 31,072 -c--a-w C:\WINDOWS\system32\3027712ld.exe
- 2006-08-20 15:29:02 5,808 -c--a-w C:\WINDOWS\system32\30544882ld.exe
+ 2006-08-20 15:29:02 15,536 -c--a-w C:\WINDOWS\system32\30544882ld.exe
- 2006-08-27 17:32:21 11,616 -c--a-w C:\WINDOWS\system32\3058752ld.exe
+ 2006-08-27 17:32:21 31,072 -c--a-w C:\WINDOWS\system32\3058752ld.exe
- 2006-08-17 17:32:39 11,616 -c--a-w C:\WINDOWS\system32\31346792ld.exe
+ 2006-08-17 17:32:39 31,072 -c--a-w C:\WINDOWS\system32\31346792ld.exe
- 2006-10-25 21:34:29 4,356 -c--a-w C:\WINDOWS\system32\32247562ld.exe
+ 2006-10-25 21:34:29 33,540 -c--a-w C:\WINDOWS\system32\32247562ld.exe
- 2006-11-23 17:06:39 11,616 -c--a-w C:\WINDOWS\system32\3263162ld.exe
+ 2006-11-23 17:06:39 31,072 -c--a-w C:\WINDOWS\system32\3263162ld.exe
- 2006-08-26 13:05:10 11,616 -c--a-w C:\WINDOWS\system32\3298912ld.exe
+ 2006-08-26 13:05:10 31,072 -c--a-w C:\WINDOWS\system32\3298912ld.exe
- 2006-08-17 15:35:02 11,616 -c--a-w C:\WINDOWS\system32\33131812ld.exe
+ 2006-08-17 15:35:02 31,072 -c--a-w C:\WINDOWS\system32\33131812ld.exe
- 2006-08-25 17:34:47 8,712 -c--a-w C:\WINDOWS\system32\34164732ld.exe
+ 2006-08-25 17:34:47 28,168 -c--a-w C:\WINDOWS\system32\34164732ld.exe
- 2006-08-17 17:35:43 11,616 -c--a-w C:\WINDOWS\system32\34376422ld.exe
+ 2006-08-17 17:35:43 31,072 -c--a-w C:\WINDOWS\system32\34376422ld.exe
- 2006-08-20 15:37:23 11,616 -c--a-w C:\WINDOWS\system32\34417102ld.exe
+ 2006-08-20 15:37:23 31,072 -c--a-w C:\WINDOWS\system32\34417102ld.exe
- 2006-08-29 15:37:07 11,616 -c--a-w C:\WINDOWS\system32\35306132ld.exe
+ 2006-08-29 15:37:07 31,072 -c--a-w C:\WINDOWS\system32\35306132ld.exe
- 2006-08-17 16:37:33 11,616 -c--a-w C:\WINDOWS\system32\35543402ld.exe
+ 2006-08-17 16:37:33 31,072 -c--a-w C:\WINDOWS\system32\35543402ld.exe
- 2006-08-17 14:36:57 11,616 -c--a-w C:\WINDOWS\system32\3564882ld.exe
+ 2006-08-17 14:36:57 31,072 -c--a-w C:\WINDOWS\system32\3564882ld.exe
- 2006-08-27 17:37:48 11,616 -c--a-w C:\WINDOWS\system32\36314752ld.exe
+ 2006-08-27 17:37:48 31,072 -c--a-w C:\WINDOWS\system32\36314752ld.exe
- 2006-11-23 16:39:04 11,616 -c--a-w C:\WINDOWS\system32\36435912ld.exe
+ 2006-11-23 16:39:04 31,072 -c--a-w C:\WINDOWS\system32\36435912ld.exe
- 2006-08-20 10:39:12 11,616 -c--a-w C:\WINDOWS\system32\37419862ld.exe
+ 2006-08-20 10:39:12 31,072 -c--a-w C:\WINDOWS\system32\37419862ld.exe
- 2006-08-17 15:38:24 11,616 -c--a-w C:\WINDOWS\system32\3747742ld.exe
+ 2006-08-17 15:38:24 31,072 -c--a-w C:\WINDOWS\system32\3747742ld.exe
- 2006-08-27 10:39:58 11,616 -c--a-w C:\WINDOWS\system32\38404652ld.exe
+ 2006-08-27 10:39:58 31,072 -c--a-w C:\WINDOWS\system32\38404652ld.exe
- 2006-08-17 17:40:22 11,616 -c--a-w C:\WINDOWS\system32\39166232ld.exe
+ 2006-08-17 17:40:22 31,072 -c--a-w C:\WINDOWS\system32\39166232ld.exe
- 2006-11-25 20:43:16 4,356 -c--a-w C:\WINDOWS\system32\393442ld.exe
+ 2006-11-25 20:43:16 33,540 -c--a-w C:\WINDOWS\system32\393442ld.exe
- 2006-08-17 14:40:23 11,616 -c--a-w C:\WINDOWS\system32\3934792ld.exe
+ 2006-08-17 14:40:23 31,072 -c--a-w C:\WINDOWS\system32\3934792ld.exe
- 2006-08-26 18:59:27 7,260 -c--a-w C:\WINDOWS\system32\40352342ld.exe
+ 2006-08-26 18:59:27 26,716 -c--a-w C:\WINDOWS\system32\40352342ld.exe
- 2006-08-17 16:42:39 11,616 -c--a-w C:\WINDOWS\system32\411042ld.exe
+ 2006-08-17 16:42:39 31,072 -c--a-w C:\WINDOWS\system32\411042ld.exe
- 2006-08-19 20:57:22 7,260 -c--a-w C:\WINDOWS\system32\4120532ld.exe
+ 2006-08-19 20:57:22 26,716 -c--a-w C:\WINDOWS\system32\4120532ld.exe
- 2006-08-15 13:44:00 4,356 -c--a-w C:\WINDOWS\system32\43128582ld.exe
+ 2006-08-15 13:44:00 23,812 -c--a-w C:\WINDOWS\system32\43128582ld.exe
- 2006-08-17 15:45:14 11,616 -c--a-w C:\WINDOWS\system32\43351862ld.exe
+ 2006-08-17 15:45:14 31,072 -c--a-w C:\WINDOWS\system32\43351862ld.exe
- 2006-08-27 10:45:13 11,616 -c--a-w C:\WINDOWS\system32\43571112ld.exe
+ 2006-08-27 10:45:13 31,072 -c--a-w C:\WINDOWS\system32\43571112ld.exe
- 2006-08-16 16:49:39 11,616 -c--a-w C:\WINDOWS\system32\44415842ld.exe
+ 2006-08-16 16:49:39 31,072 -c--a-w C:\WINDOWS\system32\44415842ld.exe
- 2006-08-17 16:46:10 11,616 -c--a-w C:\WINDOWS\system32\44516422ld.exe
+ 2006-08-17 16:46:10 31,072 -c--a-w C:\WINDOWS\system32\44516422ld.exe
- 2006-09-02 17:47:43 2,904 -c--a-w C:\WINDOWS\system32\45295132ld.exe
+ 2006-09-02 17:47:43 32,088 -c--a-w C:\WINDOWS\system32\45295132ld.exe
- 2006-08-17 13:47:17 11,616 -c--a-w C:\WINDOWS\system32\45385902ld.exe
+ 2006-08-17 13:47:17 31,072 -c--a-w C:\WINDOWS\system32\45385902ld.exe
- 2006-08-27 19:48:20 11,616 -c--a-w C:\WINDOWS\system32\46343942ld.exe
+ 2006-08-27 19:48:20 31,072 -c--a-w C:\WINDOWS\system32\46343942ld.exe
- 2006-08-17 15:48:49 11,616 -c--a-w C:\WINDOWS\system32\4719282ld.exe
+ 2006-08-17 15:48:49 31,072 -c--a-w C:\WINDOWS\system32\4719282ld.exe
- 2006-08-17 14:49:41 11,616 -c--a-w C:\WINDOWS\system32\47392902ld.exe
+ 2006-08-17 14:49:41 31,072 -c--a-w C:\WINDOWS\system32\47392902ld.exe
- 2006-08-20 15:52:17 11,616 -c--a-w C:\WINDOWS\system32\48284982ld.exe
+ 2006-08-20 15:52:17 31,072 -c--a-w C:\WINDOWS\system32\48284982ld.exe
- 2006-10-25 22:12:15 15,972 -c--a-w C:\WINDOWS\system32\48414432ld.exe
+ 2006-10-25 22:12:15 35,428 -c--a-w C:\WINDOWS\system32\48414432ld.exe
- 2006-08-27 17:50:01 11,616 -c--a-w C:\WINDOWS\system32\48451902ld.exe
+ 2006-08-27 17:50:01 31,072 -c--a-w C:\WINDOWS\system32\48451902ld.exe
- 2006-08-23 08:51:54 11,616 -c--a-w C:\WINDOWS\system32\49229732ld.exe
+ 2006-08-23 08:51:54 31,072 -c--a-w C:\WINDOWS\system32\49229732ld.exe
- 2006-08-16 13:49:37 7,260 -c--a-w C:\WINDOWS\system32\4971392ld.exe
+ 2006-08-16 13:49:37 26,716 -c--a-w C:\WINDOWS\system32\4971392ld.exe
- 2006-08-17 16:51:20 11,616 -c--a-w C:\WINDOWS\system32\502392ld.exe
+ 2006-08-17 16:51:20 31,072 -c--a-w C:\WINDOWS\system32\502392ld.exe
- 2006-08-20 12:51:52 11,616 -c--a-w C:\WINDOWS\system32\50315432ld.exe
+ 2006-08-20 12:51:52 31,072 -c--a-w C:\WINDOWS\system32\50315432ld.exe
- 2006-08-19 19:51:43 11,616 -c--a-w C:\WINDOWS\system32\5036352ld.exe
+ 2006-08-19 19:51:43 31,072 -c--a-w C:\WINDOWS\system32\5036352ld.exe
- 2006-08-17 15:52:14 11,616 -c--a-w C:\WINDOWS\system32\50544372ld.exe
+ 2006-08-17 15:52:14 31,072 -c--a-w C:\WINDOWS\system32\50544372ld.exe
- 2006-08-18 13:51:31 11,616 -c--a-w C:\WINDOWS\system32\5058422ld.exe
+ 2006-08-18 13:51:31 31,072 -c--a-w C:\WINDOWS\system32\5058422ld.exe
+ 2006-09-02 18:21:34 11,180 -c--a-w C:\WINDOWS\system32\52407852ld.exe
- 2006-08-17 14:55:06 11,616 -c--a-w C:\WINDOWS\system32\53164852ld.exe
+ 2006-08-17 14:55:06 31,072 -c--a-w C:\WINDOWS\system32\53164852ld.exe
- 2006-08-17 16:55:06 11,616 -c--a-w C:\WINDOWS\system32\53288662ld.exe
+ 2006-08-17 16:55:06 31,072 -c--a-w C:\WINDOWS\system32\53288662ld.exe
- 2006-08-27 10:54:54 11,616 -c--a-w C:\WINDOWS\system32\53359232ld.exe
+ 2006-08-27 10:54:54 31,072 -c--a-w C:\WINDOWS\system32\53359232ld.exe
- 2006-10-22 16:47:05 13,068 -c--a-w C:\WINDOWS\system32\53368772ld.exe
+ 2006-10-22 16:47:05 22,796 -c--a-w C:\WINDOWS\system32\53368772ld.exe
- 2006-08-17 13:55:36 11,616 -c--a-w C:\WINDOWS\system32\53582392ld.exe
+ 2006-08-17 13:55:36 31,072 -c--a-w C:\WINDOWS\system32\53582392ld.exe
- 2006-08-23 08:55:27 11,616 -c--a-w C:\WINDOWS\system32\53593502ld.exe
+ 2006-08-23 08:55:27 31,072 -c--a-w C:\WINDOWS\system32\53593502ld.exe
- 2006-08-17 15:55:48 11,616 -c--a-w C:\WINDOWS\system32\54183312ld.exe
+ 2006-08-17 15:55:48 31,072 -c--a-w C:\WINDOWS\system32\54183312ld.exe
- 2006-08-17 15:59:12 11,616 -c--a-w C:\WINDOWS\system32\57534402ld.exe
+ 2006-08-17 15:59:12 31,072 -c--a-w C:\WINDOWS\system32\57534402ld.exe
- 2006-08-27 19:42:20 5,808 -c--a-w C:\WINDOWS\system32\576422ld.exe
+ 2006-08-27 19:42:20 15,536 -c--a-w C:\WINDOWS\system32\576422ld.exe
- 2006-08-15 17:54:40 7,260 -c--a-w C:\WINDOWS\system32\58437882ld.exe
+ 2006-08-15 17:54:40 16,988 -c--a-w C:\WINDOWS\system32\58437882ld.exe
- 2006-08-27 18:01:56 11,616 -c--a-w C:\WINDOWS\system32\59136732ld.exe
+ 2006-08-27 18:01:56 31,072 -c--a-w C:\WINDOWS\system32\59136732ld.exe
- 2006-10-12 17:16:16 7,260 -c--a-w C:\WINDOWS\system32\5929602ld.exe
+ 2006-10-12 17:16:16 16,988 -c--a-w C:\WINDOWS\system32\5929602ld.exe
- 2006-08-17 15:00:55 11,616 -c--a-w C:\WINDOWS\system32\59363012ld.exe
+ 2006-08-17 15:00:55 31,072 -c--a-w C:\WINDOWS\system32\59363012ld.exe
- 2002-01-02 18:34:40 183,296 ----a-w C:\WINDOWS\system32\accwiz.exe
+ 2002-01-02 18:34:40 193,024 ----a-w C:\WINDOWS\system32\accwiz.exe
- 2002-01-02 18:34:40 4,096 -c--a-w C:\WINDOWS\system32\actmovie.exe
+ 2002-01-02 18:34:40 13,824 -c--a-w C:\WINDOWS\system32\actmovie.exe
- 2002-09-20 17:05:14 91,648 -c--a-w C:\WINDOWS\system32\ahui.exe
+ 2002-09-20 17:05:14 101,376 -c--a-w C:\WINDOWS\system32\ahui.exe
- 2002-09-20 17:05:14 41,984 -c--a-w C:\WINDOWS\system32\alg.exe
+ 2002-09-20 17:05:14 51,712 -c--a-w C:\WINDOWS\system32\alg.exe
- 2002-01-02 18:34:44 11,264 ----a-w C:\WINDOWS\system32\attrib.exe
+ 2002-01-02 18:34:44 20,992 ----a-w C:\WINDOWS\system32\attrib.exe
- 2002-01-02 18:34:48 5,120 ----a-w C:\WINDOWS\system32\cisvc.exe
+ 2002-01-02 18:34:48 14,848 ----a-w C:\WINDOWS\system32\cisvc.exe
- 2002-09-20 17:05:16 99,328 ----a-w C:\WINDOWS\system32\clipbrd.exe
+ 2002-09-20 17:05:16 109,056 ----a-w C:\WINDOWS\system32\clipbrd.exe
- 2002-01-02 18:34:48 30,720 ----a-w C:\WINDOWS\system32\clipsrv.exe
+ 2002-01-02 18:34:48 40,448 ----a-w C:\WINDOWS\system32\clipsrv.exe
- 2002-01-02 18:34:48 382,976 ----a-w C:\WINDOWS\system32\cmd.exe
+ 2002-01-02 18:34:48 392,704 ----a-w C:\WINDOWS\system32\cmd.exe
- 2008-08-16 10:29:42 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-08-17 14:39:24 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2008-08-16 10:27:44 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\NtUser.dat
+ 2008-08-17 15:06:23 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\NtUser.dat
- 2008-08-16 10:29:42 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\index.dat
+ 2008-08-17 14:39:24 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\index.dat
+ 2008-08-16 10:51:37 8,790 ----a-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\8CMSGOR8\wr[1].exe
+ 2008-08-16 11:10:55 8,790 ----a-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\8CMSGOR8\wr[2].exe
+ 2008-08-16 17:30:31 8,790 ----a-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\8CMSGOR8\wr[3].exe
+ 2008-08-17 13:52:45 8,790 ----a-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\8CMSGOR8\wr[4].exe
+ 2008-08-17 14:58:48 8,790 ----a-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\8CMSGOR8\wr[5].exe
- 2008-08-16 10:29:42 49,152 ----a-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat
+ 2008-08-17 14:39:24 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat
+ 2008-08-16 14:14:33 8,790 ----a-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\V1CGZ7V4\wr[1].exe
+ 2008-08-17 06:09:35 8,790 ----a-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\V1CGZ7V4\wr[2].exe
+ 2008-08-17 07:27:17 8,790 ----a-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\V1CGZ7V4\wr[3].exe
+ 2008-08-17 12:22:45 8,790 ----a-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\V1CGZ7V4\wr[4].exe
- 2002-01-02 18:34:50 102,450 ----a-w C:\WINDOWS\system32\cscript.exe
+ 2002-01-02 18:34:50 114,738 ----a-w C:\WINDOWS\system32\cscript.exe
- 2002-01-02 18:34:54 18,432 ----a-w C:\WINDOWS\system32\diskperf.exe
+ 2002-01-02 18:34:54 28,160 ----a-w C:\WINDOWS\system32\diskperf.exe
- 2002-01-02 18:34:54 4,608 ----a-w C:\WINDOWS\system32\dllhost.exe
+ 2002-01-02 18:34:54 14,336 ----a-w C:\WINDOWS\system32\dllhost.exe
- 2002-01-02 18:34:54 205,312 ----a-w C:\WINDOWS\system32\dmadmin.exe
+ 2002-01-02 18:34:54 215,040 ----a-w C:\WINDOWS\system32\dmadmin.exe
- 2007-05-10 14:53:12 31,744 ----a-w C:\WINDOWS\system32\drivers\Setup.exe
+ 2007-05-10 14:53:12 41,472 ----a-w C:\WINDOWS\system32\drivers\Setup.exe
- 2002-01-02 18:35:12 47,104 ----a-w C:\WINDOWS\system32\drwtsn32.exe
+ 2002-01-02 18:35:12 56,832 ----a-w C:\WINDOWS\system32\drwtsn32.exe
- 2002-09-20 17:05:20 180,224 ----a-w C:\WINDOWS\system32\dwwin.exe
+ 2002-09-20 17:05:20 192,512 ----a-w C:\WINDOWS\system32\dwwin.exe
- 2002-01-02 18:35:16 9,216 ----a-w C:\WINDOWS\system32\find.exe
+ 2002-01-02 18:35:16 18,944 ----a-w C:\WINDOWS\system32\find.exe
- 2002-01-02 18:35:16 26,112 ----a-w C:\WINDOWS\system32\findstr.exe
+ 2002-01-02 18:35:16 35,840 ----a-w C:\WINDOWS\system32\findstr.exe
- 2002-09-20 17:05:24 19,968 ----a-w C:\WINDOWS\system32\fontview.exe
+ 2002-09-20 17:05:24 29,696 ----a-w C:\WINDOWS\system32\fontview.exe
- 2002-09-20 17:05:24 42,496 ----a-w C:\WINDOWS\system32\ftp.exe
+ 2002-09-20 17:05:24 52,224 ----a-w C:\WINDOWS\system32\ftp.exe
- 2002-01-02 18:35:18 37,888 ----a-w C:\WINDOWS\system32\grpconv.exe
+ 2002-01-02 18:35:18 47,616 ----a-w C:\WINDOWS\system32\grpconv.exe
- 2002-09-20 17:05:28 123,904 ----a-w C:\WINDOWS\system32\imapi.exe
+ 2002-09-20 17:05:28 133,632 ----a-w C:\WINDOWS\system32\imapi.exe
- 2002-01-02 18:35:30 68,096 ----a-w C:\WINDOWS\system32\locator.exe
+ 2002-01-02 18:35:30 77,824 ----a-w C:\WINDOWS\system32\locator.exe
- 1999-04-14 13:07:34 39,184 ----a-w C:\WINDOWS\system32\MAPISRVR.EXE
+ 1999-04-14 13:07:34 48,912 ----a-w C:\WINDOWS\system32\MAPISRVR.EXE
- 2002-01-02 18:35:36 774,656 ----a-w C:\WINDOWS\system32\mmc.exe
+ 2002-01-02 18:35:36 784,384 ----a-w C:\WINDOWS\system32\mmc.exe
- 2002-01-02 18:35:36 32,768 ----a-w C:\WINDOWS\system32\mnmsrvc.exe
+ 2002-01-02 18:35:36 45,056 ----a-w C:\WINDOWS\system32\mnmsrvc.exe
- 2002-09-20 17:05:34 118,272 ----a-w C:\WINDOWS\system32\mplay32.exe
+ 2002-09-20 17:05:34 128,000 ----a-w C:\WINDOWS\system32\mplay32.exe
- 2002-01-02 18:35:40 6,144 ----a-w C:\WINDOWS\system32\msdtc.exe
+ 2002-01-02 18:35:40 15,872 ----a-w C:\WINDOWS\system32\msdtc.exe
- 2002-01-02 18:35:42 128,000 ----a-w C:\WINDOWS\system32\mshearts.exe
+ 2002-01-02 18:35:42 137,728 ----a-w C:\WINDOWS\system32\mshearts.exe
- 2002-01-02 18:35:42 24,064 ----a-w C:\WINDOWS\system32\mshta.exe
+ 2002-01-02 18:35:42 33,792 ----a-w C:\WINDOWS\system32\mshta.exe
- 2002-09-20 17:05:34 64,512 ----a-w C:\WINDOWS\system32\msiexec.exe
+ 2002-09-20 17:05:34 74,240 ----a-w C:\WINDOWS\system32\msiexec.exe
- 2002-09-20 17:05:36 342,016 ----a-w C:\WINDOWS\system32\mspaint.exe
+ 2002-09-20 17:05:36 351,744 ----a-w C:\WINDOWS\system32\mspaint.exe
- 2002-09-20 16:36:14 390,144 ----a-w C:\WINDOWS\system32\mstsc.exe
+ 2002-09-20 16:36:14 399,872 ----a-w C:\WINDOWS\system32\mstsc.exe
- 2002-09-20 17:05:36 115,200 ----a-w C:\WINDOWS\system32\net1.exe
+ 2002-09-20 17:05:36 124,928 ----a-w C:\WINDOWS\system32\net1.exe
- 2002-09-20 17:05:36 109,568 ----a-w C:\WINDOWS\system32\netdde.exe
+ 2002-09-20 17:05:36 119,296 ----a-w C:\WINDOWS\system32\netdde.exe
- 2002-01-02 18:35:56 67,072 ----a-w C:\WINDOWS\system32\notepad.exe
+ 2002-01-02 18:35:56 76,800 ----a-w C:\WINDOWS\system32\notepad.exe
- 2002-01-02 18:35:58 1,157,120 ----a-w C:\WINDOWS\system32\ntbackup.exe
+ 2002-01-02 18:35:58 1,166,848 ----a-w C:\WINDOWS\system32\ntbackup.exe
- 2008-03-30 07:22:33 40,128 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-08-16 10:41:00 40,128 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-03-30 07:22:33 49,712 ----a-w C:\WINDOWS\system32\perfc015.dat
+ 2008-08-16 10:41:00 49,712 ----a-w C:\WINDOWS\system32\perfc015.dat
- 2008-03-30 07:22:33 311,740 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-08-16 10:41:00 311,740 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-03-30 07:22:33 355,830 ----a-w C:\WINDOWS\system32\perfh015.dat
+ 2008-08-16 10:41:00 355,830 ----a-w C:\WINDOWS\system32\perfh015.dat
- 2002-09-20 17:05:38 17,408 ----a-w C:\WINDOWS\system32\ping.exe
+ 2002-09-20 17:05:38 27,136 ----a-w C:\WINDOWS\system32\ping.exe
- 2002-01-02 18:36:08 23,040 ----a-w C:\WINDOWS\system32\proxycfg.exe
+ 2002-01-02 18:36:08 32,768 ----a-w C:\WINDOWS\system32\proxycfg.exe
- 2002-01-02 18:36:10 19,456 ----a-w C:\WINDOWS\system32\qprocess.exe
+ 2002-01-02 18:36:10 29,184 ----a-w C:\WINDOWS\system32\qprocess.exe
- 2002-09-20 17:05:38 34,304 ----a-w C:\WINDOWS\system32\rcimlby.exe
+ 2002-09-20 17:05:38 44,032 ----a-w C:\WINDOWS\system32\rcimlby.exe
- 2002-01-02 18:36:12 10,240 ----a-w C:\WINDOWS\system32\regsvr32.exe
+ 2002-01-02 18:36:12 19,968 ----a-w C:\WINDOWS\system32\regsvr32.exe
- 2002-09-20 17:05:40 373,248 ----a-w C:\WINDOWS\system32\Restore\rstrui.exe
+ 2002-09-20 17:05:40 382,976 ----a-w C:\WINDOWS\system32\Restore\rstrui.exe
- 2002-01-02 18:36:12 20,480 ----a-w C:\WINDOWS\system32\route.exe
+ 2002-01-02 18:36:12 30,208 ----a-w C:\WINDOWS\system32\route.exe
- 2002-01-02 18:36:12 132,608 ----a-w C:\WINDOWS\system32\rsvp.exe
+ 2002-01-02 18:36:12 142,336 ----a-w C:\WINDOWS\system32\rsvp.exe
- 2002-01-02 18:36:14 31,744 ----a-w C:\WINDOWS\system32\rundll32.exe
+ 2002-01-02 18:36:14 41,472 ----a-w C:\WINDOWS\system32\rundll32.exe
- 2002-09-20 17:05:40 12,800 ----a-w C:\WINDOWS\system32\runonce.exe
+ 2002-09-20 17:05:40 22,528 ----a-w C:\WINDOWS\system32\runonce.exe
- 2002-09-20 17:05:40 19,968 ----a-w C:\WINDOWS\system32\savedump.exe
+ 2002-09-20 17:05:40 29,696 ----a-w C:\WINDOWS\system32\savedump.exe
- 2002-01-02 18:36:14 95,744 ----a-w C:\WINDOWS\system32\scardsvr.exe
+ 2002-01-02 18:36:14 105,472 ----a-w C:\WINDOWS\system32\scardsvr.exe
- 2002-09-20 17:05:42 130,048 ----a-w C:\WINDOWS\system32\sessmgr.exe
+ 2002-09-20 17:05:42 139,776 ----a-w C:\WINDOWS\system32\sessmgr.exe
- 2002-09-20 17:05:42 33,280 ----a-w C:\WINDOWS\system32\shmgrate.exe
+ 2002-09-20 17:05:42 43,008 ----a-w C:\WINDOWS\system32\shmgrate.exe
- 2002-01-02 18:36:18 18,944 ----a-w C:\WINDOWS\system32\shutdown.exe
+ 2002-01-02 18:36:18 28,672 ----a-w C:\WINDOWS\system32\shutdown.exe
- 2002-09-20 17:05:44 84,480 ----a-w C:\WINDOWS\system32\smlogsvc.exe
+ 2002-09-20 17:05:44 94,208 ----a-w C:\WINDOWS\system32\smlogsvc.exe
- 2002-01-02 18:36:20 23,552 ----a-w C:\WINDOWS\system32\sort.exe
+ 2002-01-02 18:36:20 33,280 ----a-w C:\WINDOWS\system32\sort.exe
- 2002-09-20 17:05:44 534,016 ----a-w C:\WINDOWS\system32\spider.exe
+ 2002-09-20 17:05:44 543,744 ----a-w C:\WINDOWS\system32\spider.exe
- 2002-01-02 18:36:24 13,312 ----a-w C:\WINDOWS\system32\tcmsetup.exe
+ 2002-01-02 18:36:24 23,040 ----a-w C:\WINDOWS\system32\tcmsetup.exe
- 2002-09-20 17:05:46 69,632 ----a-w C:\WINDOWS\system32\tlntsvr.exe
+ 2002-09-20 17:05:46 79,360 ----a-w C:\WINDOWS\system32\tlntsvr.exe
- 2002-01-02 18:36:26 346,624 ----a-w C:\WINDOWS\system32\tourstart.exe
+ 2002-01-02 18:36:26 356,352 ----a-w C:\WINDOWS\system32\tourstart.exe
- 2002-01-02 18:36:28 17,920 ----a-w C:\WINDOWS\system32\tsshutdn.exe
+ 2002-01-02 18:36:28 27,648 ----a-w C:\WINDOWS\system32\tsshutdn.exe
- 2002-09-20 17:05:48 16,384 ----a-w C:\WINDOWS\system32\ups.exe
+ 2002-09-20 17:05:48 26,112 ----a-w C:\WINDOWS\system32\ups.exe
- 2002-09-20 17:05:32 232,960 ----a-w C:\WINDOWS\system32\usmt\migwiz.exe
+ 2002-09-20 17:05:32 242,688 ----a-w C:\WINDOWS\system32\usmt\migwiz.exe
- 2002-01-02 18:36:32 277,504 ----a-w C:\WINDOWS\system32\vssvc.exe
+ 2002-01-02 18:36:32 287,232 ----a-w C:\WINDOWS\system32\vssvc.exe
- 2002-01-02 18:36:36 117,248 ----a-w C:\WINDOWS\system32\wbem\wmiapsrv.exe
+ 2002-01-02 18:36:36 126,976 ----a-w C:\WINDOWS\system32\wbem\wmiapsrv.exe
- 2002-01-02 18:36:34 8,192 ----a-w C:\WINDOWS\system32\winhlp32.exe
+ 2002-01-02 18:36:34 17,920 ----a-w C:\WINDOWS\system32\winhlp32.exe
- 2002-01-02 18:36:40 118,834 ----a-w C:\WINDOWS\system32\wscript.exe
+ 2002-01-02 18:36:40 131,122 ----a-w C:\WINDOWS\system32\wscript.exe
- 2002-01-02 18:36:40 32,256 ----a-w C:\WINDOWS\system32\wupdmgr.exe
+ 2002-01-02 18:36:40 41,984 ----a-w C:\WINDOWS\system32\wupdmgr.exe
- 2000-08-31 06:00:00 49,152 ----a-w C:\WINDOWS\VFind.exe
+ 2000-08-31 06:00:00 61,440 ----a-w C:\WINDOWS\VFind.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45080112-43D4-4B43-A8BC-7F1DFBFDCEAF}]
2008-08-17 17:23 3584 --a------ C:\WINDOWS\System32\MYBHO.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
2007-12-02 16:13 394680 --a------ C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2002-08-20 15:08 1523741]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 03:23 443968]
"Komunikator"="C:\Program Files\Tlen.pl\tlen.exe" [2008-01-15 17:09 6300672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-08-06 10:45 887296]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" [2006-11-09 16:07 61551]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 21:34 61440]
"runner1"="C:\WINDOWS\mrofinu1001186.exe" [2008-08-17 17:23 54272]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-09-20 19:05 23040]
C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-24 08:05:26 39424]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 21:26:24 210520]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 11:01:04 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"= ctwdm32.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Oaf62.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
--a------ 2007-01-29 16:51 25451048 C:\Program Files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2006-11-21 19:38 45056 C:\Program Files\Winamp\winampa.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"AntiVirusOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"firewalldisableoverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
*Newly Created Service* - BNX67
*Newly Created Service* - OAF62
*Newly Created Service* - TCPSR
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url="http://www.gmer.net"]http://www.gmer.net[/url]
Rootkit scan 2008-08-17 17:14:40
Windows 5.1.2600 Dodatek Service Pack. 1 NTFS
detected NTDLL code modification:
ZwOpenFile
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Bnx67]
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
C:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
C:\WINDOWS\system32\E.tmp
C:\WINDOWS\system32\11.tmp
C:\WINDOWS\neos.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\alt.exe.exe
C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe
C:\WINDOWS\system32\firewall.exe
C:\WINDOWS\system32\imapi.exe
.
**************************************************************************
.
Completion time: 2008-08-17 17:30:15 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-17 15:28:34
Pre-Run: 5,927,596,032 bajtów wolnych
Post-Run: 5,836,361,728 bajt˘w wolnych
761