Skocz do zawartości


Zdjęcie

[inne]Security Tool


  • Zamknięty Temat jest zamknięty
12 odpowiedzi w tym temacie

#1 j2525

j2525

    Obserwator

  • 6 postów

Napisano 28 10 2010 - 21:06

Czy ktoś wie co to jest i jak to można usunąć?

  • 0

#2 ordynat

ordynat

    Zaawansowany użytkownik

  • 804 postów

Napisano 28 10 2010 - 21:57

Czy ktoś wie co to jest i jak to można usunąć?

Na początek użyj MBAM >http://www.bezpieczenstwosystemow.pl/index.php?topic=4536.0
Co wykryje niech od razu usunie, a raport tu pokaż.
Potem daj log z OTL] >/otl-t35212/
Zobaczymy, czy jeszcze coś zostanie do usuwania po usuwaniu MBAM.
.

  • 0

#3 j2525

j2525

    Obserwator

  • 6 postów

Napisano 28 10 2010 - 22:09

Na początek użyj MBAM >http://www.bezpieczenstwosystemow.pl/index.php?topic=4536.0
Co wykryje niech od razu usunie, a raport tu pokaż.
Potem daj log z OTL] >/otl-t35212/
Zobaczymy, czy jeszcze coś zostanie do usuwania po usuwaniu MBAM.
.



Nie mogę uruchomić MBAM, automatycznie włącza się security tool.
Można to zrobić w jakiś inny sposób?
  • 0

#4 ordynat

ordynat

    Zaawansowany użytkownik

  • 804 postów

Napisano 28 10 2010 - 22:21

Mogłem się tego spodziewać, bo z reguły Security Tool nakłada debugging na wszystkie programy ochronne, w tym być może także na MBAM.
W takim razie daj najpierw log z OTL.
  • 0

#5 j2525

j2525

    Obserwator

  • 6 postów

Napisano 28 10 2010 - 22:27

Mogłem się tego spodziewać, bo z reguły Security Tool nakłada debugging na wszystkie programy ochronne, w tym być może także na MBAM.
W takim razie daj najpierw log z OTL.


Znowu to samo, wlącza się security tool
  • 0

#6 ordynat

ordynat

    Zaawansowany użytkownik

  • 804 postów

Napisano 28 10 2010 - 22:50

Spróbuj w Trybie Awaryjnym (F8 przed startem Systemu)
  • 0

#7 j2525

j2525

    Obserwator

  • 6 postów

Napisano 28 10 2010 - 23:25

Spróbuj w Trybie Awaryjnym (F8 przed startem Systemu)

ok udało się

Typ skanowania: Szybkie skanowanie
Przeskanowano obiektów: 124760
Upłynęło: 5 minut(y), 40 sekund(y)

Zainfekowanych procesów w pamięci: 0
Zainfekowanych modułów w pamięci: 0
Zainfekowanych kluczy rejestru: 0
Zainfekowanych wartości rejestru: 1
Zainfekowane informacje rejestru systemowego: 2
Zainfekowanych folderów: 0
Zainfekowanych plików: 2

Zainfekowanych procesów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych modułów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych kluczy rejestru:
(Nie znaleziono zagrożeń)

Zainfekowanych wartości rejestru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sniffer (Trojan.Dropper) -> Quarantined and deleted successfully.

Zainfekowane informacje rejestru systemowego:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Zainfekowanych folderów:
(Nie znaleziono zagrożeń)

Zainfekowanych plików:
C:\Documents and Settings\Ja\Menu Start\Programy\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\_ex-08.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

Użytkownik Katarina edytował ten post 28 10 2010 - 23:58

  • 0

#8 ordynat

ordynat

    Zaawansowany użytkownik

  • 804 postów

Napisano 28 10 2010 - 23:34

Miałem na myśli uruchomienie OTL.
Ale dobrze, że użyłeś MBAM.
Przynajmniej widać, że jednak nie było żadnego debuggingu, nic nie blokowało uruchamiania w normalnym Trybie.
Daj log z OTL .
  • 0

#9 j2525

j2525

    Obserwator

  • 6 postów

Napisano 28 10 2010 - 23:57

OTL logfile created on: 2010-10-28 22:02:21 - Run 1OTL by OldTimer - Version 3.2.17.1     Folder = C:\Documents and Settings\Ja\Moje dokumenty\PobieranieWindows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18702)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 255,00 Mb Total Physical Memory | 125,00 Mb Available Physical Memory | 49,00% Memory free618,00 Mb Paging File | 532,00 Mb Available in Paging File | 86,00% Paging File freePaging file location(s): C:\pagefile.sys 384 768 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 18,64 Gb Total Space | 7,12 Gb Free Space | 38,18% Space Free | Partition Type: NTFSDrive D: | 18,62 Gb Total Space | 14,35 Gb Free Space | 77,08% Space Free | Partition Type: FAT32 Computer Name: STARY | User Name: Administrator | Logged in as Administrator.Boot Mode: SafeMode with Networking | Scan Mode: Current userCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2010-10-28 21:41:03 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ja\Moje dokumenty\Pobieranie\OTL.exePRC - [2009-09-15 11:12:42 | 000,692,224 | ---- | M] () -- C:\Program Files\blueconnect\UIMain.exePRC - [2009-09-15 11:11:06 | 000,560,640 | ---- | M] () -- C:\Program Files\blueconnect\CMUpdater.exePRC - [2008-04-14 18:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe  ========== Modules (SafeList) ========== MOD - [2010-10-28 21:41:03 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ja\Moje dokumenty\Pobieranie\OTL.exe  ========== Win32 Services (SafeList) ========== SRV - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)SRV - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)SRV - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)SRV - [2009-09-15 11:08:28 | 000,241,664 | ---- | M] () [Auto | Stopped] -- C:\Program Files\blueconnect\AssistantServices.exe -- (UI Assistant Service)  ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\PfModNT.sys -- (PfModNT)DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Ja\USTAWI~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)DRV - [2010-10-28 14:08:17 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) WinPcap Packet Driver (NPF)DRV - [2010-09-07 15:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)DRV - [2010-09-07 15:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)DRV - [2010-09-07 15:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)DRV - [2010-09-07 15:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)DRV - [2010-09-07 15:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)DRV - [2010-09-07 15:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)DRV - [2009-09-15 06:47:30 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\tcpipBM.sys -- (tcpipBM)DRV - [2009-09-01 06:25:54 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)DRV - [2009-09-01 06:25:54 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)DRV - [2009-09-01 06:25:54 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)DRV - [2009-09-01 06:25:54 | 000,009,728 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter.sys -- (massfilter)DRV - [2006-10-22 12:22:00 | 003,994,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)  ========== Standard Registry (SafeList) ==========  ========== Internet Explorer ==========   FF - HKLM\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\blueconnect\addon [2000-03-08 03:18:33 | 000,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.5.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-10-26 23:13:22 | 000,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.5.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-10-26 23:13:22 | 000,000,000 | ---D | M] [2009-12-30 14:41:43 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions[2010-10-26 23:13:17 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml[2010-10-26 23:13:17 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml[2010-10-26 23:13:17 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml[2010-10-26 23:13:17 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml[2010-10-26 23:13:17 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml[2010-10-26 23:13:17 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hostsO1 - Hosts: 127.0.0.1       localhostO2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()O4 - HKLM..\Run: [sniffer] C:\WINDOWS\Temp\_ex-08.exe ()O4 - HKLM..\Run: [UIExec] C:\Program Files\blueconnect\UIExec.exe ()O4 - HKCU..\RunOnce: [nltide_2]  File not foundO4 - HKLM..\RunOnce\Setup: [Registering ActiveScan 2.0 Components] C:\Program Files\Panda Security\ActiveScan 2.0\as2guiie.dll (Panda Security, S.L.)O4 - HKLM..\RunOnce\Setup: [Registering ActiveScan 2.0 Components.] C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)O4 - HKLM..\RunOnce\Setup: [Registering ActiveScan 2.0 Components..] C:\Program Files\Panda Security\ActiveScan 2.0\libcomm.dll (Panda Security, S.L.)O4 - HKLM..\RunOnce\Setup: [Registering ActiveScan 2.0 Components...] C:\Program Files\Panda Security\ActiveScan 2.0\as2inst.dll (Panda Security, S.L.)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)O32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2009-12-30 16:34:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O34 - HKLM BootExecute: (autocheck autochk *) -  File not foundO35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37 - HKLM\...com [@ = comfile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-10-28 17:37:20 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security[2010-10-28 14:26:15 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys[2010-10-28 14:26:14 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys[2010-10-28 14:26:13 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys[2010-10-28 14:26:12 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys[2010-10-28 14:26:10 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys[2010-10-28 14:26:10 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys[2010-10-28 14:26:09 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys[2010-10-28 14:25:35 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe[2010-10-28 14:25:35 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr[2010-10-28 14:25:19 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software[2010-10-28 14:25:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software[2010-10-28 14:08:17 | 000,281,104 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\wpcap.dll[2010-10-28 14:08:17 | 000,100,880 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\Packet.dll[2010-10-28 14:08:17 | 000,050,704 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys[2010-10-27 21:17:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA[2010-10-27 21:12:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Drivers For Free[2010-10-27 21:11:26 | 000,000,000 | ---D | C] -- C:\Program Files\Drivers For Free[2010-10-27 20:59:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer[2010-10-27 20:59:42 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild[2010-10-27 20:59:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US[2010-10-27 20:59:30 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies[2010-10-27 20:57:59 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe[2010-10-27 20:57:59 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll[2010-10-27 20:57:59 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll[2010-10-27 20:57:59 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll[2010-10-27 20:57:58 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll[2010-10-27 20:57:58 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll[2010-10-27 20:54:10 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys[2010-10-27 20:31:41 | 000,000,000 | ---D | C] -- C:\Program Files\blaxxun Contact[2010-10-27 20:31:30 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe[2010-10-27 20:07:46 | 000,000,000 | ---D | C] -- C:\Program Files\Playlogic[2010-10-27 01:52:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\UAB[2010-10-27 01:51:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Drivers HeadQuarters Inc[2010-10-27 01:48:10 | 000,000,000 | ---D | C] -- C:\Program Files\PC Drivers HeadQuarters[2010-10-27 01:37:04 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly[2010-10-27 01:36:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET[2010-10-27 01:25:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview[2010-10-27 01:25:17 | 000,208,896 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe[2010-10-27 01:23:26 | 000,208,896 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NVUNINST.EXE[2010-10-27 01:22:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield[2010-10-27 01:22:00 | 000,000,000 | ---D | C] -- C:\NVIDIA[2010-10-27 01:00:33 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{C00FA41B-3D64-428B-816A-9AC91C4F7E53}[2010-10-27 01:00:32 | 000,000,000 | ---D | C] -- C:\Program Files\SmartTweak Software[2010-10-27 00:40:20 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator.STARY\IETldCache[2010-10-27 00:39:47 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator.STARY\Ustawienia lokalne\Dane aplikacji\Microsoft[2010-10-27 00:39:47 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator.STARY\Dane aplikacji\Microsoft[2010-10-27 00:39:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.STARY\SendTo[2010-10-27 00:39:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.STARY\Dane aplikacji[2010-10-27 00:39:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.STARY\Menu Start[2010-10-27 00:39:47 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator.STARY\Cookies[2010-10-27 00:39:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.STARY\Ustawienia lokalne[2010-10-27 00:39:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.STARY\Szablony[2010-10-27 00:39:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.STARY\Recent[2010-10-27 00:39:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.STARY\PrintHood[2010-10-27 00:39:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.STARY\NetHood[2010-10-27 00:39:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.STARY\Ulubione[2010-10-27 00:39:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.STARY\Pulpit[2010-10-27 00:39:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.STARY\Moje dokumenty[2010-10-27 00:39:22 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC[2010-10-27 00:26:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\KB905474[2010-10-27 00:25:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates[2010-10-27 00:24:42 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll[2010-10-27 00:22:59 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msyuv.dll[2010-10-27 00:22:36 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8[2010-10-27 00:17:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles[2010-10-27 00:15:59 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe[2010-10-27 00:09:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie7updates[2010-10-27 00:08:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas[2010-10-27 00:08:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl[2010-10-27 00:08:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits[2010-10-27 00:01:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups[2010-10-26 23:59:51 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll[2010-10-26 23:59:48 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll[2010-10-26 23:59:47 | 000,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll[2010-10-26 23:59:47 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll[2010-10-26 23:59:45 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys[2010-10-26 23:59:45 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys[2010-10-26 23:59:45 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys[2010-10-26 23:59:45 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys[2010-10-26 23:59:45 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys[2010-10-26 23:59:45 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys[2010-10-26 23:59:44 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax[2010-10-26 23:59:44 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll[2010-10-26 23:59:31 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdwxp.exe[2010-10-26 23:59:29 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys[2010-10-26 23:59:29 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll[2010-10-26 23:59:29 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll[2010-10-26 23:59:29 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys[2010-10-26 23:59:29 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys[2010-10-26 23:59:29 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll[2010-10-26 23:59:29 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe[2010-10-26 23:59:29 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe[2010-10-26 23:59:29 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe[2010-10-26 23:59:29 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys[2010-10-26 23:59:29 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spdwnwxp.exe[2010-10-26 23:59:29 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys[2010-10-26 23:59:28 | 000,040,960 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\sisagp.sys[2010-10-26 23:59:28 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll[2010-10-26 23:59:25 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe[2010-10-26 23:59:23 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll[2010-10-26 23:59:23 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys[2010-10-26 23:59:23 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys[2010-10-26 23:59:21 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll[2010-10-26 23:59:21 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll[2010-10-26 23:59:21 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys[2010-10-26 23:59:20 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll[2010-10-26 23:59:19 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll[2010-10-26 23:59:18 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll[2010-10-26 23:59:15 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll[2010-10-26 23:59:09 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys[2010-10-26 23:59:04 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll[2010-10-26 23:59:04 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys[2010-10-26 23:59:04 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys[2010-10-26 23:59:04 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll[2010-10-26 23:59:04 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe[2010-10-26 23:59:04 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys[2010-10-26 23:59:04 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll[2010-10-26 23:59:04 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll[2010-10-26 23:59:04 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys[2010-10-26 23:59:03 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll[2010-10-26 23:59:01 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll[2010-10-26 23:59:01 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll[2010-10-26 23:58:46 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe[2010-10-26 23:58:45 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll[2010-10-26 23:58:45 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll[2010-10-26 23:58:45 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll[2010-10-26 23:58:33 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll[2010-10-26 23:58:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll[2010-10-26 23:58:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll[2010-10-26 23:58:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll[2010-10-26 23:58:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll[2010-10-26 23:58:31 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll[2010-10-26 23:58:31 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pidgen.dll[2010-10-26 23:58:28 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll[2010-10-26 23:58:28 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll[2010-10-26 23:58:27 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys[2010-10-26 23:58:26 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe[2010-10-26 23:58:25 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll[2010-10-26 23:58:22 | 000,144,384 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\drivers\hdaudbus.sys[2010-10-26 23:58:22 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hccoin.dll[2010-10-26 23:58:17 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\faxpatch.exe[2010-10-26 23:58:15 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll[2010-10-26 23:58:15 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll[2010-10-26 23:58:15 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll[2010-10-26 23:58:15 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll[2010-10-26 23:58:15 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll[2010-10-26 23:58:15 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll[2010-10-26 23:58:15 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll[2010-10-26 23:58:08 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll[2010-10-26 23:58:08 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll[2010-10-26 23:58:08 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll[2010-10-26 23:58:07 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll[2010-10-26 23:58:07 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll[2010-10-26 23:58:07 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll[2010-10-26 23:58:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll[2010-10-26 23:58:05 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll[2010-10-26 23:57:58 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys[2010-10-26 23:57:58 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll[2010-10-26 23:57:56 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll[2010-10-26 23:57:56 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll[2010-10-26 23:57:56 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll[2010-10-26 23:57:56 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys[2010-10-26 23:57:56 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys[2010-10-26 23:57:56 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys[2010-10-26 23:57:56 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys[2010-10-26 23:57:56 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys[2010-10-26 23:57:56 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll[2010-10-26 23:57:56 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys[2010-10-26 23:57:56 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys[2010-10-26 23:57:56 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll[2010-10-26 23:57:56 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax[2010-10-26 23:57:56 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll[2010-10-26 23:57:56 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll[2010-10-26 23:57:56 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys[2010-10-26 23:57:56 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll[2010-10-26 23:57:56 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys[2010-10-26 23:57:56 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys[2010-10-26 23:57:56 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll[2010-10-26 23:57:56 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax[2010-10-26 23:57:56 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll[2010-10-26 23:57:55 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll[2010-10-26 23:57:55 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys[2010-10-26 23:57:55 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll[2010-10-26 23:57:55 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys[2010-10-26 23:57:55 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll[2010-10-26 23:57:54 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll[2010-10-26 23:57:54 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys[2010-10-26 23:57:54 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys[2010-10-26 23:57:54 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys[2010-10-26 23:57:54 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys[2010-10-26 23:57:54 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys[2010-10-26 23:57:54 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys[2010-10-26 23:57:54 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys[2010-10-26 23:57:54 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys[2010-10-26 23:57:54 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys[2010-10-26 23:57:54 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys[2010-10-26 23:57:51 | 000,043,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\drivers\amdagp.sys[2010-10-26 23:57:51 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll[2010-10-26 23:57:51 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll[2010-10-26 23:57:51 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll[2010-10-26 23:57:51 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll[2010-10-26 23:57:51 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll[2010-10-26 23:57:51 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll[2010-10-26 23:57:51 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll[2010-10-26 23:56:43 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$[2010-10-26 23:31:40 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll[2010-10-26 23:31:40 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll[2010-10-26 23:31:31 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys[2010-10-26 23:31:14 | 000,273,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys[2010-10-26 23:31:07 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys[2010-10-26 23:30:55 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys[2010-10-26 23:29:09 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe[2010-10-26 23:29:07 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rhttpaa.dll[2010-10-26 23:29:07 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aaclient.dll[2010-10-26 23:29:07 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsgqec.dll[2010-10-26 23:28:28 | 002,191,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe[2010-10-26 23:28:26 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll[2010-10-26 23:28:23 | 002,147,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe[2010-10-26 23:28:20 | 002,025,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe[2010-10-26 23:26:25 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll[2010-10-26 23:24:49 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe[2010-10-26 23:22:37 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll[2010-10-26 23:21:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Windows Genuine Advantage[2010-10-19 11:14:50 | 001,254,747 | ---- | C] (facemoods.com) -- C:\WINDOWS\facemoods.exe[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ][1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010-10-28 22:00:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2010-10-28 21:57:05 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml[2010-10-28 14:26:16 | 000,001,706 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk[2010-10-28 14:26:10 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT[2010-10-28 14:08:17 | 000,281,104 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\wpcap.dll[2010-10-28 14:08:17 | 000,100,880 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\Packet.dll[2010-10-28 14:08:17 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys[2010-10-27 22:20:09 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job[2010-10-27 22:17:17 | 000,118,952 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT[2010-10-27 22:12:39 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK[2010-10-27 22:10:39 | 000,490,284 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat[2010-10-27 22:10:39 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat[2010-10-27 22:10:39 | 000,083,660 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat[2010-10-27 22:10:39 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat[2010-10-27 22:02:24 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl[2010-10-27 21:56:49 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini[2010-10-27 21:11:34 | 000,001,935 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Drivers For Free.lnk[2010-10-27 20:31:43 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\blaxxun Contact 4.4.lnk[2010-10-27 01:48:30 | 000,002,204 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Driver Detective.lnk[2010-10-27 01:00:32 | 000,001,049 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\UpdateMyDrivers.lnk[2010-10-27 00:03:15 | 000,251,152 | RHS- | M] () -- C:\ntldr[2010-10-26 23:40:10 | 000,000,540 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Dziobas Rar Player.lnk[2010-10-19 11:14:50 | 001,254,747 | ---- | M] (facemoods.com) -- C:\WINDOWS\facemoods.exe[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ][1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010-10-28 14:26:16 | 000,001,706 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk[2010-10-27 21:11:34 | 000,001,935 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Drivers For Free.lnk[2010-10-27 20:31:43 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\blaxxun Contact 4.4.lnk[2010-10-27 01:48:30 | 000,002,204 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Driver Detective.lnk[2010-10-27 01:31:12 | 000,007,070 | ---- | C] () -- C:\NetworkCfg.xml[2010-10-27 01:25:56 | 000,088,566 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml[2010-10-27 01:25:21 | 000,017,056 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu[2010-10-27 01:00:32 | 000,001,049 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\UpdateMyDrivers.lnk[2010-10-27 00:26:32 | 000,000,260 | ---- | C] () -- C:\WINDOWS\tasks\WGASetup.job[2010-10-26 23:59:07 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img[2010-10-26 23:58:28 | 000,001,950 | ---- | C] () -- C:\WINDOWS\System32\pid.inf[2010-10-26 23:57:56 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod[2010-10-26 23:40:10 | 000,000,540 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Dziobas Rar Player.lnk[2009-12-31 11:43:03 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini[2009-12-30 17:21:59 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI[2009-12-30 16:53:20 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI[2009-12-30 14:44:50 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll[2009-12-30 14:44:49 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini[2009-12-30 14:44:47 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll[2009-12-30 14:44:47 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll[2009-12-30 14:44:44 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll[2006-10-22 12:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll[2006-10-22 12:22:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll[2006-10-22 12:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll[2006-10-22 12:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll[2006-10-22 12:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll[2006-10-22 12:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll[2006-10-22 12:22:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll[1999-01-22 17:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL< End of report >

Użytkownik Katarina edytował ten post 29 10 2010 - 00:00

  • 0

#10 ordynat

ordynat

    Zaawansowany użytkownik

  • 804 postów

Napisano 29 10 2010 - 00:04

W logu nie widać niczego podejrzanego.
Tak więc uważam, że jest OK.
.
  • 0

#11 j2525

j2525

    Obserwator

  • 6 postów

Napisano 29 10 2010 - 00:12

W logu nie widać niczego podejrzanego.
Tak więc uważam, że jest OK.
.

Dziękuję za pomoc ;)Podziwiam fachowość ;D

  • 0

#12 maxsp2

maxsp2

    Początkujący

  • 37 postów

Napisano 31 10 2010 - 22:36

Możesz spróbować to usunąć takim programe jak revouinstaler.

Jest to swego rodzaju program robiący czyszczenie rejestru.

Ale mimo instalacji przeszukuje rejestr od pozostałości po danym programie.


Pozdr.

  • 0

#13 EruPL

EruPL

    Nowy

  • 3 postów

Napisano 23 12 2010 - 12:51

Mogłeś wejść do trybu awaryjnego - tam Security Tools się nie uruchamia (no chyba że w nowej wersji autor to poprawił bo jak ja testowałem ostatnio to w trybie awaryjnym się nie odpalał ;)) i stamtąd uruchomić MBAM.
Jeśli w trybie awaryjnym tez klapa to nagraj na jakimś czystym kompie jakiegoś AV na płycie bootowalnej i przeskanuj z niej system.
Tutaj masz linki to pobrania aż 13 http://www.raymond.cc/blog/archives/2008/12/11/13-antivirus-rescue-cds-software-compared-in-search-for-the-best-rescue-disk/

Użytkownik EruPL edytował ten post 23 12 2010 - 12:54

  • 0




Użytkownicy przeglądający ten temat: 0

0 użytkowników, 0 gości, 0 anonimowych