ADVERTISEMENT

OTL-logi2.rar

System Tool 2011 – analiza logów ComboFix i HJT po infekcji fałszywym antywirusem

Zrobiłem wszystko zgodnie ze wskazówkami


Download file - link to post
  • OTL-logi2.rar
    • OTL.Txt
    • 01112011_210017.log


OTL-logi2.rar > OTL.Txt

OTL logfile created on: 2011-01-11 21:14:54 - Run 6
OTL by OldTimer - Version 3.2.20.1 Folder = E:\Ściągawki
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

510,00 Mb Total Physical Memory | 203,00 Mb Available Physical Memory | 40,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 1200 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,52 Gb Total Space | 7,20 Gb Free Space | 36,89% Space Free | Partition Type: FAT32
Drive D: | 68,36 Gb Total Space | 12,57 Gb Free Space | 18,38% Space Free | Partition Type: NTFS
Drive E: | 61,15 Gb Total Space | 3,25 Gb Free Space | 5,31% Space Free | Partition Type: NTFS

Computer Name: MAZU-0590F9D734 | User Name: Mazuro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011-01-11 20:14:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Ściągawki\OTL.exe
PRC - [2010-12-09 23:54:28 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2007-01-09 12:56:16 | 000,049,152 | ---- | M] (Vimicro) -- C:\WINDOWS\Domino.exe
PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2002-08-21 05:13:12 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WISPTIS.EXE


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011-01-11 20:14:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Ściągawki\OTL.exe
MOD - [2004-08-04 00:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010-05-17 18:21:00 | 003,592,432 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-12-17 00:08:36 | 000,025,544 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010-06-29 10:00:42 | 000,502,368 | ---- | M] (Eset ) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON)
DRV - [2010-05-17 14:31:08 | 000,040,128 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\vujlvhht.sys -- (vujlvhht)
DRV - [2010-04-24 15:49:12 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2007-04-03 16:22:12 | 000,260,224 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbvm323.sys -- (ZSMC326) Vimicro USB2.0 PC Camera(VC0323)
DRV - [2006-08-08 11:25:40 | 000,476,672 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vmfilter323.sys -- (vmfilter323)
DRV - [2005-04-20 20:00:56 | 002,317,696 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005-04-01 16:16:00 | 003,454,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004-10-15 12:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)
DRV - [2004-09-29 11:00:42 | 000,247,296 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZD1211U.sys -- (ZD1211U(PLANET Technology Corp.)) PLANET WL-U356A Driver(PLANET Technology Corp.)
DRV - [2004-08-03 23:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004-08-03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2004-06-30 13:54:04 | 000,019,200 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ZDBRGSYS.sys -- (ZDBRGSYS)
DRV - [2004-01-14 11:30:00 | 000,017,151 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ZDPNDIS5.sys -- (ZDPNDIS5)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: " http://www.google.com/webhp?hl=pl "
FF - prefs.js..extensions.enabledItems: firefox@red-cog.com:2.8
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: YoutubeDownloader@PeterOlayev.com:1.5
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-22 17:37:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-09-22 17:37:14 | 000,000,000 | ---D | M]

[2008-09-25 17:22:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mazuro\Dane aplikacji\Mozilla\Extensions
[2010-08-02 21:52:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mazuro\Dane aplikacji\Mozilla\Extensions\mozswing@mozswing.org
[2008-09-25 17:18:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mazuro\Dane aplikacji\Mozilla\Firefox\Profiles\ou8hlvn5.default\extensions
[2010-08-11 14:57:04 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\Mazuro\Dane aplikacji\Mozilla\Firefox\Profiles\ou8hlvn5.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2009-08-13 11:00:28 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Documents and Settings\Mazuro\Dane aplikacji\Mozilla\Firefox\Profiles\ou8hlvn5.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2009-08-13 11:00:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mazuro\Dane aplikacji\Mozilla\Firefox\Profiles\ou8hlvn5.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
[2010-12-24 13:08:20 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Mazuro\Dane aplikacji\Mozilla\Firefox\Profiles\ou8hlvn5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-09-29 00:08:36 | 000,000,000 | ---D | M] (Embedded Objects) -- C:\Documents and Settings\Mazuro\Dane aplikacji\Mozilla\Firefox\Profiles\ou8hlvn5.default\extensions\firefox@red-cog.com
[2010-09-12 12:36:16 | 000,000,000 | ---D | M] (Personas) -- C:\Documents and Settings\Mazuro\Dane aplikacji\Mozilla\Firefox\Profiles\ou8hlvn5.default\extensions\personas@christopher.beard
[2010-08-01 21:57:46 | 000,000,000 | ---D | M] (1-Click YouTube Video Downloader) -- C:\Documents and Settings\Mazuro\Dane aplikacji\Mozilla\Firefox\Profiles\ou8hlvn5.default\extensions\YoutubeDownloader@PeterOlayev.com
[2009-05-27 12:57:38 | 000,001,972 | ---- | M] () -- C:\Documents and Settings\Mazuro\Dane aplikacji\Mozilla\Firefox\Profiles\ou8hlvn5.default\searchplugins\wrzuta.xml
[2011-01-10 14:53:24 | 000,002,039 | ---- | M] () -- C:\Documents and Settings\Mazuro\Dane aplikacji\Mozilla\Firefox\Profiles\ou8hlvn5.default\searchplugins\torrentyorg.xml
[2009-09-22 17:37:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-05-02 23:21:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-04-01 14:55:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010-04-12 17:29:20 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-09-21 23:37:22 | 000,024,576 | ---- | M] (My Global Search) -- C:\Program Files\Mozilla Firefox\plugins\NPMyGlSh.dll
[2010-04-05 00:41:38 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-04-05 00:41:38 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-04-05 00:41:38 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-04-05 00:41:38 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-04-05 00:41:38 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-04-05 00:41:38 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-12-28 14:43:02 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - No CLSID value found.
O4 - HKLM..\Run: [BigDogPath323Domino] C:\WINDOWS\Domino.exe (Vimicro)
O4 - HKLM..\Run: [BigDogPath323VMSnap] C:\WINDOWS\VMSnap23.exe ()
O4 - HKLM..\Run: [CleanIt] C:\Program Files\CleanIt\CleanIt.exe (Silmaril Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKCU..\Run: [BitComet] E:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O4 - HKCU..\Run: [Gadu-Gadu 10] E:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\PLANET WL-U356A Utility.lnk = C:\Program Files\PLANET\PLANET WL-U356A\WlanUtil.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\System32\imon.dll (Eset )
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Mazuro\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mazuro\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-08-05 15:26:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- " %1 " %*
O35 - HKLM\..exefile [open] -- " %1 " %*
O37 - HKLM\...com [@ = ComFile] -- " %1 " %*
O37 - HKLM\...exe [@ = exefile] -- " %1 " %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011-01-11 19:23:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\lPpFi07000
[2011-01-02 04:09:16 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mazuro\Recent
[2010-12-25 22:08:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Neverwinter Nights
[2010-12-17 00:08:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Hamachi
[2010-12-17 00:08:32 | 000,000,000 | ---D | C] -- C:\Program Files\Hamachi

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011-01-11 21:11:24 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011-01-11 21:10:16 | 000,000,972 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011-01-11 21:09:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-01-11 20:02:02 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011-01-11 19:40:34 | 000,107,520 | ---- | M] () -- C:\Documents and Settings\Mazuro\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-01-10 14:35:46 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-01-09 15:30:04 | 000,030,574 | ---- | M] () -- C:\Documents and Settings\Mazuro\.recently-used.xbel
[2011-01-05 23:14:32 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011-01-04 19:08:10 | 000,205,189 | ---- | M] () -- C:\Documents and Settings\Mazuro\Moje dokumenty\ts3_clientui-win32-12815-2011-01-04 19_08_09.343750.dmp
[2011-01-04 19:08:10 | 000,203,033 | ---- | M] () -- C:\Documents and Settings\Mazuro\Moje dokumenty\ts3_clientui-win32-12815-2011-01-04 19_08_07.546875.dmp
[2011-01-03 15:33:58 | 000,000,117 | ---- | M] () -- C:\Documents and Settings\Mazuro\jagex_runescape_preferences2.dat
[2011-01-03 15:33:58 | 000,000,046 | ---- | M] () -- C:\Documents and Settings\Mazuro\jagex_runescape_preferences.dat
[2010-12-17 00:08:36 | 000,025,544 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\hamachi.sys
[2010-12-17 00:08:36 | 000,000,542 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Hamachi.lnk

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-01-09 15:30:02 | 000,030,574 | ---- | C] () -- C:\Documents and Settings\Mazuro\.recently-used.xbel
[2011-01-04 19:08:09 | 000,205,189 | ---- | C] () -- C:\Documents and Settings\Mazuro\Moje dokumenty\ts3_clientui-win32-12815-2011-01-04 19_08_09.343750.dmp
[2011-01-04 19:08:07 | 000,203,033 | ---- | C] () -- C:\Documents and Settings\Mazuro\Moje dokumenty\ts3_clientui-win32-12815-2011-01-04 19_08_07.546875.dmp
[2010-12-17 00:08:35 | 000,000,542 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Hamachi.lnk
[2010-06-24 22:07:53 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2010-05-24 20:38:25 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndisvvan.sys
[2010-05-17 14:31:05 | 000,040,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\vujlvhht.sys
[2010-05-05 19:59:29 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010-05-05 19:59:28 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010-05-05 19:59:27 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-05-05 19:59:27 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010-05-05 19:59:24 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010-05-01 01:00:16 | 000,000,203 | ---- | C] () -- C:\WINDOWS\GSdx9 sse2.INI
[2010-05-01 00:51:57 | 000,000,208 | ---- | C] () -- C:\WINDOWS\GSdx9.INI
[2010-03-07 06:42:04 | 000,069,120 | ---- | C] () -- C:\WINDOWS\System32\kailleraclient.dll
[2009-11-30 19:14:53 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI
[2009-11-24 15:20:07 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-11-14 22:19:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2009-11-12 13:32:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\zSpy.INI
[2009-09-18 20:09:38 | 000,033,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys
[2009-09-14 18:13:44 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\pthread.dll
[2009-08-09 06:37:45 | 000,000,147 | ---- | C] () -- C:\WINDOWS\l33td.ini
[2009-06-29 18:47:42 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2009-05-24 14:03:15 | 000,000,030 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008-12-26 16:56:44 | 000,000,404 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2008-12-26 16:56:44 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2008-12-26 16:51:07 | 000,031,567 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2008-12-07 14:58:42 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2008-11-09 21:46:38 | 000,137,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008-10-22 16:23:40 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008-10-05 22:21:22 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\KMVIDC32.DLL
[2008-09-26 12:05:13 | 000,000,526 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008-09-26 12:00:11 | 000,107,520 | ---- | C] () -- C:\Documents and Settings\Mazuro\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-09-25 17:15:21 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2008-09-25 16:22:28 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007-03-26 10:45:18 | 000,071,208 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007-02-20 14:59:08 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007-02-20 14:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007-02-20 14:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007-02-20 14:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007-02-20 14:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007-02-20 14:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007-02-20 14:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007-02-20 14:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007-02-20 14:59:04 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2005-08-30 00:00:00 | 000,781,312 | ---- | C] () -- C:\WINDOWS\System32\RGSS102J.dll
[2005-08-30 00:00:00 | 000,778,752 | ---- | C] () -- C:\WINDOWS\System32\RGSS102E.dll
[2005-08-30 00:00:00 | 000,771,584 | ---- | C] () -- C:\WINDOWS\System32\RGSS100J.dll
[2005-04-01 16:16:00 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2004-07-17 11:36:38 | 000,029,392 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys

& lt; End of report & gt;