Combofix Log ! HELP KEYLOGGER - WINDOWS XP

ComboFix 10-03-13.03 - glowny 2010-03-14 13:27:06.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.1023.693 [GMT 1:00]
Uruchomiony z: c:\documents and settings\glowny\Moje dokumenty\Pobieranie\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezydentny antywirus jest aktywny

.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Dane aplikacji\hpe2850.dll
c:\program files\Cheat Engine\dbk32.sys
c:\program files\Internet Explorer\HFXA20.tmp
c:\program files\Internet Explorer\SET9D7.tmp
E:\njibyekk.com

.
((((((((((((((((((((((((( Pliki utworzone od 2010-02-14 do 2010-03-14 )))))))))))))))))))))))))))))))
.

2010-03-13 07:42 . 2010-03-13 07:42 -------- d-----w- c:\documents and settings\glowny\Dane aplikacji\Sincell
2010-03-13 07:42 . 2010-03-13 07:42 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Sincell
2010-03-13 07:40 . 2010-03-13 07:40 -------- d-----w- c:\program files\Sincell
2010-03-12 14:23 . 2010-03-12 15:47 -------- d-----w- c:\program files\e.Kontroler ver 2.3
2010-03-10 07:24 . 2008-04-15 12:00 26624 ----a-w- c:\documents and settings\LocalService\Dane aplikacji\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2010-03-10 07:20 . 2008-04-15 12:00 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-03-10 07:20 . 2010-03-10 07:20 -------- d-----w- c:\program files\Windows Media Connect 2
2010-03-10 07:19 . 2010-03-10 07:19 -------- d-----w- c:\windows\system32\LogFiles
2010-03-09 16:10 . 2010-03-09 16:10 -------- d-----w- c:\program files\elo
2010-03-08 15:22 . 2010-03-08 15:22 -------- d-----w- c:\documents and settings\glowny\Ustawienia lokalne\Dane aplikacji\Opera
2010-03-08 15:22 . 2010-03-08 15:22 -------- d-----w- c:\program files\Opera
2010-03-07 09:24 . 2010-03-07 09:24 -------- d-----w- c:\documents and settings\glowny\Ustawienia lokalne\Dane aplikacji\TechSmith
2010-03-07 09:19 . 2010-03-07 09:40 -------- d-----w- c:\documents and settings\glowny\Dane aplikacji\Ulead Systems
2010-03-07 09:18 . 2010-03-07 09:18 -------- d-----w- c:\program files\Common Files\InterVideo
2010-03-07 09:18 . 2010-03-07 09:18 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\InterVideo
2010-03-07 09:18 . 2007-03-27 18:56 210456 ----a-w- c:\windows\system32\IVIresizeW7.dll
2010-03-07 09:18 . 2007-03-27 18:56 194072 ----a-w- c:\windows\system32\IVIresizePX.dll
2010-03-07 09:18 . 2007-03-27 18:56 198168 ----a-w- c:\windows\system32\IVIresizeP6.dll
2010-03-07 09:18 . 2007-03-27 18:56 198168 ----a-w- c:\windows\system32\IVIresizeM6.dll
2010-03-07 09:18 . 2007-03-27 18:56 206360 ----a-w- c:\windows\system32\IVIresizeA6.dll
2010-03-07 09:18 . 2007-03-27 18:56 26136 ----a-w- c:\windows\system32\IVIresize.dll
2010-03-07 09:17 . 2010-03-07 09:17 -------- d-----w- c:\program files\Windows Media Components
2010-03-07 09:16 . 2010-03-07 09:19 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Ulead Systems
2010-03-07 09:16 . 2010-03-07 09:17 -------- d-----w- c:\program files\Common Files\Ulead Systems
2010-03-07 09:01 . 2009-08-19 04:18 107864 ----a-w- c:\windows\system32\tsccvid.dll
2010-03-07 09:01 . 2010-03-07 09:01 -------- d-----w- c:\windows\system32\QuickTime
2010-03-07 09:00 . 2010-03-07 09:00 -------- d-----w- c:\program files\QuickTime
2010-03-07 09:00 . 2010-03-07 09:00 -------- d-----w- c:\program files\Common Files\TechSmith Shared
2010-03-07 09:00 . 2010-03-07 09:00 -------- d-----w- c:\program files\TechSmith
2010-03-06 13:46 . 2010-03-06 13:46 -------- d-----w- c:\documents and settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google
2010-03-06 13:41 . 2010-03-06 13:41 -------- d-----w- c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
2010-03-06 13:41 . 2010-03-06 13:41 -------- d-----w- c:\program files\Google
2010-03-05 14:15 . 2010-03-05 14:20 -------- d-----w- c:\program files\Eurobarre
2010-03-05 14:15 . 2010-03-05 14:15 15872 ------w- c:\windows\system32\winskfr.dll
2010-03-05 14:15 . 2010-03-05 14:15 119568 ------w- c:\windows\system32\vb6fr.dll
2010-03-05 14:08 . 2009-11-03 12:07 679936 ----a-w- c:\windows\system32\D3DX81ab.dll
2010-03-05 14:08 . 2009-11-03 12:07 1970176 ----a-w- c:\windows\system32\d3dx9.dll
2010-03-05 14:08 . 2010-03-14 12:31 -------- d-----w- c:\program files\Cheat Engine
2010-03-04 16:34 . 2010-03-04 16:34 -------- d-----w- c:\program files\PIT z GazetÄ… WyborczÄ…
2010-03-02 20:56 . 2010-03-02 20:57 -------- d-----w- c:\documents and settings\glowny\Dane aplikacji\Nowe Gadu-Gadu
2010-03-02 20:56 . 2010-03-02 20:57 -------- d-----w- c:\program files\Nowe Gadu-Gadu
2010-03-01 18:06 . 2010-03-01 18:31 -------- d-----w- c:\documents and settings\glowny\Dane aplikacji\Spider Player
2010-03-01 18:05 . 2010-03-01 18:06 -------- d-----w- c:\program files\Spider Player
2010-03-01 17:45 . 2010-03-01 17:45 -------- d-----w- c:\documents and settings\glowny\Ustawienia lokalne\Dane aplikacji\vdownloader
2010-03-01 17:44 . 2010-03-01 17:44 -------- d-----w- c:\program files\Common Files\eBay
2010-03-01 17:44 . 2010-03-01 17:45 -------- d-----w- c:\program files\VDOWNLOADER
2010-03-01 17:37 . 2010-03-01 17:38 -------- d-----w- c:\program files\Audacity
2010-02-27 21:17 . 2010-02-27 21:17 -------- d-----w- c:\documents and settings\glowny\Ustawienia lokalne\Dane aplikacji\Identities
2010-02-26 10:34 . 2010-02-26 10:34 -------- d-----w- c:\documents and settings\glowny\Ustawienia lokalne\Dane aplikacji\Sony Ericsson
2010-02-26 10:34 . 2010-02-26 10:34 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\BVRP Software
2010-02-26 10:33 . 2007-11-02 10:47 103976 ----a-w- c:\windows\system32\drivers\s916mgmt.sys
2010-02-26 10:33 . 2007-11-02 10:47 100008 ----a-w- c:\windows\system32\drivers\s916obex.sys
2010-02-26 10:33 . 2007-11-02 10:47 15016 ----a-w- c:\windows\system32\drivers\s916mdfl.sys
2010-02-26 10:33 . 2007-11-02 10:47 109992 ----a-w- c:\windows\system32\drivers\s916mdm.sys
2010-02-26 10:33 . 2007-11-02 10:47 83496 ----a-w- c:\windows\system32\drivers\s916bus.sys
2010-02-26 10:33 . 2007-11-02 10:47 12200 ----a-w- c:\windows\system32\drivers\s916cmnt.sys
2010-02-26 10:33 . 2007-11-02 10:47 12200 ----a-w- c:\windows\system32\drivers\s916cm.sys
2010-02-26 10:33 . 2007-11-02 10:47 12200 ----a-w- c:\windows\system32\drivers\s916whnt.sys
2010-02-26 10:33 . 2007-11-02 10:47 12200 ----a-w- c:\windows\system32\drivers\s916wh.sys
2010-02-26 10:32 . 2010-02-26 10:33 -------- dc----w- c:\windows\system32\DRVSTORE
2010-02-26 10:31 . 2010-02-26 10:31 -------- d-----w- c:\program files\Sony Ericsson
2010-02-26 10:31 . 2010-02-26 10:31 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Sony Ericsson
2010-02-25 16:56 . 2010-02-25 16:56 -------- d-----w- c:\documents and settings\glowny\Dane aplikacji\teamspeak2
2010-02-25 16:55 . 2010-02-25 16:56 -------- d-----w- c:\program files\Teamspeak2_RC2
2010-02-25 10:49 . 2009-12-12 14:15 178176 ----a-w- c:\windows\system32\unrar.dll
2010-02-25 10:49 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-02-25 10:49 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2010-02-25 10:49 . 2010-02-02 18:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-02-25 10:49 . 2010-02-25 10:53 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-02-23 18:23 . 2010-02-23 18:23 -------- d-----w- c:\program files\TeamViewer
2010-02-23 18:16 . 2010-02-23 18:17 -------- d-----w- c:\documents and settings\glowny\Dane aplikacji\Ventrilo
2010-02-23 18:16 . 2010-02-23 18:16 -------- d-----w- c:\program files\Ventrilo
2010-02-23 18:16 . 2010-02-23 18:16 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-02-23 15:40 . 2010-02-23 15:40 -------- d-----w- c:\documents and settings\glowny\Ustawienia lokalne\Dane aplikacji\SEGA
2010-02-23 15:39 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2010-02-23 15:39 . 2010-02-23 15:39 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-02-23 15:39 . 2010-02-23 15:39 -------- d-----w- c:\windows\system32\xlive
2010-02-23 15:37 . 2007-03-05 11:42 15128 ----a-w- c:\windows\system32\x3daudio1_1.dll
2010-02-23 11:01 . 2010-02-23 11:01 -------- d-----w- c:\program files\SystemRequirementsLab
2010-02-23 11:01 . 2010-02-23 11:01 -------- d-----w- c:\documents and settings\glowny\SystemRequirementsLab
2010-02-23 10:51 . 2010-02-23 10:51 98304 ----a-w- c:\documents and settings\All Users\Dane aplikacji\NexonEU\NGM\nxgameeu.dll
2010-02-23 10:51 . 2010-02-23 10:51 81920 ----a-w- c:\documents and settings\All Users\Dane aplikacji\NexonEU\NGM\npNxGameeu.dll
2010-02-23 10:51 . 2010-02-23 10:51 532480 ----a-w- c:\documents and settings\All Users\Dane aplikacji\NexonEU\NGM\NGMDll.dll
2010-02-23 10:51 . 2010-02-23 10:51 331776 ----a-w- c:\documents and settings\All Users\Dane aplikacji\NexonEU\NGM\NGMResource.dll
2010-02-23 10:51 . 2010-02-23 10:51 258352 ----a-w- c:\documents and settings\All Users\Dane aplikacji\NexonEU\NGM\unicows.dll
2010-02-23 10:51 . 2010-02-23 10:51 155648 ----a-w- c:\documents and settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe
2010-02-23 10:51 . 2010-02-23 10:51 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\NexonEU
2010-02-22 10:25 . 2010-02-22 10:25 -------- d-----w- c:\documents and settings\glowny\Dane aplikacji\TeamViewer
2010-02-22 10:25 . 2010-02-22 10:25 -------- d-----w- c:\documents and settings\glowny\temp
2010-02-18 16:23 . 2010-02-18 16:24 -------- d-----w- c:\documents and settings\glowny\Dane aplikacji\HLSW
2010-02-18 16:23 . 2010-02-18 16:23 -------- d-s---w- c:\program files\HLSW
2010-02-17 19:44 . 2010-02-17 19:44 -------- d-----w- c:\windows\Sun
2010-02-17 19:44 . 2010-02-17 19:44 503808 ----a-w- c:\documents and settings\glowny\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4cc4325e-n\msvcp71.dll
2010-02-17 19:44 . 2010-02-17 19:44 348160 ----a-w- c:\documents and settings\glowny\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4cc4325e-n\msvcr71.dll
2010-02-17 19:44 . 2010-02-17 19:44 499712 ----a-w- c:\documents and settings\glowny\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4cc4325e-n\jmc.dll
2010-02-17 19:44 . 2010-02-17 19:44 -------- d-----w- c:\program files\Common Files\Java
2010-02-17 19:44 . 2010-02-17 19:44 61440 ----a-w- c:\documents and settings\glowny\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-381dddf5-n\decora-sse.dll
2010-02-17 19:44 . 2010-02-17 19:44 12800 ----a-w- c:\documents and settings\glowny\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-381dddf5-n\decora-d3d.dll
2010-02-17 19:43 . 2010-02-17 19:43 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-02-17 19:43 . 2010-02-17 19:43 -------- d-----w- c:\program files\Java
2010-02-17 19:03 . 2010-02-17 19:03 -------- d-----w- c:\program files\Microsoft Silverlight
2010-02-16 15:56 . 2010-03-01 19:13 -------- d-----w- c:\documents and settings\glowny\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-13 10:36 . 2008-04-15 12:00 89874 ----a-w- c:\windows\system32\perfc015.dat
2010-03-13 10:36 . 2008-04-15 12:00 503306 ----a-w- c:\windows\system32\perfh015.dat
2010-03-11 17:28 . 2010-01-30 19:26 -------- d-----w- c:\documents and settings\glowny\Dane aplikacji\Winamp
2010-03-10 21:23 . 2010-01-31 19:02 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Microsoft Help
2010-03-07 11:59 . 2010-02-05 15:51 -------- d-----w- c:\documents and settings\glowny\Dane aplikacji\FileZilla
2010-03-07 09:21 . 2010-01-30 17:03 80216 ----a-w- c:\documents and settings\glowny\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2010-03-07 09:18 . 2010-01-30 19:10 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-26 13:53 . 2010-02-05 15:50 -------- d-----w- c:\documents and settings\glowny\Dane aplikacji\gtk-2.0
2010-02-25 10:46 . 2010-01-30 19:27 -------- d-----w- c:\program files\ALLPlayer
2010-02-12 06:14 . 2010-02-12 06:14 -------- d-----w- c:\program files\Intel Desktop Board
2010-02-12 06:12 . 2010-02-12 06:12 -------- d-----w- c:\documents and settings\glowny\Dane aplikacji\Sony Corporation
2010-02-12 06:11 . 2010-02-12 06:11 -------- d-----w- c:\program files\Common Files\Sony Shared
2010-02-12 06:11 . 2010-02-12 06:11 -------- d-----w- c:\program files\Sony
2010-02-07 13:04 . 2010-02-07 13:04 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\OpenFM
2010-02-07 13:04 . 2010-02-07 13:04 -------- d-----w- c:\documents and settings\glowny\Dane aplikacji\OpenFM
2010-02-06 07:31 . 2010-02-06 07:33 737280 ----a-w- c:\windows\iun6002.exe
2010-02-05 15:51 . 2010-02-05 15:51 -------- d-----w- c:\program files\FileZilla FTP Client
2010-02-02 17:50 . 2010-01-31 19:10 -------- d-----w- c:\program files\Microsoft Works
2010-02-02 14:12 . 2010-02-02 14:11 -------- d-----w- c:\program files\GIMP-2.0
2010-01-31 20:41 . 2010-01-30 16:51 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-31 19:10 . 2010-01-30 20:49 -------- d-----w- c:\program files\MSBuild
2010-01-31 19:07 . 2010-01-31 19:07 -------- d-----w- c:\program files\Microsoft.NET
2010-01-31 19:04 . 2010-01-31 19:04 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-01-31 12:35 . 2010-01-30 17:03 -------- d-----w- c:\documents and settings\glowny\Dane aplikacji\Gadu-Gadu 10
2010-01-30 20:56 . 2010-01-30 20:56 -------- d-----w- c:\documents and settings\glowny\Dane aplikacji\ATI
2010-01-30 20:54 . 2010-01-30 20:54 -------- d-----w- c:\documents and settings\glowny\Dane aplikacji\Gadu-Gadu
2010-01-30 20:49 . 2010-01-30 20:49 -------- d-----w- c:\program files\Reference Assemblies
2010-01-30 19:38 . 2010-01-30 19:36 -------- d-----w- c:\program files\ATI Technologies
2010-01-30 19:37 . 2010-01-30 19:10 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-30 19:33 . 2010-01-30 19:26 -------- d-----w- c:\program files\Winamp
2010-01-30 19:32 . 2010-01-30 19:32 -------- d-----w- c:\program files\Winamp Detect
2010-01-30 19:30 . 2010-01-30 19:29 -------- d-----w- c:\program files\Gadu-Gadu
2010-01-30 19:30 . 2010-01-30 19:30 -------- d-----w- c:\program files\ALLConverter
2010-01-30 19:28 . 2010-01-30 19:28 -------- d-----w- c:\program files\NAPI-PROJEKT
2010-01-30 19:24 . 2010-01-30 19:23 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-30 19:10 . 2010-01-30 19:10 -------- d-----w- c:\program files\V-Stream
2010-01-30 18:58 . 2010-01-30 18:58 -------- d-----w- c:\program files\C-Media 3D Audio
2010-01-30 18:57 . 2010-01-30 18:57 -------- d-----w- c:\program files\SiSLan
2010-01-30 17:52 . 2010-01-30 17:52 131 ----a-w- c:\documents and settings\glowny\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
2010-01-30 17:35 . 2010-01-30 17:29 -------- d-----w- c:\documents and settings\glowny\Dane aplikacji\DAEMON Tools Lite
2010-01-30 17:30 . 2010-01-30 17:29 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-01-30 17:30 . 2010-01-30 17:29 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-01-30 17:29 . 2010-01-30 17:29 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\DAEMON Tools Lite
2010-01-30 17:10 . 2010-01-30 17:10 -------- d-----w- c:\program files\ESET
2010-01-30 17:10 . 2010-01-30 17:10 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\ESET
2010-01-30 17:03 . 2010-01-30 17:03 -------- d-----w- c:\program files\Gadu-Gadu 10
2010-01-30 17:03 . 2010-01-30 17:03 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Gadu-Gadu 10
2010-01-30 17:02 . 2010-01-30 17:02 0 ----a-w- c:\windows\nsreg.dat
2010-01-30 16:53 . 2010-01-30 16:53 -------- d-----w- c:\program files\microsoft frontpage
2010-01-30 16:51 . 2010-01-30 16:51 -------- d-----w- c:\program files\Usługi online
2010-01-30 16:47 . 2010-01-30 16:47 21856 ----a-w- c:\windows\system32\emptyregdb.dat
2010-01-20 12:05 . 2010-01-20 12:05 42088 ----a-w- c:\documents and settings\glowny\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll
2010-01-20 12:03 . 2010-01-20 12:03 11776 ----a-w- c:\documents and settings\glowny\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.2.dll
2009-12-31 16:50 . 2008-04-15 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:08 . 2008-04-15 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-17 07:42 . 2010-01-30 16:45 345088 ----a-w- c:\windows\system32\mspaint.exe
.

------- Sigcheck -------

[-] 2008-04-15 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys

[-] 2008-04-15 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\asyncmac.sys
[-] 2008-04-15 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys

[-] 2008-04-15 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2008-04-15 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys

[-] 2008-04-15 . 2AECA45D4AEAACBDCB77AD11184E4601 . 24960 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys

[-] 2008-04-15 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ndis.sys
[-] 2008-04-15 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys

[-] 2008-04-15 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ntfs.sys
[-] 2008-04-15 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys

[-] 2008-04-15 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2008-04-15 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys

[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-04-15 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys

[-] 2008-04-15 . B98ED6D85339A66A73F32FB569EB6C01 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2008-04-15 . B98ED6D85339A66A73F32FB569EB6C01 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\browser.dll

[-] 2008-04-15 . 88296F7943F30A1EE3AF735440B92268 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2008-04-15 . 88296F7943F30A1EE3AF735440B92268 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lsass.exe

[-] 2008-04-15 . 4FE97D0B1B182DF2A9BDD4C02155EF5E . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2008-04-15 . 4FE97D0B1B182DF2A9BDD4C02155EF5E . 198144 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netman.dll

[-] 2008-04-15 . 78200FAA6FD9C69394134C238C87FB7F . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-15 . 78200FAA6FD9C69394134C238C87FB7F . 409088 . . [6.7.2600.5512] . . c:\windows\system32\dllcache\qmgr.dll

[-] 2009-02-09 . C9E5AC78D9A00B1DE8CE2AD1BDDE7E42 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . A37311D9D628C1042A2836731787F0F3 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . A37311D9D628C1042A2836731787F0F3 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2008-04-15 . 02396DAB9DD407B06539981F477F3FEC . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll

[-] 2009-02-09 . 02A467E27AF55F7064C5B251E587315F . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . 02A467E27AF55F7064C5B251E587315F . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . 8816E60BF654353E8E0D35ED98875445 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-04-15 . 3E3AE424E27C4CEFE4CAB368C7B570EA . 109056 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe

[-] 2008-04-15 . DD69EC597AB942C39B950D9C3CE1375D . 57856 . . [5.1.2600.5512] . . c:\windows\system32\spoolsv.exe
[-] 2008-04-15 . DD69EC597AB942C39B950D9C3CE1375D . 57856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\spoolsv.exe

[-] 2008-04-15 . 51FD2E13D723857B9CA239AE77150F48 . 510464 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-04-15 . 51FD2E13D723857B9CA239AE77150F48 . 510464 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\winlogon.exe

[-] 2008-04-15 . 0BE00656B7CAEDE754AEE4D7AD13B687 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2008-04-15 . 0BE00656B7CAEDE754AEE4D7AD13B687 . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll

[-] 2008-04-15 . 6B105FE95F2E9F0B6346044BA59D41C9 . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2008-04-15 . 6B105FE95F2E9F0B6346044BA59D41C9 . 62464 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cryptsvc.dll

[-] 2008-07-07 20:29 . 6AFF804839C85859E0247164FBE5F5BB . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:29 . 6AFF804839C85859E0247164FBE5F5BB . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:25 . 5BB3E442E43C7BB0F38203F23C920D3C . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-04-15 12:00 . BE1B1412A3D488C50B8F67F792196108 . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll

[-] 2008-04-15 . 2E9A03268E609917B83921EE16FD9CFB . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2008-04-15 . 2E9A03268E609917B83921EE16FD9CFB . 110080 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\imm32.dll

[-] 2009-03-21 . 77C951B64413E80EEC0359426DCA938B . 1018368 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . 77C951B64413E80EEC0359426DCA938B . 1018368 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . 6CFFFD4A53F08D1BE0222D859BF93B29 . 1020416 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2008-04-15 . FCE4ECC34A36EDACF03DBE8DE5E28910 . 1018368 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll

[-] 2008-04-15 . EA8DF0AF49E2616F55BF327549E44368 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2008-04-15 . EA8DF0AF49E2616F55BF327549E44368 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\linkinfo.dll

[-] 2008-04-15 . A9C89DBAD5EFF7A06B58302778674507 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2008-04-15 . A9C89DBAD5EFF7A06B58302778674507 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lpk.dll

[-] 2009-12-21 . DA0E96B75687D6BD5C09FBAB75FB167D . 5942784 . . [8.00.6001.18876] . . c:\windows\SoftwareDistribution\Download\9c6c2d5f9e9a1f52e0b10af642cc5eed\SP3GDR\mshtml.dll
[-] 2009-12-21 . DA0E96B75687D6BD5C09FBAB75FB167D . 5942784 . . [8.00.6001.18876] . . c:\windows\system32\mshtml.dll
[-] 2009-12-21 . DA0E96B75687D6BD5C09FBAB75FB167D . 5942784 . . [8.00.6001.18876] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2009-12-21 . CDEACDF4F016DA490E1B5C00E3F48BB2 . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[-] 2009-12-21 . CDEACDF4F016DA490E1B5C00E3F48BB2 . 5945856 . . [8.00.6001.22967] . . c:\windows\SoftwareDistribution\Download\9c6c2d5f9e9a1f52e0b10af642cc5eed\SP3QFE\mshtml.dll
[-] 2009-10-29 . D44497CC71B0EF65DF93D7978BD9F30B . 5940736 . . [8.00.6001.18854] . . c:\windows\SoftwareDistribution\Download\fa1805d38a274f551b431421b9b0dcbb\SP3GDR\mshtml.dll
[-] 2009-10-29 . E9A2CA8EAB9056CC5623E7125C962C71 . 5944320 . . [8.00.6001.22945] . . c:\windows\SoftwareDistribution\Download\fa1805d38a274f551b431421b9b0dcbb\SP3QFE\mshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll
[-] 2008-04-15 . EBEF7EDB0DF1B4BF195FDA7CCFB7AC30 . 3066880 . . [6.00.2900.5512] . . c:\windows\ie8\mshtml.dll
[-] 2008-04-15 . EBEF7EDB0DF1B4BF195FDA7CCFB7AC30 . 3066880 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\27b82e23644f12630569102e115b7b06\backup\sp3gdr\mshtml.dll
[-] 2008-04-15 . EBEF7EDB0DF1B4BF195FDA7CCFB7AC30 . 3066880 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\27b82e23644f12630569102e115b7b06\backup\sp3qfe\mshtml.dll

[-] 2008-04-15 . 411864012AC39F2B57319AEF64D336DF . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-04-15 . 411864012AC39F2B57319AEF64D336DF . 343040 . . [7.0.2600.5512] . . c:\windows\system32\dllcache\msvcrt.dll

[-] 2008-06-20 . 300BCC512DE4038F1494230941DB2C2A . 246784 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 300BCC512DE4038F1494230941DB2C2A . 246784 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-06-20 . BF80D884E1C60DED1C7CEA3EC6F9DC28 . 246784 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-04-15 . 612E31FCAC1040EDD78ECAC81C9F859F . 246784 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll

[-] 2008-04-15 . 9858AD0A3FCD83C3B100EDD5852DE540 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2008-04-15 . 9858AD0A3FCD83C3B100EDD5852DE540 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netlogon.dll

[-] 2008-04-15 . 414C17A2958AEDAC700BBAAFBF999F94 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2008-04-15 . 414C17A2958AEDAC700BBAAFBF999F94 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\powrprof.dll

[-] 2008-04-15 . 3F74B6B4E2721272A117D25990141F73 . 186368 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2008-04-15 . 3F74B6B4E2721272A117D25990141F73 . 186368 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\scecli.dll

[-] 2008-04-15 . 71C6AB6EB8CF1190BAC7075F82BD8F05 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2008-04-15 . 71C6AB6EB8CF1190BAC7075F82BD8F05 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfc.dll

[-] 2008-04-15 . 8607D35D92528E2DF386F19A960D23CE . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2008-04-15 . 8607D35D92528E2DF386F19A960D23CE . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\svchost.exe

[-] 2008-04-15 . 2340E6977548038C88E39A9ECBB3FADC . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2008-04-15 . 2340E6977548038C88E39A9ECBB3FADC . 249856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\tapisrv.dll

[-] 2008-04-15 . A435C5C069AFD901751AC323AD238793 . 580096 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2008-04-15 . A435C5C069AFD901751AC323AD238793 . 580096 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll

[-] 2008-04-14 . 2A5B37D520508BE6570A3EA79695F5B5 . 26624 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe

[-] 2009-12-21 . D97D3F71D0469E02C3AF53345C8360A2 . 916480 . . [8.00.6001.18876] . . c:\windows\SoftwareDistribution\Download\9c6c2d5f9e9a1f52e0b10af642cc5eed\SP3GDR\wininet.dll
[-] 2009-12-21 . D97D3F71D0469E02C3AF53345C8360A2 . 916480 . . [8.00.6001.18876] . . c:\windows\system32\wininet.dll
[-] 2009-12-21 . D97D3F71D0469E02C3AF53345C8360A2 . 916480 . . [8.00.6001.18876] . . c:\windows\system32\dllcache\wininet.dll
[-] 2009-12-21 . 3E0868525501AB2E05CBC47DBC20E5CF . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[-] 2009-12-21 . 3E0868525501AB2E05CBC47DBC20E5CF . 916480 . . [8.00.6001.22967] . . c:\windows\SoftwareDistribution\Download\9c6c2d5f9e9a1f52e0b10af642cc5eed\SP3QFE\wininet.dll
[-] 2009-10-29 . C06E248BCBC674A4A950C549A68DEF5B . 916480 . . [8.00.6001.18854] . . c:\windows\SoftwareDistribution\Download\fa1805d38a274f551b431421b9b0dcbb\SP3GDR\wininet.dll
[-] 2009-10-29 . F6549E8910434C5405921F03E78CD4E5 . 916480 . . [8.00.6001.22945] . . c:\windows\SoftwareDistribution\Download\fa1805d38a274f551b431421b9b0dcbb\SP3QFE\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll
[-] 2008-04-15 . 0457F0AFD6EE10445D8CF721FB5FA4EB . 668672 . . [6.00.2900.5512] . . c:\windows\ie8\wininet.dll
[-] 2008-04-15 . 0457F0AFD6EE10445D8CF721FB5FA4EB . 668672 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\27b82e23644f12630569102e115b7b06\backup\sp3gdr\wininet.dll
[-] 2008-04-15 . 0457F0AFD6EE10445D8CF721FB5FA4EB . 668672 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\27b82e23644f12630569102e115b7b06\backup\sp3qfe\wininet.dll

[-] 2008-04-15 . C0AA2AB856680C44739B41E01F5BD4E9 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2008-04-15 . C0AA2AB856680C44739B41E01F5BD4E9 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2_32.dll

[-] 2008-04-15 . C791ED9EAC5E76D9525E157B1D7A599A . 1035264 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-15 . C791ED9EAC5E76D9525E157B1D7A599A . 1035264 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\explorer.exe

[-] 2008-04-15 . 316D0E66074AE4CDE641C50D3A1C5148 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-15 . 316D0E66074AE4CDE641C50D3A1C5148 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll

[-] 2008-04-15 . CC07DA5A1CB214ADDFA50B2FA6935F18 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2008-04-15 . CC07DA5A1CB214ADDFA50B2FA6935F18 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wscntfy.exe

[-] 2008-04-15 . 24ED6935771359A5AEF1FE8BF0C56F39 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2008-04-15 . 24ED6935771359A5AEF1FE8BF0C56F39 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\xmlprov.dll

[-] 2008-04-15 . 35FCCFD093582FA9098762E6F84EE119 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2008-04-15 . 35FCCFD093582FA9098762E6F84EE119 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\eventlog.dll

[-] 2008-04-15 . A9ED600F08A92143253C10EDB5651ECF . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2008-04-15 . A9ED600F08A92143253C10EDB5651ECF . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfcfiles.dll

[-] 2008-04-15 . 1BD41EDA5B869AFC99895C39A8DE36E1 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2008-04-15 . 1BD41EDA5B869AFC99895C39A8DE36E1 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ctfmon.exe

[-] 2008-04-15 . 8AD90ED829B8404D962545ED3EFB1129 . 135680 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll
[-] 2008-04-15 . 8AD90ED829B8404D962545ED3EFB1129 . 135680 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\shsvcs.dll

[-] 2008-04-15 . B472B59EF98469C91651B751D3442CB8 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2008-04-15 . B472B59EF98469C91651B751D3442CB8 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regsvc.dll

[-] 2008-04-15 . DD73C11A5C4D14945846384B90A61A4B . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2008-04-15 . DD73C11A5C4D14945846384B90A61A4B . 193536 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\schedsvc.dll

[-] 2008-04-15 . 2C0B1224AA36B4CA1753302BAA855882 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2008-04-15 . 2C0B1224AA36B4CA1753302BAA855882 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ssdpsrv.dll

[-] 2008-04-15 . 52E0505408EDD4AB5CCC7F83B67B4299 . 296448 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2008-04-15 . 52E0505408EDD4AB5CCC7F83B67B4299 . 296448 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\termsrv.dll

[-] 2008-04-15 . 1561430DA2F2AB81CC0CE71AF95A778D . 172032 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
[-] 2008-04-15 . 1561430DA2F2AB81CC0CE71AF95A778D . 172032 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\appmgmts.dll

[-] 2008-04-15 . 66A42B7DB194E24B973BBCCE840A0F3F . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys

[-] 2008-04-13 21:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys

[-] 2008-04-15 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ip6fw.sys
[-] 2008-04-15 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys

[-] 2008-04-15 12:00 . E43B998C777D43FB8624741B4567BCD9 . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll
[-] 2008-04-15 12:00 . E43B998C777D43FB8624741B4567BCD9 . 927504 . . [4.1.0.61] . . c:\windows\system32\dllcache\mfc40u.dll

[-] 2008-04-15 . 36F3AB18B1BE303DA51DE90A67DE3942 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2008-04-15 . 36F3AB18B1BE303DA51DE90A67DE3942 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\msgsvc.dll

[-] 2008-04-15 12:00 . 3FB5399DBB7001A80D58EDAD64C98225 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2008-04-15 12:00 . 3FB5399DBB7001A80D58EDAD64C98225 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\dllcache\ntmssvc.dll

[-] 2008-04-15 . E96A6BAEE0B2A14A38B45830D6E30697 . 186880 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2008-04-15 . E96A6BAEE0B2A14A38B45830D6E30697 . 186880 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\upnphost.dll
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"ALLUpdate"="c:\program files\ALLPlayer\ALLUpdate.exe" [2009-11-11 870400]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2009-11-20 434176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]
"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-07-12 106496]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"ContentTransferWMDetector.exe"="c:\program files\Sony\Content Transfer\ContentTransferWMDetector.exe" [2009-11-19 583016]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]

c:\documents and settings\All Users\Menu Start\Programy\Autostart\
TV Remote Control.lnk - c:\program files\V-Stream\TV88X\C8XRCtl.exe [2010-1-30 57344]

[HKLM\~\startupfolder\C:^Documents and Settings^glowny^Menu Start^Programy^Autostart^logoff.lnk]
path=c:\documents and settings\glowny\Menu Start\Programy\Autostart\logoff.lnk
backup=c:\windows\pss\logoff.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-02-02 15:10 135664 ----atw- c:\documents and settings\glowny\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-02-20 08:07 1217872 ----a-w- e:\program files\Steam\Steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS11 Preload]
2007-09-12 11:17 340136 ----a-w- e:\program files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2009-12-18 00:30 39424 ----a-w- c:\program files\Winamp\winampa.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Gadu-Gadu 10\\gg.exe"=
"e:\\Games\\XTCS Counter-Strike 1.6 Final Release\\cstrike.exe"=
"e:\\Program Files\\Steam\\Steam.exe"=
"e:\\Program Files\\Steam\\steamapps\\feruspl\\counter-strike\\hl.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Documents and Settings\\glowny\\temp\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Gadu-Gadu\\gg.exe"=
"c:\\Documents and Settings\\All Users\\Dane aplikacji\\NexonEU\\NGM\\NGM.exe"=
"e:\\Program Files\\SEGA\\Vancouver 2010\\Vancouver.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\Opera\\opera.exe"=

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-05-14 107256]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2009-05-14 94360]
R2 CX88XBAR;V-Stream TV88X Crossbar;c:\windows\system32\drivers\cx88xbar.sys [2010-01-30 9600]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2010-01-30 691696]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-06 135664]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2010-02-26 90112]
S3 s916bus;Sony Ericsson Device 916 driver (WDM);c:\windows\system32\drivers\s916bus.sys [2010-02-26 83496]
S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;c:\windows\system32\drivers\s916mdfl.sys [2010-02-26 15016]
S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;c:\windows\system32\drivers\s916mdm.sys [2010-02-26 109992]
S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s916mgmt.sys [2010-02-26 103976]
S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface;c:\windows\system32\drivers\s916obex.sys [2010-02-26 100008]
S3 UNDPX2K;UNDPX2K;\??\c:\windows\system32\drivers\UNDPX2K.SYS --> c:\windows\system32\drivers\UNDPX2K.SYS [?]
.
Zawartość folderu 'Zaplanowane zadania'

2010-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-06 13:41]

2010-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-06 13:41]

2010-03-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-839522115-484061587-1417001333-1003Core.job
- c:\documents and settings\glowny\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2010-02-02 15:10]

2010-03-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-839522115-484061587-1417001333-1003UA.job
- c:\documents and settings\glowny\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2010-02-02 15:10]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.wp.pl/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\glowny\Dane aplikacji\Mozilla\Firefox\Profiles\irfk1ix7.default\
FF - component: c:\program files\Google\Google Gears\Firefox\lib\ff36\gears.dll
FF - plugin: c:\documents and settings\All Users\Dane aplikacji\NexonEU\NGM\npNxGameeu.dll
FF - plugin: c:\documents and settings\glowny\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.2.dll
FF - plugin: c:\documents and settings\glowny\Dane aplikacji\Nowe Gadu-Gadu\_userdata\npgg.1.dll
FF - plugin: c:\documents and settings\glowny\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX - SPOSÓB POSTĘPOWANIA ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - USUNIĘTO PUSTE WPISY - - - -

MSConfigStartUp-Cmaudio - cmicnfg.cpl



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-14 13:33
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
--------------------- Pliki DLL Å‚adowane pod uruchomionymi procesami ---------------------

- - - - - - - > 'winlogon.exe'(548)
c:\windows\system32\Ati2evxx.dll
.
Czas ukończenia: 2010-03-14 13:36:16
ComboFix-quarantined-files.txt 2010-03-14 12:35

Przed: 6 925 017 088 bajtów wolnych
Po: 7 427 346 432 bajtów wolnych

- - End Of File - - F34EFEE2DA0EFBAFC2D2B70D56D43CD0