Ciagle klopoty z komputerem, prosze o sprawdzenie loga

przez **jacek-62** » 07 Gru 2008, 18:19

ComboFix 08-12-06.06 - JACEK 2008-12-07 15:29:14.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1040.18.1714 [GMT 1:00]
Running from: c:\documents and settings\JACEK\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.exe
c:\documents and settings\JACEK\Menu Avvio\Cheap Pharmacy Online.url
c:\documents and settings\JACEK\Menu Avvio\Search Online.url
c:\documents and settings\JACEK\Menu Avvio\VIP Casino.url
c:\documents and settings\JACEK\Preferiti\Cheap Pharmacy Online.url
c:\documents and settings\JACEK\Preferiti\Search Online.url
c:\documents and settings\JACEK\Preferiti\VIP Casino.url
c:\windows\patchw32.dll
c:\windows\pw32a.dll
D:\Autorun.inf
D:\resycled
d:\resycled\boot.com
E:\Autorun.inf
E:\resycled
e:\resycled\boot.com

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ISODRIVE
-------\Service_ISODrive

((((((((((((((((((((((((( Files Created from 2008-11-07 to 2008-12-07 )))))))))))))))))))))))))))))))
.

2008-12-06 14:45 . 2008-12-06 14:45 <DIR> d-------- c:\programmi\Java
2008-12-06 14:45 . 2008-12-06 14:45 73,728 --a------ c:\windows\system32\javacpl.cpl
2008-12-06 14:27 . 2008-12-06 14:45 410,984 --a------ c:\windows\system32\deploytk.dll
2008-12-06 14:05 . 2008-12-07 14:38 4,932,504 --a------ c:\windows\{00000001-00000000-00000009-00001102-00000004-20021102}.CDF
2008-12-06 08:00 . 2007-08-19 03:15 <DIR> d-------- c:\programmi\Electronics Workbench v10.0 (Now The National Instruments Electronics Workbench Group)
2008-12-06 07:49 . 2008-12-06 07:49 <DIR> d-------- c:\programmi\Aimersoft
2008-12-06 07:45 . 2008-12-06 07:45 <DIR> d--h----- c:\windows\PIF
2008-12-06 07:40 . 2008-12-06 07:40 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\NCH Software
2008-12-06 07:39 . 2008-12-06 07:40 <DIR> d-------- c:\programmi\NCH Software
2008-12-06 07:39 . 2008-12-06 07:39 27,136 --a------ c:\windows\system32\drivers\nchssvad.sys
2008-12-06 07:38 . 2008-12-06 07:39 <DIR> d-------- c:\documents and settings\JACEK\Dati applicazioni\NCH Swift Sound
2008-12-06 07:38 . 2008-12-06 07:42 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\NCH Swift Sound
2008-12-06 07:37 . 2008-12-06 07:40 <DIR> d-------- c:\programmi\NCH Swift Sound
2008-12-06 07:32 . 2008-12-06 07:32 <DIR> d-------- c:\programmi\Living Dolphins 3D Screensaver
2008-12-06 07:11 . 2008-12-06 07:11 <DIR> d-------- c:\programmi\ElcomSoft
2008-12-06 05:49 . 2008-12-06 05:49 <DIR> d-------- c:\programmi\Lavalys
2008-12-05 16:54 . 2008-12-06 07:24 <DIR> d-------- c:\programmi\Norton SystemWorks Premier
2008-12-05 07:21 . 2008-12-05 18:58 <DIR> d-------- c:\programmi\Daniusoft
2008-12-05 07:11 . 2008-12-06 05:59 <DIR> d-------- c:\programmi\Internet Download Manager
2008-12-05 07:11 . 2008-12-06 06:00 <DIR> d-------- c:\documents and settings\JACEK\Dati applicazioni\IDM
2008-12-05 07:11 . 2008-12-07 15:34 <DIR> d-------- c:\documents and settings\JACEK\Dati applicazioni\DMCache
2008-12-05 06:04 . 2008-12-05 06:04 <DIR> d-------- c:\documents and settings\NetworkService\Menu Avvio
2008-12-04 00:34 . 2008-12-04 00:34 <DIR> d-------- c:\programmi\Stardock
2008-12-04 00:34 . 2008-12-04 00:34 <DIR> d-------- c:\programmi\File comuni\Stardock
2008-12-03 23:41 . 2007-09-04 17:56 164,352 --a------ c:\windows\system32\unrar.dll
2008-12-03 23:37 . 2004-05-13 15:35 217,127 --a------ c:\windows\system32\drv43260.dll
2008-12-03 23:37 . 2002-12-10 11:24 208,935 --a------ c:\windows\system32\drv33260.dll
2008-12-03 23:37 . 2002-12-10 11:22 176,165 --a------ c:\windows\system32\drv23260.dll
2008-12-03 23:33 . 2008-12-04 00:28 <DIR> d-------- c:\programmi\Advanced Karaoke Player
2008-12-03 23:00 . 2008-12-03 23:03 <DIR> d-------- c:\programmi\Prawo 2006
2008-12-03 15:39 . 2008-12-03 15:39 <DIR> d--h----- c:\documents and settings\JACEK\Dati applicazioni\SMov
2008-12-03 14:29 . 2008-12-03 14:29 682,496 --a------ c:\windows\system32\CDUninst.exe
2008-12-03 14:19 . 2008-12-04 00:48 <DIR> d-------- c:\programmi\Saxo
2008-12-02 22:08 . 2008-12-02 22:08 <DIR> d-------- c:\documents and settings\JACEK\Dati applicazioni\Waves Audio
2008-12-02 22:07 . 2008-12-02 22:07 <DIR> d-------- c:\programmi\File comuni\Digidesign
2008-12-02 22:06 . 2008-12-02 22:07 <DIR> d-------- c:\programmi\Waves
2008-12-02 21:59 . 2008-12-02 21:59 <DIR> d-------- c:\programmi\Leksykonia
2008-12-02 18:20 . 2008-12-03 23:33 <DIR> d-------- C:\Program Files
2008-12-02 18:11 . 2004-08-19 13:00 10,129,408 --a--c--- c:\windows\system32\dllcache\hwxkor.dll
2008-12-02 18:11 . 2004-08-19 13:00 134,339 --a--c--- c:\windows\system32\dllcache\imekr.lex
2008-12-02 18:11 . 2004-08-19 13:00 108,827 --a--c--- c:\windows\system32\dllcache\hanja.lex
2008-12-02 18:11 . 2004-08-19 13:00 59,904 --a--c--- c:\windows\system32\dllcache\imkrinst.exe
2008-12-02 18:11 . 2004-08-19 13:00 44,032 --a--c--- c:\windows\system32\dllcache\imekrmig.exe
2008-12-02 18:11 . 2004-08-19 13:00 36,864 --a--c--- c:\windows\system32\dllcache\hanjadic.dll
2008-12-02 18:09 . 2004-08-19 13:00 471,102 --a--c--- c:\windows\system32\dllcache\imskdic.dll
2008-12-02 18:09 . 2004-08-19 13:00 229,439 --a--c--- c:\windows\system32\dllcache\multibox.dll
2008-12-02 18:09 . 2004-08-19 13:00 143,422 --a--c--- c:\windows\system32\dllcache\softkey.dll
2008-12-02 18:09 . 2004-08-19 13:00 57,398 --a--c--- c:\windows\system32\dllcache\imjpdadm.exe
2008-12-02 18:09 . 2004-08-19 13:00 45,109 --a--c--- c:\windows\system32\dllcache\imjpuex.exe
2008-12-02 18:02 . 2001-08-30 23:07 8,704 --a------ c:\windows\system32\kbdjpn.dll
2008-12-02 18:02 . 2001-08-30 23:07 8,704 --a--c--- c:\windows\system32\dllcache\kbdjpn.dll
2008-12-02 18:02 . 2001-08-30 23:07 8,192 --a------ c:\windows\system32\kbdkor.dll
2008-12-02 18:02 . 2001-08-30 23:07 8,192 --a--c--- c:\windows\system32\dllcache\kbdkor.dll
2008-12-02 18:02 . 2008-04-14 03:12 6,144 --a------ c:\windows\system32\kbd106.dll
2008-12-02 18:02 . 2001-08-17 22:55 6,144 --a------ c:\windows\system32\kbd101c.dll
2008-12-02 18:02 . 2001-08-17 22:55 6,144 --a------ c:\windows\system32\kbd101b.dll
2008-12-02 18:02 . 2008-04-14 03:12 6,144 --a--c--- c:\windows\system32\dllcache\kbd106.dll
2008-12-02 18:02 . 2001-08-17 22:55 6,144 --a--c--- c:\windows\system32\dllcache\kbd101c.dll
2008-12-02 18:02 . 2001-08-17 22:55 6,144 --a--c--- c:\windows\system32\dllcache\kbd101b.dll
2008-12-02 18:02 . 2001-08-17 22:55 5,632 --a------ c:\windows\system32\kbd103.dll
2008-12-02 18:02 . 2001-08-17 22:55 5,632 --a--c--- c:\windows\system32\dllcache\kbd103.dll
2008-12-02 17:21 . 2008-12-05 05:57 <DIR> d-------- c:\programmi\Wopti
2008-12-01 04:02 . 2008-12-01 04:02 <DIR> d-------- c:\programmi\EAGLE-5.3.0
2008-12-01 04:02 . 2008-12-01 04:02 <DIR> d-------- c:\documents and settings\JACEK\Dati applicazioni\CadSoft
2008-12-01 03:12 . 2008-12-01 03:12 0 --a------ c:\windows\nsreg.dat
2008-11-29 21:45 . 2008-04-13 19:45 60,032 --a------ c:\windows\system32\drivers\USBAUDIO.sys
2008-11-29 21:45 . 2008-04-13 19:45 60,032 --a--c--- c:\windows\system32\dllcache\usbaudio.sys
2008-11-29 21:45 . 2008-04-13 19:45 32,128 --a------ c:\windows\system32\drivers\usbccgp.sys
2008-11-29 21:45 . 2008-04-13 19:45 32,128 --a--c--- c:\windows\system32\dllcache\usbccgp.sys
2008-11-29 21:45 . 2008-04-14 03:13 21,504 --a------ c:\windows\system32\hidserv.dll
2008-11-29 21:45 . 2008-04-14 03:13 21,504 --a--c--- c:\windows\system32\dllcache\hidserv.dll
2008-11-29 21:45 . 2008-04-13 19:45 10,368 --a------ c:\windows\system32\drivers\hidusb.sys
2008-11-29 21:45 . 2008-04-13 19:45 10,368 --a--c--- c:\windows\system32\dllcache\hidusb.sys
2008-11-29 00:56 . 2008-11-29 00:57 <DIR> d-------- c:\programmi\Sophos
2008-11-29 00:56 . 2008-11-29 00:56 <DIR> d-------- c:\programmi\File comuni\Cisco Systems
2008-11-29 00:56 . 2008-11-29 00:56 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Sophos
2008-11-29 00:56 . 2006-05-08 12:00 15,872 --a------ c:\windows\system32\SophosBootTasks.exe
2008-11-29 00:55 . 2008-11-29 00:55 <DIR> d-------- C:\savxpsa
2008-11-29 00:55 . 2006-01-05 17:43 80,128 --a------ c:\windows\system32\drivers\savonaccesscontrol.sys
2008-11-29 00:55 . 2006-01-05 17:43 24,064 --a------ c:\windows\system32\drivers\savonaccessfilter.sys
2008-11-28 22:25 . 2008-11-28 22:37 <DIR> d-------- c:\programmi\a-squared Free
2008-11-27 19:41 . 2008-11-27 19:41 <DIR> d-------- c:\documents and settings\JACEK\Dati applicazioni\Lavasoft
2008-11-27 19:40 . 2008-11-27 19:40 <DIR> d-------- c:\programmi\Lavasoft
2008-11-27 18:18 . 2008-11-27 18:18 <DIR> d-------- c:\documents and settings\JACEK\DoctorWeb
2008-11-26 17:18 . 2008-11-26 17:18 <DIR> d-------- c:\programmi\Smart Projects
2008-11-26 07:24 . 2008-11-26 07:24 34,494 --a------ c:\windows\system32\m2.ico
2008-11-26 07:04 . 2008-11-26 07:04 27,904 --a------ c:\windows\system32\drivers\ndisprot.sys
2008-11-25 16:26 . 2008-11-25 16:26 <DIR> d-------- c:\windows\NU_DATA
2008-11-25 15:03 . 2008-11-25 15:03 <DIR> d-------- c:\documents and settings\Wakacje
2008-11-25 15:02 . 2008-11-25 15:02 <DIR> d-------- C:\New Folder
2008-11-24 20:21 . 2008-11-26 17:13 <DIR> d-------- c:\programmi\RootKit Hook Analyzer
2008-11-24 20:21 . 2007-07-07 00:39 19,248 --a------ c:\windows\system32\drivers\rspsc32.sys
2008-11-24 06:17 . 2008-11-24 06:17 <DIR> d-------- C:\!KillBox
2008-11-24 06:10 . 2008-11-24 06:10 250 --a------ c:\windows\gmer.ini
2008-11-22 17:31 . 2008-11-22 17:31 <DIR> d-------- c:\programmi\Microsoft CAPICOM 2.1.0.2
2008-11-22 15:03 . 2008-11-22 15:03 <DIR> d-------- c:\documents and settings\JACEK\Dati applicazioni\Symantec
2008-11-22 14:55 . 2008-07-30 17:42 23,888 --a------ c:\windows\system32\drivers\COH_Mon.sys
2008-11-22 14:55 . 2008-07-30 17:28 10,537 --a------ c:\windows\system32\drivers\COH_Mon.cat
2008-11-22 14:55 . 2008-07-30 17:28 706 --a------ c:\windows\system32\drivers\COH_Mon.inf
2008-11-22 13:46 . 2008-11-22 13:46 <DIR> d-------- c:\programmi\CheckIt
2008-11-22 02:58 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll
2008-11-22 02:58 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2008-11-19 21:49 . 2008-11-10 16:00 <DIR> d--h----- c:\documents and settings\Administrator\Risorse di stampa
2008-11-19 21:49 . 2008-11-10 16:00 <DIR> d--h----- c:\documents and settings\Administrator\Risorse di rete
2008-11-19 21:49 . 2008-11-10 16:00 <DIR> d-------- c:\documents and settings\Administrator\Preferiti
2008-11-19 21:49 . 2008-11-10 15:10 <DIR> d--h----- c:\documents and settings\Administrator\Modelli
2008-11-19 21:49 . 2008-11-10 16:00 <DIR> dr------- c:\documents and settings\Administrator\Menu Avvio
2008-11-19 21:49 . 2008-11-10 16:00 <DIR> d--h----- c:\documents and settings\Administrator\Impostazioni locali
2008-11-19 21:49 . 2008-11-10 16:00 <DIR> d-------- c:\documents and settings\Administrator\Documenti
2008-11-19 21:49 . 2008-11-10 16:00 <DIR> dr-h----- c:\documents and settings\Administrator\Dati applicazioni
2008-11-19 21:49 . 2008-11-19 21:49 <DIR> d-------- c:\documents and settings\Administrator
2008-11-17 12:19 . 2008-11-17 12:19 412 --a------ c:\windows\ODBC.INI
2008-11-17 12:18 . 2007-04-09 13:23 28,040 --a------ c:\windows\system32\mdimon.dll
2008-11-17 12:10 . 2008-11-17 12:16 <DIR> d-------- c:\windows\SHELLNEW
2008-11-17 12:09 . 2008-11-17 12:09 <DIR> d-------- c:\programmi\Microsoft.NET
2008-11-17 01:54 . 2008-11-17 01:54 <DIR> d-------- c:\programmi\UseNeXT
2008-11-17 01:54 . 2008-11-28 06:06 <DIR> d-------- c:\documents and settings\JACEK\Dati applicazioni\UseNeXT
2008-11-17 01:36 . 2008-12-05 06:35 <DIR> d-------- c:\programmi\Ashampoo
2008-11-17 01:36 . 2008-12-05 06:35 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Ashampoo
2008-11-16 22:52 . 2008-11-16 22:52 <DIR> d-------- c:\documents and settings\JACEK\Dati applicazioni\AltrixSoft
2008-11-16 22:50 . 2008-11-16 22:50 <DIR> d-------- c:\programmi\Hard Drive Inspector
2008-11-15 21:56 . 2008-11-15 21:56 <DIR> d-------- c:\documents and settings\LocalService\Menu Avvio
2008-11-15 11:45 . 2008-11-15 11:46 <DIR> d-------- c:\programmi\Your Uninstaller 2008
2008-11-15 11:45 . 2008-11-15 11:45 <DIR> d-------- c:\documents and settings\JACEK\Dati applicazioni\URSoft
2008-11-15 11:37 . 2008-11-15 11:37 <DIR> d-------- c:\programmi\Driver-Soft

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-10 14:14 --------- d-----w c:\programmi\microsoft frontpage
2008-11-10 14:13 --------- d-----w c:\programmi\Servizi in linea
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Creative MediaSource Go"="c:\programmi\Creative\MediaSource\GO\CTCMSGo.exe" [2003-08-12 131072]
"RemoteCenter"="c:\programmi\Creative\MediaSource\RemoteControl\RCMan.EXE" [2003-10-08 139264]
"Creative WebCam Tray"="c:\programmi\Creative\Shared Files\CamTray.exe" [2004-11-18 258048]
"DAEMON Tools Lite"="c:\programmi\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"Creative Detector"="c:\programmi\Creative\MediaSource\Detector\CTDetect.exe" [2003-10-02 98304]
"IDMan"="c:\programmi\Internet Download Manager\IDMan.exe" [2008-12-06 2606512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-11-24 344064]
"ATICCC"="c:\programmi\ATI Technologies\ATI.ACE\cli.exe" [2004-11-25 32768]
"CTSysVol"="c:\programmi\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"CTDVDDET"="c:\programmi\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE" [2003-06-18 45056]
"SBDrvDet"="c:\programmi\Creative\SB Drive Det\SBDrvDet.exe" [2002-12-03 45056]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"ccApp"="c:\programmi\File comuni\Symantec Shared\ccApp.exe" [2006-10-27 107112]
"osCheck"="c:\programmi\Norton AntiVirus\osCheck.exe" [2006-09-05 26248]
"Symantec PIF AlertEng"="c:\programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"Google Desktop Search"="c:\programmi\Google\Google Desktop Search\GoogleDesktop.exe" [2008-11-12 30192]
"DefragTaskBar"="c:\programmi\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe" [2008-10-09 173408]
"NSRKey"="c:\progra~1\NORTON~3\NSR\Agent\NSRTray.exe" [2007-03-26 1582696]
"Norton Save and Restore"="c:\progra~1\NORTON~3\NSR\Agent\NSRTray.exe" [2007-03-26 1582696]
"NSWosCheck"="c:\programmi\Norton SystemWorks Premier\osCheck.exe" [2007-12-03 25472]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2008-12-06 136600]
"CTHelper"="CTHELPER.EXE" [2003-10-06 c:\windows\system32\CTHELPER.EXE]
"VF0060 STISvc"="V0060Pin.dll" [2004-11-01 c:\windows\system32\V0060Pin.dll]
"SoundMan"="SOUNDMAN.EXE" [2004-07-01 c:\windows\SOUNDMAN.EXE]
"AlcWzrd"="ALCWZRD.EXE" [2004-07-05 c:\windows\ALCWZRD.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"ATICCC"="c:\programmi\ATI Technologies\ATI.ACE\cli.exe" [2004-11-25 32768]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
ATI CATALYST System Tray.lnk - c:\programmi\ATI Technologies\ATI.ACE\CLI.exe [2004-11-25 32768]
Pinnacle Scheduler.lnk - c:\programmi\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe [2008-11-10 245760]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"= 0 (0x0)
"NoFavoritesMenu"= 1 (0x1)
"NoStartMenuSubFolders"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.PIM1"= PCLEPIM1.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService]
@="service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Saxo"=c:\programmi\Saxo\Saxo.exe regstart

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ISTray"="c:\programmi\Spyware Doctor\pctsTray.exe"
"HDInspector.exe"=c:\programmi\Hard Drive Inspector\HDInspector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SophosAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\Azureus\\Azureus.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=

R0 iteraid;ITERAID_Service_Install;c:\windows\system32\DRIVERS\iteraid.sys [2008-11-10 24971]
R1 SAVOnAccess Control;SAVOnAccess Control;c:\windows\system32\DRIVERS\savonaccesscontrol.sys [2008-11-29 80128]
R1 SAVOnAccess Filter;SAVOnAccess Filter;c:\windows\system32\DRIVERS\savonaccessfilter.sys [2008-11-29 24064]
R2 BCMNTIO;BCMNTIO;\??\c:\progra~1\CheckIt\DIAGNO~1\BCMNTIO.sys [2008-11-22 3744]
R2 Harmonogram automatycznej uslugi LiveUpdate;Harmonogram automatycznej uslugi LiveUpdate;"c:\programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe" [2008-11-11 198336]
R2 MAPMEM;MAPMEM;\??\c:\progra~1\CheckIt\DIAGNO~1\MAPMEM.sys [2008-11-22 3904]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0;c:\programmi\File comuni\Nero\Nero BackItUp 4\NBService.exe [2008-09-29 935208]
R2 Norton Save and Restore;Norton Save and Restore;c:\progra~1\NORTON~3\NSR\Agent\VProSvc.exe [2006-11-03 2111080]
R2 NProtectService;Norton UnErase Protection;c:\progra~1\NORTON~3\NORTON~1\NPROTECT.EXE [2005-11-04 95832]
R2 PfDetNT;PfDetNT;\??\c:\windows\system32\drivers\PfModNT.sys [2008-11-10 15840]
R2 SAVAdminService;Crea report sullo stato di Sophos Anti-Virus;"c:\programmi\Sophos\Sophos Anti-Virus\SAVAdminService.exe" [2006-05-08 57344]
R2 SAVService;Sophos Anti-Virus;"c:\programmi\Sophos\Sophos Anti-Virus\SavService.exe" [2006-05-08 86016]
R3 3xHybrid;Pinnacle PCTV Stereo service;c:\windows\system32\DRIVERS\3xHybrid.sys [2008-11-10 698368]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;\??\c:\programmi\File comuni\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-12-02 99376]
R3 pctvvbi;PCTVVBI;c:\windows\system32\DRIVERS\pctvvbi.sys [2008-11-10 6400]
R3 V0060VID;Creative WebCam Live! Ultra;c:\windows\system32\DRIVERS\V0060Vid.sys [2008-11-11 196409]
S3 ASUSHWIO;ASUSHWIO;\??\c:\windows\system32\drivers\ASUSHWIO.sys []
S3 BS_DEF;BS_DEF;\??\c:\windows\system32\drivers\BS_DEF.sys []
S3 GoogleDesktopManager-092308-165331;Menedzer Google Desktop 5.8.809.23506;"c:\programmi\Google\Google Desktop Search\GoogleDesktop.exe" [2008-11-12 30192]
S3 Ndisprot;ArcNet NDIS Protocol Driver;\??\c:\windows\system32\drivers\Ndisprot.sys [2008-11-26 27904]
S3 sdAuxService;PC Tools Auxiliary Service;c:\programmi\Spyware Doctor\pctsAuxs.exe [2008-11-12 356920]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2008-12-07 c:\windows\Tasks\1-Click Maintenance.job
- c:\programmi\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:09]

2008-12-03 c:\windows\Tasks\Norton Security Scan for JACEK.job
- c:\programmi\Norton Security Scan\Nss.exe [2008-09-19 04:18]

2008-12-05 c:\windows\Tasks\Norton SystemWorks One Button Checkup.job
- c:\programmi\Norton SystemWorks Premier\OBC.exe [2007-12-03 01:41]

2008-12-07 c:\windows\Tasks\RegCure Program Check.job
- c:\programmi\RegCure\RegCure.exe [2008-11-11 15:31]

2008-11-13 c:\windows\Tasks\RegCure.job
- c:\programmi\RegCure\RegCure.exe [2008-11-11 15:31]
.
- - - - ORPHANS REMOVED - - - -

BHO-{0848225A-8181-42FC-8C68-F0A543B12967} - (no file)

.
------- Supplementary Scan -------
.
uStart Page = hxxp://wp.pl/
IE: Download all links with IDM - c:\programmi\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\programmi\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\programmi\Internet Download Manager\IEExt.htm
IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FireFox -: Profile - c:\documents and settings\JACEK\Dati applicazioni\Mozilla\Firefox\Profiles\0zsz0gw6.default\
FF -: plugin - c:\programmi\Adobe\Acrobat 5.0\Reader\browser\nppdf32.dll
FF -: plugin - c:\programmi\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll
FF -: plugin - c:\programmi\Java\jre6\bin\new_plugin\npdeploytk.dll
FF -: plugin - c:\programmi\Java\jre6\bin\new_plugin\npjp2.dll
FF -: plugin - c:\programmi\Mozilla Firefox\plugins\npdeploytk.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-07 15:37:19
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(812)
c:\windows\system32\Ati2evxx.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\programmi\File comuni\Symantec Shared\ccSvcHst.exe
c:\programmi\File comuni\Symantec Shared\AppCore\AppSvc32.exe
c:\programmi\a-squared Free\a2service.exe
c:\programmi\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
c:\windows\system32\CTSVCCDA.EXE
c:\programmi\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
c:\windows\system32\HDDSvc.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\Sophos\AutoUpdate\ALsvc.exe
c:\progra~1\NORTON~3\NORTON~1\SPEEDD~1\NOPDB.exe
c:\windows\system32\MsPMSPSv.exe
c:\windows\system32\rundll32.exe
c:\progra~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
c:\programmi\Internet Download Manager\IEMonitor.exe
c:\programmi\Symantec\LiveUpdate\AUPDATE.EXE
c:\programmi\Symantec\LiveUpdate\LuCallbackProxy.exe
c:\programmi\Symantec\LiveUpdate\LuCallbackProxy.exe
c:\programmi\Symantec\LiveUpdate\LuCallbackProxy.exe
.
**************************************************************************
.
Completion time: 2008-12-07 15:44:28 - machine was rebooted [JACEK]
ComboFix-quarantined-files.txt 2008-12-07 14:44:22
ComboFix2.txt 2008-11-24 05:49:25
ComboFix3.txt 2008-11-19 22:05:50

Pre-Run: 34,196,561,920 byte disponibili
Post-Run: 33,827,536,896 byte disponibili

328 --- E O F --- 2008-11-23 05:35:27
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15.47.53, on 07/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
C:\Programmi\File comuni\Symantec Shared\AppCore\AppSvc32.exe
C:\Programmi\a-squared Free\a2service.exe
C:\Programmi\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Programmi\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
C:\WINDOWS\system32\HDDSvc.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\File comuni\Nero\Nero BackItUp 4\NBService.exe
C:\PROGRA~1\NORTON~3\NSR\Agent\VProSvc.exe
C:\PROGRA~1\NORTON~3\NORTON~1\NPROTECT.EXE
c:\Programmi\Sophos\Sophos Anti-Virus\SAVAdminService.exe
c:\Programmi\Sophos\AutoUpdate\ALsvc.exe
C:\PROGRA~1\NORTON~3\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
C:\Programmi\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Programmi\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Programmi\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
C:\PROGRA~1\NORTON~3\NSR\Agent\NSRTray.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Creative\MediaSource\GO\CTCMSGo.exe
C:\Programmi\Creative\MediaSource\RemoteControl\RCMan.EXE
C:\Programmi\DAEMON Tools Lite\daemon.exe
C:\Programmi\Creative\MediaSource\Detector\CTDetect.exe
C:\Programmi\Internet Download Manager\IDMan.exe
C:\Programmi\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Programmi\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\explorer.exe
C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
N:\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://wp.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Programmi\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Programmi\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [CTSysVol] C:\Programmi\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTDVDDET] C:\Programmi\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SBDrvDet] C:\Programmi\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [VF0060 STISvc] RunDLL32.exe V0060Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Programmi\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [DefragTaskBar] "C:\Programmi\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe"
O4 - HKLM\..\Run: [NSRKey] C:\PROGRA~1\NORTON~3\NSR\Agent\NSRTray.exe
O4 - HKLM\..\Run: [Norton Save and Restore] "C:\PROGRA~1\NORTON~3\NSR\Agent\NSRTray.exe"
O4 - HKLM\..\Run: [NSWosCheck] C:\Programmi\Norton SystemWorks Premier\osCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative MediaSource Go] C:\Programmi\Creative\MediaSource\GO\CTCMSGo.exe /SCB
O4 - HKCU\..\Run: [RemoteCenter] C:\Programmi\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Programmi\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programmi\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Creative Detector] C:\Programmi\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [IDMan] C:\Programmi\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [ATICCC] "C:\Programmi\ATI Technologies\ATI.ACE\cli.exe" runtime (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Programmi\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Pinnacle Scheduler.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download all links with IDM - C:\Programmi\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Programmi\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Programmi\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Programmi\Norton SystemWorks Premier\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Programmi\Norton SystemWorks Premier\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7254408359
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Programmi\a-squared Free\a2service.exe
O23 - Service: Ashampoo Defrag Service (AshampooDefragService) - - C:\Programmi\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Menedzer Google Desktop 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Harmonogram automatycznej uslugi LiveUpdate - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: HDD Information Service (HDDSvc) - AltrixSoft (http://www.altrixsoft.com/) - C:\WINDOWS\system32\HDDSvc.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Programmi\Norton AntiVirus\isPwdSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Programmi\File comuni\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Norton Save and Restore - Symantec Corporation - C:\PROGRA~1\NORTON~3\NSR\Agent\VProSvc.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~3\NORTON~1\NPROTECT.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Crea report sullo stato di Sophos Anti-Virus (SAVAdminService) - Sophos Plc - c:\Programmi\Sophos\Sophos Anti-Virus\SAVAdminService.exe
O23 - Service: Sophos Anti-Virus (SAVService) - Sophos Plc - c:\Programmi\Sophos\Sophos Anti-Virus\SavService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Programmi\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Programmi\Spyware Doctor\pctsSvc.exe
O23 - Service: Sophos AutoUpdate Service - Sophos Plc - c:\Programmi\Sophos\AutoUpdate\ALsvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~3\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Unknown owner - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 12456 bytes

przez **huber2t** » 07 Gru 2008, 19:08

Pobierz ComboFix, ale nie uruchamiaj
Wklej do notatnika:

Kod: Zaznacz wszystko: Driver:: ASUSHWIO BS_DEF

Plik

zapisz jako

CFScript.txt.
Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe tak jak tu->

Rozpocznie się usuwanie i powstanie log, który dasz na forum.

Logi dajesz na http://www.wklej.eu a w poście dajesz tylko link

przez **jacek-62** » 10 Gru 2008, 01:03

Musialem podzielic swoje logo na 2 czesci, jest za dlugie i nie chce przejsc:

ComboFix 08-12-07.01 - JACEK 2008-12-08 15.19.25.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1040.18.1845 [GMT 1:00]
Eseguito da: c:\documents and settings\JACEK\Desktop\ComboFix.exe
Interruttori di comando utilizzati :: c:\documents and settings\JACEK\Desktop\CFScript.txt
* Creato nuovo punto di ripristino
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ASUSHWIO
-------\Legacy_BS_DEF
-------\Service_ASUSHWIO
-------\Service_BS_DEF

((((((((((((((((((((((((( Files Creati Da 2008-11-08 al 2008-12-08 )))))))))))))))))))))))))))))))))))
.

2008-12-08 15:11 . 2008-12-08 15:11 <DIR> d-------- c:\programmi\MSBuild
2008-12-08 15:09 . 2008-12-08 15:13 <DIR> d-------- c:\windows\system32\XPSViewer
2008-12-08 15:09 . 2008-12-08 15:09 <DIR> d-------- c:\programmi\Reference Assemblies
2008-12-08 15:08 . 2008-12-08 15:08 <DIR> d-------- c:\windows\LastGood.Tmp
2008-12-08 15:08 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll
2008-12-08 14:43 . 2008-12-08 14:43 <DIR> d-------- c:\documents and settings\JACEK\Dati applicazioni\Media Player Classic
2008-12-07 19:24 . 2008-12-07 19:24 23,392 --a------ c:\windows\system32\nscompat.tlb
2008-12-07 19:24 . 2008-12-07 19:24 16,832 --a------ c:\windows\system32\amcompat.tlb
2008-12-07 19:23 . 2008-04-14 03:13 221,184 --a------ c:\windows\system32\wmpns.dll
2008-12-07 16:17 . 2008-12-07 16:17 <DIR> d-------- C:\VundoFix Backups
2008-12-06 14:45 . 2008-12-06 14:45 <DIR> d-------- c:\programmi\Java
2008-12-06 14:45 . 2008-12-06 14:45 73,728 --a------ c:\windows\system32\javacpl.cpl
2008-12-06 14:27 . 2008-12-06 14:45 410,984 --a------ c:\windows\system32\deploytk.dll
2008-12-06 14:05 . 2008-12-08 14:01 4,932,148 --a------ c:\windows\{00000001-00000000-00000009-00001102-00000004-20021102}.CDF
2008-12-06 08:00 . 2007-08-19 03:15 <DIR> d-------- c:\programmi\Electronics Workbench v10.0 (Now The National Instruments Electronics Workbench Group)
2008-12-06 07:49 . 2008-12-06 07:49 <DIR> d-------- c:\programmi\Aimersoft
2008-12-06 07:45 . 2008-12-06 07:45 <DIR> d--h----- c:\windows\PIF
2008-12-06 07:40 . 2008-12-06 07:40 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\NCH Software
2008-12-06 07:39 . 2008-12-06 07:40 <DIR> d-------- c:\programmi\NCH Software
2008-12-06 07:39 . 2008-12-06 07:39 27,136 --a------ c:\windows\system32\drivers\nchssvad.sys
2008-12-06 07:38 . 2008-12-06 07:39 <DIR> d-------- c:\documents and settings\JACEK\Dati applicazioni\NCH Swift Sound
2008-12-06 07:38 . 2008-12-06 07:42 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\NCH Swift Sound
2008-12-06 07:37 . 2008-12-06 07:40 <DIR> d-------- c:\programmi\NCH Swift Sound
2008-12-06 07:32 . 2008-12-06 07:32 <DIR> d-------- c:\programmi\Living Dolphins 3D Screensaver
2008-12-06 07:11 . 2008-12-06 07:11 <DIR> d-------- c:\programmi\ElcomSoft
2008-12-06 05:49 . 2008-12-06 05:49 <DIR> d-------- c:\programmi\Lavalys
2008-12-05 16:54 . 2008-12-06 07:24 <DIR> d-------- c:\programmi\Norton SystemWorks Premier
2008-12-05 07:21 . 2008-12-05 18:58 <DIR> d-------- c:\programmi\Daniusoft
2008-12-05 07:11 . 2008-12-08 15:05 <DIR> d-------- c:\programmi\Internet Download Manager
2008-12-05 07:11 . 2008-12-06 06:00 <DIR> d-------- c:\documents and settings\JACEK\Dati applicazioni\IDM
2008-12-05 07:11 . 2008-12-08 15:21 <DIR> d-------- c:\documents and settings\JACEK\Dati applicazioni\DMCache
2008-12-05 06:04 . 2008-12-05 06:04 <DIR> d-------- c:\documents and settings\NetworkService\Menu Avvio
2008-12-04 00:34 . 2008-12-04 00:34 <DIR> d-------- c:\programmi\Stardock
2008-12-04 00:34 . 2008-12-04 00:34 <DIR> d-------- c:\programmi\File comuni\Stardock
2008-12-03 23:37 . 2004-05-13 15:35 217,127 --a------ c:\windows\system32\drv43260.dll
2008-12-03 23:37 . 2002-12-10 11:24 208,935 --a------ c:\windows\system32\drv33260.dll
2008-12-03 23:37 . 2002-12-10 11:22 176,165 --a------ c:\windows\system32\drv23260.dll
2008-12-03 23:33 . 2008-12-04 00:28 <DIR> d-------- c:\programmi\Advanced Karaoke Player
2008-12-03 23:00 . 2008-12-03 23:03 <DIR> d-------- c:\programmi\Prawo 2006
2008-12-03 15:39 . 2008-12-03 15:39 <DIR> d--h----- c:\documents and settings\JACEK\Dati applicazioni\SMov
2008-12-03 14:29 . 2008-12-03 14:29 682,496 --a------ c:\windows\system32\CDUninst.exe
2008-12-03 14:19 . 2008-12-04 00:48 <DIR> d-------- c:\programmi\Saxo
2008-12-02 22:08 . 2008-12-02 22:08 <DIR> d-------- c:\documents and settings\JACEK\Dati applicazioni\Waves Audio
2008-12-02 22:07 . 2008-12-02 22:07 <DIR> d-------- c:\programmi\File comuni\Digidesign
2008-12-02 22:06 . 2008-12-02 22:07 <DIR> d-------- c:\programmi\Waves
2008-12-02 21:59 . 2008-12-02 21:59 <DIR> d-------- c:\programmi\Leksykonia
2008-12-02 18:20 . 2008-12-03 23:33 <DIR> d-------- C:\Program Files
2008-12-02 18:11 . 2004-08-19 13:00 10,129,408 --a--c--- c:\windows\system32\dllcache\hwxkor.dll
2008-12-02 18:11 . 2004-08-19 13:00 134,339 --a--c--- c:\windows\system32\dllcache\imekr.lex
2008-12-02 18:11 . 2004-08-19 13:00 108,827 --a--c--- c:\windows\system32\dllcache\hanja.lex
2008-12-02 18:11 . 2004-08-19 13:00 59,904 --a--c--- c:\windows\system32\dllcache\imkrinst.exe
2008-12-02 18:11 . 2004-08-19 13:00 44,032 --a--c--- c:\windows\system32\dllcache\imekrmig.exe
2008-12-02 18:11 . 2004-08-19 13:00 36,864 --a--c--- c:\windows\system32\dllcache\hanjadic.dll
2008-12-02 18:09 . 2004-08-19 13:00 471,102 --a--c--- c:\windows\system32\dllcache\imskdic.dll
2008-12-02 18:09 . 2004-08-19 13:00 229,439 --a--c--- c:\windows\system32\dllcache\multibox.dll
2008-12-02 18:09 . 2004-08-19 13:00 143,422 --a--c--- c:\windows\system32\dllcache\softkey.dll
2008-12-02 18:09 . 2004-08-19 13:00 57,398 --a--c--- c:\windows\system32\dllcache\imjpdadm.exe
2008-12-02 18:09 . 2004-08-19 13:00 45,109 --a--c--- c:\windows\system32\dllcache\imjpuex.exe
2008-12-02 18:02 . 2001-08-30 23:07 8,704 --a------ c:\windows\system32\kbdjpn.dll
2008-12-02 18:02 . 2001-08-30 23:07 8,704 --a--c--- c:\windows\system32\dllcache\kbdjpn.dll
2008-12-02 18:02 . 2001-08-30 23:07 8,192 --a------ c:\windows\system32\kbdkor.dll
2008-12-02 18:02 . 2001-08-30 23:07 8,192 --a--c--- c:\windows\system32\dllcache\kbdkor.dll
2008-12-02 18:02 . 2008-04-14 03:12 6,144 --a------ c:\windows\system32\kbd106.dll
2008-12-02 18:02 . 2001-08-17 22:55 6,144 --a------ c:\windows\system32\kbd101c.dll
2008-12-02 18:02 . 2001-08-17 22:55 6,144 --a------ c:\windows\system32\kbd101b.dll
2008-12-02 18:02 . 2008-04-14 03:12 6,144 --a--c--- c:\windows\system32\dllcache\kbd106.dll
2008-12-02 18:02 . 2001-08-17 22:55 6,144 --a--c--- c:\windows\system32\dllcache\kbd101c.dll
2008-12-02 18:02 . 2001-08-17 22:55 6,144 --a--c--- c:\windows\system32\dllcache\kbd101b.dll
2008-12-02 18:02 . 2001-08-17 22:55 5,632 --a------ c:\windows\system32\kbd103.dll
2008-12-02 18:02 . 2001-08-17 22:55 5,632 --a--c--- c:\windows\system32\dllcache\kbd103.dll
2008-12-02 17:21 . 2008-12-08 15:05 <DIR> d-------- c:\programmi\Wopti
2008-12-01 04:02 . 2008-12-01 04:02 <DIR> d-------- c:\programmi\EAGLE-5.3.0
2008-12-01 04:02 . 2008-12-01 04:02 <DIR> d-------- c:\documents and settings\JACEK\Dati applicazioni\CadSoft
2008-12-01 03:12 . 2008-12-01 03:12 0 --a------ c:\windows\nsreg.dat
2008-11-29 21:45 . 2008-04-13 19:45 60,032 --a------ c:\windows\system32\drivers\USBAUDIO.sys
2008-11-29 21:45 . 2008-04-13 19:45 60,032 --a--c--- c:\windows\system32\dllcache\usbaudio.sys
2008-11-29 21:45 . 2008-04-13 19:45 32,128 --a------ c:\windows\system32\drivers\usbccgp.sys
2008-11-29 21:45 . 2008-04-13 19:45 32,128 --a--c--- c:\windows\system32\dllcache\usbccgp.sys
2008-11-29 21:45 . 2008-04-14 03:13 21,504 --a------ c:\windows\system32\hidserv.dll
2008-11-29 21:45 . 2008-04-14 03:13 21,504 --a--c--- c:\windows\system32\dllcache\hidserv.dll
2008-11-29 21:45 . 2008-04-13 19:45 10,368 --a------ c:\windows\system32\drivers\hidusb.sys
2008-11-29 21:45 . 2008-04-13 19:45 10,368 --a--c--- c:\windows\system32\dllcache\hidusb.sys
2008-11-29 00:56 . 2008-11-29 00:57 <DIR> d-------- c:\programmi\Sophos
2008-11-29 00:56 . 2008-11-29 00:56 <DIR> d-------- c:\programmi\File comuni\Cisco Systems
2008-11-29 00:56 . 2008-11-29 00:56 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Sophos
2008-11-29 00:56 . 2006-05-08 12:00 15,872 --a------ c:\windows\system32\SophosBootTasks.exe
2008-11-29 00:55 . 2008-11-29 00:55 <DIR> d-------- C:\savxpsa
2008-11-29 00:55 . 2006-01-05 17:43 80,128 --a------ c:\windows\system32\drivers\savonaccesscontrol.sys
2008-11-29 00:55 . 2006-01-05 17:43 24,064 --a------ c:\windows\system32\drivers\savonaccessfilter.sys
2008-11-28 22:25 . 2008-11-28 22:37 <DIR> d-------- c:\programmi\a-squared Free
2008-11-27 19:41 . 2008-11-27 19:41 <DIR> d-------- c:\documents and settings\JACEK\Dati applicazioni\Lavasoft
2008-11-27 19:40 . 2008-11-27 19:40 <DIR> d-------- c:\programmi\Lavasoft
2008-11-27 18:18 . 2008-11-27 18:18 <DIR> d-------- c:\documents and settings\JACEK\DoctorWeb
2008-11-26 17:18 . 2008-11-26 17:18 <DIR> d-------- c:\programmi\Smart Projects
2008-11-26 07:24 . 2008-11-26 07:24 34,494 --a------ c:\windows\system32\m2.ico
2008-11-26 07:04 . 2008-11-26 07:04 27,904 --a------ c:\windows\system32\drivers\ndisprot.sys
2008-11-25 16:26 . 2008-11-25 16:26 <DIR> d-------- c:\windows\NU_DATA
2008-11-25 15:03 . 2008-11-25 15:03 <DIR> d-------- c:\documents and settings\Wakacje
2008-11-25 15:02 . 2008-11-25 15:02 <DIR> d-------- C:\New Folder
2008-11-24 20:21 . 2008-11-26 17:13 <DIR> d-------- c:\programmi\RootKit Hook Analyzer
2008-11-24 20:21 . 2007-07-07 00:39 19,248 --a------ c:\windows\system32\drivers\rspsc32.sys
2008-11-24 06:17 . 2008-11-24 06:17 <DIR> d-------- C:\!KillBox
2008-11-24 06:10 . 2008-11-24 06:10 250 --a------ c:\windows\gmer.ini
2008-11-22 17:31 . 2008-11-22 17:31 <DIR> d-------- c:\programmi\Microsoft CAPICOM 2.1.0.2
2008-11-22 15:03 . 2008-11-22 15:03 <DIR> d-------- c:\documents and settings\JACEK\Dati applicazioni\Symantec
2008-11-22 14:55 . 2008-07-30 17:42 23,888 --a------ c:\windows\system32\drivers\COH_Mon.sys
2008-11-22 14:55 . 2008-07-30 17:28 10,537 --a------ c:\windows\system32\drivers\COH_Mon.cat
2008-11-22 14:55 . 2008-07-30 17:28 706 --a------ c:\windows\system32\drivers\COH_Mon.inf
2008-11-22 13:46 . 2008-11-22 13:46 <DIR> d-------- c:\programmi\CheckIt
2008-11-22 02:58 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll
2008-11-22 02:58 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2008-11-19 21:49 . 2008-11-10 16:00 <DIR> d--h----- c:\documents and settings\Administrator\Risorse di stampa
2008-11-19 21:49 . 2008-11-10 16:00 <DIR> d--h----- c:\documents and settings\Administrator\Risorse di rete
2008-11-19 21:49 . 2008-11-10 16:00 <DIR> d-------- c:\documents and settings\Administrator\Preferiti
2008-11-19 21:49 . 2008-11-10 15:10 <DIR> d--h----- c:\documents and settings\Administrator\Modelli
2008-11-19 21:49 . 2008-11-10 16:00 <DIR> dr------- c:\documents and settings\Administrator\Menu Avvio
2008-11-19 21:49 . 2008-11-10 16:00 <DIR> d--h----- c:\documents and settings\Administrator\Impostazioni locali
2008-11-19 21:49 . 2008-11-10 16:00 <DIR> d-------- c:\documents and settings\Administrator\Documenti
2008-11-19 21:49 . 2008-11-10 16:00 <DIR> dr-h----- c:\documents and settings\Administrator\Dati applicazioni
2008-11-19 21:49 . 2008-11-19 21:49 <DIR> d-------- c:\documents and settings\Administrator
2008-11-17 12:19 . 2008-11-17 12:19 412 --a------ c:\windows\ODBC.INI
2008-11-17 12:18 . 2007-04-09 13:23 28,040 --a------ c:\windows\system32\mdimon.dll
2008-11-17 12:10 . 2008-11-17 12:16 <DIR> d-------- c:\windows\SHELLNEW
2008-11-17 12:09 . 2008-11-17 12:09 <DIR> d-------- c:\programmi\Microsoft.NET
2008-11-17 01:54 . 2008-11-17 01:54 <DIR> d-------- c:\programmi\UseNeXT

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-10 14:14 --------- d-----w c:\programmi\microsoft frontpage
2008-11-10 14:13 --------- d-----w c:\programmi\Servizi in linea
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
.

((((((((((((((((((((((((((((( snapshot@2008-12-07_15.43.22.85 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-12-08 14:09:02 151,552 ----a-w c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-12-08 14:09:42 3,915,776 ----a-w c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2008-12-08 14:09:43 344,064 ----a-w c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2008-12-08 14:14:51 315,392 ----a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_it_b03f5f7f11d50a3a\aspnetmmcext.resources.dll
+ 2008-12-08 14:15:05 53,248 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_it_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
+ 2008-12-08 14:15:05 139,264 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_it_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
+ 2008-12-08 14:15:06 10,240 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_it_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
+ 2008-12-08 14:14:53 45,056 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.JScript.Resources.dll
+ 2008-12-08 14:13:41 5,120 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.Dtc.resources\3.0.0.0_it_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll
+ 2008-12-08 14:13:41 28,672 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.resources\3.0.0.0_it_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll
+ 2008-12-08 14:09:02 352,256 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2008-12-08 14:15:11 9,216 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2008-12-08 14:15:11 9,216 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2008-12-08 14:15:10 61,440 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
+ 2008-12-08 14:15:06 303,104 ----a-w c:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.Resources.dll
+ 2008-12-08 14:13:26 53,248 ----a-w c:\windows\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_it_31bf3856ad364e35\PresentationBuildTasks.resources.dll
+ 2008-12-08 14:09:41 593,920 ----a-w c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2008-12-08 14:09:42 32,768 ----a-w c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
+ 2008-12-08 14:13:26 106,496 ----a-w c:\windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_it_31bf3856ad364e35\PresentationCore.resources.dll
+ 2008-12-08 14:09:43 184,320 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2008-12-08 14:09:43 126,976 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2008-12-08 14:09:43 376,832 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2008-12-08 14:13:26 245,760 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_it_31bf3856ad364e35\PresentationFramework.resources.dll
+ 2008-12-08 14:09:43 151,552 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2008-12-08 14:09:42 4,972,544 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2008-12-08 14:13:27 372,736 ----a-w c:\windows\assembly\GAC_MSIL\PresentationUI.resources\3.0.0.0_it_31bf3856ad364e35\PresentationUI.resources.dll
+ 2008-12-08 14:09:43 897,024 ----a-w c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2008-12-08 14:13:27 40,960 ----a-w c:\windows\assembly\GAC_MSIL\ReachFramework.resources\3.0.0.0_it_31bf3856ad364e35\ReachFramework.resources.dll
+ 2008-12-08 14:09:43 528,384 ----a-w c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2008-12-08 14:13:41 5,120 ----a-w c:\windows\assembly\GAC_MSIL\SMDiagnostics.resources\3.0.0.0_it_b77a5c561934e089\SMDiagnostics.resources.dll
+ 2008-12-08 14:09:02 94,208 ----a-w c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2008-12-08 14:15:09 10,752 ----a-w c:\windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_it_b03f5f7f11d50a3a\sysglobl.resources.dll
+ 2008-12-08 14:15:06 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Configuration.Install.Resources.dll
+ 2008-12-08 14:15:09 49,152 ----a-w c:\windows\assembly\GAC_MSIL\SYSTEM.CONFIGURATION.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Configuration.resources.dll
+ 2008-12-08 14:15:06 110,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_it_b77a5c561934e089\System.Data.OracleClient.resources.dll
+ 2008-12-08 14:15:01 327,680 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_it_b77a5c561934e089\System.Data.Resources.dll
+ 2008-12-08 14:15:07 36,864 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_it_b77a5c561934e089\system.data.sqlxml.resources.dll
+ 2008-12-08 14:14:52 380,928 ----a-w c:\windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Deployment.resources.dll
+ 2008-12-08 14:15:02 540,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Design.Resources.dll
+ 2008-12-08 14:14:55 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll
+ 2008-12-08 14:14:55 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.DirectoryServices.Resources.dll
+ 2008-12-08 14:15:07 6,144 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Drawing.Design.Resources.dll
+ 2008-12-08 14:15:03 24,576 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Drawing.Resources.dll
+ 2008-12-08 14:14:54 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.EnterpriseServices.Resources.dll
+ 2008-12-08 14:13:41 61,440 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.resources\3.0.0.0_it_b77a5c561934e089\System.IdentityModel.Resources.dll
+ 2008-12-08 14:13:41 53,248 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors.resources\3.0.0.0_it_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll
+ 2008-12-08 14:09:03 126,976 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2008-12-08 14:09:03 401,408 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2008-12-08 14:13:41 11,264 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log.resources\3.0.0.0_it_b03f5f7f11d50a3a\System.IO.Log.Resources.dll
+ 2008-12-08 14:09:03 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2008-12-08 14:15:08 13,312 ----a-w c:\windows\assembly\GAC_MSIL\system.management.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Management.Resources.dll
+ 2008-12-08 14:15:04 61,440 ----a-w c:\windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Messaging.Resources.dll
+ 2008-12-08 14:13:27 16,896 ----a-w c:\windows\assembly\GAC_MSIL\System.Printing.resources\3.0.0.0_it_31bf3856ad364e35\System.Printing.resources.dll
+ 2008-12-08 14:15:04 204,800 ----a-w c:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_it_b77a5c561934e089\system.Resources.dll
+ 2008-12-08 14:15:08 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_it_b77a5c561934e089\System.Runtime.Remoting.Resources.dll
+ 2008-12-08 14:15:08 11,776 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
+ 2008-12-08 14:13:41 86,016 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_it_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
+ 2008-12-08 14:09:04 884,736 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2008-12-08 14:14:54 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Security.Resources.dll
+ 2008-12-08 14:13:41 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install.resources\3.0.0.0_it_b77a5c561934e089\System.ServiceModel.Install.Resources.dll
+ 2008-12-08 14:09:06 159,744 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
+ 2008-12-08 14:13:42 438,272 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_it_b77a5c561934e089\System.ServiceModel.Resources.dll
+ 2008-12-08 14:09:07 16,384 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2008-12-08 14:09:04 5,623,808 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2008-12-08 14:14:56 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll
+ 2008-12-08 14:13:27 61,440 ----a-w c:\windows\assembly\GAC_MSIL\System.Speech.resources\3.0.0.0_it_31bf3856ad364e35\System.Speech.resources.dll
+ 2008-12-08 14:09:43 688,128 ----a-w c:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2008-12-08 14:15:09 16,384 ----a-w c:\windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_it_b77a5c561934e089\System.Transactions.resources.dll
+ 2008-12-08 14:15:10 77,824 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll
+ 2008-12-08 14:14:58 598,016 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Web.Resources.dll
+ 2008-12-08 14:14:58 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Web.Services.Resources.dll
+ 2008-12-08 14:14:59 425,984 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_it_b77a5c561934e089\System.Windows.Forms.Resources.dll
+ 2008-12-08 14:13:54 187,208 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities.resources\3.0.0.0_it_31bf3856ad364e35\System.Workflow.Activities.resources.dll
+ 2008-12-08 14:11:58 1,108,784 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2008-12-08 14:13:54 318,288 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel.resources\3.0.0.0_it_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll
+ 2008-12-08 14:11:59 1,641,272 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2008-12-08 14:13:54 43,840 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime.resources\3.0.0.0_it_31bf3856ad364e35\System.Workflow.Runtime.resources.dll
+ 2008-12-08 14:11:59 588,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2008-12-08 14:15:00 163,840 ----a-w c:\windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_it_b77a5c561934e089\System.xml.Resources.dll
+ 2008-12-08 14:13:27 9,728 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClient.resources\3.0.0.0_it_31bf3856ad364e35\UIAutomationClient.resources.dll
+ 2008-12-08 14:09:43 163,840 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2008-12-08 14:13:27 10,240 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders.resources\3.0.0.0_it_31bf3856ad364e35\UIAutomationClientsideProviders.resources.dll
+ 2008-12-08 14:09:43 372,736 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2008-12-08 14:13:27 4,096 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationProvider.resources\3.0.0.0_it_31bf3856ad364e35\UIAutomationProvider.resources.dll
+ 2008-12-08 14:09:43 32,768 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2008-12-08 14:13:27 7,680 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationTypes.resources\3.0.0.0_it_31bf3856ad364e35\UIAutomationTypes.resources.dll
+ 2008-12-08 14:09:43 86,016 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2008-12-08 14:13:27 86,016 ----a-w c:\windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_it_31bf3856ad364e35\WindowsBase.resources.dll
+ 2008-12-08 14:09:41 1,167,360 ----a-w c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2008-12-08 14:13:28 4,608 ----a-w c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration.resources\3.0.0.0_it_31bf3856ad364e35\WindowsFormsIntegration.resources.dll
+ 2008-12-08 14:09:44 81,920 ----a-w c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2008-12-08 14:10:17 17,920 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\cd0730694ba5927a6efd32129783e1b4\Microsoft.VisualC.ni.dll
+ 2008-12-08 14:10:50 40,448 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\9385f2c37b2e00e06ec3f57153f63a2d\PresentationCFFRasterizer.ni.dll
+ 2008-12-08 14:10:49 11,980,800 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7e413273e9d6710be8a39dcce2e45c2c\PresentationCore.ni.dll
+ 2008-12-08 14:11:46 48,640 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\599806acdd6dc0aeed19ebf9d622dcad\PresentationFontCache.ni.exe
+ 2008-12-08 14:11:41 552,960 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0766df362854f0330a4a45179773657e\PresentationFramework.Luna.ni.dll
+ 2008-12-08 14:11:42 274,432 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8aaa2b56f733902cc1ba9d8300d2a0e3\PresentationFramework.Royale.ni.dll
+ 2008-12-08 14:11:40 241,664 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d87c2740add3b0f86833159ce57c71ec\PresentationFramework.Classic.ni.dll
+ 2008-12-08 14:11:25 14,659,584 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\de20226274a5739a4b42d8e26b546180\PresentationFramework.ni.dll
+ 2008-12-08 14:11:44 393,216 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e389aa7f3dd4eb1ee585724f130a79cb\PresentationFramework.Aero.ni.dll
+ 2008-12-08 14:11:30 1,986,560 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\f97ac4e9c402e98d2b5b7114e4fbbd2a\PresentationUI.ni.dll
+ 2008-12-08 14:11:35 2,416,640 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\1fe0f79dd0d47e4d1eb474f98a1949fb\ReachFramework.ni.dll
+ 2008-12-08 14:10:23 163,840 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\c46625ea87db53ccf6194fe17ee05c19\System.Configuration.Install.ni.dll
+ 2008-12-08 14:10:22 1,183,744 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\1abdb47765d0696a2fc0a1095bac0249\System.Data.OracleClient.ni.dll
+ 2008-12-08 14:10:16 2,756,608 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\e59504af41afab5e04681af951d9b302\System.Data.SqlXml.ni.dll
+ 2008-12-08 14:12:22 655,360 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\00e3750e478bac4913ee7a6c3b7cd392\System.Messaging.ni.dll
+ 2008-12-08 14:11:37 1,118,208 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\690a965457e274ad13f6b1f9ac2bad4e\System.Printing.ni.dll
+ 2008-12-08 14:10:19 815,104 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0898f6c1de8cb89413d206e3d6a3ce1d\System.Runtime.Remoting.ni.dll
+ 2008-12-08 14:10:20 339,968 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1f5cf8178029f5b959a9af75cb8cfedb\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2008-12-08 14:12:08 2,994,176 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\5e0df5685ce40f838eea52a5f1454b68\System.Workflow.Activities.ni.dll
+ 2008-12-08 14:12:17 4,587,520 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\2689e361e42d0bb9e3d19f1ecd30c26a\System.Workflow.ComponentModel.ni.dll
+ 2008-12-08 14:12:21 2,093,056 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\41b6c3a0c115c43c53697efa1607fe49\System.Workflow.Runtime.ni.dll
+ 2008-12-08 14:10:49 50,688 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\9865738a916ad3664dd374582b9ea873\UIAutomationProvider.ni.dll
+ 2008-12-08 14:10:50 196,608 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\71605ce631809dcbfba38842fdf59acf\UIAutomationTypes.ni.dll
+ 2008-12-08 14:10:08 3,260,416 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\50652bfd061ead84841e6c9bfffacfb1\WindowsBase.ni.dll
- 2007-06-27 14:48:40 318,464 ----a-w c:\windows\inf\unregmp2.exe
+ 2008-04-14 02:14:22 208,896 ----a-w c:\windows\inf\unregmp2.exe
+ 2006-01-07 07:53:28 22,528 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1040\alinkui.dll
+ 2006-01-07 07:53:30 161,792 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1040\cscompui.dll
+ 2006-01-07 07:53:30 5,120 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1040\CvtResUI.dll
+ 2006-01-07 07:53:36 212,992 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1040\vbc7ui.dll
+ 2006-01-07 07:53:24 241,664 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1040\Vsavb7rtUI.dll
+ 2006-01-07 07:53:38 9,216 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC\it\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2006-01-07 07:53:38 9,216 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC\it\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2006-01-07 07:53:26 8,704 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\aspnet_compiler.resources.dll
+ 2006-01-07 07:53:26 82,432 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\aspnet_rc.dll
+ 2006-01-07 07:53:26 5,632 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\aspnet_regbrowsers.resources.dll
+ 2006-01-07 07:53:26 40,960 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\aspnet_regsql.resources.dll
+ 2006-01-07 07:53:26 315,392 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\aspnetmmcext.resources.dll
+ 2006-01-07 07:53:34 36,864 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\caspol.resources.dll
+ 2006-01-07 07:53:34 4,096 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\InstallUtil.resources.dll
+ 2006-01-07 07:53:32 7,168 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\JSC.Resources.dll
+ 2006-01-07 07:53:34 53,248 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.Build.Engine.resources.dll
+ 2006-01-07 07:53:34 139,264 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.Build.Tasks.resources.dll
+ 2006-01-07 07:53:34 10,240 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.Build.Utilities.Resources.dll
+ 2006-01-07 07:53:32 45,056 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.JScript.Resources.dll
+ 2006-01-07 07:53:36 61,440 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.VisualBasic.resources.dll
+ 2006-01-07 07:53:34 12,800 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\MSBuild.resources.dll
+ 2006-01-07 07:53:34 303,104 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\mscorlib.Resources.dll
+ 2006-01-07 07:53:34 389,632 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\mscorrc.dll
+ 2006-01-07 07:53:34 11,264 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\Regasm.resources.dll
+ 2006-01-07 07:53:34 86,016 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\ShFusRes.dll
+ 2006-01-07 07:53:34 10,752 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\sysglobl.resources.dll
+ 2006-01-07 07:53:34 28,672 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\System.Configuration.Install.Resources.dll
+ 2006-01-07 07:53:34 49,152 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\System.Configuration.resources.dll
+ 2006-01-07 07:53:34 110,592 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\System.Data.OracleClient.resources.dll
+ 2006-01-07 07:53:34 327,680 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\System.Data.Resources.dll
+ 2006-01-07 07:53:34 36,864 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\system.data.sqlxml.resources.dll
+ 2006-01-07 07:53:28 380,928 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\System.Deployment.resources.dll
+ 2006-01-07 07:53:34 540,672 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\System.Design.Resources.dll
+ 2006-01-07 07:53:34 28,672 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\System.DirectoryServices.Protocols.resources.dll
+ 2006-01-07 07:53:34 40,960 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\System.DirectoryServices.Resources.dll
+ 2006-01-07 07:53:34 6,144 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\System.Drawing.Design.Resources.dll
+ 2006-01-07 07:53:34 24,576 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\System.Drawing.Resources.dll
+ 2006-01-07 07:53:34 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\System.EnterpriseServices.Resources.dll
+ 2006-01-07 07:53:34 13,312 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\System.Management.Resources.dll
+ 2006-01-07 07:53:34 61,440 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\System.Messaging.Resources.dll
+ 2006-01-07 07:53:34 204,800 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\system.Resources.dll
+ 2006-01-07 07:53:34 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\System.Runtime.Remoting.Resources.dll
+ 2006-01-07 07:53:34 11,776 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\System.Runtime.Serialization.Formatters.Soap.Resources.dll
+ 2006-01-07 07:53:34 28,672 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\System.Security.Resources.dll
+ 2006-01-07 07:53:34 40,960 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\System.ServiceProcess.Resources.dll
+ 2006-01-07 07:53:34 16,384 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\System.Transactions.resources.dll
+ 2006-01-07 07:53:34 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\System.Web.Mobile.resources.dll
+ 2006-01-07 07:53:34 598,016 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\System.Web.Resources.dll
+ 2006-01-07 07:53:34 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\System.Web.Services.Resources.dll
+ 2006-01-07 07:53:34 425,984 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\System.Windows.Forms.Resources.dll
+ 2006-01-07 07:53:34 163,840 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\it\System.xml.Resources.dll
+ 2008-12-08 14:14:32 609,472 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - ITA\install.exe
+ 2008-12-08 14:14:32 84,480 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - ITA\install.res.1040.dll
+ 2008-12-08 14:14:32 245,408 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - ITA\unicows.dll
+ 2006-01-07 07:53:34 22,528 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0410\mscorsecr.dll
+ 2006-10-31 09:15:08 14,848 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Italian Language Pack\baseline.dat
+ 2006-10-20 16:57:16 99,600 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Italian Language Pack\DeleteTemp.exe
+ 2006-10-20 14:17:16 220,672 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Italian Language Pack\dlmgr.dll
+ 2006-10-20 14:19:18 1,054,720 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Italian Language Pack\gencomp.dll
+ 2006-10-20 14:16:24 163,328 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Italian Language Pack\HtmlLite.dll
+ 2006-10-20 16:57:16 194,320 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Italian Language Pack\RebootStub.exe
+ 2006-10-20 16:57:16 167,176 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Italian Language Pack\runmsi.exe
+ 2006-10-20 16:57:16 365,320 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Italian Language Pack\setup.exe
+ 2006-10-20 16:45:38 88,064 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Italian Language Pack\setupres.1040.dll
+ 2006-10-20 14:17:20 80,384 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Italian Language Pack\setupres.dll
+ 2006-10-20 14:17:26 1,621,504 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Italian Language Pack\SITSetup.dll
+ 2006-10-20 14:18:26 1,139,712 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Italian Language Pack\vs_setup.dll
+ 2006-10-20 14:19:44 590,848 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Italian Language Pack\vs70uimgr.dll
+ 2006-10-20 14:22:20 541,184 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Italian Language Pack\vsbasereqs.dll
+ 2006-10-20 14:19:48 816,128 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Italian Language Pack\vsscenario.dll
+ 2006-10-20 16:45:38 101,376 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Italian Language Pack\WapRes.1040.dll
+ 2006-10-20 14:19:50 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Italian Language Pack\WapRes.dll
+ 2006-10-20 14:21:22 1,103,872 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Italian Language Pack\WapUI.dll
+ 2006-10-30 03:06:28 189,828 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\baseline.dat
+ 2006-10-30 02:25:56 99,600 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\DeleteTemp.exe
+ 2006-10-29 22:15:06 220,672 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\dlmgr.dll
+ 2006-10-29 22:17:56 1,054,720 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\gencomp.dll
+ 2006-10-29 22:14:26 163,328 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\HtmlLite.dll
+ 2006-10-30 02:25:54 194,320 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\RebootStub.exe
+ 2006-10-30 02:25:56 167,176 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\runmsi.exe
+ 2006-10-30 02:25:56 365,320 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
+ 2006-10-30 02:17:12 80,384 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1025.dll
+ 2006-10-30 02:17:30 80,384 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1028.dll
+ 2006-10-30 02:17:36 86,016 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1029.dll
+ 2006-10-30 02:17:44 87,040 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1030.dll
+ 2006-10-30 02:17:50 89,600 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1031.dll
+ 2006-10-30 02:17:56 94,208 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1032.dll
+ 2006-10-30 02:18:10 82,944 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1035.dll
+ 2006-10-30 02:18:16 91,648 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1036.dll
+ 2006-10-30 02:18:22 80,384 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1037.dll
+ 2006-10-30 02:18:30 89,600 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1038.dll
+ 2006-10-30 02:18:36 88,064 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1040.dll
+ 2006-10-30 02:18:42 80,384 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1041.dll
+ 2006-10-30 02:18:48 80,384 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1042.dll
+ 2006-10-30 02:18:56 87,040 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1043.dll
+ 2006-10-30 02:19:02 83,968 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1044.dll
+ 2006-10-30 02:19:08 86,528 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1045.dll
+ 2006-10-30 02:19:14 84,480 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1046.dll
+ 2006-10-30 02:19:28 82,944 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1049.dll
+ 2006-10-30 02:19:34 83,968 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1053.dll
+ 2006-10-30 02:19:42 82,432 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1055.dll
+ 2006-10-30 02:17:24 80,384 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.2052.dll
+ 2006-10-30 02:19:22 90,624 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.2070.dll
+ 2006-10-30 02:18:02 90,112 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.3082.dll
+ 2006-10-29 22:15:20 80,384 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.dll
+ 2006-10-29 22:15:22 1,621,504 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\SITSetup.dll
+ 2006-10-29 22:16:52 1,139,712 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\vs_setup.dll
+ 2006-10-29 22:18:26 590,848 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\vs70uimgr.dll
+ 2006-10-29 22:20:20 541,184 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\vsbasereqs.dll
+ 2006-10-29 22:18:12 816,128 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\vsscenario.dll
+ 2006-10-30 02:17:14 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1025.dll
+ 2006-10-30 02:17:30 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1028.dll
+ 2006-10-30 02:17:38 99,840 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1029.dll
+ 2006-10-30 02:17:44 99,840 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1030.dll
+ 2006-10-30 02:17:50 102,400 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1031.dll
+ 2006-10-30 02:17:58 104,448 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1032.dll
+ 2006-10-30 02:18:10 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1035.dll
+ 2006-10-30 02:18:16 103,424 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1036.dll
+ 2006-10-30 02:18:24 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1037.dll
+ 2006-10-30 02:18:30 102,400 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1038.dll
+ 2006-10-30 02:18:36 101,376 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1040.dll
+ 2006-10-30 02:18:42 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1041.dll
+ 2006-10-30 02:18:50 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1042.dll
+ 2006-10-30 02:18:56 99,840 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1043.dll
+ 2006-10-30 02:19:02 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1044.dll
+ 2006-10-30 02:19:08 99,840 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1045.dll
+ 2006-10-30 02:19:16 99,328 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1046.dll
+ 2006-10-30 02:19:28 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1049.dll
+ 2006-10-30 02:19:36 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1053.dll
+ 2006-10-30 02:19:42 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1055.dll
+ 2006-10-30 02:17:24 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.2052.dll
+ 2006-10-30 02:19:22 101,376 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.2070.dll
+ 2006-10-30 02:18:04 102,400 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.3082.dll
+ 2006-10-29 22:18:36 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.dll
+ 2006-10-29 22:19:30 1,103,872 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapUI.dll
+ 2008-12-08 14:13:35 626,440 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation Language Pack - ITA\install.exe
+ 2008-12-08 14:13:34 84,480 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation Language Pack - ITA\install.res.1040.dll
+ 2006-10-30 02:34:02 159,744 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe
+ 2006-10-30 02:33:58 741,376 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
+ 2008-12-08 14:08:55 626,440 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\install.exe
+ 2008-12-08 14:08:55 80,896 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\install.res.1033.dll
+ 2006-10-31 04:07:30 36,864 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\it\ComSvcConfig.resources.dll
+ 2006-10-31 04:07:30 741,376 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\it\infocard.resources.dll
+ 2006-10-31 04:07:30 24,576 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\it\ServiceModelReg.resources.dll
+ 2006-10-31 04:07:30 10,240 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\it\SMSvcHost.resources.dll
+ 2006-10-31 04:07:30 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\it\WsatConfig.resources.dll
+ 2006-10-30 02:34:00 352,256 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
+ 2006-10-30 02:34:00 151,552 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
+ 2006-10-30 02:34:02 2,560 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
+ 2006-10-30 02:34:02 61,440 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
+ 2006-10-30 02:34:02 11,264 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll
+ 2006-10-30 02:34:00 94,208 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMDiagnostics.dll
+ 2006-10-30 02:34:02 122,880 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
+ 2006-10-30 02:34:02 884,736 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2006-10-30 02:34:02 5,623,808 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2006-10-30 02:34:00 159,744 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll
+ 2006-10-30 02:34:00 16,384 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2006-10-30 02:34:02 143,360 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
+ 2006-07-25 20:32:00 14,648 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe
+ 2006-10-25 04:09:20 372,736 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\it\PresentationUI.resources.dll
+ 2006-10-20 15:08:52 797,696 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\NaturalLanguage6.dll
+ 2006-10-20 15:09:02 4,874,240 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsData0009.dll
+ 2006-10-20 13:03:40 2,628,608 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsLexicons0009.dll
+ 2006-10-20 20:29:46 72,992 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll
+ 2006-10-20 20:21:24 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
+ 2006-10-20 20:21:24 36,864 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
+ 2006-10-20 20:29:52 106,272 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2006-10-20 20:21:26 897,024 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
+ 2006-10-20 20:21:26 14,848 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\XamlViewer\XamlViewer_v0300.exe
- 2006-11-02 21:54:02 7,680 ----a-w c:\windows\system32\asferror.dll
+ 2008-04-14 01:48:17 8,704 ----a-w c:\windows\system32\asferror.dll
- 2006-11-02 21:54:02 7,680 -c--a-w c:\windows\system32\dllcache\asferror.dll
+ 2008-04-14 01:48:17 8,704 ----a-w c:\windows\system32\dllcache\asferror.dll
+ 2006-10-14 15:43:18 27,648 -c----w c:\windows\system32\dllcache\FilterPipelinePrintProc.dll
- 2006-11-02 21:54:18 244,224 -c--a-w c:\windows\system32\dllcache\mpvis.dll
+ 2008-04-14 02:13:43 368,640 ----a-w c:\windows\system32\dllcache\mpvis.dll
+ 2006-10-14 15:44:44 671,744 -c----w c:\windows\system32\dllcache\PrintFilterPipelineSvc.exe
- 2006-11-02 22:33:26 1,678,336 -c--a-w c:\windows\system32\dllcache\setup_wm.exe
+ 2008-04-14 02:14:19 778,240 ----a-w c:\windows\system32\dllcache\setup_wm.exe
- 2007-06-27 14:48:40 318,464 -c--a-w c:\windows\system32\dllcache\unregmp2.exe
+ 2008-04-14 02:14:22 208,896 ----a-w c:\windows\system32\dllcache\unregmp2.exe
- 2006-11-02 21:56:10 251,904 -c--a-w c:\windows\system32\dllcache\wmerror.dll
+ 2008-04-14 01:51:18 186,880 ----a-w c:\windows\system32\dllcache\wmerror.dll
- 2007-06-11 22:51:12 10,834,944 -c--a-w c:\windows\system32\dllcache\wmp.dll
+ 2008-04-14 02:13:57 4,874,240 ----a-w c:\windows\system32\dllcache\wmp.dll
- 2006-10-18 20:47:20 242,688 -c--a-w c:\windows\system32\dllcache\wmpasf.dll
+ 2008-04-14 02:13:57 114,688 ----a-w c:\windows\system32\dllcache\wmpasf.dll
- 2006-11-02 21:56:18 96,256 -c--a-w c:\windows\system32\dllcache\wmpband.dll
+ 2008-04-14 02:13:57 98,304 ----a-w c:\windows\system32\dllcache\wmpband.dll
- 2006-10-18 20:47:20 314,880 -c--a-w c:\windows\system32\dllcache\wmpdxm.dll
+ 2008-04-14 02:13:57 233,472 ----a-w c:\windows\system32\dllcache\wmpdxm.dll
- 2006-11-02 21:56:34 64,000 -c--a-w c:\windows\system32\dllcache\wmplayer.exe
+ 2008-04-14 02:14:25 73,728 ----a-w c:\windows\system32\dllcache\wmplayer.exe
- 2006-11-02 22:36:12 8,284,672 -c--a-w c:\windows\system32\dllcache\wmploc.dll
+ 2008-04-14 01:52:40 2,973,696 ----a-w c:\windows\system32\dllcache\wmploc.dll
- 2006-11-02 21:56:42 99,840 -c--a-w c:\windows\system32\dllcache\wmpshell.dll
+ 2008-04-14 02:13:57 102,400 ----a-w c:\windows\system32\dllcache\wmpshell.dll
+ 2006-10-14 19:21:58 580,352 -c----w c:\windows\system32\dllcache\XPSSHHDR.dll
+ 2006-10-14 19:22:00 1,698,048 -c----w c:\windows\system32\dllcache\XpsSvcs.dll
+ 2006-10-20 20:29:46 69,408 ----a-w c:\windows\system32\dxva2.dll
+ 2006-10-20 20:30:00 478,496 ----a-w c:\windows\system32\evr.dll
- 2008-12-02 17:27:59 228,800 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2008-12-08 14:23:53 231,984 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2006-10-30 02:33:58 556,296 ----a-w c:\windows\system32\icardagt.exe
+ 2006-10-30 02:33:58 9,480 ----a-w c:\windows\system32\icardres.dll
+ 2006-10-30 02:33:58 83,968 ----a-w c:\windows\system32\infocardapi.dll
+ 2006-10-20 20:30:06 1,980,704 ----a-w c:\windows\system32\milcore.dll
+ 2006-01-07 07:53:34 6,656 ----a-w c:\windows\system32\mui\0410\mscorees.dll
- 2008-11-29 13:38:58 64,372 ----a-w c:\windows\system32\perfc009.dat
+ 2008-12-08 14:12:26 72,152 ----a-w c:\windows\system32\perfc009.dat
- 2008-11-29 13:38:58 77,394 ----a-w c:\windows\system32\perfc010.dat
+ 2008-12-08 14:12:26 85,174 ----a-w c:\windows\system32\perfc010.dat
- 2008-11-29 13:38:58 409,232 ----a-w c:\windows\system32\perfh009.dat
+ 2008-12-08 14:12:26 444,528 ----a-w c:\windows\system32\perfh009.dat
- 2008-11-29 13:38:58 456,662 ----a-w c:\windows\system32\perfh010.dat
+ 2008-12-08 14:12:26 492,502 ----a-w c:\windows\system32\perfh010.dat
+ 2006-10-20 20:29:52 104,224 ----a-w c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
+ 2006-10-20 20:29:58 344,352 ----a-w c:\windows\system32\PresentationHost.exe
+ 2006-10-20 20:29:46 20,768 ----a-w c:\windows\system32\PresentationHostProxy.dll
+ 2006-10-20 20:30:02 769,312 ----a-w c:\windows\system32\PresentationNative_v0300.dll
+ 2006-10-14 15:43:38 124,416 ------w c:\windows\system32\prntvpt.dll
+ 2006-08-24 15:15:06 150,808 ----a-w c:\windows\system32\rgb9rast_2.dll
+ 2006-10-14 15:44:44 671,744 ------w c:\windows\system32\spool\prtprocs\w32x86\PrintFilterPipelineSvc.exe
+ 2006-10-20 20:29:54 159,008 ----a-w c:\windows\system32\UIAutomationCore.dll
- 2006-11-02 21:56:10 251,904 ----a-w c:\windows\system32\wmerror.dll
+ 2008-04-14 01:51:18 186,880 ----a-w c:\windows\system32\wmerror.dll
- 2007-06-11 22:51:12 10,834,944 ----a-w c:\windows\system32\wmp.dll
+ 2008-04-14 02:13:57 4,874,240 ----a-w c:\windows\system32\wmp.dll
- 2006-10-18 20:47:20 242,688 ----a-w c:\windows\system32\wmpasf.dll
+ 2008-04-14 02:13:57 114,688 ----a-w c:\windows\system32\wmpasf.dll
- 2006-10-18 20:47:20 314,880 ----a-w c:\windows\system32\wmpdxm.dll
+ 2008-04-14 02:13:57 233,472 ----a-w c:\windows\system32\wmpdxm.dll
- 2006-11-02 22:36:12 8,284,672 ----a-w c:\windows\system32\wmploc.dll
+ 2008-04-14 01:52:40 2,973,696 ----a-w c:\windows\system32\wmploc.dll
- 2006-11-02 21:56:42 99,840 ----a-w c:\windows\system32\wmpshell.dll
+ 2008-04-14 02:13:57 102,400 ----a-w c:\windows\system32\wmpshell.dll
+ 2006-10-14 19:21:58 580,352 ------w c:\windows\system32\XPSSHHDR.dll
+ 2006-10-14 19:22:00 1,698,048 ------w c:\windows\system32\XpsSvcs.dll
+ 2006-10-20 20:29:54 304,928 ----a-w c:\windows\system32\XPSViewer\XPSViewer.exe
+ 2008-12-08 14:25:28 16,384 ----atw c:\windows\temp\Perflib_Perfdata_874.dat
.
-- Snapshot per reimpostare la data corrente --

przez **jacek-62** » 10 Gru 2008, 01:04

druga czesc moje loga:

.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Creative MediaSource Go"="c:\programmi\Creative\MediaSource\GO\CTCMSGo.exe" [2003-08-12 131072]
"RemoteCenter"="c:\programmi\Creative\MediaSource\RemoteControl\RCMan.EXE" [2003-10-08 139264]
"Creative WebCam Tray"="c:\programmi\Creative\Shared Files\CamTray.exe" [2004-11-18 258048]
"DAEMON Tools Lite"="c:\programmi\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"Creative Detector"="c:\programmi\Creative\MediaSource\Detector\CTDetect.exe" [2003-10-02 98304]
"IDMan"="c:\programmi\Internet Download Manager\IDMan.exe" [2008-12-06 2606512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-11-24 344064]
"ATICCC"="c:\programmi\ATI Technologies\ATI.ACE\cli.exe" [2004-11-25 32768]
"CTSysVol"="c:\programmi\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"CTDVDDET"="c:\programmi\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE" [2003-06-18 45056]
"SBDrvDet"="c:\programmi\Creative\SB Drive Det\SBDrvDet.exe" [2002-12-03 45056]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"ccApp"="c:\programmi\File comuni\Symantec Shared\ccApp.exe" [2006-10-27 107112]
"osCheck"="c:\programmi\Norton AntiVirus\osCheck.exe" [2006-09-05 26248]
"Symantec PIF AlertEng"="c:\programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"Google Desktop Search"="c:\programmi\Google\Google Desktop Search\GoogleDesktop.exe" [2008-11-12 30192]
"DefragTaskBar"="c:\programmi\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe" [2008-10-09 173408]
"NSRKey"="c:\progra~1\NORTON~3\NSR\Agent\NSRTray.exe" [2007-03-26 1582696]
"Norton Save and Restore"="c:\progra~1\NORTON~3\NSR\Agent\NSRTray.exe" [2007-03-26 1582696]
"NSWosCheck"="c:\programmi\Norton SystemWorks Premier\osCheck.exe" [2007-12-03 25472]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2008-12-06 136600]
"CTHelper"="CTHELPER.EXE" [2003-10-06 c:\windows\system32\CTHELPER.EXE]
"VF0060 STISvc"="V0060Pin.dll" [2004-11-01 c:\windows\system32\V0060Pin.dll]
"SoundMan"="SOUNDMAN.EXE" [2004-07-01 c:\windows\SOUNDMAN.EXE]
"AlcWzrd"="ALCWZRD.EXE" [2004-07-05 c:\windows\ALCWZRD.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"ATICCC"="c:\programmi\ATI Technologies\ATI.ACE\cli.exe" [2004-11-25 32768]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
ATI CATALYST System Tray.lnk - c:\programmi\ATI Technologies\ATI.ACE\CLI.exe [2004-11-25 32768]
Pinnacle Scheduler.lnk - c:\programmi\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe [2008-11-10 245760]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"= 0 (0x0)
"NoFavoritesMenu"= 1 (0x1)
"NoStartMenuSubFolders"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.PIM1"= PCLEPIM1.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService]
@="service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Saxo"=c:\programmi\Saxo\Saxo.exe regstart

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ISTray"="c:\programmi\Spyware Doctor\pctsTray.exe"
"HDInspector.exe"=c:\programmi\Hard Drive Inspector\HDInspector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SophosAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\Azureus\\Azureus.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=

R0 iteraid;ITERAID_Service_Install;c:\windows\system32\DRIVERS\iteraid.sys [2008-11-10 24971]
R1 SAVOnAccess Control;SAVOnAccess Control;c:\windows\system32\DRIVERS\savonaccesscontrol.sys [2008-11-29 80128]
R1 SAVOnAccess Filter;SAVOnAccess Filter;c:\windows\system32\DRIVERS\savonaccessfilter.sys [2008-11-29 24064]
R2 BCMNTIO;BCMNTIO;\??\c:\progra~1\CheckIt\DIAGNO~1\BCMNTIO.sys [2008-11-22 3744]
R2 Harmonogram automatycznej uslugi LiveUpdate;Harmonogram automatycznej uslugi LiveUpdate;"c:\programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe" [2008-11-11 198336]
R2 MAPMEM;MAPMEM;\??\c:\progra~1\CheckIt\DIAGNO~1\MAPMEM.sys [2008-11-22 3904]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0;c:\programmi\File comuni\Nero\Nero BackItUp 4\NBService.exe [2008-09-29 935208]
R2 Norton Save and Restore;Norton Save and Restore;c:\progra~1\NORTON~3\NSR\Agent\VProSvc.exe [2006-11-03 2111080]
R2 NProtectService;Norton UnErase Protection;c:\progra~1\NORTON~3\NORTON~1\NPROTECT.EXE [2005-11-04 95832]
R2 PfDetNT;PfDetNT;\??\c:\windows\system32\drivers\PfModNT.sys [2008-11-10 15840]
R2 SAVAdminService;Crea report sullo stato di Sophos Anti-Virus;"c:\programmi\Sophos\Sophos Anti-Virus\SAVAdminService.exe" [2006-05-08 57344]
R2 SAVService;Sophos Anti-Virus;"c:\programmi\Sophos\Sophos Anti-Virus\SavService.exe" [2006-05-08 86016]
R3 3xHybrid;Pinnacle PCTV Stereo service;c:\windows\system32\DRIVERS\3xHybrid.sys [2008-11-10 698368]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;\??\c:\programmi\File comuni\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-12-02 99376]
R3 pctvvbi;PCTVVBI;c:\windows\system32\DRIVERS\pctvvbi.sys [2008-11-10 6400]
R3 V0060VID;Creative WebCam Live! Ultra;c:\windows\system32\DRIVERS\V0060Vid.sys [2008-11-11 196409]
S3 GoogleDesktopManager-092308-165331;Menedzer Google Desktop 5.8.809.23506;"c:\programmi\Google\Google Desktop Search\GoogleDesktop.exe" [2008-11-12 30192]
S3 Ndisprot;ArcNet NDIS Protocol Driver;\??\c:\windows\system32\drivers\Ndisprot.sys [2008-11-26 27904]
S3 sdAuxService;PC Tools Auxiliary Service;c:\programmi\Spyware Doctor\pctsAuxs.exe [2008-11-12 356920]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenuto della cartella 'Scheduled Tasks'

2008-12-08 c:\windows\Tasks\1-Click Maintenance.job
- c:\programmi\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:09]

2008-12-08 c:\windows\Tasks\Norton Security Scan for JACEK.job
- c:\programmi\Norton Security Scan\Nss.exe [2008-09-19 04:18]

2008-12-05 c:\windows\Tasks\Norton SystemWorks One Button Checkup.job
- c:\programmi\Norton SystemWorks Premier\OBC.exe [2007-12-03 01:41]

2008-12-08 c:\windows\Tasks\RegCure Program Check.job
- c:\programmi\RegCure\RegCure.exe [2008-11-11 15:31]

2008-11-13 c:\windows\Tasks\RegCure.job
- c:\programmi\RegCure\RegCure.exe [2008-11-11 15:31]
.
.
------- Supplementare di scansione -------
.
uStart Page = hxxp://wp.pl/
IE: Download all links with IDM - c:\programmi\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\programmi\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\programmi\Internet Download Manager\IEExt.htm
IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FireFox -: Profile - c:\documents and settings\JACEK\Dati applicazioni\Mozilla\Firefox\Profiles\0zsz0gw6.default\
FF -: plugin - c:\programmi\Adobe\Acrobat 5.0\Reader\browser\nppdf32.dll
FF -: plugin - c:\programmi\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll
FF -: plugin - c:\programmi\Java\jre6\bin\new_plugin\npdeploytk.dll
FF -: plugin - c:\programmi\Java\jre6\bin\new_plugin\npjp2.dll
FF -: plugin - c:\programmi\Mozilla Firefox\plugins\npdeploytk.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-08 15:24:30
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

- - - - - - - > 'winlogon.exe'(816)
c:\windows\system32\Ati2evxx.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\programmi\File comuni\Symantec Shared\ccSvcHst.exe
c:\programmi\File comuni\Symantec Shared\AppCore\AppSvc32.exe
c:\programmi\a-squared Free\a2service.exe
c:\programmi\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
c:\programmi\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\HDDSvc.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\Sophos\AutoUpdate\ALsvc.exe
c:\progra~1\NORTON~3\NORTON~1\SPEEDD~1\NOPDB.exe
c:\windows\system32\MsPMSPSv.exe
c:\programmi\Internet Download Manager\IEMonitor.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Ora fine scansione: 2008-12-08 15:29:44 - macchina è stato riavviato
ComboFix-quarantined-files.txt 2008-12-08 14:29:38
ComboFix2.txt 2008-12-07 14:44:30
ComboFix3.txt 2008-11-24 05:49:25
ComboFix4.txt 2008-11-19 22:05:50

Pre-Run: 33.461.149.696 byte disponibili
Post-Run: 33,484,238,848 byte disponibili

671 --- E O F --- 2008-11-23 05:35:27

przez **huber2t** » 10 Gru 2008, 07:08

Log wygląda na czysty

usuń ręcznie folder C: \Qoobox , usuń instalkę Combofix z dysku.

Przeczyść komputer Ccleanerem

Wykonaj optymalizację autostartu

Wyłącz i włącz przywracanie systemu na wszystkich dyskach. Instrukcja

Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum

lub

Dr.WEB CureIt!

przez **jacek-62** » 11 Gru 2008, 10:00

Bardzo dziekuje, w odpowiedzi znalazlem duzo ciekawych rzeczy, efekt przedstawie pozniej.

przez **jacek-62** » 13 Gru 2008, 00:43

Mam pytanie: czy moge uzywac kilku programow do czyszczenia rejestru, czy tez trzymac sie tylko jednego.

przez **huber2t** » 13 Gru 2008, 00:52

Możesz kilku ale ostrożnie

przez **jacek-62** » 13 Gru 2008, 11:14

Prosze o pomoc. Mam problem z file : ntoskrnl.exe gdzie jest brakujace lub uszkodzone i nie wiem jak go skopiowac z dyskietki Windows.Windows mam orginalny serce pack 2 z uaktualnieniem do pack3.Na jednym z forum odnalazlem, ze powinienem to uczynic w sposob nastepujacy: z pod dos-a wpisac: expand J (to jest moj stacja CD):\i386\ntoskrnl.ex C:\Windows\system32\ntoskrnl.exe Niestety te polecenie nie chce sie wykonac. Dos odpowiada ,ze niemozliwe odnalezienie file lub directory.Czy jest jakis inny sposob na skopiowanie tego?Prawie codziennie moj komp wylacza sie lub przechodzi w niebieska strone z tego wlasnie powodu , o czym mowi Crash Dump.

Ciagle klopoty z komputerem, prosze o sprawdzenie loga

Ciagle klopoty z komputerem, prosze o sprawdzenie loga

Re: Ciagle klopoty z komputerem, prosze o sprawdzenie loga

Re: Ciagle klopoty z komputerem, prosze o sprawdzenie loga

Re: Ciagle klopoty z komputerem, prosze o sprawdzenie loga

Re: Ciagle klopoty z komputerem, prosze o sprawdzenie loga

Re: Ciagle klopoty z komputerem, prosze o sprawdzenie loga

Re: Ciagle klopoty z komputerem, prosze o sprawdzenie loga

Re: Ciagle klopoty z komputerem, prosze o sprawdzenie loga

Re: Ciagle klopoty z komputerem, prosze o sprawdzenie loga

Kto jest na forum