x-kom hosting

hpfsched, pliki exe - wybierz program z listy

Mateoz555
utworzono
utworzono

Witam
Trochę namieszałem próbując naprawić ten błąd ale moze jeszcze da się coś zrobić pomijając format.

Tydzień temu avast wykrywał mi co chwilę Rootkita, było już poruszane to na tym forum ale nie to jest problemem. Przywróciłem o dzień system i działało.

Nie wiem czy to co jest teraz, ma z tym rootkitem powiązanie ale sprawa wygląda następująco. Gdy włączam kompa programy autostartu się nie włączały i wyskakiwał błąd :[b]hpfsched nie można odczytać aplikacji[/b], a potem [b]NIe mozna załadować lub uruchomić podanego w rejestrze pliku hpfsched[/b] . Upewnij sie ze plik istnieje na tym komputerze lub usuń z rejestru odwołanie do niego. W konsekwencji każdy plik exe się nie włącza lecz pojawia sie wybierz program z listy. No to np. firefox to wybierał firefox z listy i ledwo dziła, na tyle bym mógł napisać na tym forum o problemie.

Moje działania niektóre nawet trochę namieszały :
1. Przywracanie systemu każe wybierac program z listy więc przywróciłem w awaryjnym przez konsolę, 3 razy - nie pomogło
2. Z jakiejś strony znalazłem program HPFSCHED Removal Tool , na wywlekało plików związanych z tym hpfsched i miało to naprawić tyle ze jak zapłacisz 49 $- odpada
3. Mam avasta, puściłem skanowanie , znalazło ze 30 wirusów większość w folderze C:/ Windows
4. Szukałem w necie nic na polskich stronach na hpfsched nie ma.
5. Wszedłem w Windows i znalazłem te pliki hpfsched nie wiem czy te pliki nie są z drukarką związane to z kąd się wzięły w folderze WINDOWS? I tu moja chyba niepotrzebna reakcja. Wywaliłem te pliki hpfsched i nic nie dało tylko jak włączam to wyskakuje że nie można odnaleźć tego pliku, a z tymi exe i programami z autostartu nic sie nie zmieniło.

Co można zrobić na tym etapie? Podać log z którego można by coś usunąć? Czy pozostaje tylko format?
Napisałem w tym temacie bo może będą musiał podać log.

Z góry dzięki za odpowiedź, Mateoz555.

Psycholandia
komentarz
komentarz

Daj loga z OTL: http://www.forumpc.pl/index.php?showtopic=104338

Mateoz555
komentarz
komentarz

Oto log OTL:

[log]
OTL logfile created on: 2010-03-20 16:50:58 - Run 2
OTL by OldTimer - Version 3.1.37.3 Folder = C:\
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 88,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 99,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 4,68 Gb Free Space | 15,98% Space Free | Partition Type: NTFS
Drive D: | 45,26 Gb Total Space | 6,91 Gb Free Space | 15,28% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 65,00 Gb Total Space | 57,02 Gb Free Space | 87,73% Space Free | Partition Type: NTFS
Drive H: | 100,00 Gb Total Space | 88,39 Gb Free Space | 88,39% Space Free | Partition Type: NTFS
Drive I: | 100,00 Gb Total Space | 22,36 Gb Free Space | 22,36% Space Free | Partition Type: NTFS

Computer Name: MATEUSZ
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: SafeMode
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-03-20 16:33:51 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 22:51:32 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\notepad.exe
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:10 | 000,422,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-03-20 16:33:51 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 09:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-04-15 15:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-25 19:08:24 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 11:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-06-17 20:03:15 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime
MOD - [2008-04-14 22:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2006-05-03 21:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-12-26 13:30:43 | 000,072,704 | ---- | M] (Autodesk) [Auto | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2009-11-25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009-11-25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009-11-25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009-11-25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009-11-04 18:46:55 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007-05-28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2007-04-27 06:40:00 | 000,206,400 | ---- | M] (SafeNet, Inc) [Auto | Stopped] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe -- (SentinelProtectionServer)
SRV - [2007-04-27 00:00:04 | 000,316,992 | ---- | M] (SafeNet, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe -- (SentinelKeysServer)
SRV - [2006-09-29 12:48:06 | 000,065,536 | ---- | M] () [Auto | Stopped] -- G:\Programy\3DS MAX9\mentalray\satellite\raysat_3dsmax9_32server.exe -- (mi-raysat_3dsmax9_32) mental ray 3.5 Satellite (32-bit)
SRV - [2004-08-23 12:49:56 | 000,040,960 | ---- | M] (France Telecom) [Auto | Stopped] -- C:\WINDOWS\system32\FTRTSVC.exe -- (FTRTSVC)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-11-25 00:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009-11-25 00:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009-11-25 00:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009-11-25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009-11-25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009-11-25 00:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009-10-12 08:41:42 | 000,032,960 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxMouse.sys -- (VBoxMouse)
DRV - [2009-10-07 10:03:04 | 000,094,992 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2009-10-07 10:03:04 | 000,041,424 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2009-10-07 10:02:58 | 000,115,856 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2009-10-07 10:02:40 | 000,103,568 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2009-02-09 13:18:00 | 006,307,328 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009-01-03 11:19:50 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\SVKP.sys -- (SVKP)
DRV - [2008-12-14 18:05:22 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008-12-04 17:59:11 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008-05-24 15:37:49 | 000,223,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2008-05-22 16:14:19 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2008-02-14 16:04:06 | 004,676,096 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-04-27 06:40:00 | 000,090,688 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS -- (Sentinel)
DRV - [2006-07-24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006-05-25 18:28:44 | 000,684,265 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb)
DRV - [2005-12-22 11:24:52 | 000,137,884 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2005-12-22 11:24:52 | 000,010,864 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005-12-22 11:24:50 | 000,080,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2005-11-03 15:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005-08-10 13:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005-05-16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005-01-07 16:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2005-01-07 16:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004-11-18 10:49:14 | 000,045,534 | ---- | M] (EUTRON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\eusk3usb.sys -- (eusk3usb)
DRV - [2004-11-18 10:49:14 | 000,024,786 | ---- | M] (EUTRON) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\eusk2par.sys -- (eusk2par)
DRV - [2004-06-17 10:15:56 | 000,004,736 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\DV3.sys -- (GAFilter)
DRV - [2003-08-12 17:51:00 | 000,060,255 | R--- | M] (STMicroelectronics ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm)
DRV - [2003-08-04 12:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-602162358-1303643608-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-02-20 15:33:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-02-19 21:33:56 | 000,000,000 | ---D | M]

[2010-03-19 21:28:53 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-10-14 18:36:14 | 000,027,648 | ---- | M] (Ivo Software Sp. z o.o.) -- C:\Program Files\Mozilla Firefox\components\IvonaFirefoxToolbar.dll
[2009-06-01 12:22:18 | 000,874,008 | ---- | M] (ParallelGraphics) -- C:\Program Files\Mozilla Firefox\plugins\npCortona.dll
[2008-06-18 14:26:47 | 000,024,576 | ---- | M] (My Global Search) -- C:\Program Files\Mozilla Firefox\plugins\NPMyGlSh.dll
[2010-01-09 20:42:44 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-01-09 20:42:44 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-01-09 20:42:44 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-01-09 20:42:44 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-01-09 20:42:44 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-01-09 20:42:44 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2003-04-16 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (My Global Search Bar BHO) - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files\IVONA\IVONA Reader\integr\IR_iexplorer2.dll (IVO Software Sp. z o.o.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Mati\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)
O3 - HKLM\..\Toolbar: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files\IVONA\IVONA Reader\integr\IR_iexplorer2.dll (IVO Software Sp. z o.o.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [ActiveSMART] C:\Program Files\Active SMART USB\ActiveSMART.exe File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdslTaskBar] C:\WINDOWS\System32\stmctrl.dll (STMicroelectronics )
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe File not found
O4 - HKLM..\Run: [WOOWATCH] C:\Program Files\Neostrada TP\Watch.exe (France Télécom R&D)
O4 - HKU\S-1-5-21-602162358-1303643608-725345543-500..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe (Nero AG)
O4 - Startup: C:\Documents and Settings\Mati\Menu Start\Programy\Autostart\RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-602162358-1303643608-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {A903E5AB-C67E-40FB-94F1-E1305982F6E0} http://www.fbhost-tv.com/UKooPlayer.ocx (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: UseAlternatShell - 1
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008-05-22 17:27:31 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-03-20 16:47:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.MATEUSZ.005\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-03-20 16:47:46 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator.MATEUSZ.005\Dane aplikacji\Microsoft
[2010-03-20 16:47:46 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.MATEUSZ.005\SendTo
[2010-03-20 16:47:46 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.MATEUSZ.005\Dane aplikacji
[2010-03-20 16:47:46 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.MATEUSZ.005\Menu Start
[2010-03-20 16:47:46 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator.MATEUSZ.005\Cookies
[2010-03-20 16:47:46 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.MATEUSZ.005\Szablony
[2010-03-20 16:47:46 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.MATEUSZ.005\Recent
[2010-03-20 16:47:46 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.MATEUSZ.005\PrintHood
[2010-03-20 16:47:46 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.MATEUSZ.005\NetHood
[2010-03-20 16:47:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.MATEUSZ.005\Ulubione
[2010-03-20 16:47:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.MATEUSZ.005\Pulpit
[2010-03-20 16:47:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.MATEUSZ.005\Moje dokumenty
[2010-03-20 16:47:45 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.MATEUSZ.005\Ustawienia lokalne
[2010-03-20 16:44:14 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\OTL.exe
[2010-03-19 19:26:15 | 000,356,352 | ---- | C] (eSellerate Inc.) -- C:\WINDOWS\eSellerateEngine.dll
[2010-03-19 19:26:15 | 000,081,920 | ---- | C] (eSellerate Inc.) -- C:\WINDOWS\eSellerateControl350.dll
[2010-03-19 19:26:13 | 000,000,000 | ---D | C] -- C:\Program Files\Hpfsched Removal Tool
[2010-03-18 06:22:51 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2010-03-18 06:22:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-02-11 19:13:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010-01-30 16:27:40 | 000,000,000 | ---D | C] -- C:\Program Files\3D-Retro
[2009-04-04 08:26:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
[2008-05-22 15:42:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2008-05-22 15:39:27 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within (All) ==========[/color]

[2010-03-20 16:47:47 | 000,262,144 | -H-- | M] () -- C:\Documents and Settings\Administrator.MATEUSZ.005\NTUSER.DAT
[2010-03-20 16:47:47 | 000,000,020 | -HS- | M] () -- C:\Documents and Settings\Administrator.MATEUSZ.005\ntuser.ini
[2010-03-20 16:47:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-03-20 16:43:52 | 000,000,451 | ---- | M] () -- C:\notepad.exe
[2010-03-20 16:33:51 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
[2010-03-20 16:06:22 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\SDMsgUpdate (TE).job
[2010-03-20 16:04:03 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-03-19 18:36:18 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-03-18 06:22:29 | 000,011,382 | -HS- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\hfJ5Mio0m8B0g
[2010-03-18 06:20:24 | 000,070,672 | ---- | M] () -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT
[2010-03-17 20:04:43 | 000,010,458 | -HS- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\6JQ57
[2010-03-17 18:31:06 | 000,211,251 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-03-13 16:13:33 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-03-09 22:27:00 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-03-01 21:01:26 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt
[2010-02-11 08:11:22 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-01-26 14:01:12 | 000,356,352 | ---- | M] (eSellerate Inc.) -- C:\WINDOWS\eSellerateEngine.dll
[2010-01-26 14:01:12 | 000,081,920 | ---- | M] (eSellerate Inc.) -- C:\WINDOWS\eSellerateControl350.dll
[2010-01-21 20:18:14 | 000,001,182 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-01-07 18:27:35 | 000,006,670 | ---- | M] () -- C:\WINDOWS\System32\ealregsnapshot1.reg
[2010-01-02 17:46:34 | 000,000,047 | ---- | M] () -- C:\WINDOWS\.snk
[2010-01-02 17:46:34 | 000,000,046 | ---- | M] () -- C:\WINDOWS\.pod
[2009-12-26 13:29:33 | 000,007,374 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\services
[2009-12-22 22:51:06 | 000,022,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-12-22 22:50:59 | 000,103,736 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009-12-17 19:35:56 | 000,000,092 | ---- | M] () -- C:\WINDOWS\mp3wavcon.ini
[2009-12-17 19:35:56 | 000,000,005 | ---- | M] () -- C:\WINDOWS\System32\SySmp3con.dat
[2009-12-13 21:49:24 | 000,066,872 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009-11-29 18:20:55 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009-11-27 13:05:03 | 001,563,896 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-11-25 09:59:43 | 001,106,388 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009-11-25 09:59:43 | 000,496,894 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2009-11-25 09:59:43 | 000,438,214 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009-11-25 09:59:43 | 000,086,846 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2009-11-25 09:59:43 | 000,069,678 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009-11-25 00:54:29 | 001,280,480 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009-11-25 00:51:09 | 000,093,424 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009-11-25 00:50:59 | 000,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009-11-25 00:50:12 | 000,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009-11-25 00:50:00 | 000,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009-11-25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009-11-25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009-11-25 00:47:54 | 000,027,408 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009-11-25 00:47:28 | 000,097,480 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009-11-21 17:03:37 | 001,206,508 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009-11-19 19:28:09 | 000,682,280 | ---- | M] () -- C:\WINDOWS\System32\pbsvc.exe
[2009-11-08 17:43:35 | 000,000,400 | ---- | M] () -- C:\WINDOWS\System32\drivers\eaxext_244.set
[2009-11-08 17:43:35 | 000,000,400 | ---- | M] () -- C:\WINDOWS\System32\drivers\bcompbg792.dat
[2009-11-06 10:58:04 | 000,178,975 | ---- | M] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009-10-28 19:06:57 | 000,000,022 | ---- | M] () -- C:\WINDOWS\SHAREMEM.INI
[2009-10-28 18:58:18 | 000,000,031 | ---- | M] () -- C:\WINDOWS\System32\HPFlmn16.ini
[2009-10-21 19:43:43 | 000,000,033 | ---- | M] () -- C:\WINDOWS\Multimedia manager.INI
[2009-10-19 16:51:51 | 000,002,849 | ---- | M] () -- C:\WINDOWS\stsetup.htm
[2009-10-17 22:08:42 | 000,000,012 | ---- | M] () -- C:\WINDOWS\dirsaver.ini
[2009-10-12 08:41:14 | 000,196,608 | ---- | M] () -- C:\WINDOWS\System32\VBoxD3D9.dll
[2009-10-12 08:41:14 | 000,188,416 | ---- | M] () -- C:\WINDOWS\System32\VBoxD3D8.dll
[2009-10-12 08:40:34 | 001,372,160 | ---- | M] () -- C:\WINDOWS\System32\libWine.dll
[2009-10-12 08:40:34 | 000,831,488 | ---- | M] () -- C:\WINDOWS\System32\wined3d.dll
[2009-09-24 06:50:10 | 000,000,545 | ---- | M] () -- C:\WINDOWS\UC.PIF
[2009-09-24 06:50:10 | 000,000,545 | ---- | M] () -- C:\WINDOWS\RAR.PIF
[2009-09-24 06:50:10 | 000,000,545 | ---- | M] () -- C:\WINDOWS\PKZIP.PIF
[2009-09-24 06:50:10 | 000,000,545 | ---- | M] () -- C:\WINDOWS\PKUNZIP.PIF
[2009-09-24 06:50:10 | 000,000,545 | ---- | M] () -- C:\WINDOWS\NOCLOSE.PIF
[2009-09-24 06:50:10 | 000,000,545 | ---- | M] () -- C:\WINDOWS\LHA.PIF
[2009-09-24 06:50:10 | 000,000,545 | ---- | M] () -- C:\WINDOWS\ARJ.PIF
[2009-09-18 21:03:19 | 000,189,744 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2009-08-20 10:23:49 | 000,037,632 | ---- | M] () -- C:\WINDOWS\DPUNIN20.EXE
[2009-06-22 12:31:24 | 000,444,952 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2009-06-22 12:31:24 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2009-04-18 20:25:08 | 000,000,382 | ---- | M] () -- C:\WINDOWS\tasks\NSSstub.job
[2009-03-31 17:56:52 | 000,000,067 | ---- | M] () -- C:\WINDOWS\kontakt.ini
[2009-03-18 07:01:10 | 000,110,646 | ---- | M] () -- C:\WINDOWS\System32\vistartup.bmp
[2009-03-17 09:38:00 | 000,070,656 | RHS- | M] () -- C:\WINDOWS\System32\RLAPEDec.ax
[2009-02-28 18:05:01 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\sx.inf
[2009-02-25 19:08:24 | 000,072,074 | ---- | M] () -- C:\WINDOWS\BricoPackUninst.cmd
[2009-02-25 19:08:24 | 000,005,415 | ---- | M] () -- C:\WINDOWS\BricoPackFoldersDelete.cmd
[2009-02-25 19:08:17 | 003,888,054 | ---- | M] () -- C:\WINDOWS\BricoPack Wallpaper.bmp
[2009-02-25 18:36:10 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2009-02-09 13:18:00 | 001,724,416 | ---- | M] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009-02-09 13:18:00 | 001,657,376 | ---- | M] () -- C:\WINDOWS\System32\nwiz.exe
[2009-02-09 13:18:00 | 001,507,328 | ---- | M] () -- C:\WINDOWS\System32\nview.dll
[2009-02-09 13:18:00 | 001,346,080 | ---- | M] () -- C:\WINDOWS\System32\nvdspsch.exe
[2009-02-09 13:18:00 | 001,101,824 | ---- | M] () -- C:\WINDOWS\System32\nvwimg.dll
[2009-02-09 13:18:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\System32\nvshell.dll
[2009-02-09 13:18:00 | 000,449,056 | ---- | M] () -- C:\WINDOWS\System32\nvappbar.exe
[2009-02-09 13:18:00 | 000,436,768 | ---- | M] () -- C:\WINDOWS\System32\keystone.exe
[2009-02-09 13:18:00 | 000,073,728 | ---- | M] () -- C:\WINDOWS\System32\nvtuicpl.cpl
[2009-02-09 13:18:00 | 000,018,795 | ---- | M] () -- C:\WINDOWS\System32\nvdisp.nvu
[2009-01-18 16:15:14 | 000,120,832 | RHS- | M] () -- C:\WINDOWS\System32\MPCDx.ax
[2009-01-18 11:03:40 | 000,107,520 | RHS- | M] () -- C:\WINDOWS\System32\RLMPCDec.ax
[2009-01-09 20:19:31 | 001,089,883 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2009-01-03 11:19:50 | 000,002,368 | ---- | M] (AntiCracking) -- C:\WINDOWS\System32\SVKP.sys
[2009-01-02 17:01:44 | 000,000,024 | ---- | M] () -- C:\url_history.xml
[2008-12-14 18:05:22 | 000,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\hamachi.sys
[2008-12-04 17:59:11 | 000,717,296 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008-10-18 10:18:26 | 000,000,010 | ---- | M] () -- C:\WINDOWS\System32\810429tv4-test.jun
[2008-10-07 09:13:30 | 000,197,912 | ---- | M] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 09:13:22 | 000,058,648 | ---- | M] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | M] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | M] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | M] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | M] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | M] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | M] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | M] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | M] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008-10-05 16:07:40 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2008-09-29 18:39:12 | 000,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008-09-29 17:35:45 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Irremote.ini
[2008-09-19 19:17:11 | 000,016,384 | ---- | M] () -- C:\Program Files\uik.dat
[2008-09-19 19:16:22 | 000,000,004 | ---- | M] () -- C:\Program Files\is.dat
[2008-09-06 11:00:00 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2008-09-03 04:32:22 | 004,912,113 | ---- | M] () -- C:\WINDOWS\System32\jcodec.dll
[2008-09-03 04:32:22 | 000,018,181 | ---- | M] () -- C:\WINDOWS\System32\jcodecsh.dll
[2008-08-29 17:09:02 | 000,000,000 | ---- | M] () -- C:\WINDOWS\galaxy.ini
[2008-08-22 16:04:44 | 000,004,060 | ---- | M] () -- C:\WINDOWS\unins000.dat
[2008-08-01 14:09:54 | 001,001,434 | ---- | M] (Goldshell Digital Media) -- C:\WINDOWS\chundate.scr
[2008-05-24 18:14:35 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2008-05-24 18:14:35 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2008-05-24 17:15:01 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2008-05-24 17:10:50 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2008-05-24 17:07:28 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-05-24 15:37:49 | 000,223,128 | ---- | M] () -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2008-05-24 12:41:05 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008-05-23 13:25:27 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2008-05-23 08:48:41 | 000,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2008-05-22 17:45:41 | 000,081,984 | ---- | M] () -- C:\WINDOWS\System32\bdod.bin
[2008-05-22 17:09:11 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2008-05-22 17:09:11 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2008-05-22 16:39:10 | 000,000,421 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2008-05-22 16:32:13 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2008-05-22 16:06:15 | 000,001,160 | ---- | M] () -- C:\WINDOWS\mozver.dat
[2008-05-22 15:59:52 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2008-05-22 15:57:23 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2008-05-22 15:40:58 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2008-05-22 15:39:41 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008-05-22 15:39:41 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008-05-22 15:39:41 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2008-05-22 15:39:40 | 000,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2008-05-22 15:39:34 | 000,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2008-05-22 15:39:02 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2008-05-22 15:39:02 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2008-05-22 15:38:58 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2008-05-22 15:38:58 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2008-05-22 15:38:58 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2008-05-22 15:38:58 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2008-05-22 15:38:58 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2008-05-22 15:38:58 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2008-05-22 15:37:25 | 000,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008-05-22 15:37:15 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2008-05-22 15:37:15 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2008-05-03 04:46:00 | 000,217,076 | ---- | M] () -- C:\WINDOWS\System32\nvdspsky.chm
[2008-05-03 04:46:00 | 000,214,210 | ---- | M] () -- C:\WINDOWS\System32\nvdsprus.chm
[2008-05-03 04:46:00 | 000,206,105 | ---- | M] () -- C:\WINDOWS\System32\nvdspslv.chm
[2008-05-03 04:46:00 | 000,195,910 | ---- | M] () -- C:\WINDOWS\System32\nvdspsve.chm
[2008-05-03 04:46:00 | 000,129,499 | ---- | M] () -- C:\WINDOWS\System32\nv3dsky.chm
[2008-05-03 04:46:00 | 000,128,913 | ---- | M] () -- C:\WINDOWS\System32\nv3dslv.chm
[2008-05-03 04:46:00 | 000,126,976 | ---- | M] () -- C:\WINDOWS\System32\nv3drus.chm
[2008-05-03 04:46:00 | 000,126,105 | ---- | M] () -- C:\WINDOWS\System32\nvcplsky.chm
[2008-05-03 04:46:00 | 000,125,181 | ---- | M] () -- C:\WINDOWS\System32\nvcplrus.chm
[2008-05-03 04:46:00 | 000,124,964 | ---- | M] () -- C:\WINDOWS\System32\nvcplslv.chm
[2008-05-03 04:46:00 | 000,122,675 | ---- | M] () -- C:\WINDOWS\System32\nvcplsve.chm
[2008-05-03 04:46:00 | 000,118,734 | ---- | M] () -- C:\WINDOWS\System32\nv3dsve.chm
[2008-05-03 04:46:00 | 000,057,545 | ---- | M] () -- C:\WINDOWS\System32\nvmobsky.chm
[2008-05-03 04:46:00 | 000,057,380 | ---- | M] () -- C:\WINDOWS\System32\nvmobslv.chm
[2008-05-03 04:46:00 | 000,057,339 | ---- | M] () -- C:\WINDOWS\System32\nvmobrus.chm
[2008-05-03 04:46:00 | 000,055,693 | ---- | M] () -- C:\WINDOWS\System32\nvmobsve.chm
[2008-04-14 23:16:20 | 000,001,804 | ---- | M] () -- C:\WINDOWS\System32\dcache.bin
[2008-04-14 22:51:54 | 000,148,992 | ---- | M] () -- C:\WINDOWS\System32\mpg2splt.ax
[2008-04-14 22:51:54 | 000,118,272 | ---- | M] () -- C:\WINDOWS\System32\mpeg2data.ax
[2008-04-14 22:51:54 | 000,056,832 | ---- | M] () -- C:\WINDOWS\System32\msdvbnp.ax
[2008-04-14 22:51:54 | 000,033,280 | ---- | M] () -- C:\WINDOWS\System32\psisrndr.ax
[2008-04-14 22:50:58 | 000,050,688 | ---- | M] (Grupa robocza Twain) -- C:\WINDOWS\twain_32.dll
[2008-04-14 22:50:46 | 000,363,520 | ---- | M] () -- C:\WINDOWS\System32\psisdecd.dll
[2008-04-14 22:50:46 | 000,270,848 | ---- | M] () -- C:\WINDOWS\System32\sbe.dll
[2008-04-14 22:50:38 | 000,014,336 | ---- | M] () -- C:\WINDOWS\System32\msdmo.dll
[2008-04-14 22:50:32 | 000,186,880 | ---- | M] () -- C:\WINDOWS\System32\encdec.dll
[2008-04-14 22:50:14 | 000,253,440 | ---- | M] () -- C:\WINDOWS\System32\compatui.dll
[2008-04-14 22:50:00 | 000,070,656 | ---- | M] () -- C:\WINDOWS\System32\amstream.dll
[2008-04-14 22:47:18 | 000,175,104 | ---- | M] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2008-04-14 22:36:28 | 013,463,552 | ---- | M] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2008-04-14 22:31:12 | 000,173,568 | ---- | M] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2008-04-14 22:05:32 | 000,002,524 | ---- | M] () -- C:\WINDOWS\System32\pid.inf
[2008-04-13 22:56:10 | 000,004,310 | ---- | M] () -- C:\WINDOWS\System32\odbcconf.rsp
[2008-04-13 22:51:34 | 000,733,696 | ---- | M] () -- C:\WINDOWS\System32\qedwipes.dll
[2008-03-25 05:50:40 | 000,355,112 | ---- | M] () -- C:\WINDOWS\System32\msjetoledb40.dll
[2008-03-25 05:50:40 | 000,355,112 | ---- | M] () -- C:\WINDOWS\System32\dllcache\msjetol1.dll
[2008-03-16 13:30:52 | 000,216,064 | RHS- | M] (MONOGRAM Multimedia, s.r.o.) -- C:\WINDOWS\System32\nbDX.dll
[2008-02-29 14:40:00 | 000,265,948 | ---- | M] () -- C:\WINDOWS\System32\locale.nls
[2008-02-28 12:01:24 | 000,774,144 | ---- | M] () -- C:\WINDOWS\System32\NEROINSTAEC43759.DB
[2007-11-22 15:00:56 | 000,483,328 | ---- | M] (SoftShape Development) -- C:\WINDOWS\System32\actskn45.ocx
[2007-11-14 14:18:40 | 000,000,553 | ---- | M] () -- C:\WINDOWS\USetup.iss
[2007-08-13 17:06:32 | 000,056,700 | ---- | M] () -- C:\WINDOWS\System32\ieuinit.inf
[2007-05-17 16:30:48 | 000,318,976 | ---- | M] (The Public) -- C:\WINDOWS\System32\avisynth.dll
[2007-04-27 06:40:00 | 000,090,688 | ---- | M] (SafeNet, Inc.) -- C:\WINDOWS\System32\drivers\sentinel.sys
[2007-04-27 06:40:00 | 000,051,776 | ---- | M] (Rainbow Technologies, Inc.) -- C:\WINDOWS\System32\snti386.dll
[2007-04-27 06:40:00 | 000,044,287 | ---- | M] () -- C:\WINDOWS\System32\sentinel.chm
[2007-04-27 06:40:00 | 000,024,128 | ---- | M] (SafeNet, Inc.) -- C:\WINDOWS\System32\rnbovdd.dll
[2007-04-12 14:19:50 | 000,129,024 | ---- | M] () -- C:\WINDOWS\System32\AVERM.dll
[2007-02-21 11:47:16 | 000,031,232 | RHS- | M] (Hans Mayerl) -- C:\WINDOWS\System32\msfDX.dll
[2006-12-29 23:38:32 | 000,023,044 | ---- | M] () -- C:\WINDOWS\System32\sorttbls.nls
[2006-12-19 09:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\WINDOWS\System32\IoctlSvc.exe
[2006-09-12 11:46:24 | 000,227,328 | RHS- | M] () -- C:\WINDOWS\System32\ac3DX.ax
[2006-09-01 07:44:04 | 000,008,798 | ---- | M] () -- C:\WINDOWS\System32\icrav03.rat
[2006-09-01 07:44:04 | 000,001,988 | ---- | M] () -- C:\WINDOWS\System32\ticrf.rat
[2006-08-16 14:53:32 | 000,175,104 | RHS- | M] () -- C:\WINDOWS\System32\CoreAAC.ax
[2006-08-01 14:02:32 | 000,049,152 | ---- | M] () -- C:\WINDOWS\System32\ChCfg.exe
[2006-07-24 15:05:00 | 000,005,632 | ---- | M] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2006-06-20 09:56:42 | 000,225,280 | ---- | M] (Propellerhead Software AB) -- C:\WINDOWS\System32\rewire.dll
[2006-06-08 11:06:50 | 000,066,384 | ---- | M] () -- C:\WINDOWS\System32\normnfkc.nls
[2006-06-08 11:06:50 | 000,060,294 | ---- | M] () -- C:\WINDOWS\System32\normnfkd.nls
[2006-06-08 11:06:50 | 000,059,342 | ---- | M] () -- C:\WINDOWS\System32\normidna.nls
[2006-06-08 11:06:50 | 000,045,794 | ---- | M] () -- C:\WINDOWS\System32\normnfc.nls
[2006-06-08 11:06:50 | 000,039,284 | ---- | M] () -- C:\WINDOWS\System32\normnfd.nls
[2006-06-08 00:17:20 | 000,000,902 | R--- | M] () -- C:\WINDOWS\System32\setup.ini
[2006-06-07 17:04:02 | 000,446,464 | R--- | M] (STMicroelectronics ) -- C:\WINDOWS\System32\stmadsl.cpl
[2006-06-06 18:20:26 | 000,102,400 | R--- | M] (STMicroelectronics ) -- C:\WINDOWS\stmtrace.exe
[2006-06-02 21:38:00 | 000,425,984 | R--- | M] (STMicroelectronics ) -- C:\WINDOWS\System32\stmcfg32.dll
[2006-06-02 14:01:34 | 000,151,552 | R--- | M] (STMicroelectronics ) -- C:\WINDOWS\System32\stmctrl.dll
[2006-05-25 18:28:44 | 000,684,265 | R--- | M] () -- C:\WINDOWS\System32\drivers\torususb.sys
[2006-05-04 15:26:36 | 002,808,832 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2006-05-03 10:06:54 | 000,163,328 | RHS- | M] (Gabest) -- C:\WINDOWS\System32\flvDX.dll
[2006-03-17 14:49:46 | 000,368,640 | ---- | M] (Pegasus Imaging Corporation) -- C:\WINDOWS\System32\TwnLib4.dll
[2006-03-17 11:45:54 | 000,802,816 | ---- | M] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\imagXRA7.dll
[2006-03-17 11:45:54 | 000,497,296 | ---- | M] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\imagXpr7.dll
[2006-03-17 11:45:54 | 000,258,048 | ---- | M] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\imagXR7.dll
[2006-03-17 11:45:52 | 001,757,184 | ---- | M] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\imagX7.dll
[2006-03-10 21:48:48 | 000,169,472 | RHS- | M] (Gabest) -- C:\WINDOWS\System32\MatroskaDX.ax
[2006-01-12 23:23:26 | 000,123,904 | RHS- | M] (CoreCodec) -- C:\WINDOWS\System32\AVCDX.ax
[2006-01-04 19:40:44 | 000,018,498 | R--- | M] () -- C:\WINDOWS\System32\CSALogo.bmp
[2005-12-22 11:24:54 | 000,011,188 | ---- | M] (MCCI) -- C:\WINDOWS\System32\drivers\sscdwhnt.sys
[2005-12-22 11:24:54 | 000,011,188 | ---- | M] (MCCI) -- C:\WINDOWS\System32\drivers\sscdwh.sys
[2005-12-22 11:24:52 | 000,137,884 | ---- | M] (MCCI) -- C:\WINDOWS\System32\drivers\sscdmdm.sys
[2005-12-22 11:24:52 | 000,011,877 | ---- | M] (MCCI) -- C:\WINDOWS\System32\drivers\sscdcmnt.sys
[2005-12-22 11:24:52 | 000,011,877 | ---- | M] (MCCI) -- C:\WINDOWS\System32\drivers\sscdcm.sys
[2005-12-22 11:24:52 | 000,010,864 | ---- | M] (MCCI) -- C:\WINDOWS\System32\drivers\sscdmdfl.sys
[2005-12-22 11:24:50 | 000,080,272 | ---- | M] (MCCI) -- C:\WINDOWS\System32\drivers\sscdbus.sys
[2005-11-25 20:46:34 | 000,161,792 | RHS- | M] (Gabest) -- C:\WINDOWS\System32\RealMediaDX.ax
[2005-11-03 15:40:07 | 000,063,488 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfvfs02.sys
[2005-10-06 13:55:22 | 000,036,864 | ---- | M] (France Télécom R&D) -- C:\WINDOWS\System32\IfHelper.dll
[2005-09-15 13:35:46 | 000,000,050 | ---- | M] () -- C:\WINDOWS\UNNeroMediaHome.cfg
[2005-09-07 14:40:44 | 000,335,872 | ---- | M] () -- C:\WINDOWS\Property.exe
[2005-08-30 20:37:52 | 000,000,050 | ---- | M] () -- C:\WINDOWS\UNNeroVision.cfg
[2005-08-30 20:37:04 | 000,000,050 | ---- | M] () -- C:\WINDOWS\UNNeroShowTime.cfg
[2005-08-30 20:36:38 | 000,000,050 | ---- | M] () -- C:\WINDOWS\UNRecode.cfg
[2005-08-30 20:33:38 | 000,000,050 | ---- | M] () -- C:\WINDOWS\UNNeroBackItUp.cfg
[2005-08-29 11:58:40 | 000,291,840 | ---- | M] () -- C:\WINDOWS\FCVAP64.dll
[2005-08-28 19:51:42 | 000,000,766 | ---- | M] () -- C:\WINDOWS\System32\Uninstall.ico
[2005-08-27 21:19:56 | 000,145,408 | ---- | M] () -- C:\WINDOWS\setreg.exe
[2005-08-27 15:34:46 | 000,155,712 | ---- | M] () -- C:\WINDOWS\GetWinVer.exe
[2005-08-16 16:04:52 | 000,086,016 | ---- | M] () -- C:\WINDOWS\EZFRD64.dll
[2005-08-10 13:44:04 | 000,050,688 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfdrv01.sys
[2005-07-14 11:31:20 | 000,027,648 | ---- | M] () -- C:\WINDOWS\System32\AVSredirect.dll
[2005-07-07 20:52:18 | 000,000,161 | R--- | M] () -- C:\WINDOWS\DSLSetup.ini
[2005-07-07 20:02:26 | 000,065,536 | R--- | M] (STMicroelectronics) -- C:\WINDOWS\DSLTest.exe
[2005-06-18 16:00:52 | 000,193,024 | ---- | M] (Eq2K) -- C:\WINDOWS\System32\AKRipAX.dll
[2005-06-18 16:00:52 | 000,070,018 | ---- | M] () -- C:\WINDOWS\System32\akrip32.dll
[2005-05-16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfhlp02.sys
[2005-04-06 23:24:32 | 000,036,352 | ---- | M] (Open Source Software community project) -- C:\WINDOWS\System32\pthreadGC1.dll
[2005-02-22 16:55:02 | 000,081,920 | RHS- | M] () -- C:\WINDOWS\System32\aac_parser.ax
[2005-02-12 23:00:00 | 000,186,880 | RHS- | M] (RadLight) -- C:\WINDOWS\System32\RLOgg.ax
[2005-02-12 23:00:00 | 000,067,584 | RHS- | M] (RadLight, LLC) -- C:\WINDOWS\System32\RLTheoraDec.ax
[2005-02-12 23:00:00 | 000,051,712 | RHS- | M] () -- C:\WINDOWS\System32\RLSpeexDec.ax
[2005-02-05 23:00:00 | 000,092,672 | RHS- | M] (RadLight) -- C:\WINDOWS\System32\RLVorbisDec.ax
[2005-01-17 23:26:36 | 000,179,200 | RHS- | M] (Gabest) -- C:\WINDOWS\System32\DiracSplitter.ax
[2004-11-18 10:49:16 | 000,045,277 | ---- | M] (EUTRON) -- C:\WINDOWS\System32\drivers\skeyusb.sys
[2004-11-18 10:49:14 | 000,045,534 | ---- | M] (EUTRON) -- C:\WINDOWS\System32\drivers\eusk3usb.sys
[2004-11-18 10:49:14 | 000,024,786 | ---- | M] (EUTRON) -- C:\WINDOWS\System32\drivers\eusk2par.sys
[2004-09-17 03:07:32 | 000,090,112 | RHS- | M] (-) -- C:\WINDOWS\System32\TTADSSplitter.ax
[2004-08-23 12:50:02 | 000,032,768 | ---- | M] (France Télécom R&D) -- C:\WINDOWS\System32\WooDial2000.dll
[2004-08-23 12:49:56 | 000,040,960 | ---- | M] (France Telecom) -- C:\WINDOWS\System32\FTRTSVC.exe
[2004-08-22 10:56:06 | 000,090,112 | RHS- | M] (-) -- C:\WINDOWS\System32\TTADSDecoder.ax
[2004-08-03 21:51:32 | 000,053,920 | ---- | M] () -- C:\WINDOWS\System32\dosx.exe
[2004-08-03 21:48:52 | 000,003,346 | ---- | M] () -- C:\WINDOWS\System32\redir.exe
[2004-08-03 21:45:34 | 000,033,936 | ---- | M] () -- C:\WINDOWS\System32\ntio.sys
[2004-08-03 21:45:16 | 000,035,424 | ---- | M] () -- C:\WINDOWS\System32\ntio412.sys
[2004-08-03 21:45:16 | 000,034,560 | ---- | M] () -- C:\WINDOWS\System32\ntio404.sys
[2004-08-03 21:45:14 | 000,034,560 | ---- | M] () -- C:\WINDOWS\System32\ntio804.sys
[2004-08-03 21:45:12 | 000,035,648 | ---- | M] () -- C:\WINDOWS\System32\ntio411.sys
[2004-08-03 21:31:58 | 000,196,665 | ---- | M] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2004-08-03 21:31:50 | 000,059,392 | ---- | M] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2004-08-02 13:20:40 | 000,007,208 | ---- | M] () -- C:\WINDOWS\System32\secupd.sig
[2004-08-02 13:20:40 | 000,004,569 | ---- | M] () -- C:\WINDOWS\System32\secupd.dat
[2004-07-27 21:18:00 | 000,036,864 | R--- | M] () -- C:\WINDOWS\System32\stmclean.exe
[2004-07-17 21:55:24 | 000,129,045 | ---- | M] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2004-07-17 10:46:14 | 000,053,478 | ---- | M] () -- C:\WINDOWS\System32\tcpmon.ini
[2004-07-17 10:38:22 | 000,956,990 | ---- | M] () -- C:\WINDOWS\System32\instcat.sql
[2004-07-17 10:36:24 | 000,064,352 | ---- | M] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2004-07-17 10:35:22 | 001,356,288 | ---- | M] () -- C:\WINDOWS\System32\webfldrs.msi
[2004-07-17 10:35:00 | 000,067,866 | ---- | M] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2004-06-17 10:15:56 | 000,004,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\DV3.sys
[2004-02-22 09:11:08 | 000,719,872 | ---- | M] (Abysmal Software) -- C:\WINDOWS\System32\devil.dll
[2004-01-24 23:00:00 | 000,070,656 | ---- | M] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2004-01-24 23:00:00 | 000,070,656 | ---- | M] (www.helixcommunity.org) -- C:\WINDOWS\System32\i420vfw.dll
[2004-01-21 20:15:06 | 000,240,128 | ---- | M] () -- C:\WINDOWS\lame_enc.dll
[2003-12-15 11:43:18 | 001,871,872 | ---- | M] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTAudioFile2.dll
[2003-12-15 11:24:30 | 000,196,608 | ---- | M] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTWMAFile2.dll
[2003-12-08 11:49:22 | 000,116,304 | ---- | M] () -- C:\WINDOWS\System32\NCTWMAProfiles.prx
[2003-12-08 11:19:06 | 000,425,984 | ---- | M] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTAudioTransform2.dll
[2003-12-07 07:59:44 | 000,097,280 | RHS- | M] () -- C:\WINDOWS\System32\FLACDX.ax
[2003-10-01 22:29:00 | 000,000,766 | R--- | M] () -- C:\WINDOWS\System32\icStop.ico
[2003-10-01 22:29:00 | 000,000,766 | R--- | M] () -- C:\WINDOWS\System32\icInit.ico
[2003-08-12 17:51:00 | 000,060,255 | R--- | M] (STMicroelectronics ) -- C:\WINDOWS\System32\drivers\stmatm.sys
[2003-08-07 13:01:52 | 000,237,568 | ---- | M] () -- C:\WINDOWS\System32\lame_enc.dll
[2003-08-04 12:22:44 | 000,094,208 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\W32n50.dll
[2003-08-04 12:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCANDIS5.SYS
[2003-08-02 08:50:34 | 000,356,352 | ---- | M] (Matroska) -- C:\WINDOWS\System32\mkxds.dll
[2003-07-09 00:13:16 | 000,176,128 | ---- | M] () -- C:\WINDOWS\System32\ac3filter.ax
[2003-07-08 21:27:00 | 000,000,766 | R--- | M] () -- C:\WINDOWS\System32\icShTx.ico
[2003-07-08 21:27:00 | 000,000,766 | R--- | M] () -- C:\WINDOWS\System32\icShTR.ico
[2003-07-08 21:27:00 | 000,000,766 | R--- | M] () -- C:\WINDOWS\System32\icShRx.ico
[2003-07-08 21:27:00 | 000,000,766 | R--- | M] () -- C:\WINDOWS\System32\icShow.ico
[2003-07-08 21:27:00 | 000,000,766 | R--- | M] () -- C:\WINDOWS\System32\icNoMo.ico
[2003-06-18 21:28:32 | 000,241,664 | ---- | M] () -- C:\WINDOWS\System32\CoreVorbis.ax
[2003-04-16 13:00:00 | 013,107,200 | ---- | M] () -- C:\WINDOWS\System32\oembios.bin
[2003-04-16 13:00:00 | 013,107,200 | ---- | M] () -- C:\WINDOWS\System32\dllcache\oembios.bin
[2003-04-16 13:00:00 | 004,399,505 | ---- | M] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2003-04-16 13:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\System32\drivers\gm.dls
[2003-04-16 13:00:00 | 003,374,640 | ---- | M] (Macromedia, Inc.) -- C:\WINDOWS\System32\dllcache\tourP.exe
[2003-04-16 13:00:00 | 001,685,606 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2003-04-16 13:00:00 | 001,309,184 | ---- | M] () -- C:\WINDOWS\System32\wbdbase.deu
[2003-04-16 13:00:00 | 001,158,818 | ---- | M] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2003-04-16 13:00:00 | 001,095,680 | ---- | M] () -- C:\WINDOWS\System32\wbdbase.nld
[2003-04-16 13:00:00 | 001,015,477 | ---- | M] () -- C:\WINDOWS\System32\esentprf.ini
[2003-04-16 13:00:00 | 000,957,440 | ---- | M] () -- C:\WINDOWS\System32\wbdbase.enu
[2003-04-16 13:00:00 | 000,937,984 | ---- | M] () -- C:\WINDOWS\System32\wbdbase.sve
[2003-04-16 13:00:00 | 000,867,840 | ---- | M] () -- C:\WINDOWS\System32\wbdbase.ita
[2003-04-16 13:00:00 | 000,808,524 | ---- | M] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2003-04-16 13:00:00 | 000,786,944 | ---- | M] () -- C:\WINDOWS\System32\wbdbase.fra
[2003-04-16 13:00:00 | 000,750,080 | ---- | M] () -- C:\WINDOWS\System32\wbdbase.esn
[2003-04-16 13:00:00 | 000,673,088 | ---- | M] () -- C:\WINDOWS\System32\mlang.dat
[2003-04-16 13:00:00 | 000,643,717 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2003-04-16 13:00:00 | 000,605,050 | ---- | M] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2003-04-16 13:00:00 | 000,399,670 | ---- | M] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2003-04-16 13:00:00 | 000,313,828 | ---- | M] () -- C:\WINDOWS\System32\perfi015.dat
[2003-04-16 13:00:00 | 000,272,128 | ---- | M] () -- C:\WINDOWS\System32\perfi009.dat
[2003-04-16 13:00:00 | 000,262,148 | ---- | M] () -- C:\WINDOWS\System32\sortkey.nls
[2003-04-16 13:00:00 | 000,240,120 | ---- | M] () -- C:\WINDOWS\System32\setup.bmp
[2003-04-16 13:00:00 | 000,218,003 | ---- | M] () -- C:\WINDOWS\System32\dssec.dat
[2003-04-16 13:00:00 | 000,199,168 | ---- | M] () -- C:\WINDOWS\System32\ir32_32.dll
[2003-04-16 13:00:00 | 000,196,642 | ---- | M] () -- C:\WINDOWS\System32\c_950.nls
[2003-04-16 13:00:00 | 000,196,642 | ---- | M] () -- C:\WINDOWS\System32\c_949.nls
[2003-04-16 13:00:00 | 000,196,642 | ---- | M] () -- C:\WINDOWS\System32\c_936.nls
[2003-04-16 13:00:00 | 000,162,850 | ---- | M] () -- C:\WINDOWS\System32\c_932.nls
[2003-04-16 13:00:00 | 000,157,696 | ---- | M] () -- C:\WINDOWS\System32\paqsp.dll
[2003-04-16 13:00:00 | 000,152,844 | ---- | M] () -- C:\WINDOWS\System32\dllcache\framdit.ttf
[2003-04-16 13:00:00 | 000,149,848 | ---- | M] () -- C:\WINDOWS\System32\noise.deu
[2003-04-16 13:00:00 | 000,139,810 | ---- | M] () -- C:\WINDOWS\System32\c_20261.nls
[2003-04-16 13:00:00 | 000,135,984 | ---- | M] () -- C:\WINDOWS\System32\dllcache\framd.ttf
[2003-04-16 13:00:00 | 000,134,339 | ---- | M] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2003-04-16 13:00:00 | 000,127,213 | ---- | M] () -- C:\WINDOWS\System32\ega.cpi
[2003-04-16 13:00:00 | 000,108,827 | ---- | M] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2003-04-16 13:00:00 | 000,105,758 | ---- | M] () -- C:\WINDOWS\System32\net.hlp
[2003-04-16 13:00:00 | 000,094,832 | ---- | M] (Grupa robocza Twain) -- C:\WINDOWS\twain.dll
[2003-04-16 13:00:00 | 000,094,832 | ---- | M] (Grupa robocza Twain) -- C:\WINDOWS\System32\dllcache\twain.dll
[2003-04-16 13:00:00 | 000,094,282 | ---- | M] () -- C:\WINDOWS\System32\msencode.dll
[2003-04-16 13:00:00 | 000,093,702 | ---- | M] () -- C:\WINDOWS\System32\subrange.uce
[2003-04-16 13:00:00 | 000,089,588 | ---- | M] () -- C:\WINDOWS\System32\unicode.nls
[2003-04-16 13:00:00 | 000,082,944 | ---- | M] () -- C:\WINDOWS\clock.avi
[2003-04-16 13:00:00 | 000,080,384 | ---- | M] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2003-04-16 13:00:00 | 000,080,384 | ---- | M] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2003-04-16 13:00:00 | 000,071,424 | ---- | M] () -- C:\WINDOWS\System32\cmmgr32.hlp
[2003-04-16 13:00:00 | 000,070,622 | ---- | M] () -- C:\WINDOWS\System32\edit.com
[2003-04-16 13:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_874.nls
[2003-04-16 13:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_869.nls
[2003-04-16 13:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_866.nls
[2003-04-16 13:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_865.nls
[2003-04-16 13:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_863.nls
[2003-04-16 13:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_861.nls
[2003-04-16 13:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_860.nls
[2003-04-16 13:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_857.nls
[2003-04-16 13:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_855.nls
[2003-04-16 13:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_852.nls
[2003-04-16 13:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_850.nls
[2003-04-16 13:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_775.nls
[2003-04-16 13:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_737.nls
[2003-04-16 13:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_437.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_875.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_500.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_28605.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_28603.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_28599.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_28598.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\C_28597.NLS
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\C_28595.NLS
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\C_28594.NLS
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_28593.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_28592.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_28591.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_21866.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_20905.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_20866.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_20127.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_1258.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_1257.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_1256.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_1255.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_1254.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_1253.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_1252.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_1251.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_1250.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_1026.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_10082.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_10081.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_10079.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_10029.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_10017.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_10010.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_10007.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_10006.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_10000.nls
[2003-04-16 13:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_037.nls
[2003-04-16 13:00:00 | 000,065,978 | ---- | M] () -- C:\WINDOWS\Bąbelki.bmp
[2003-04-16 13:00:00 | 000,065,954 | ---- | M] () -- C:\WINDOWS\Pod mikroskopem.bmp
[2003-04-16 13:00:00 | 000,065,489 | ---- | M] () -- C:\WINDOWS\System32\wbcache.sve
[2003-04-16 13:00:00 | 000,065,489 | ---- | M] () -- C:\WINDOWS\System32\wbcache.nld
[2003-04-16 13:00:00 | 000,065,489 | ---- | M] () -- C:\WINDOWS\System32\wbcache.ita
[2003-04-16 13:00:00 | 000,065,489 | ---- | M] () -- C:\WINDOWS\System32\wbcache.fra
[2003-04-16 13:00:00 | 000,065,489 | ---- | M] () -- C:\WINDOWS\System32\wbcache.esn
[2003-04-16 13:00:00 | 000,065,489 | ---- | M] () -- C:\WINDOWS\System32\wbcache.enu
[2003-04-16 13:00:00 | 000,065,489 | ---- | M] () -- C:\WINDOWS\System32\wbcache.deu
[2003-04-16 13:00:00 | 000,063,488 | ---- | M] () -- C:\WINDOWS\System32\wmimgmt.msc
[2003-04-16 13:00:00 | 000,062,125 | ---- | M] () -- C:\WINDOWS\System32\cliconf.chm
[2003-04-16 13:00:00 | 000,060,458 | ---- | M] () -- C:\WINDOWS\System32\ideograf.uce
[2003-04-16 13:00:00 | 000,059,167 | ---- | M] () -- C:\WINDOWS\System\setup.inf
[2003-04-16 13:00:00 | 000,057,856 | ---- | M] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2003-04-16 13:00:00 | 000,057,856 | ---- | M] () -- C:\WINDOWS\System32\dvdplay.exe
[2003-04-16 13:00:00 | 000,057,845 | R--- | M] () -- C:\WINDOWS\System32\perfmon.msc
[2003-04-16 13:00:00 | 000,056,276 | ---- | M] () -- C:\WINDOWS\System32\eventvwr.msc
[2003-04-16 13:00:00 | 000,054,528 | ---- | M] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2003-04-16 13:00:00 | 000,051,823 | ---- | M] () -- C:\WINDOWS\System32\command.com
[2003-04-16 13:00:00 | 000,050,404 | ---- | M] () -- C:\WINDOWS\System32\sqlsodbc.chm
[2003-04-16 13:00:00 | 000,049,196 | ---- | M] () -- C:\WINDOWS\System32\noise.fra
[2003-04-16 13:00:00 | 000,048,794 | ---- | M] () -- C:\WINDOWS\System32\ntimage.gif
[2003-04-16 13:00:00 | 000,048,680 | -HS- | M] () -- C:\WINDOWS\winnt256.bmp
[2003-04-16 13:00:00 | 000,048,680 | -HS- | M] () -- C:\WINDOWS\winnt.bmp
[2003-04-16 13:00:00 | 000,046,258 | ---- | M] () -- C:\WINDOWS\System32\mib.bin
[2003-04-16 13:00:00 | 000,045,056 | ---- | M] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2003-04-16 13:00:00 | 000,042,809 | ---- | M] () -- C:\WINDOWS\System32\key01.sys
[2003-04-16 13:00:00 | 000,042,809 | ---- | M] () -- C:\WINDOWS\System32\dllcache\key01.sys
[2003-04-16 13:00:00 | 000,042,537 | ---- | M] () -- C:\WINDOWS\System32\keyboard.sys
[2003-04-16 13:00:00 | 000,042,537 | ---- | M] () -- C:\WINDOWS\System32\dllcache\keyboard.sys
[2003-04-16 13:00:00 | 000,041,998 | ---- | M] () -- C:\WINDOWS\System32\certmgr.msc
[2003-04-16 13:00:00 | 000,041,851 | ---- | M] () -- C:\WINDOWS\System32\lusrmgr.msc
[2003-04-16 13:00:00 | 000,041,466 | ---- | M] () -- C:\WINDOWS\System32\ciadv.msc
[2003-04-16 13:00:00 | 000,041,134 | ---- | M] () -- C:\WINDOWS\System32\dfrg.msc
[2003-04-16 13:00:00 | 000,040,448 | ---- | M] () -- C:\WINDOWS\System32\wiasf.ax
[2003-04-16 13:00:00 | 000,040,448 | ---- | M] () -- C:\WINDOWS\System32\dllcache\wiasf.ax
[2003-04-16 13:00:00 | 000,039,434 | ---- | M] () -- C:\WINDOWS\System32\mem.exe
[2003-04-16 13:00:00 | 000,039,434 | ---- | M] () -- C:\WINDOWS\System32\dllcache\mem.exe
[2003-04-16 13:00:00 | 000,037,509 | ---- | M] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2003-04-16 13:00:00 | 000,037,364 | ---- | M] () -- C:\WINDOWS\System32\compmgmt.msc
[2003-04-16 13:00:00 | 000,036,946 | ---- | M] () -- C:\WINDOWS\wmprfPLK.prx
[2003-04-16 13:00:00 | 000,034,990 | ---- | M] () -- C:\WINDOWS\System32\perfd015.dat
[2003-04-16 13:00:00 | 000,033,317 | ---- | M] () -- C:\WINDOWS\System32\diskmgmt.msc
[2003-04-16 13:00:00 | 000,033,080 | ---- | M] () -- C:\WINDOWS\System32\services.msc
[2003-04-16 13:00:00 | 000,032,721 | ---- | M] () -- C:\WINDOWS\System32\devmgmt.msc
[2003-04-16 13:00:00 | 000,032,590 | ---- | M] () -- C:\WINDOWS\System32\ntmsoprq.msc
[2003-04-16 13:00:00 | 000,032,422 | ---- | M] () -- C:\WINDOWS\System32\fsmgmt.msc
[2003-04-16 13:00:00 | 000,031,744 | ---- | M] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2003-04-16 13:00:00 | 000,029,370 | ---- | M] () -- C:\WINDOWS\System32\ntdos411.sys
[2003-04-16 13:00:00 | 000,029,370 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ntdos411.sys
[2003-04-16 13:00:00 | 000,029,274 | ---- | M] () -- C:\WINDOWS\System32\ntdos412.sys
[2003-04-16 13:00:00 | 000,029,274 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ntdos412.sys
[2003-04-16 13:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\System32\ntdos804.sys
[2003-04-16 13:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ntdos804.sys
[2003-04-16 13:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\System32\ntdos404.sys
[2003-04-16 13:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ntdos404.sys
[2003-04-16 13:00:00 | 000,028,626 | ---- | M] () -- C:\WINDOWS\System32\perfd009.dat
[2003-04-16 13:00:00 | 000,028,420 | ---- | M] () -- C:\WINDOWS\System32\bios1.rom
[2003-04-16 13:00:00 | 000,028,171 | ---- | M] () -- C:\WINDOWS\System32\winhelp.hlp
[2003-04-16 13:00:00 | 000,027,898 | ---- | M] () -- C:\WINDOWS\System32\ntdos.sys
[2003-04-16 13:00:00 | 000,027,898 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ntdos.sys
[2003-04-16 13:00:00 | 000,027,097 | ---- | M] () -- C:\WINDOWS\System32\dllcache\country.sys
[2003-04-16 13:00:00 | 000,027,097 | ---- | M] () -- C:\WINDOWS\System32\country.sys
[2003-04-16 13:00:00 | 000,026,717 | ---- | M] () -- C:\WINDOWS\System32\tslabels.ini
[2003-04-16 13:00:00 | 000,026,680 | ---- | M] () -- C:\WINDOWS\Wachlarze.bmp
[2003-04-16 13:00:00 | 000,026,582 | ---- | M] () -- C:\WINDOWS\Nefryt.bmp
[2003-04-16 13:00:00 | 000,025,906 | ---- | M] () -- C:\WINDOWS\System32\ntmsmgr.msc
[2003-04-16 13:00:00 | 000,024,772 | ---- | M] () -- C:\WINDOWS\System32\geo.nls
[2003-04-16 13:00:00 | 000,024,006 | ---- | M] () -- C:\WINDOWS\System32\gb2312.uce
[2003-04-16 13:00:00 | 000,022,984 | ---- | M] () -- C:\WINDOWS\System32\bopomofo.uce
[2003-04-16 13:00:00 | 000,021,232 | ---- | M] () -- C:\WINDOWS\System32\graphics.pro
[2003-04-16 13:00:00 | 000,020,986 | ---- | M] () -- C:\WINDOWS\System32\dllcache\debug.exe
[2003-04-16 13:00:00 | 000,020,986 | ---- | M] () -- C:\WINDOWS\System32\debug.exe
[2003-04-16 13:00:00 | 000,019,806 | ---- | M] () -- C:\WINDOWS\System32\graphics.com
[2003-04-16 13:00:00 | 000,019,684 | ---- | M] () -- C:\WINDOWS\System32\noise.esn
[2003-04-16 13:00:00 | 000,019,618 | ---- | M] () -- C:\WINDOWS\System32\noise.ita
[2003-04-16 13:00:00 | 000,018,832 | ---- | M] () -- C:\WINDOWS\System32\v7vga.rom
[2003-04-16 13:00:00 | 000,017,362 | ---- | M] () -- C:\WINDOWS\Rododendron.bmp
[2003-04-16 13:00:00 | 000,017,336 | ---- | M] () -- C:\WINDOWS\Na rybkach.bmp
[2003-04-16 13:00:00 | 000,017,062 | ---- | M] () -- C:\WINDOWS\Kawa.bmp
[2003-04-16 13:00:00 | 000,016,740 | ---- | M] () -- C:\WINDOWS\System32\shiftjis.uce
[2003-04-16 13:00:00 | 000,016,730 | ---- | M] () -- C:\WINDOWS\Puch.bmp
[2003-04-16 13:00:00 | 000,016,024 | ---- | M] () -- C:\WINDOWS\System32\rsvp.ini
[2003-04-16 13:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\System32\tsd32.dll
[2003-04-16 13:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\System32\dllcache\tsd32.dll
[2003-04-16 13:00:00 | 000,014,913 | ---- | M] () -- C:\WINDOWS\System32\kb16.com
[2003-04-16 13:00:00 | 000,013,819 | ---- | M] () -- C:\WINDOWS\System32\pschdprf.ini
[2003-04-16 13:00:00 | 000,013,730 | ---- | M] () -- C:\WINDOWS\System32\noise.sve
[2003-04-16 13:00:00 | 000,013,497 | ---- | M] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2003-04-16 13:00:00 | 000,013,312 | ---- | M] () -- C:\WINDOWS\System32\win87em.dll
[2003-04-16 13:00:00 | 000,013,312 | ---- | M] () -- C:\WINDOWS\System32\dllcache\win87em.dll
[2003-04-16 13:00:00 | 000,013,256 | ---- | M] () -- C:\WINDOWS\System32\noise.nld
[2003-04-16 13:00:00 | 000,012,876 | ---- | M] () -- C:\WINDOWS\System32\korean.uce
[2003-04-16 13:00:00 | 000,012,866 | ---- | M] () -- C:\WINDOWS\System32\edlin.exe
[2003-04-16 13:00:00 | 000,012,866 | ---- | M] () -- C:\WINDOWS\System32\dllcache\edlin.exe
[2003-04-16 13:00:00 | 000,012,594 | ---- | M] () -- C:\WINDOWS\System32\dllcache\append.exe
[2003-04-16 13:00:00 | 000,012,594 | ---- | M] () -- C:\WINDOWS\System32\append.exe
[2003-04-16 13:00:00 | 000,011,859 | ---- | M] () -- C:\WINDOWS\System32\setver.exe
[2003-04-16 13:00:00 | 000,010,853 | ---- | M] () -- C:\WINDOWS\System32\edit.hlp
[2003-04-16 13:00:00 | 000,009,043 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ansi.sys
[2003-04-16 13:00:00 | 000,009,043 | ---- | M] () -- C:\WINDOWS\System32\ansi.sys
[2003-04-16 13:00:00 | 000,008,599 | ---- | M] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2003-04-16 13:00:00 | 000,008,520 | ---- | M] () -- C:\WINDOWS\System32\exe2bin.exe
[2003-04-16 13:00:00 | 000,008,520 | ---- | M] () -- C:\WINDOWS\System32\dllcache\exe2bin.exe
[2003-04-16 13:00:00 | 000,008,484 | ---- | M] () -- C:\WINDOWS\System32\kanji_2.uce
[2003-04-16 13:00:00 | 000,008,386 | ---- | M] () -- C:\WINDOWS\System32\ctype.nls
[2003-04-16 13:00:00 | 000,008,191 | ---- | M] () -- C:\WINDOWS\System32\bios4.rom
[2003-04-16 13:00:00 | 000,007,407 | ---- | M] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2003-04-16 13:00:00 | 000,007,116 | ---- | M] () -- C:\WINDOWS\System32\nlsfunc.exe
[2003-04-16 13:00:00 | 000,007,116 | ---- | M] () -- C:\WINDOWS\System32\dllcache\nlsfunc.exe
[2003-04-16 13:00:00 | 000,007,046 | ---- | M] () -- C:\WINDOWS\System32\l_intl.nls
[2003-04-16 13:00:00 | 000,006,948 | ---- | M] () -- C:\WINDOWS\System32\kanji_1.uce
[2003-04-16 13:00:00 | 000,006,761 | ---- | M] () -- C:\WINDOWS\System32\oembios.sig
[2003-04-16 13:00:00 | 000,006,761 | ---- | M] () -- C:\WINDOWS\System32\dllcache\oembios.sig
[2003-04-16 13:00:00 | 000,006,708 | ---- | M] () -- C:\WINDOWS\System32\esentprf.hxx
[2003-04-16 13:00:00 | 000,006,074 | ---- | M] () -- C:\WINDOWS\System32\rasctrs.ini
[2003-04-16 13:00:00 | 000,004,976 | ---- | M] () -- C:\WINDOWS\System32\himem.sys
[2003-04-16 13:00:00 | 000,004,976 | ---- | M] () -- C:\WINDOWS\System32\dllcache\himem.sys
[2003-04-16 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2003-04-16 13:00:00 | 000,004,461 | ---- | M] () -- C:\WINDOWS\System32\oembios.dat
[2003-04-16 13:00:00 | 000,004,461 | ---- | M] () -- C:\WINDOWS\System32\dllcache\oembios.dat
[2003-04-16 13:00:00 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\wdl.trm
[2003-04-16 13:00:00 | 000,003,813 | ---- | M] () -- C:\WINDOWS\System32\msdtcprf.ini
[2003-04-16 13:00:00 | 000,003,776 | ---- | M] () -- C:\WINDOWS\System32\pubprn.vbs
[2003-04-16 13:00:00 | 000,003,776 | ---- | M] () -- C:\WINDOWS\System32\dllcache\pubprn.vbs
[2003-04-16 13:00:00 | 000,003,666 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\lmhosts.sam
[2003-04-16 13:00:00 | 000,003,577 | ---- | M] () -- C:\WINDOWS\System32\sysprtj.sep
[2003-04-16 13:00:00 | 000,003,334 | ---- | M] () -- C:\WINDOWS\System32\rsaci.rat
[2003-04-16 13:00:00 | 000,003,286 | ---- | M] () -- C:\WINDOWS\System32\tslabels.h
[2003-04-16 13:00:00 | 000,003,214 | ---- | M] () -- C:\WINDOWS\System32\sysprint.sep
[2003-04-16 13:00:00 | 000,003,178 | ---- | M] () -- C:\WINDOWS\System32\rsvpcnts.h
[2003-04-16 13:00:00 | 000,003,010 | ---- | M] () -- C:\WINDOWS\System32\pschdcnt.h
[2003-04-16 13:00:00 | 000,002,992 | ---- | M] () -- C:\WINDOWS\System32\perfci.ini
[2003-04-16 13:00:00 | 000,002,890 | ---- | M] () -- C:\WINDOWS\System32\perfwci.ini
[2003-04-16 13:00:00 | 000,002,233 | ---- | M] () -- C:\WINDOWS\System32\dllcache\12520850.cpx
[2003-04-16 13:00:00 | 000,002,233 | ---- | M] () -- C:\WINDOWS\System32\12520850.cpx
[2003-04-16 13:00:00 | 000,002,151 | ---- | M] () -- C:\WINDOWS\System32\dllcache\12520437.cpx
[2003-04-16 13:00:00 | 000,002,151 | ---- | M] () -- C:\WINDOWS\System32\12520437.cpx
[2003-04-16 13:00:00 | 000,001,818 | ---- | M] () -- C:\WINDOWS\System32\rasctrnm.h
[2003-04-16 13:00:00 | 000,001,734 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2003-04-16 13:00:00 | 000,001,696 | ---- | M] () -- C:\WINDOWS\System32\noise.cht
[2003-04-16 13:00:00 | 000,001,696 | ---- | M] () -- C:\WINDOWS\System32\noise.chs
[2003-04-16 13:00:00 | 000,001,490 | ---- | M] () -- C:\WINDOWS\System32\mmdriver.inf
[2003-04-16 13:00:00 | 000,001,405 | ---- | M] () -- C:\WINDOWS\msdfmap.ini
[2003-04-16 13:00:00 | 000,001,295 | ---- | M] () -- C:\WINDOWS\System32\perffilt.ini
[2003-04-16 13:00:00 | 000,001,225 | ---- | M] () -- C:\WINDOWS\System32\usrlogon.cmd
[2003-04-16 13:00:00 | 000,001,168 | ---- | M] () -- C:\WINDOWS\System32\loadfix.com
[2003-04-16 13:00:00 | 000,000,984 | ---- | M] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2003-04-16 13:00:00 | 000,000,929 | ---- | M] () -- C:\WINDOWS\System32\homepage.inf
[2003-04-16 13:00:00 | 000,000,888 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2003-04-16 13:00:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\System32\share.exe
[2003-04-16 13:00:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\System32\dllcache\share.exe
[2003-04-16 13:00:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\System32\fastopen.exe
[2003-04-16 13:00:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\System32\dllcache\fastopen.exe
[2003-04-16 13:00:00 | 000,000,820 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\protocol
[2003-04-16 13:00:00 | 000,000,817 | ---- | M] () -- C:\WINDOWS\System32\mscdexnt.exe
[2003-04-16 13:00:00 | 000,000,817 | ---- | M] () -- C:\WINDOWS\System32\dllcache\mscdexnt.exe
[2003-04-16 13:00:00 | 000,000,768 | ---- | M] () -- C:\WINDOWS\System32\msdtcprf.h
[2003-04-16 13:00:00 | 000,000,751 | ---- | M] () -- C:\WINDOWS\System32\noise.enu
[2003-04-16 13:00:00 | 000,000,751 | ---- | M] () -- C:\WINDOWS\System32\noise.eng
[2003-04-16 13:00:00 | 000,000,742 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2003-04-16 13:00:00 | 000,000,741 | ---- | M] () -- C:\WINDOWS\System32\noise.dat
[2003-04-16 13:00:00 | 000,000,707 | ---- | M] () -- C:\WINDOWS\_default.pif
[2003-04-16 13:00:00 | 000,000,697 | ---- | M] () -- C:\WINDOWS\System32\noise.tha
[2003-04-16 13:00:00 | 000,000,435 | ---- | M] () -- C:\WINDOWS\System32\perfwci.h
[2003-04-16 13:00:00 | 000,000,427 | ---- | M] () -- C:\WINDOWS\System32\perfci.h
[2003-04-16 13:00:00 | 000,000,410 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\networks
[2003-04-16 13:00:00 | 000,000,359 | ---- | M] () -- C:\WINDOWS\System32\prodspec.ini
[2003-04-16 13:00:00 | 000,000,168 | ---- | M] () -- C:\WINDOWS\System32\l_except.nls
[2003-04-16 13:00:00 | 000,000,140 | ---- | M] () -- C:\WINDOWS\System32\perffilt.h
[2003-04-16 13:00:00 | 000,000,114 | ---- | M] () -- C:\WINDOWS\System32\pcl.sep
[2003-04-16 13:00:00 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\dsound.vxd
[2003-04-16 13:00:00 | 000,000,080 | ---- | M] () -- C:\WINDOWS\explorer.scf
[2003-04-16 13:00:00 | 000,000,075 | ---- | M] () -- C:\WINDOWS\System32\Pokaż kanały.scf
[2003-04-16 13:00:00 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\cmos.ram
[2003-04-16 13:00:00 | 000,000,051 | ---- | M] () -- C:\WINDOWS\System32\pscript.sep
[2003-02-01 23:00:00 | 000,087,351 | ---- | M] (Jordan Russell) -- C:\WINDOWS\unins000.exe
[2002-12-25 08:44:44 | 000,380,928 | ---- | M] () -- C:\WINDOWS\System32\actskin4.ocx
[2002-10-06 18:44:52 | 000,282,624 | ---- | M] () -- C:\WINDOWS\System32\SubTitDS.ax
[2002-10-06 18:42:58 | 000,237,568 | ---- | M] () -- C:\WINDOWS\System32\OggDS.dll
[2002-10-04 23:04:26 | 000,921,600 | ---- | M] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2002-10-04 23:04:26 | 000,188,416 | ---- | M] () -- C:\WINDOWS\System32\vorbis.dll
[2002-10-04 23:04:18 | 000,045,056 | ---- | M] () -- C:\WINDOWS\System32\ogg.dll
[2002-08-22 22:27:00 | 000,348,160 | ---- | M] (DevPower Development Tools) -- C:\WINDOWS\System32\FlatBtn6.ocx
[2002-04-29 13:11:26 | 000,036,864 | ---- | M] (City Search Inc.) -- C:\WINDOWS\System32\MouseWheelControl.ocx
[2002-02-01 19:00:00 | 001,326,080 | ---- | M] (Borland Software Corporation) -- C:\WINDOWS\System32\VCL60.BPL
[2002-02-01 19:00:00 | 000,676,352 | ---- | M] (Borland Software Corporation) -- C:\WINDOWS\System32\RTL60.BPL
[2001-12-12 10:35:52 | 000,348,160 | ---- | M] (DGP) -- C:\WINDOWS\System32\MEnc.ocx
[2001-11-24 18:28:14 | 000,086,528 | ---- | M] (Fraunhofer) -- C:\WINDOWS\System32\DVDVideo.ax
[2001-08-06 15:11:32 | 000,319,488 | ---- | M] (eJay AG) -- C:\WINDOWS\System32\eJ_AviExportDlg.ocx
[2001-07-26 09:59:26 | 000,280,576 | ---- | M] () -- C:\WINDOWS\System32\pxd_kom.dll
[2001-07-26 09:59:26 | 000,078,085 | ---- | M] () -- C:\WINDOWS\System32\pattern.dat
[2001-07-26 09:59:24 | 000,307,200 | ---- | M] () -- C:\WINDOWS\System32\fxstudio.dll
[2001-07-26 09:59:24 | 000,045,056 | ---- | M] () -- C:\WINDOWS\System32\fader.dll
[2001-07-26 09:59:22 | 000,638,976 | ---- | M] (eJay) -- C:\WINDOWS\System32\eJ_Editorctrl.ocx
[2001-07-26 09:59:22 | 000,311,296 | ---- | M] (eJay) -- C:\WINDOWS\System32\ej_fxstudio.ocx
[2001-07-26 09:59:22 | 000,307,200 | ---- | M] () -- C:\WINDOWS\System32\drumpad.dll
[2001-07-26 09:59:22 | 000,286,720 | ---- | M] (eJay AG) -- C:\WINDOWS\System32\Ej_AnimOcx2.ocx
[2001-07-26 09:59:22 | 000,274,432 | ---- | M] (eJay) -- C:\WINDOWS\System32\ej_equalizer.ocx
[2001-07-26 09:59:22 | 000,270,336 | ---- | M] (eJay AG) -- C:\WINDOWS\System32\Ej_Endstufe2.ocx
[2001-07-26 09:59:22 | 000,270,336 | ---- | M] (eJay AG) -- C:\WINDOWS\System32\Ej_Endstufe.ocx
[2001-07-26 09:59:22 | 000,159,744 | ---- | M] (Dart Communications) -- C:\WINDOWS\System32\DartSock.dll
[2001-07-26 09:59:22 | 000,106,496 | ---- | M] (Dart Communications) -- C:\WINDOWS\System32\DartWeb.dll
[2001-07-26 09:59:22 | 000,100,864 | ---- | M] (zwei) -- C:\WINDOWS\System32\eJ_Explorer.ocx
[2001-07-26 09:59:20 | 000,352,256 | ---- | M] (SoftShape Development) -- C:\WINDOWS\System32\ActiveSkin.ocx
[2001-07-26 09:59:20 | 000,282,624 | ---- | M] () -- C:\WINDOWS\System32\animation2.dll
[2001-07-26 09:59:20 | 000,075,976 | ---- | M] () -- C:\WINDOWS\System32\BASSDEC.dll
[2001-04-12 09:24:18 | 000,034,816 | ---- | M] (MyCompanyName) -- C:\WINDOWS\System32\MpgAudio.ax
[2001-02-04 17:05:12 | 000,114,688 | ---- | M] (Fred Just Soft) -- C:\WINDOWS\System32\AnyBouton.ocx
[2000-08-03 23:00:00 | 000,054,272 | ---- | M] (Works Warlock) -- C:\WINDOWS\System32\L3mpg123.ax
[2000-05-01 22:02:00 | 000,097,280 | ---- | M] (Common Controls Replacement Project (CCRP)) -- C:\WINDOWS\System32\ccrpbds5.dll
[2000-04-28 13:56:56 | 000,102,400 | ---- | M] (ECX Programming / CCRP) -- C:\WINDOWS\System32\ccrpprg6.ocx
[1999-09-09 12:28:18 | 000,446,464 | ---- | M] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\HHActiveX.dll
[1999-03-23 09:12:34 | 000,299,520 | ---- | M] (InstallShield Corporation, Inc.) -- C:\WINDOWS\uninst.exe
[1999-01-05 16:30:02 | 000,225,280 | ---- | M] (VideoSoft) -- C:\WINDOWS\System32\VSFLEX3.OCX
[1998-11-09 11:08:14 | 000,011,150 | ---- | M] () -- C:\WINDOWS\System32\master.hpi
[1998-11-09 11:08:12 | 000,021,797 | ---- | M] () -- C:\WINDOWS\System32\driver.hpi
[1998-09-23 19:43:34 | 000,027,145 | ---- | M] () -- C:\WINDOWS\System32\inc.hpi
[1998-08-18 18:10:20 | 000,015,065 | ---- | M] () -- C:\WINDOWS\System32\HPF69016.hpc
[1998-08-18 18:08:10 | 000,039,520 | ---- | M] () -- C:\WINDOWS\System32\HPFcfg16.exe
[1998-08-18 18:07:34 | 000,045,344 | ---- | M] () -- C:\WINDOWS\System32\HPFlnk16.exe
[1998-08-18 18:07:34 | 000,003,782 | ---- | M] () -- C:\WINDOWS\System32\HPFlnk16.ini
[1998-08-18 18:07:16 | 000,175,168 | ---- | M] () -- C:\WINDOWS\System32\HPFtbx16.exe
[1998-08-18 18:07:16 | 000,175,168 | ---- | M] () -- C:\WINDOWS\HPFtbx16.exe
[1998-08-18 18:01:54 | 000,011,552 | ---- | M] () -- C:\WINDOWS\System32\HPFbkg16.exe
[1998-08-18 18:01:30 | 000,008,480 | ---- | M] () -- C:\WINDOWS\System32\HPFhid16.exe
[1998-08-18 17:59:22 | 000,083,456 | ---- | M] () -- C:\WINDOWS\System32\HPFqps16.exe
[1998-08-18 17:47:32 | 000,185,120 | ---- | M] () -- C:\WINDOWS\System32\HPFprl16.dll
[1998-08-18 17:47:28 | 000,005,088 | ---- | M] () -- C:\WINDOWS\System32\HPFhrl16.dll
[1998-08-18 17:47:24 | 000,261,056 | ---- | M] () -- C:\WINDOWS\System32\HPFsrl16.dll
[1998-08-18 17:47:18 | 000,231,040 | ---- | M] () -- C:\WINDOWS\System32\HPFmrl16.dll
[1998-08-18 17:47:14 | 001,087,040 | ---- | M] () -- C:\WINDOWS\System32\HPFtrl16.dll
[1998-08-18 17:43:06 | 000,160,608 | ---- | M] () -- C:\WINDOWS\System32\HPFcps16.dll
[1998-08-18 17:42:50 | 000,049,184 | ---- | M] () -- C:\WINDOWS\System32\HPF24r16.dll
[1998-08-18 17:42:04 | 000,025,600 | ---- | M] () -- C:\WINDOWS\System32\HPFlmn16.dll
[1998-08-18 17:41:52 | 000,006,336 | ---- | M] () -- C:\WINDOWS\System32\HPFdos16.dll
[1998-08-18 17:41:40 | 000,023,296 | ---- | M] () -- C:\WINDOWS\System32\HPFtst16.dll
[1998-08-18 17:39:58 | 000,050,176 | ---- | M] () -- C:\WINDOWS\System32\HPFpcl16.dll
[1998-08-18 17:39:06 | 000,220,944 | ---- | M] () -- C:\WINDOWS\System32\HPFdjc16.drv
[1998-08-18 17:29:18 | 000,094,016 | ---- | M] () -- C:\WINDOWS\System32\HPFcui16.dll
[1998-08-18 17:29:00 | 000,114,400 | ---- | M] () -- C:\WINDOWS\System32\HPFsui16.dll
[1998-08-18 17:28:22 | 000,251,072 | ---- | M] () -- C:\WINDOWS\System32\HPFwin16.dll
[1998-08-18 17:22:58 | 000,016,064 | ---- | M] () -- C:\WINDOWS\System32\HPFmon16.dll
[1998-08-18 17:22:20 | 000,013,440 | ---- | M] () -- C:\WINDOWS\System32\HPFcbl16.dll
[1998-08-18 17:21:34 | 000,014,240 | ---- | M] () -- C:\WINDOWS\System32\HPFnet16.dll
[1998-08-18 17:21:28 | 000,013,184 | ---- | M] () -- C:\WINDOWS\System32\HPFpml16.dll
[1998-08-18 17:21:24 | 000,029,984 | ---- | M] () -- C:\WINDOWS\System32\HPFmlc16.dll
[1998-08-18 17:21:16 | 000,033,568 | ---- | M] () -- C:\WINDOWS\System32\HPFp9816.dll
[1998-08-18 17:20:44 | 000,033,696 | ---- | M] () -- C:\WINDOWS\System32\HPFecp16.dll
[1998-08-18 17:17:38 | 000,012,544 | ---- | M] () -- C:\WINDOWS\System32\HPFrsu16.dll
[1998-08-18 17:17:24 | 000,024,064 | ---- | M] () -- C:\WINDOWS\System32\HPFrst16.dll
[1998-08-18 17:17:16 | 000,002,048 | ---- | M] () -- C:\WINDOWS\System32\HPFrss16.dll
[1998-08-18 17:17:12 | 000,117,760 | ---- | M] () -- C:\WINDOWS\System32\HPFrsa16.dll
[1998-08-18 17:14:56 | 001,779,712 | ---- | M] () -- C:\WINDOWS\System32\HPFimg16.dll
[1998-08-18 17:09:54 | 000,006,976 | ---- | M] () -- C:\WINDOWS\System32\HPFitk16.dll
[1998-08-18 17:09:22 | 000,067,136 | ---- | M] () -- C:\WINDOWS\System32\HPFc1616.dll
[1998-08-18 17:09:16 | 000,105,984 | ---- | M] () -- C:\WINDOWS\System32\HPFc9516.dll
[1998-08-18 16:20:14 | 000,175,396 | ---- | M] () -- C:\WINDOWS\System32\HPF69h16.hlp
[1998-08-18 16:20:14 | 000,098,189 | ---- | M] () -- C:\WINDOWS\System32\HPF69t16.hlp
[1998-08-18 16:20:14 | 000,045,222 | ---- | M] () -- C:\WINDOWS\System32\HPF69r16.hlp
[1998-08-18 16:20:14 | 000,020,384 | ---- | M] () -- C:\WINDOWS\System32\HPFcfg16.hlp
[1998-08-18 16:20:12 | 000,038,192 | ---- | M] () -- C:\WINDOWS\System32\HPF69d16.hlp
[1998-08-18 16:18:50 | 000,012,956 | ---- | M] () -- C:\WINDOWS\System32\hpdesk.icm
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-03-20 16:47:47 | 000,000,020 | -HS- | C] () -- C:\Documents and Settings\Administrator.MATEUSZ.005\ntuser.ini
[2010-03-20 16:47:45 | 000,262,144 | -H-- | C] () -- C:\Documents and Settings\Administrator.MATEUSZ.005\NTUSER.DAT
[2010-03-20 16:43:52 | 000,000,451 | ---- | C] () -- C:\notepad.exe
[2010-03-18 06:20:23 | 000,011,382 | -HS- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\hfJ5Mio0m8B0g
[2010-03-18 06:20:23 | 000,011,382 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hfJ5Mio0m8B0g
[2010-03-17 20:01:29 | 000,010,458 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\6JQ57
[2009-11-06 10:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009-10-28 18:58:38 | 000,000,022 | ---- | C] () -- C:\WINDOWS\SHAREMEM.INI
[2009-10-28 18:56:32 | 000,261,056 | ---- | C] () -- C:\WINDOWS\System32\HPFsrl16.dll
[2009-10-28 18:56:32 | 000,251,072 | ---- | C] () -- C:\WINDOWS\System32\HPFwin16.dll
[2009-10-28 18:56:32 | 000,231,040 | ---- | C] () -- C:\WINDOWS\System32\HPFmrl16.dll
[2009-10-28 18:56:32 | 000,220,944 | ---- | C] () -- C:\WINDOWS\System32\HPFdjc16.drv
[2009-10-28 18:56:32 | 000,185,120 | ---- | C] () -- C:\WINDOWS\System32\HPFprl16.dll
[2009-10-28 18:56:32 | 000,117,760 | ---- | C] () -- C:\WINDOWS\System32\HPFrsa16.dll
[2009-10-28 18:56:32 | 000,050,176 | ---- | C] () -- C:\WINDOWS\System32\HPFpcl16.dll
[2009-10-28 18:56:32 | 000,029,984 | ---- | C] () -- C:\WINDOWS\System32\HPFmlc16.dll
[2009-10-28 18:56:32 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\HPFrst16.dll
[2009-10-28 18:56:32 | 000,023,296 | ---- | C] () -- C:\WINDOWS\System32\HPFtst16.dll
[2009-10-28 18:56:32 | 000,016,064 | ---- | C] () -- C:\WINDOWS\System32\HPFmon16.dll
[2009-10-28 18:56:32 | 000,014,240 | ---- | C] () -- C:\WINDOWS\System32\HPFnet16.dll
[2009-10-28 18:56:32 | 000,013,184 | ---- | C] () -- C:\WINDOWS\System32\HPFpml16.dll
[2009-10-28 18:56:32 | 000,012,544 | ---- | C] () -- C:\WINDOWS\System32\HPFrsu16.dll
[2009-10-28 18:56:32 | 000,006,336 | ---- | C] () -- C:\WINDOWS\System32\HPFdos16.dll
[2009-10-28 18:56:32 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\HPFrss16.dll
[2009-10-28 18:56:31 | 001,779,712 | ---- | C] () -- C:\WINDOWS\System32\HPFimg16.dll
[2009-10-28 18:56:31 | 001,087,040 | ---- | C] () -- C:\WINDOWS\System32\HPFtrl16.dll
[2009-10-28 18:56:31 | 000,160,608 | ---- | C] () -- C:\WINDOWS\System32\HPFcps16.dll
[2009-10-28 18:56:31 | 000,114,400 | ---- | C] () -- C:\WINDOWS\System32\HPFsui16.dll
[2009-10-28 18:56:31 | 000,105,984 | ---- | C] () -- C:\WINDOWS\System32\HPFc9516.dll
[2009-10-28 18:56:31 | 000,094,016 | ---- | C] () -- C:\WINDOWS\System32\HPFcui16.dll
[2009-10-28 18:56:31 | 000,067,136 | ---- | C] () -- C:\WINDOWS\System32\HPFc1616.dll
[2009-10-28 18:56:31 | 000,049,184 | ---- | C] () -- C:\WINDOWS\System32\HPF24r16.dll
[2009-10-28 18:56:31 | 000,033,696 | ---- | C] () -- C:\WINDOWS\System32\HPFecp16.dll
[2009-10-28 18:56:31 | 000,033,568 | ---- | C] () -- C:\WINDOWS\System32\HPFp9816.dll
[2009-10-28 18:56:31 | 000,025,600 | ---- | C] () -- C:\WINDOWS\System32\HPFlmn16.dll
[2009-10-28 18:56:31 | 000,013,440 | ---- | C] () -- C:\WINDOWS\System32\HPFcbl16.dll
[2009-10-28 18:56:31 | 000,006,976 | ---- | C] () -- C:\WINDOWS\System32\HPFitk16.dll
[2009-10-28 18:56:31 | 000,005,088 | ---- | C] () -- C:\WINDOWS\System32\HPFhrl16.dll
[2009-10-28 18:56:31 | 000,003,782 | ---- | C] () -- C:\WINDOWS\System32\HPFlnk16.ini
[2009-10-28 18:56:31 | 000,000,031 | ---- | C] () -- C:\WINDOWS\System32\HPFlmn16.ini
[2009-10-19 16:53:19 | 000,000,902 | R--- | C] () -- C:\WINDOWS\System32\setup.ini
[2009-10-19 16:53:19 | 000,000,161 | R--- | C] () -- C:\WINDOWS\DSLSetup.ini
[2009-10-19 16:53:16 | 000,684,265 | R--- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys
[2009-10-12 08:41:14 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\VBoxD3D9.dll
[2009-10-12 08:41:14 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\VBoxD3D8.dll
[2009-10-12 08:40:34 | 001,372,160 | ---- | C] () -- C:\WINDOWS\System32\libWine.dll
[2009-10-12 08:40:34 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\wined3d.dll
[2009-09-13 16:52:09 | 000,217,824 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2009-08-03 21:48:33 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009-07-17 17:55:12 | 000,291,840 | ---- | C] () -- C:\WINDOWS\FCVAP64.dll
[2009-07-17 17:55:12 | 000,086,016 | ---- | C] () -- C:\WINDOWS\EZFRD64.dll
[2009-06-12 16:04:20 | 000,240,128 | ---- | C] () -- C:\WINDOWS\lame_enc.dll
[2009-03-31 17:56:52 | 000,000,067 | ---- | C] () -- C:\WINDOWS\kontakt.ini
[2009-02-09 13:18:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009-02-09 13:18:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009-02-09 13:18:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009-02-09 13:18:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008-12-31 17:24:06 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\AVERM.dll
[2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008-10-06 18:51:09 | 000,004,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\DV3.sys
[2008-09-29 18:39:12 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008-09-29 17:35:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008-09-19 19:17:11 | 000,016,384 | ---- | C] () -- C:\Program Files\uik.dat
[2008-09-19 19:16:22 | 000,000,004 | ---- | C] () -- C:\Program Files\is.dat
[2008-09-03 04:32:22 | 004,912,113 | ---- | C] () -- C:\WINDOWS\System32\jcodec.dll
[2008-09-03 04:32:22 | 000,018,181 | ---- | C] () -- C:\WINDOWS\System32\jcodecsh.dll
[2008-08-29 16:43:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\galaxy.ini
[2008-08-22 16:09:35 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\fxstudio.dll
[2008-08-22 16:09:35 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\animation2.dll
[2008-08-22 16:08:15 | 000,280,576 | ---- | C] () -- C:\WINDOWS\System32\pxd_kom.dll
[2008-08-22 16:07:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\fader.dll
[2008-08-22 16:07:46 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\drumpad.dll
[2008-08-22 16:07:38 | 000,075,976 | ---- | C] () -- C:\WINDOWS\System32\BASSDEC.dll
[2008-08-03 08:15:46 | 000,000,033 | ---- | C] () -- C:\WINDOWS\Multimedia manager.INI
[2008-08-01 14:09:38 | 000,000,012 | ---- | C] () -- C:\WINDOWS\dirsaver.ini
[2008-06-13 11:19:50 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008-06-01 21:29:21 | 000,000,092 | ---- | C] () -- C:\WINDOWS\mp3wavcon.ini
[2008-06-01 21:28:27 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2008-05-25 18:18:47 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt
[2008-05-25 18:18:07 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008-05-25 12:07:09 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008-05-24 15:47:20 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008-05-24 15:37:49 | 000,223,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2008-05-24 15:35:50 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008-05-22 16:39:10 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005-06-18 16:00:52 | 000,070,018 | ---- | C] () -- C:\WINDOWS\System32\akrip32.dll
[2002-10-06 18:42:58 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002-10-04 23:04:26 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2002-10-04 23:04:26 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002-10-04 23:04:18 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll

[color=#E56717]========== LOP Check ==========[/color]

[2008-10-24 18:37:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ActiveSMART
[2009-12-26 13:29:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk
[2008-12-25 10:46:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Azureus
[2009-06-22 12:33:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters
[2010-01-03 12:23:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG
[2010-03-11 10:16:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2009-03-09 19:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Last.fm
[2009-11-05 20:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\McNeel
[2010-02-07 14:00:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2009-07-17 17:30:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sports Interactive
[2009-01-01 12:21:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2008-11-09 16:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Test Drive Unlimited
[2008-10-12 19:11:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrzej\Dane aplikacji\Opera
[2009-02-15 17:05:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Activision
[2010-01-15 19:55:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Azureus
[2008-06-18 14:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\BearShare
[2008-06-02 18:44:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\com.castrol.index.CastrolPerformanceIndex.pl.682DB0EC858BD8A15261C53F5EF5C3F0FBBFE08E.1
[2009-08-29 17:18:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Disney Interactive Studios
[2009-01-18 12:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\fltk.org
[2010-03-17 23:48:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Free Download Manager
[2008-05-22 17:33:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Gadu-Gadu
[2009-01-04 22:24:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Gearbox Software
[2010-01-02 17:46:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\GetRight
[2008-08-30 13:14:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\GetRightToGo
[2009-10-01 17:12:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\GHISLER
[2010-01-02 17:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\GrabPro
[2009-12-13 18:06:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\gtk-2.0
[2010-03-11 10:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\ipla
[2010-02-16 20:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\IVONA Reader
[2008-10-03 20:26:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Leadertech
[2009-03-25 17:13:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\lingot
[2009-02-05 19:21:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Nowe Gadu-Gadu
[2009-09-30 16:37:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\OpenFM
[2008-08-06 17:17:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Opera
[2010-01-03 12:28:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Orbit
[2009-08-07 13:23:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Pro Cycling Manager 2009
[2009-01-07 20:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Ringtone
[2008-05-25 18:19:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Samsung
[2009-07-06 13:06:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\SecondLife
[2009-11-01 19:24:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\SmartDraw
[2010-01-03 12:23:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Software Informer
[2009-06-15 17:56:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Sports Interactive
[2009-09-27 11:03:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Styler
[2008-08-29 18:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Thunderbird
[2009-11-27 12:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\ViGlance
[2009-11-27 12:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\ViSplore
[2008-05-24 12:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\ViStart
[2009-01-07 19:48:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\zweitgeist
[2009-04-18 20:25:08 | 000,000,382 | ---- | M] () -- C:\WINDOWS\Tasks\NSSstub.job
[2010-03-20 16:06:22 | 000,000,462 | ---- | M] () -- C:\WINDOWS\Tasks\SDMsgUpdate (TE).job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2008-05-24 17:10:50 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2003-04-16 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2008-05-22 15:39:41 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009-01-17 19:00:55 | 000,000,000 | ---- | M] () -- C:\m.txt
[2008-05-22 15:39:41 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010-03-20 16:43:52 | 000,000,451 | ---- | M] () -- C:\notepad.exe
[2008-05-24 17:07:28 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009-02-25 18:36:10 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-03-20 16:33:51 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
[2010-03-20 16:46:53 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2009-01-02 17:01:44 | 000,000,024 | ---- | M] () -- C:\url_history.xml
[2010-03-20 16:45:06 | 000,013,685 | ---- | M] () -- C:\zzzzzzzzz.txt


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\3af4cbd832b575a4e2527462087b37dc\agp440.sys
[2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004-08-03 22:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2003-04-16 13:00:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\3af4cbd832b575a4e2527462087b37dc\atapi.sys
[2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2003-04-16 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2003-04-16 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2003-04-16 13:00:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\3af4cbd832b575a4e2527462087b37dc\cdrom.sys
[2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\SoftwareDistribution\Download\3af4cbd832b575a4e2527462087b37dc\eventlog.dll
[2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\3af4cbd832b575a4e2527462087b37dc\ndis.sys
[2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\3af4cbd832b575a4e2527462087b37dc\winlogon.exe
[2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:1AAB2E68
< End of report >[/log]





log extra

[log]Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: SafeMode
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\Opera.exe" File not found
https [open] -- "C:\Program Files\Opera\Opera.exe" File not found
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Odkurz tutaj] -- C:\Program Files\Odkurzacz\odkurzacz.exe %1 (Franmo Software)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\NFS PRO STREET\nfs.exe" = D:\NFS PRO STREET\nfs.exe:*:Enabled:nfs -- File not found
"C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny -- (Gadu-Gadu S.A.)
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare -- (MusicLab, LLC)
"D:\MEDAL OF HONOR AA\MOHAA.exe" = D:\MEDAL OF HONOR AA\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault -- File not found
"C:\Program Files\TVUPlayer\TVUPlayer.exe" = C:\Program Files\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component -- (TVU networks)
"C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com)
"C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- (www.sopcast.com)
"C:\Documents and Settings\Mati\Pulpit\Netsoccer\server.exe" = C:\Documents and Settings\Mati\Pulpit\Netsoccer\server.exe:*:Enabled:server -- File not found
"D:\TrackMania Nations ESWC\TmNationsESWC.exe" = D:\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC -- File not found
"C:\Program Files\BearShare\BearShare.exe" = C:\Program Files\BearShare\BearShare.exe:*:Enabled:BearShare -- File not found
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager -- (Electronic Arts)
"D:\TmNationsForever\TmForever.exe" = D:\TmNationsForever\TmForever.exe:*:Enabled:TmForever -- File not found
"D:\UEFA EURO 2008\EURO08.exe" = D:\UEFA EURO 2008\EURO08.exe:*:Enabled:EURO08 -- File not found
"D:\Medal Of HOnor wojna na pacyfiku\mohpa.exe" = D:\Medal Of HOnor wojna na pacyfiku\mohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm) -- File not found
"D:\BZFlag2.0.10\bzflag.exe" = D:\BZFlag2.0.10\bzflag.exe:*:Enabled:bzflag -- File not found
"D:\BZFlag2.0.10\bzfs.exe" = D:\BZFlag2.0.10\bzfs.exe:*:Enabled:bzfs -- File not found
"D:\Alien Arena 2008\crx.exe" = D:\Alien Arena 2008\crx.exe:*:Enabled:crx -- File not found
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"D:\worms 2 demo\Worms2.exe" = D:\worms 2 demo\Worms2.exe:*:Enabled:Worms 2 Frontend Demo -- File not found
"D:\Paintball2\paintball2.exe" = D:\Paintball2\paintball2.exe:*:Enabled:paintball2 -- File not found
"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
"D:\Jf 5\Game.exe" = D:\Jf 5\Game.exe:*:Enabled:Game -- File not found
"C:\Program Files\VertrigoServ\Mysql\bin\v_mysqld.exe" = C:\Program Files\VertrigoServ\Mysql\bin\v_mysqld.exe:*:Enabled:v_mysqld -- ()
"D:\Fifa 08\FIFA08.exe" = D:\Fifa 08\FIFA08.exe:*:Disabled:FIFA08 -- File not found
"D:\FIFA 09\FIFA09.exe" = D:\FIFA 09\FIFA09.exe:*:Disabled:FIFA09 -- File not found
"C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 7.0.1.325\Polish\setup.exe" = C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 7.0.1.325\Polish\setup.exe:*:Enabled:Kaspersky Anti-Virus 7.0 Setup -- (Kaspersky Lab)
"D:\test drive\TestDriveUnlimited.exe" = D:\test drive\TestDriveUnlimited.exe:*:Enabled:Test Drive Unlimited -- File not found
"C:\Program Files\Hamachi\hamachi.exe" = C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi Client -- (LogMeIn Inc.)
"C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus -- (Vuze Inc.)
"C:\Program Files\SecondLife\SLVoice.exe" = C:\Program Files\SecondLife\SLVoice.exe:*:Enabled:SLVoice -- File not found
"C:\Program Files\TVAnts\Tvants.exe" = C:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts -- (Zhejiang University)
"C:\Program Files\Nowe Gadu-Gadu\gg.exe" = C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu beta -- (GG Network S.A.)
"D:\Rockstar GTA IV\Rockstar Games Social Club\RGSCLauncher.exe" = D:\Rockstar GTA IV\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club -- (Take-Two Interactive Software, Inc.)
"D:\GTA 4\Grand Theft Auto IV\LaunchGTAIV.exe" = D:\GTA 4\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV -- (Sony DADC Austria AG)
"D:\GTA 4\Grand Theft Auto IV\GTAIV.exe" = D:\GTA 4\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV -- (Take-Two Interactive Software, Inc.)
"D:\GP4 2008\GP4.exe" = D:\GP4 2008\GP4.exe:*:Enabled:GP4 -- File not found
"D:\GP4 2008\GP42.exe" = D:\GP4 2008\GP42.exe:*:Enabled:GP42 -- File not found
"C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft)
"D:\Flight Simulator 2004\fs9.exe" = D:\Flight Simulator 2004\fs9.exe:*:Enabled:Microsoft Flight Simulator -- File not found
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"D:\Race Driver Grid\Grid\GRID.exe" = D:\Race Driver Grid\Grid\GRID.exe:*:Enabled:GRID Executable -- File not found
"D:\SecondLife\SLVoice.exe" = D:\SecondLife\SLVoice.exe:*:Enabled:SLVoice -- File not found
"D:\fm 2009\fm.exe" = D:\fm 2009\fm.exe:*:Disabled:Football Manager 2009 -- File not found
"D:\PES 2009\pes2009.exe" = D:\PES 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009 -- File not found
"C:\Program Files\Cyanide\GameCenter\GameCenter.exe" = C:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter -- File not found
"D:\Pro Cycling Manager - Season 2009\PCM.exe" = D:\Pro Cycling Manager - Season 2009\PCM.exe:*:Enabled:Pro Cycling Manager - Season 2009 -- File not found
"D:\Pro Cycling Manager - Season 2009\Autorun\Exe\Autorun.exe" = D:\Pro Cycling Manager - Season 2009\Autorun\Exe\Autorun.exe:*:Enabled:Pro Cycling Manager - Season 2009 - AutoRun -- File not found
"C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe" = C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter -- (Nero AG)
"D:\paintball\Paintball2\paintball2.exe" = D:\paintball\Paintball2\paintball2.exe:*:Enabled:paintball2 -- ()
"D:\WET\ET.exe" = D:\WET\ET.exe:*:Enabled:ET -- File not found
"D:\CS\hl.exe" = D:\CS\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe" = C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe:*:Disabled:Sentinel Protection Server -- (SafeNet, Inc)
"C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe" = C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe:*:Disabled:Sentinel Keys Server -- (SafeNet, Inc.)
"D:\FIFA 10\FIFA10.exe" = D:\FIFA 10\FIFA10.exe:*:Enabled:FIFA10 -- ()
"C:\Program Files\Winamp Remote\bin\Orb.exe" = C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb -- File not found
"C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray -- File not found
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client -- File not found
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\WINDOWS\system32\dxdiag.exe" = C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Narzędzie diagnostyczne Microsoft DirectX -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"I:\Gry\CoDWaWmp.exe" = I:\Gry\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) -- File not found
"I:\Gry\CoDWaW.exe" = I:\Gry\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) -- File not found
"I:\GRY\Call Of Duty 5\CoDWaW.exe" = I:\GRY\Call Of Duty 5\CoDWaW.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop -- (Activision Blizzard, Inc.)
"I:\GRY\NFS Pro Street\nfs.exe" = I:\GRY\NFS Pro Street\nfs.exe:*:Enabled:nfs -- ()
"G:\Programy\3DS MAX9\3dsmax.exe" = G:\Programy\3DS MAX9\3dsmax.exe:*:Enabled:Autodesk 3ds Max 9 32-bit -- (Autodesk, Inc.)
"G:\Programy\monitor.exe" = G:\Programy\monitor.exe:*:Enabled:backburner 2.3 monitor -- File not found
"G:\Programy\manager.exe" = G:\Programy\manager.exe:*:Enabled:backburner 2.3 manager -- File not found
"G:\Programy\server.exe" = G:\Programy\server.exe:*:Enabled:backburner 2.3 server -- File not found
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"I:\GRY\burnout paradise\BurnoutLauncher.exe" = I:\GRY\burnout paradise\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box -- (Electronic Arts)
"I:\GRY\burnout paradise\BurnoutConfigTool.exe" = I:\GRY\burnout paradise\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box -- (Electronic Arts)
"I:\GRY\burnout paradise\BurnoutParadise.exe" = I:\GRY\burnout paradise\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box -- (Electronic Arts)
"I:\GRY\pes 10\PES2010_REPACK\PES2010\pes2010.exe" = I:\GRY\pes 10\PES2010_REPACK\PES2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010 -- (Konami Digital Entertainment Co., Ltd.)
"I:\GRY\vancouver\Vancouver.exe" = I:\GRY\vancouver\Vancouver.exe:*:Enabled:Vancouver 2010™ -- (SEGA)
"I:\GRY\8BallClub\GameDirector.exe" = I:\GRY\8BallClub\GameDirector.exe:*:Enabled:8BallClub Game -- ()


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05B7B9BA-9EBC-4C5B-933D-49F372EFE7A1}" = Adobe Photoshop CS4
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{0EEAB659-66AB-4250-BB30-984D92A9AC8C}" = Power Tab Librarian
"{0F99EAFA-4054-4ABC-A3D3-D2299210572F}" = Adobe Bridge CS4
"{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1BCEA516-B4C5-4B2D-BFA0-AB7910BAD862}" = Adobe ExtendScript Toolkit 2
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{342F5437-C87D-4BB5-89B9-B23E16C6A395}" = Microsoft Visual C++ 8.0 Support DLLs
"{343737F4-C04D-49F4-BE58-C7EAA8EBA57A}" = Need for Speed™ ProStreet
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Backburner
"{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}" = SpPhones
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}" = Sp5
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5A180ED5-0AC1-410A-B790-5E0319CD0A93}" = Sentinel Protection Installer 7.4.0
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{6291FC10-FDF0-4022-A1A5-710C728D49C2}" = Vancouver 2010
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B9DD988-5ECB-4623-BBFF-8A8F2DA3ED16}" = Rhinoceros 4.0 Evaluation
"{6C3959C6-943E-44B3-BAAD-570B04B134E5}" = SpCommon
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7C8B5E63-821A-4DFB-BDFA-19854D88EC5C}" = 3dsmax ancillary install
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{93FEF7B8-2F25-4827-AA00-8412E1A75358}" = Testy inteligencji IQ
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout(TM) Paradise The Ultimate Box
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{A0BCF90F-B4E4-435C-A48D-8FAAE10554F9}" = Pixia
"{A1C9D1DA-7803-4586-B509-450009938312}" = Adobe Setup
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}" = Hitman - Krwawa Forsa
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1045-7B44-A81200000003}" = Adobe Reader 8 - Polish
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BA12FD6C-169A-11D7-A6A9-00C026281E5B}" = PC DUAL SHOCK
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C06CE867-0019-4BDD-88C3-CD96F79FCDC7}" = Cortona3D Viewer
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4418DF9-5B57-4C5D-ACC2-D6B1338CCE09}" = Photoshop Camera Raw
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{CD206481-A4FC-4DD7-B405-5F81888CFC53}" = Samsung PC Studio 3
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D6D5CB84-0E6E-4E69-B300-C690B6911045}" = Nero 8
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E22F239F-953C-4C6C-8CAC-2CE1C26CCB2D}" = Double Vibration Controller 3
"{E415C943-37E5-473F-8BAE-043C56734124}" = Sp5TTInt
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E94806A6-3E29-40AE-A1A2-B4099D077C98}" = Sun VirtualBox
"{E96D4088-AAC5-437F-9E39-EC0E387897B4}" = Autodesk 3ds Max 9 32-bit
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{ED57CE70-0DC6-49AB-A33E-FAC212A6AF5E}" = Creative MuVo V100
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2B5A2A7-2DF9-4361-8BD5-362714528B51}" = NHL® 09
"{F7C1C17E-70E3-475F-BD52-EA554391F15D}" = GameShadow
"{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}" = Sp5Intl
"{FF3C203A-2F19-43A2-9C7C-EC1B5A0FC873}" = Pure
"8BallClub" = 8BallClub Billiards
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_b741c3c52d3108664cedeb2b76f6d96" = Adobe Photoshop CS4
"AIDA32_is1" = AIDA32 v3.93
"ALLPlayer V2.2" = ALLPlayer V2.2
"ALLPlayer V3.2_is1" = ALLPlayer V3.X
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 1.2.6
"AudibleManager" = AudibleManager
"avast!" = avast! Antivirus
"CadStd" = CadStd
"chundate.scr" = chundate ScreenSaver
"Collab" = Collab
"Creation Master 10_is1" = Creation Master 10 Release 10.1
"D-Fend Reloaded" = D-Fend Reloaded 0.9.0 (odinstaluj)
"DirectShowPack" = DirectShow Pack (remove only)
"eMule" = eMule
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FBX Plugin 2006.08 for Max 9.0" = FBX Plugin 2006.08 for Max 9.0
"ffdshow" = ffdshow (remove only)
"FIFA 09 Music Changer" = FIFA 09 Music Changer
"FL Studio 8" = FL Studio 8
"Free Download Manager_is1" = Free Download Manager 3.0
"Free Pascal_is1" = Free Pascal 2.0.4
"Gadu-Gadu" = Gadu-Gadu 7.7
"GameSpy Arcade" = GameSpy Arcade
"Gimnazjum klasa 2 - Historia" = Gimnazjum klasa 2 - Historia
"Gimnazjum klasa 3 - Historia" = Gimnazjum klasa 3 - Historia
"GPxPatch" = GPxPatch (remove only)
"Grand Prix 4 2008 beta1.0" = Grand Prix 4 2008 beta
"Guitar Pro 5_is1" = Guitar Pro 5.0
"Hamachi" = Hamachi 1.0.3.0
"HijackThis" = HijackThis 2.0.2
"HP DeskJet 690C Series" = HP DeskJet 690C Series (Remove only)
"Hpfsched Removal Tool_is1" = Hpfsched Removal Tool
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"IL Download Manager" = IL Download Manager
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"ipla" = ipla 2.0.1b
"IVONA" = IVONA
"IVONA Reader" = IVONA Reader
"Joy RingTone Converter Evaluation Edition" = Joy RingTone Converter Evaluation Edition 2.0
"LastFM_is1" = Last.fm 1.5.4.24567
"ldsw" = Longman Słownik Współczesny
"Liceum klasa 1 i 2 - Biologia" = Liceum klasa 1 i 2 - Biologia
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.8)" = Mozilla Firefox (3.5.8)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"My Global Search Uninstall" = My Global Search Bar
"neostradatp.exe" = neostrada tp
"Niezbędnik CD_is1" = Niezbędnik CD
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nowe Gadu-Gadu" = Nowe Gadu-Gadu
"NVIDIA Drivers" = NVIDIA Drivers
"Odkurzacz 11.3_is1" = Odkurzacz 11.3
"OpenAL" = OpenAL
"Pack Vista Inspirat 2" = Pack Vista Inspirat 2 1.0
"Paintball2" = Paintball2 Alpha build 27
"PhotoToolkit_is1" = Photo! Editor 1.0
"Pixie_is1" = Pixie 1.4.1
"PoiZone" = PoiZone
"PokerStars" = PokerStars
"PunkBusterSvc" = PunkBuster Services
"RealAlt_is1" = Real Alternative 1.8.4
"RTL Biathlon 2009" = RTL Biathlon 2009
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Softnyx Launcher_is1" = Softnyx Launcher
"Software Informer_is1" = Software Informer 1.0 BETA
"SopCast" = SopCast 3.0.3
"SPEEDX" = Speed-X (uninstall)
"StmAdsl" = ADSL Modem
"SUPER ©" = SUPER © Version 2009.bld.36 (June 10, 2009)
"SysInfo" = Creative System Information
"Totalcmd" = Total Commander (Remove or Repair)
"Toxic Biohazard" = Toxic Biohazard
"TVAnts 1.0" = TVAnts 1.0
"TVUPlayer" = TVUPlayer 2.3.7.1
"Ultra RM Converter_is1" = Ultra RM Converter 2.3.0
"VBoxOSEGuest" = VirtualBox OSE Guest Additions 3.0.8-0
"VertrigoServ" = VertrigoServ (remove only)
"Vuze" = Vuze
"WAV MP3 Converter_is1" = WAV MP3 Converter 1.30
"WAV to MP3 Encoder" = WAV to MP3 Encoder
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows Script" = Microsoft Windows Script 5.7
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.4
"WinRAR archiver" = Archiwizator WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Worms Armageddon Demo" = Worms Armageddon Demo
"Worms2 Demo" = Worms2 Demo
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Antivirus Events ]
Error - 2009-02-24 13:48:12 | Computer Name = MATEUSZ | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\DOCUMENTS AND SETTINGS\MATI\MOJE DOKUMENTY\MOJA MUZYKA\TRAVIS\TRAVIS - SINGLES\THUMBS.DB
failed, 00000005.

Error - 2009-02-24 13:48:12 | Computer Name = MATEUSZ | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\DOCUMENTS AND SETTINGS\MATI\MOJE DOKUMENTY\MOJE OBRAZY\PUBLIKACJA MATEUSZ STRóż
KL.2J\PUBLIKACJA1_PLIKI\THUMBS.DB failed, 00000005.

Error - 2009-02-24 13:48:12 | Computer Name = MATEUSZ | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\DOCUMENTS AND SETTINGS\MATI\MOJE DOKUMENTY\MOJE OBRAZY\ZDJęCIA\WIEDEń 2008\THUMBS.DB
failed, 00000005.

Error - 2009-05-17 13:07:33 | Computer Name = MATEUSZ | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
A:\posłuchaj bo warto.msg failed, 0000001E.

Error - 2009-05-18 12:47:07 | Computer Name = MATEUSZ | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
A:\logo_kpk.JPG failed, 0000A420.

Error - 2009-05-18 12:47:39 | Computer Name = MATEUSZ | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
A:\drzewa069.jpg failed, 0000A420.

Error - 2009-07-31 04:42:23 | Computer Name = MATEUSZ | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\DOCUMENTS AND SETTINGS\MATI\MOJE DOKUMENTY\MOJA MUZYKA\30 SECONDS TO MARS\A
BEAUTIFUL LIE\THUMBS.DB failed, 00000005.

Error - 2009-07-31 04:42:23 | Computer Name = MATEUSZ | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\DOCUMENTS AND SETTINGS\MATI\MOJE DOKUMENTY\MOJA MUZYKA\AC DC\AC DC HIGHWAY TO
HELL\THUMBS.DB failed, 00000005.

Error - 2009-07-31 04:42:23 | Computer Name = MATEUSZ | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\DOCUMENTS AND SETTINGS\MATI\MOJE DOKUMENTY\MOJA MUZYKA\AC DC\ACDC - BACK IN
BLACK\THUMBS.DB failed, 00000005.

Error - 2009-11-07 13:32:47 | Computer Name = MATEUSZ | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://suggestqueries.google.com/complete/search?output=firefox&client=firefox&hl=pl&q=ri
failed, 0000A413.

[ Application Events ]
Error - 2010-03-14 13:54:51 | Computer Name = MATEUSZ | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd winamp.exe, wersja 5.5.3.1938, moduł powodujący
błąd ml_nowplaying2.dll, wersja 0.0.0.0, adres błędu 0x0027dd60.

Error - 2010-03-14 13:59:48 | Computer Name = MATEUSZ | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd winamp.exe, wersja 5.5.3.1938, moduł powodujący
błąd ml_nowplaying2.dll, wersja 0.0.0.0, adres błędu 0x0027dd60.

Error - 2010-03-14 14:00:18 | Computer Name = MATEUSZ | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd winamp.exe, wersja 5.5.3.1938, moduł powodujący
błąd ml_nowplaying2.dll, wersja 0.0.0.0, adres błędu 0x0027dd60.

Error - 2010-03-14 14:00:53 | Computer Name = MATEUSZ | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd winamp.exe, wersja 5.5.3.1938, moduł powodujący
błąd ml_nowplaying2.dll, wersja 0.0.0.0, adres błędu 0x0027dd60.

Error - 2010-03-15 16:31:45 | Computer Name = MATEUSZ | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca hl.exe, wersja 1.1.1.1, moduł zawieszenia hungapp,
wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2010-03-15 16:32:07 | Computer Name = MATEUSZ | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca hl.exe, wersja 1.1.1.1, moduł zawieszenia hungapp,
wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2010-03-15 16:43:26 | Computer Name = MATEUSZ | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca hl.exe, wersja 1.1.1.1, moduł zawieszenia hungapp,
wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2010-03-15 16:43:46 | Computer Name = MATEUSZ | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca hl.exe, wersja 1.1.1.1, moduł zawieszenia hungapp,
wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2010-03-15 16:44:16 | Computer Name = MATEUSZ | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca hl.exe, wersja 1.1.1.1, moduł zawieszenia hungapp,
wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2010-03-19 18:03:29 | Computer Name = MATEUSZ | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd winamp.exe, wersja 5.5.3.1938, moduł powodujący
błąd ml_nowplaying2.dll, wersja 0.0.0.0, adres błędu 0x0027dd60.

[ System Events ]
Error - 2010-03-20 10:14:13 | Computer Name = MATEUSZ | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Double Vibration Controller 3 z powodu
następującego błędu: %%1058

Error - 2010-03-20 11:04:20 | Computer Name = MATEUSZ | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Double Vibration Controller 3 z powodu
następującego błędu: %%1058

Error - 2010-03-20 11:48:08 | Computer Name = MATEUSZ | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi
EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 2010-03-20 11:48:35 | Computer Name = MATEUSZ | Source = Service Control Manager | ID = 7001
Description = Usługa NetBios przez TCP/IP zależy od usługi Sterownik protokołu TCP/IP,
której nie można uruchomić z powodu następującego błędu: %%31

Error - 2010-03-20 11:48:35 | Computer Name = MATEUSZ | Source = Service Control Manager | ID = 7001
Description = Usługa Klient DHCP zależy od usługi NetBios przez TCP/IP, której nie
można uruchomić z powodu następującego błędu: %%1068

Error - 2010-03-20 11:48:35 | Computer Name = MATEUSZ | Source = Service Control Manager | ID = 7001
Description = Usługa Klient DNS zależy od usługi Sterownik protokołu TCP/IP, której
nie można uruchomić z powodu następującego błędu: %%31

Error - 2010-03-20 11:48:35 | Computer Name = MATEUSZ | Source = Service Control Manager | ID = 7001
Description = Usługa Pomoc TCP/IP NetBIOS zależy od usługi Środowisko obsługi sieci
AFD, której nie można uruchomić z powodu następującego błędu: %%31

Error - 2010-03-20 11:48:35 | Computer Name = MATEUSZ | Source = Service Control Manager | ID = 7001
Description = Usługa ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## zależy
od usługi Sterownik protokołu TCP/IP, której nie można uruchomić z powodu następującego
błędu: %%31

Error - 2010-03-20 11:48:35 | Computer Name = MATEUSZ | Source = Service Control Manager | ID = 7001
Description = Usługa Usługi IPSEC zależy od usługi Sterownik IPSEC, której nie można
uruchomić z powodu następującego błędu: %%31

Error - 2010-03-20 11:48:35 | Computer Name = MATEUSZ | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: Aavmker4 AFD aswSP aswTdi eusk2par Fips intelppm IPSec MRxSmb NetBIOS RasAcd
Rdbss
StarOpen
Tcpip
VBoxDrv
VBoxUSBMon


< End of report >[/log]

Psycholandia
komentarz
komentarz

W okienko OTL wklej poniższy skrypt i klik na Run Fix:

[quote]:Processes
explorer.exe

:OTL
O2 - BHO: (My Global Search Bar BHO) - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)
O3 - HKLM\..\Toolbar: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)
O4 - HKLM..\Run: [ActiveSMART] C:\Program Files\Active SMART USB\ActiveSMART.exe File not found
O4 - HKLM..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe File not found
O16 - DPF: {A903E5AB-C67E-40FB-94F1-E1305982F6E0} http://www.fbhost-tv.../UKooPlayer.ocx (Reg Error: Key error.)

:Files
C:\Program Files\Mozilla Firefox\plugins\NPMyGlSh.dll
C:\Program Files\MyGlobalSearch
C:\Documents and Settings\All Users\Dane aplikacji\6JQ57
C:\WINDOWS\System32\RLAPEDec.ax
C:\WINDOWS\System32\MPCDx.ax
C:\WINDOWS\System32\RLMPCDec.ax
C:\WINDOWS\System32\nbDX.dll
C:\WINDOWS\System32\msfDX.dll
C:\WINDOWS\System32\ac3DX.ax
C:\WINDOWS\System32\CoreAAC.ax
C:\WINDOWS\System32\flvDX.dll
C:\WINDOWS\System32\MatroskaDX.ax
C:\WINDOWS\System32\AVCDX.ax
C:\WINDOWS\System32\RealMediaDX.ax
C:\WINDOWS\System32\aac_parser.ax
C:\WINDOWS\System32\RLOgg.ax
C:\WINDOWS\System32\RLTheoraDec.ax
C:\WINDOWS\System32\RLSpeexDec.ax
C:\WINDOWS\System32\RLVorbisDec.ax
C:\WINDOWS\System32\DiracSplitter.ax
C:\WINDOWS\System32\TTADSSplitter.ax
C:\WINDOWS\System32\TTADSDecoder.ax
C:\WINDOWS\System32\FLACDX.ax

:Commands
[emptytemp]
[start explorer]
[Reboot][/quote]

Pobierz: http://www.freedrweb.pl/livecd.php nagraj na płytę, reset kompa, podczas uruchamiania wciskaj F11, odpali się program i wykona skanowanie. Wszystko co znajdzie usuń.

Mateoz555
komentarz
komentarz

Run fix skryptu nie pomogło, a Dr.Web nie wykrywa mojej myszki, tuz przed startem tego pulpitu na dole pisze: Error i coś z myszką , nie zdążam przeczytać. Więc przeskanowałem w trybie Safe Mode ale tam nie wiem jak wybrać partycje do przeskanowania i leci wszystko, po 3 godz przeskanowało dokumenty, kilka dużych plików nie z partycji C i zaczęło Program Files skanowania nie widac końca więc wyszedłem.

Czy sfiksowanie skryptu nie pomogło bo nie przeskanowałem do końca?
Jak wybrać partycje,albo żeby myszka działała?
Czy skrypt do sfixowania był zły?
Jak sie nie da nic z tą myszką w Webie to pomimo tego skanowac jeszcze raz do końca wszystkie partycje?

Psycholandia
komentarz
komentarz

Daj loga z Combofixa: http://www.forumpc.pl/index.php?showtopic=153621

Mateoz555
komentarz
komentarz

Wszystko wróciło do normy!!!

Po odpaleniu combofixa wszystko działa i już nie ma błędu!

oto logjeśli jest jeszcze potrzebny

[log]ComboFix 10-03-20.04 - Mati 2010-03-21 15:22:18.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.48.1045.18.2046.1566 [GMT 1:00]
Uruchomiony z: c:\documents and settings\Mati\Pulpit\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100321-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!
.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\LocalService\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\documents and settings\Mati\Dane aplikacji\avdrn.dat
c:\documents and settings\Mati\HiJackThis.exe
c:\documents and settings\Mati\Hpfsched-Removal-Tool.exe
c:\documents and settings\Mati\OTL.exe
c:\windows\eSellerateEngine.dll
c:\windows\system32\config\systemprofile\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\windows\system32\DEBUG.log
c:\windows\system32\setup.ini

.
((((((((((((((((((((((((( Pliki utworzone od 2010-02-21 do 2010-03-21 )))))))))))))))))))))))))))))))
.

2010-03-20 21:57 . 2010-03-20 21:57 -------- d-----w- C:\_OTL
2010-03-20 15:44 . 2010-03-20 15:33 555520 ----a-w- C:\OTL.exe
2010-03-20 15:43 . 2010-03-20 15:43 451 ----a-w- C:\notepad.exe
2010-03-19 18:34 . 2008-05-22 15:31 -------- d--h--w- c:\documents and settings\Administrator.MATEUSZ.003\Ustawienia lokalne
2010-03-19 18:26 . 2010-01-26 13:01 81920 ----a-w- c:\windows\eSellerateControl350.dll
2010-03-19 18:26 . 2010-03-19 19:22 -------- d-----w- c:\program files\Hpfsched Removal Tool
2010-03-19 17:33 . 2010-03-19 17:33 -------- d-----w- c:\windows\system32\wbem\Repository
2010-03-19 17:09 . 2010-03-19 17:12 -------- d-----w- c:\documents and settings\Administrator.MATEUSZ.002\Ustawienia lokalne\Dane aplikacji\Microsoft
2010-03-19 17:09 . 2010-03-19 17:12 -------- d-----w- c:\documents and settings\Administrator.MATEUSZ.002\Szablony
2010-03-19 17:09 . 2010-03-19 17:12 -------- d-----w- c:\documents and settings\Administrator.MATEUSZ.002\Dane aplikacji
2010-03-19 17:09 . 2010-03-19 17:12 -------- d-s---w- c:\documents and settings\Administrator.MATEUSZ.002
2010-03-19 17:09 . 2010-03-19 17:12 -------- d-----w- c:\documents and settings\Administrator.MATEUSZ.002\Ustawienia lokalne
2010-03-19 16:38 . 2010-03-19 17:23 -------- d-----w- c:\documents and settings\Administrator.MATEUSZ.001\Ustawienia lokalne\Dane aplikacji\Microsoft
2010-03-19 16:38 . 2010-03-19 17:23 -------- d-----w- c:\documents and settings\Administrator.MATEUSZ.001\Ustawienia lokalne
2010-03-19 16:38 . 2010-03-19 17:23 -------- d-----w- c:\documents and settings\Administrator.MATEUSZ.001\Szablony
2010-03-19 16:38 . 2010-03-19 17:23 -------- d-----w- c:\documents and settings\Administrator.MATEUSZ.001\Dane aplikacji
2010-03-19 16:38 . 2010-03-19 17:23 -------- d-s---w- c:\documents and settings\Administrator.MATEUSZ.001
2010-03-18 20:54 . 2010-03-19 17:26 -------- d-----w- c:\documents and settings\Administrator.MATEUSZ.000\Ustawienia lokalne\Dane aplikacji\Microsoft
2010-03-18 20:54 . 2010-03-19 17:26 -------- d-s---w- c:\documents and settings\Administrator.MATEUSZ.000
2010-03-18 20:54 . 2010-03-19 17:26 -------- d-----w- c:\documents and settings\Administrator.MATEUSZ.000\Ustawienia lokalne
2010-03-18 20:54 . 2010-03-19 17:26 -------- d-----w- c:\documents and settings\Administrator.MATEUSZ.000\Szablony
2010-03-18 20:54 . 2010-03-19 17:26 -------- d-----w- c:\documents and settings\Administrator.MATEUSZ.000\Dane aplikacji
2010-03-18 20:40 . 2010-03-19 17:28 -------- d-----w- c:\documents and settings\Administrator.MATEUSZ\Ustawienia lokalne\Dane aplikacji\Microsoft
2010-03-18 20:40 . 2010-03-19 17:28 -------- d-s---w- c:\documents and settings\Administrator.MATEUSZ
2010-03-18 20:40 . 2010-03-19 17:28 -------- d-----w- c:\documents and settings\Administrator.MATEUSZ\Ustawienia lokalne
2010-03-18 20:40 . 2010-03-19 17:28 -------- d-----w- c:\documents and settings\Administrator.MATEUSZ\Szablony
2010-03-18 20:40 . 2010-03-19 17:28 -------- d-----w- c:\documents and settings\Administrator.MATEUSZ\Dane aplikacji
2010-03-18 17:06 . 2010-03-19 17:29 -------- d-----w- c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft
2010-03-18 17:06 . 2010-03-19 17:29 -------- d-----w- c:\documents and settings\Administrator\Ustawienia lokalne
2010-03-18 17:06 . 2010-03-19 17:29 -------- d-----w- c:\documents and settings\Administrator\Szablony
2010-03-18 17:06 . 2010-03-19 17:29 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji
2010-03-18 17:06 . 2010-03-19 17:29 -------- d-s---w- c:\documents and settings\Administrator
2010-03-18 05:22 . 2010-03-18 05:22 -------- d-s---w- c:\documents and settings\LocalService\Ulubione
2010-03-17 19:01 . 2010-03-17 19:01 -------- d-----w- c:\windows\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Winamp Toolbar
2010-03-10 15:29 . 2009-10-23 15:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-03-06 10:03 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-02-27 10:52 . 2010-02-27 10:52 -------- d-----w- c:\documents and settings\Mati\Ustawienia lokalne\Dane aplikacji\SEGA
2010-02-26 19:58 . 2010-02-04 09:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-02-26 19:58 . 2010-02-04 09:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-02-26 19:58 . 2010-02-04 09:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2010-02-26 19:58 . 2010-02-04 09:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-21 14:18 . 2010-01-03 11:23 -------- d-----w- c:\documents and settings\Mati\Dane aplikacji\Free Download Manager
2010-03-19 17:38 . 2008-05-22 14:51 -------- d-----w- c:\program files\Neostrada TP
2010-03-19 17:15 . 2009-09-09 16:28 -------- d-----w- c:\documents and settings\Mati\Dane aplikacji\Hamachi
2010-03-19 17:13 . 2008-05-22 15:12 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-18 05:20 . 2009-11-27 11:31 70672 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2010-03-17 19:05 . 2009-09-13 15:52 217824 ----a-w- c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
2010-03-17 19:01 . 2010-03-17 19:01 12 ----a-w- c:\windows\system32\config\systemprofile\Dane aplikacji\zxcdyt.dat
2010-03-17 18:57 . 2008-05-24 11:40 -------- d-----w- c:\documents and settings\Mati\Dane aplikacji\Skype
2010-03-17 17:32 . 2008-05-24 11:41 -------- d-----w- c:\documents and settings\Mati\Dane aplikacji\skypePM
2010-03-15 20:44 . 2008-12-27 20:53 -------- d-----w- c:\program files\PokerStars
2010-03-14 20:46 . 2008-09-03 17:10 -------- d-----w- c:\program files\eMule
2010-03-13 15:13 . 2008-05-23 11:14 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2010-03-13 13:29 . 2010-03-13 13:29 12 ----a-w- c:\windows\system32\config\systemprofile\Dane aplikacji\rbuwzv.dat
2010-03-11 09:16 . 2008-06-08 10:56 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\ipla
2010-03-11 09:13 . 2008-06-08 10:56 -------- d-----w- c:\documents and settings\Mati\Dane aplikacji\ipla
2010-03-11 09:13 . 2009-10-03 18:04 -------- d-----w- c:\program files\ipla
2010-02-16 19:07 . 2010-02-16 19:06 -------- d-----w- c:\documents and settings\Mati\Dane aplikacji\IVONA Reader
2010-02-16 19:06 . 2009-11-08 13:51 -------- d-----w- c:\program files\IVONA
2010-02-07 13:00 . 2009-09-30 15:37 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\OpenFM
2010-01-30 15:27 . 2010-01-30 15:27 -------- d-----w- c:\program files\3D-Retro
2010-01-30 14:11 . 2010-01-30 14:11 8854 ----a-r- c:\documents and settings\Mati\Dane aplikacji\Microsoft\Installer\{F7C1C17E-70E3-475F-BD52-EA554391F15D}\Uninstall_GameShadow_F7C1C17E70E3475FBD52EA554391F15D.exe
2010-01-30 14:11 . 2010-01-30 14:11 45056 ----a-r- c:\documents and settings\Mati\Dane aplikacji\Microsoft\Installer\{F7C1C17E-70E3-475F-BD52-EA554391F15D}\GameShadow.exe1_0A3DE514292C4EBA987823B82B0B2BA2.exe
2010-01-30 14:11 . 2010-01-30 14:11 45056 ----a-r- c:\documents and settings\Mati\Dane aplikacji\Microsoft\Installer\{F7C1C17E-70E3-475F-BD52-EA554391F15D}\GameShadow.exe_0A3DE514292C4EBA987823B82B0B2BA2.exe
2010-01-30 14:11 . 2010-01-30 14:11 45056 ----a-r- c:\documents and settings\Mati\Dane aplikacji\Microsoft\Installer\{F7C1C17E-70E3-475F-BD52-EA554391F15D}\ARPPRODUCTICON.exe
2010-01-07 17:27 . 2008-10-03 21:13 6670 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2010-01-05 09:57 . 2003-04-16 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-01-05 09:57 . 2008-05-24 16:10 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 09:57 . 2003-04-16 12:00 17408 ------w- c:\windows\system32\corpol.dll
2009-12-31 16:50 . 2003-04-16 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-22 21:51 . 2008-05-25 11:07 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-12-22 21:50 . 2008-05-25 11:07 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2008-09-19 18:17 . 2008-09-19 18:17 16384 ----a-w- c:\program files\uik.dat
2008-09-19 18:16 . 2008-09-19 18:16 4 ----a-w- c:\program files\is.dat
2009-10-14 17:36 . 2010-02-16 19:07 27648 ----a-w- c:\program files\mozilla firefox\components\IvonaFirefoxToolbar.dll
.

------- Sigcheck -------

[-] 2008-04-14 . F042E3426D45D86D9BB55F6A79AB441A . 977408 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . F042E3426D45D86D9BB55F6A79AB441A . 977408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[7] 2008-04-14 . C791ED9EAC5E76D9525E157B1D7A599A . 1035264 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\3af4cbd832b575a4e2527462087b37dc\explorer.exe
[7] 2008-04-14 . C791ED9EAC5E76D9525E157B1D7A599A . 1035264 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\explorer.exe
[-] 2007-06-13 . E74EF52C79F3347A0B105B0B92BFED38 . 976896 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2007-06-13 . 8DB0650B211425B9CDB7D1C4A8F6B482 . 1034752 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[7] 2004-08-03 . 379098A96E6C165B659DE7E4328010EA . 1033728 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe" [2007-03-18 630784]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 52\axcmd.exe" [2008-03-20 216520]
"Nowe Gadu-Gadu"="c:\program files\Nowe Gadu-Gadu\gg.exe" [2009-08-31 11391592]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-01-29 23975720]
"RGSC"="d:\rockstar gta iv\Rockstar Games Social Club\RGSCLauncher.exe" [2009-02-25 306088]
"Odkurzacz-MCD"="c:\program files\Odkurzacz\odk_mcd.exe" [2008-08-16 264704]
"IROElauncher"="c:\program files\IVONA\IVONA Reader\integr\OutlookExpress\IROElauncher.exe" [2008-09-24 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"RTHDCPL"="RTHDCPL.EXE" [2008-02-13 16857600]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2005-12-10 133016]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-17 149280]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-02-28 570664]
"nwiz"="nwiz.exe" [2009-02-09 1657376]
"AdslTaskBar"="stmctrl.dll" [2006-06-02 151552]
"WOOWATCH"="c:\progra~1\NEOSTR~1\Watch.exe" [2004-08-23 20480]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-09 13680640]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Mati\Menu Start\Programy\Autostart\
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-18 630784]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\VertrigoServ\\Mysql\\bin\\v_mysqld.exe"=
"c:\\Documents and Settings\\All Users\\Dane aplikacji\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\Polish\\setup.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Program Files\\Vuze\\Azureus.exe"=
"c:\\Program Files\\TVAnts\\Tvants.exe"=
"c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=
"d:\\Rockstar GTA IV\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"d:\\GTA 4\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"d:\\GTA 4\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe"=
"d:\\paintball\\Paintball2\\paintball2.exe"=
"d:\\CS\\hl.exe"=
"c:\\Program Files\\Common Files\\SafeNet Sentinel\\Sentinel Protection Server\\WinNT\\spnsrvnt.exe"=
"c:\\Program Files\\Common Files\\SafeNet Sentinel\\Sentinel Keys Server\\sntlkeyssrvr.exe"=
"d:\\FIFA 10\\FIFA10.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\dxdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"i:\\GRY\\Call Of Duty 5\\CoDWaW.exe"=
"i:\\GRY\\NFS Pro Street\\nfs.exe"=
"g:\\Programy\\3DS MAX9\\3dsmax.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"i:\\GRY\\burnout paradise\\BurnoutLauncher.exe"=
"i:\\GRY\\burnout paradise\\BurnoutConfigTool.exe"=
"i:\\GRY\\burnout paradise\\BurnoutParadise.exe"=
"i:\\GRY\\pes 10\\PES2010_REPACK\\PES2010\\pes2010.exe"=
"i:\\GRY\\vancouver\\Vancouver.exe"=
"i:\\GRY\\8BallClub\\GameDirector.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-05-22 114768]
R1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [2008-10-20 24786]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [2009-11-02 115856]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [2009-11-02 41424]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-07-26 20560]
R2 SentinelKeysServer;Sentinel Keys Server;c:\program files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2007-04-27 316992]
R2 SVKP;SVKP;c:\windows\system32\SVKP.sys [2009-01-03 2368]
R3 Stmatm;ATM/ADSL miniport;c:\windows\system32\drivers\stmatm.sys [2009-10-19 60255]
R3 TaurusUsb;ADSL Modem USB Service;c:\windows\system32\drivers\torususb.sys [2009-10-19 684265]
R3 VBoxMouse;VirtualBox Guest Mouse Service;c:\windows\system32\drivers\VBoxMouse.sys [2009-10-12 32960]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [2009-11-02 94992]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [2009-10-07 103568]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2008-05-24 717296]
S2 GAFilter;Double Vibration Controller 3;c:\windows\system32\drivers\DV3.sys [2008-10-06 4736]
S3 CnxEtP;ZTE ZXDSL852 Adapter Filter Driver;c:\windows\system32\DRIVERS\CnxEtP.sys --> c:\windows\system32\DRIVERS\CnxEtP.sys [?]
S3 CnxEtU;ZTE ZXDSL852 Interface Device Driver;c:\windows\system32\DRIVERS\CnxEtU.sys --> c:\windows\system32\DRIVERS\CnxEtU.sys [?]
S3 CnxTgNW;ZTE ZXDSL852 WAN PPPoA Adapter Driver;c:\windows\system32\DRIVERS\CnxTgNW.sys --> c:\windows\system32\DRIVERS\CnxTgNW.sys [?]
S3 eusk3usb;SmartKey 3 USB;c:\windows\system32\drivers\eusk3usb.sys [2008-10-20 45534]
.
Zawartość folderu 'Zaplanowane zadania'

2010-03-21 c:\windows\Tasks\SDMsgUpdate (TE).job
- c:\progra~1\SMARTD~1\Messages\SDNotify.exe [2009-11-01 16:21]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.neostrada.pl
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: &Winamp Search - c:\documents and settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Pobierz plik wideo we Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Pobierz w Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: Pobierz wszystkie pliki w Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Pobierz zaznaczone w Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: { - c:\program files\Messenger\msmsgs.exe
FF - ProfilePath - c:\documents and settings\Mati\Dane aplikacji\Mozilla\Firefox\Profiles\wxspcq1w.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.interia.pl
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=
FF - component: c:\documents and settings\Mati\Dane aplikacji\Mozilla\Firefox\Profiles\wxspcq1w.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: c:\documents and settings\Mati\Dane aplikacji\Mozilla\Firefox\Profiles\wxspcq1w.default\extensions\{DD43485F-44CC-4452-A6C6-69356A7E33DA}\platform\WINNT_x86-msvc\components\ahWinUtils_32.dll
FF - component: c:\program files\Free Download Manager\Firefox\Extension\components\vmsfdmff.dll
FF - component: c:\program files\Mozilla Firefox\components\IvonaFirefoxToolbar.dll
FF - plugin: c:\documents and settings\Mati\Dane aplikacji\Mozilla\Firefox\Profiles\wxspcq1w.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll
FF - plugin: c:\documents and settings\Mati\Dane aplikacji\Mozilla\Firefox\Profiles\wxspcq1w.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\documents and settings\Mati\Dane aplikacji\Nowe Gadu-Gadu\_userdata\npgg.1.dll
FF - plugin: c:\progra~1\MOZILL~1\plugins\np32dsw.dll
FF - plugin: c:\progra~1\MOZILL~1\plugins\npCortona.dll
FF - plugin: c:\progra~1\MOZILL~1\plugins\npdeploytk.dll
FF - plugin: c:\progra~1\MOZILL~1\plugins\npnul32.dll
FF - plugin: c:\progra~1\MOZILL~1\plugins\NPOFF12.DLL
FF - plugin: c:\progra~1\MOZILL~1\plugins\nppdf32.dll
FF - plugin: c:\progra~1\MOZILL~1\plugins\nppl3260.dll
FF - plugin: c:\progra~1\MOZILL~1\plugins\nprpjplug.dll
FF - plugin: c:\program files\Common Files\ParallelGraphics\Cortona\npCortona.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - USUNIĘTO PUSTE WPISY - - - -

HKCU-Run-AutoConnect - c:\program files\AutoConnect\AutoConnect.exe
HKCU-Run-IVONA Reader - c:\program files\IVONA\IVONA Reader\IVONA Reader.exe.exe
HKCU-Run-fsm - (no file)
AddRemove-GPxPatch - d:\gp4 2008\uninst-gpxpatch.exe
AddRemove-Softnyx Launcher_is1 - d:\launcher\unins000.exe
AddRemove-Worms Armageddon Demo - d:\worms1\Uninst.isu
AddRemove-Worms2 Demo - d:\worms 2 demo\Uninst.isu



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-21 15:28
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

[HKEY_USERS\S-1-5-21-602162358-1303643608-725345543-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:a6,9b,a0,0c,df,4d,fc,6c,8f,93,90,4d,ac,ad,0d,ff,05,a2,35,68,48,f9,d2,
8f,51,59,28,9c,43,f4,c0,f9,3e,ab,97,ba,d6,8d,a0,22,f9,4a,bc,e0,48,02,57,ad,\
"??"=hex:d5,a0,d5,64,5b,fc,39,11,0e,fb,39,5a,9a,66,0a,f0

[HKEY_USERS\S-1-5-21-602162358-1303643608-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:8c,e8,fc,55,15,d0,18,df,ca,b8,1a,e8,51,eb,27,d6,c5,02,d5,44,c0,
60,0e,07,4e,ba,6e,e4,b5,d5,d9,8f,b4,52,19,eb,4d,cd,18,81,e6,ef,41,ee,0b,2f,\
"rkeysecu"=hex:da,ad,c4,3d,44,c6,af,1c,09,91,40,d2,ef,0a,94,d6

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\b6dae321-8580-f5f9-0062-b648463e826]
@Denied: (Full) (AuthenticatedUsers)
@Denied: (Full) (Administrators)
"1twwp1ajuv04x"=hex:65,65,35,65,32,30,35,36,2d,64,34,33,38,2d,34,31,30,31,2d,
38,61,36,35,2d,61,65,32,36,30,31,63,30,62,64,31,62
"1btfyxbtd30wa"=hex:65,00,00,00,f8,00,00,00,7e,50,5f,cd,6d,61,74,65,6f,7a,00,
00,00,00,00,00,00,00,00,00,56,20,5e,ee,38,d4,01,41,8a,65,ae,26,01,c0,bd,1b,\
.
Czas ukończenia: 2010-03-21 15:30:37
ComboFix-quarantined-files.txt 2010-03-21 14:30

Przed: 5 019 815 936 bajtów wolnych
Po: 4 999 200 768 bajtów wolnych

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 6525E3512CBA0008679607A1D2B1A9EE[/log]

Czy to już wszystko??
Jeśli tak to wielkie dzięki Andziorka, bez pomocy na tym forum zostało by mi tylko sformatowanie dysku co byłoby dla mnie najgorsze.

Psycholandia
komentarz
komentarz

Uruchom OTL i kliknij na CleanUP. Czysto. :)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.