xdawidxd96 utworzono 19 sierpnia 2010 utworzono 19 sierpnia 2010 (edytowane) Witam serdecznie.Gdy dziś rano włączyłem komputer antywirus dał mi ostrzeżenie że ktoś przesyła mi trojana.Od razu odłączyłem internet po czym skanowałem komputer i wtedy się zaczęło.Nie mogę wejść na żaden z moich dysków,wirusy weszły mi nawet w pliki takie jak Win,System i takie podobne.Nie wiem co mam robić ponieważ chyba usunęły się programy systemowe gdy skanowałem komputer.Proszę o szybką pomoc.Z góry dziękuje. [color="#ff0000"] //przenoszę do Bezpieczeństwa //dan[/color]
ziomal166 komentarz 19 sierpnia 2010 komentarz 19 sierpnia 2010 Nie ma co panikować ściągnij program OTL i daj loga: http://www.forumpc.pl/index.php?showtopic=104338
xdawidxd96 komentarz 19 sierpnia 2010 Autor komentarz 19 sierpnia 2010 Tylko że wiesz mi przy skanowaniu innym programem usuneło mi kilka plików systemowych tak mi się wydaję.A ten program to co ma mi dać?a i jeszcze 1 wyskoczyły mi te 2 pliki notatnika i co ja mam z nimi zrobić proszę szybką odpowiedz
ziomal166 komentarz 19 sierpnia 2010 komentarz 19 sierpnia 2010 Wstawić treść tych plików na forum w tagu "log".
xdawidxd96 komentarz 19 sierpnia 2010 Autor komentarz 19 sierpnia 2010 [log]Logfile of random's system information tool 1.08 (written by random/random) Run by user at 2010-08-19 10:50:17 Microsoft Windows XP Professional Dodatek Service Pack 2 System drive C: has 771 MB (1%) free of 75 GB Total RAM: 767 MB (22% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:55:41, on 2010-08-19 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Unable to get Internet Explorer version! Boot mode: Normal Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\Ati2evxx.exe C:\WINNT\system32\svchost.exe C:\WINNT\System32\svchost.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\WINNT\system32\Ati2evxx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINNT\Explorer.EXE C:\WINNT\system32\spoolsv.exe C:\WINNT\SOUNDMAN.EXE C:\Program Files\VIA\RAID\raid_tool.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\WINNT\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\Program Files\Ares\Ares.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\PROGRA~1\MICROS~1\MSSQL\binn\sqlservr.exe C:\Program Files\AVG\AVG9\avgemc.exe C:\Program Files\AVG\AVG9\avgam.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe D:\Program Files\Mozilla Firefox\firefox.exe C:\WINNT\system32\wuauclt.exe C:\WINNT\system32\msiexec.exe D:\Pobieranie\OTL.exe C:\WINNT\notepad.exe C:\WINNT\notepad.exe C:\WINNT\SoftwareDistribution\Download\Install\NDP20SP2-KB976576-x86.exe d:\b08dc775ee867cf78f\HotFixInstaller.exe C:\WINNT\system32\MsiExec.exe C:\WINNT\notepad.exe C:\WINNT\notepad.exe D:\Pobieranie\RSIT.exe C:\Program Files\trend micro\user.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2405280 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll R3 - URLSearchHook: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\AdobeReader 9.3.3\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINNT\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [BitComet] "D:\Program Files\BitComet\BitComet.exe" /tray O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINNT\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -update plugin O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINNT\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINNT\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINNT\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINNT\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user') O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Pobierz wszystkie wideo za pomocą BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Pobierz za pomocą BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll/206 (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINNT\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINNT\system32\browseui.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINNT\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe (file missing) O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing) O23 - Service: SQLSERVERAGENT - Unknown owner - C:\PROGRA~1\MICROS~1\MSSQL\binn\sqlagent.exe (file missing) -- End of file - 9420 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}] Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2010-07-28 1267024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}] BitComet Helper - D:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll [2010-06-22 734512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-08-18 1619296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}] Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\tbSoft.dll [2010-06-03 2736736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] AVG Security Toolbar BHO - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-06-30 2102600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-18 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-18 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\tbSoft.dll [2010-06-03 2736736] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-08-04 343112] {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2010-07-28 1267024] {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-06-30 2102600] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SoundMan"=C:\WINNT\SOUNDMAN.EXE [2006-08-02 577536] "RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2005-04-26 589824] "Adobe Reader Speed Launcher"=D:\Program Files\AdobeReader 9.3.3\Reader\Reader_sl.exe [] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832] "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-05-24 344064] "KernelFaultCheck"=C:\WINNT\system32\dumprep 0 -k [] "NeroFilterCheck"=C:\WINNT\system32\NeroCheck.exe [] "AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-08-18 2065760] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINNT\system32\ctfmon.exe [2004-08-04 15360] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1694208] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [2005-10-28 94208] "BitComet"=D:\Program Files\BitComet\BitComet.exe [2010-06-30 3285296] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 27388200] "ares"=C:\Program Files\Ares\Ares.exe [2010-07-10 1015808] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"=C:\WINNT\system32\Macromed\Flash\FlashUtil10h_Plugin.exe [2010-07-29 231888] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINNT\system32\Ati2evxx.dll [2010-07-29 46080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter] C:\WINNT\system32\avgrsstx.dll [2010-08-18 12536] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINNT\system32\WgaLogon.dll [2009-03-10 265608] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableLUA"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "D:\BitComet\BitComet.exe"="D:\BitComet\BitComet.exe:*:Enabled:BitComet" "D:\Program Files\BitComet\BitComet.exe"="D:\Program Files\BitComet\BitComet.exe:*:Enabled:ipsec" "D:\Call Of Duty\CoDMP.exe"="D:\Call Of Duty\CoDMP.exe:*:Enabled:CoDMP" "D:\Cossacks\Cossacks\dmcr.exe"="D:\Cossacks\Cossacks\dmcr.exe:*:Enabled:dmcr" "D:\cossacks\Cossacks - The Art Of War\dmcr.exe"="D:\cossacks\Cossacks - The Art Of War\dmcr.exe:*:Enabled:dmcr" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:ipsec" "D:\cossackss\Cossacks\dmcr.exe"="D:\cossackss\Cossacks\dmcr.exe:*:Enabled:dmcr" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:ipsec" "D:\Pobieranie\SagaMu Client\mu.exe"="D:\Pobieranie\SagaMu Client\mu.exe:*:Enabled:ipsec" "D:\Pobieranie\SagaMu Client\SagaMu Lancher.exe"="D:\Pobieranie\SagaMu Client\SagaMu Lancher.exe:*:Enabled:ipsec" "C:\WINNT\Explorer.EXE"="C:\WINNT\Explorer.EXE:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\ubaxfq.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\ubaxfq.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\winvwrjnj.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winvwrjnj.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\wrlet.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\wrlet.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\w36a9c6.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\w36a9c6.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\eqiqoe.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\eqiqoe.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\winijgfr.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winijgfr.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\winrfohut.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winrfohut.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\winhvxeqw.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winhvxeqw.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\winmdhfe.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winmdhfe.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\legjv.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\legjv.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\ofsxce.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\ofsxce.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\unhcjx.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\unhcjx.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\winuxmre.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winuxmre.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\mbgt.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\mbgt.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\gepeoh.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\gepeoh.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\bbgbcu.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\bbgbcu.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\wingutge.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\wingutge.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\winhnwu.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winhnwu.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\cydnvv.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\cydnvv.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\winbiotu.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winbiotu.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\qsdf.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\qsdf.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\tupqqt.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\tupqqt.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\snxv.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\snxv.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\wintmli.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\wintmli.exe:*:Enabled:ipsec" "D:\Program Files\AdobeReader 9.3.3\Reader\Reader_sl.exe"="D:\Program Files\AdobeReader 9.3.3\Reader\Reader_sl.exe:*:Enabled:ipsec" "d:\812c3281e271f6ad977a\update\iesetup.exe"="d:\812c3281e271f6ad977a\update\iesetup.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\winkijc.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winkijc.exe:*:Enabled:ipsec" "D:\Program Files\Mozilla Firefox\firefox.exe"="D:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\w761e4.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\w761e4.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\winxnoqng.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winxnoqng.exe:*:Enabled:ipsec" "C:\WINNT\system32\dumprep.exe"="C:\WINNT\system32\dumprep.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\khsw.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\khsw.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\windbvcam.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\windbvcam.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\w845eb.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\w845eb.exe:*:Enabled:ipsec" "C:\WINNT\system32\NeroCheck.exe"="C:\WINNT\system32\NeroCheck.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\winppis.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winppis.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\tofes.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\tofes.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\winsbkc.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winsbkc.exe:*:Enabled:ipsec" "C:\PROGRA~1\AVG\AVG9\avgtray.exe"="C:\PROGRA~1\AVG\AVG9\avgtray.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\winfjuw.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winfjuw.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\winglowar.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winglowar.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\obkp.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\obkp.exe:*:Enabled:ipsec" "C:\DOCUME~1\user\USTAWI~1\Temp\fsletf.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\fsletf.exe:*:Enabled:ipsec" "C:\WINNT\system32\Ati2evxx.exe"="C:\WINNT\system32\Ati2evxx.exe:*:Enabled:ipsec" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" ======File associations====== .inf - open - %windir%\NOTEPAD.EXE %1 .txt - open - %windir%\NOTEPAD.EXE %1 ======List of files/folders created in the last 1 months====== 2010-08-19 10:50:49 ----D---- C:\Program Files\trend micro 2010-08-19 10:50:17 ----D---- C:\rsit 2010-08-19 10:46:21 ----SHD---- C:\Config.Msi 2010-08-19 10:37:32 ----HDC---- C:\WINNT\$NtUninstallKB925720$ 2010-08-19 06:33:02 ----D---- C:\WINNT\LastGood 2010-08-19 06:31:15 ----D---- C:\My Shared Folder 2010-08-18 08:42:35 ----A---- C:\WINNT\system32\javaws.exe 2010-08-18 08:42:35 ----A---- C:\WINNT\system32\javaw.exe 2010-08-18 08:42:35 ----A---- C:\WINNT\system32\java.exe 2010-08-18 08:09:45 ----HD---- C:\$AVG 2010-08-18 08:03:05 ----A---- C:\WINNT\system32\drivers\avgrkx86.sys 2010-08-18 08:03:05 ----A---- C:\WINNT\system32\avgrsstx.dll 2010-08-18 08:03:04 ----A---- C:\WINNT\system32\drivers\avgtdix.sys 2010-08-18 08:02:53 ----A---- C:\WINNT\system32\drivers\avgldx86.sys 2010-08-18 08:02:52 ----A---- C:\WINNT\system32\drivers\avgmfx86.sys 2010-08-18 08:02:42 ----D---- C:\WINNT\system32\drivers\Avg 2010-08-18 08:02:40 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\AVG Security Toolbar 2010-08-18 08:02:17 ----D---- C:\Program Files\AVG 2010-08-18 08:02:17 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\avg9 2010-08-18 07:56:58 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Windows Genuine Advantage 2010-08-18 07:50:41 ----N---- C:\WINNT\system32\aswBoot.exe 2010-08-18 07:50:35 ----D---- C:\Program Files\Alwil Software 2010-08-17 20:29:16 ----A---- C:\Program Files\wzCipher.dll 2010-08-17 20:29:16 ----A---- C:\Program Files\WzAudio.dll 2010-08-17 20:29:16 ----A---- C:\Program Files\Wz_Zp.dll 2010-08-17 20:29:16 ----A---- C:\Program Files\Wsctlcd.dll 2010-08-17 20:29:16 ----A---- C:\Program Files\Wsctlc.dll 2010-08-17 20:29:16 ----A---- C:\Program Files\VorbisFile.dll 2010-08-17 20:29:16 ----A---- C:\Program Files\sound.dll 2010-08-17 20:29:16 ----A---- C:\Program Files\Ogg.dll 2010-08-17 20:29:16 ----A---- C:\Program Files\NPX.dll 2010-08-17 20:29:16 ----A---- C:\Program Files\NPUpdate0.dll 2010-08-17 20:29:16 ----A---- C:\Program Files\NPPsk.dll 2010-08-17 20:29:16 ----A---- C:\Program Files\NPGmup.dll 2010-08-17 20:29:16 ----A---- C:\Program Files\NPCipher.dll 2010-08-17 20:29:16 ----A---- C:\Program Files\NPChk.dll 2010-08-17 20:29:16 ----A---- C:\Program Files\MuMsg.dll 2010-08-17 20:29:16 ----A---- C:\Program Files\MuJP.ini 2010-08-17 20:29:16 ----A---- C:\Program Files\MuJP.dll 2010-08-17 20:29:16 ----A---- C:\Program Files\Mfsvc2.dll 2010-08-17 20:29:15 ----D---- C:\Program Files\MuGuard 2010-08-17 20:29:15 ----A---- C:\Program Files\main.exe 2010-08-17 20:29:15 ----A---- C:\Program Files\hook.dll 2010-08-17 20:29:15 ----A---- C:\Program Files\Config.ini 2010-08-17 20:27:14 ----D---- C:\Program Files\Data 2010-08-17 09:14:00 ----D---- C:\Program Files\Ares 2010-08-17 07:36:30 ----D---- C:\WINNT\system32\XPSViewer 2010-08-17 07:36:25 ----D---- C:\Program Files\MSBuild 2010-08-17 07:36:23 ----D---- C:\WINNT\system32\en-US 2010-08-17 07:36:15 ----D---- C:\Program Files\Reference Assemblies 2010-08-17 07:35:31 ----N---- C:\WINNT\system32\xpssvcs.dll 2010-08-17 07:35:31 ----N---- C:\WINNT\system32\xpsshhdr.dll 2010-08-17 07:35:31 ----N---- C:\WINNT\system32\prntvpt.dll 2010-08-17 07:11:14 ----HDC---- C:\WINNT\$NtUninstallWIC$ 2010-08-17 07:11:03 ----D---- C:\Program Files\MSXML 6.0 2010-08-16 19:41:19 ----D---- C:\WINNT\Sun 2010-08-16 19:39:41 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Sun 2010-08-16 19:39:39 ----D---- C:\Program Files\Common Files\Java 2010-08-16 19:39:27 ----A---- C:\WINNT\system32\deployJava1.dll 2010-08-16 19:39:11 ----D---- C:\Program Files\Java 2010-08-16 19:38:34 ----D---- C:\Documents and Settings\user\Dane aplikacji\Sun 2010-08-16 13:17:02 ----D---- C:\Program Files\Winamp Detect 2010-08-16 13:16:56 ----D---- C:\Program Files\Winamp Toolbar 2010-08-16 13:16:56 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar 2010-08-16 13:16:44 ----N---- C:\WINNT\system32\vxblock.dll 2010-08-16 13:16:44 ----N---- C:\WINNT\system32\pxwave.dll 2010-08-16 13:16:44 ----N---- C:\WINNT\system32\pxsfs.dll 2010-08-16 13:16:44 ----N---- C:\WINNT\system32\pxinsa64.exe 2010-08-16 13:16:44 ----N---- C:\WINNT\system32\pxhpinst.exe 2010-08-16 13:16:44 ----N---- C:\WINNT\system32\pxdrv.dll 2010-08-16 13:16:44 ----N---- C:\WINNT\system32\pxcpya64.exe 2010-08-16 13:16:44 ----N---- C:\WINNT\system32\pxafs.dll 2010-08-16 13:16:44 ----N---- C:\WINNT\system32\drivers\PxHelp20.sys 2010-08-16 13:16:44 ----N---- C:\WINNT\system32\drivers\cdralw2k.sys 2010-08-16 13:16:44 ----N---- C:\WINNT\system32\drivers\cdr4_xp.sys 2010-08-16 13:16:43 ----N---- C:\WINNT\system32\pxmas.dll 2010-08-16 13:16:43 ----N---- C:\WINNT\system32\px.dll 2010-08-16 13:16:41 ----D---- C:\Program Files\Winamp 2010-08-16 13:16:41 ----D---- C:\Documents and Settings\user\Dane aplikacji\Winamp 2010-08-16 13:11:07 ----D---- C:\Program Files\3aLab 2010-08-13 08:03:39 ----D---- C:\Documents and Settings\user\Dane aplikacji\Need for Speed World 2010-08-13 07:36:20 ----RSD---- C:\WINNT\assembly 2010-08-13 07:35:49 ----D---- C:\WINNT\Microsoft.NET 2010-08-13 07:34:29 ----A---- C:\WINNT\system32\XAudio2_7.dll 2010-08-13 07:34:29 ----A---- C:\WINNT\system32\XAPOFX1_5.dll 2010-08-13 07:34:29 ----A---- C:\WINNT\system32\xactengine3_7.dll 2010-08-13 07:34:28 ----A---- C:\WINNT\system32\d3dcsx_43.dll 2010-08-13 07:34:28 ----A---- C:\WINNT\system32\D3DCompiler_43.dll 2010-08-13 07:34:27 ----A---- C:\WINNT\system32\d3dx11_43.dll 2010-08-13 07:34:27 ----A---- C:\WINNT\system32\d3dx10_43.dll 2010-08-13 07:34:26 ----A---- C:\WINNT\system32\XAudio2_6.dll 2010-08-13 07:34:26 ----A---- C:\WINNT\system32\XAPOFX1_4.dll 2010-08-13 07:34:26 ----A---- C:\WINNT\system32\xactengine3_6.dll 2010-08-13 07:34:26 ----A---- C:\WINNT\system32\D3DX9_43.dll 2010-08-13 07:34:25 ----A---- C:\WINNT\system32\XAudio2_5.dll 2010-08-13 07:34:25 ----A---- C:\WINNT\system32\X3DAudio1_7.dll 2010-08-13 07:34:24 ----A---- C:\WINNT\system32\xactengine3_5.dll 2010-08-13 07:34:24 ----A---- C:\WINNT\system32\D3DCompiler_42.dll 2010-08-13 07:34:21 ----A---- C:\WINNT\system32\d3dcsx_42.dll 2010-08-13 07:34:20 ----A---- C:\WINNT\system32\d3dx11_42.dll 2010-08-13 07:34:20 ----A---- C:\WINNT\system32\d3dx10_42.dll 2010-08-13 07:34:19 ----A---- C:\WINNT\system32\D3DX9_42.dll 2010-08-13 07:34:19 ----A---- C:\WINNT\system32\D3DCompiler_41.dll 2010-08-13 07:34:18 ----A---- C:\WINNT\system32\D3DX9_41.dll 2010-08-13 07:34:18 ----A---- C:\WINNT\system32\d3dx10_41.dll 2010-08-13 07:34:17 ----A---- C:\WINNT\system32\XAudio2_4.dll 2010-08-13 07:34:17 ----A---- C:\WINNT\system32\XAPOFX1_3.dll 2010-08-13 07:34:17 ----A---- C:\WINNT\system32\xactengine3_4.dll 2010-08-13 07:34:16 ----A---- C:\WINNT\system32\X3DAudio1_6.dll 2010-08-13 07:34:16 ----A---- C:\WINNT\system32\d3dx10_40.dll 2010-08-13 07:34:16 ----A---- C:\WINNT\system32\D3DCompiler_40.dll 2010-08-13 07:34:15 ----A---- C:\WINNT\system32\XAPOFX1_2.dll 2010-08-13 07:34:15 ----A---- C:\WINNT\system32\D3DX9_40.dll 2010-08-13 07:34:14 ----A---- C:\WINNT\system32\XAudio2_3.dll 2010-08-13 07:34:14 ----A---- C:\WINNT\system32\xactengine3_3.dll 2010-08-13 07:34:14 ----A---- C:\WINNT\system32\X3DAudio1_5.dll 2010-08-13 07:34:13 ----A---- C:\WINNT\system32\XAudio2_2.dll 2010-08-13 07:34:13 ----A---- C:\WINNT\system32\XAPOFX1_1.dll 2010-08-13 07:34:13 ----A---- C:\WINNT\system32\xactengine3_2.dll 2010-08-13 07:34:12 ----A---- C:\WINNT\system32\d3dx10_39.dll 2010-08-13 07:34:12 ----A---- C:\WINNT\system32\D3DCompiler_39.dll 2010-08-13 07:34:11 ----A---- C:\WINNT\system32\XAudio2_1.dll 2010-08-13 07:34:11 ----A---- C:\WINNT\system32\XAPOFX1_0.dll 2010-08-13 07:34:11 ----A---- C:\WINNT\system32\D3DX9_39.dll 2010-08-13 07:34:10 ----A---- C:\WINNT\system32\xactengine3_1.dll 2010-08-13 07:34:10 ----A---- C:\WINNT\system32\X3DAudio1_4.dll 2010-08-13 07:34:10 ----A---- C:\WINNT\system32\D3DCompiler_38.dll 2010-08-13 07:34:09 ----A---- C:\WINNT\system32\D3DX9_38.dll 2010-08-13 07:34:09 ----A---- C:\WINNT\system32\d3dx10_38.dll 2010-08-13 07:34:08 ----A---- C:\WINNT\system32\XAudio2_0.dll 2010-08-13 07:34:08 ----A---- C:\WINNT\system32\xactengine3_0.dll 2010-08-13 07:34:08 ----A---- C:\WINNT\system32\X3DAudio1_3.dll 2010-08-13 07:34:07 ----A---- C:\WINNT\system32\d3dx10_37.dll 2010-08-13 07:34:07 ----A---- C:\WINNT\system32\D3DCompiler_37.dll 2010-08-13 07:34:06 ----A---- C:\WINNT\system32\xactengine2_10.dll 2010-08-13 07:34:06 ----A---- C:\WINNT\system32\D3DX9_37.dll 2010-08-13 07:34:05 ----A---- C:\WINNT\system32\d3dx10_36.dll 2010-08-13 07:34:05 ----A---- C:\WINNT\system32\D3DCompiler_36.dll 2010-08-13 07:34:04 ----A---- C:\WINNT\system32\xactengine2_9.dll 2010-08-13 07:34:04 ----A---- C:\WINNT\system32\d3dx9_36.dll 2010-08-13 07:34:03 ----A---- C:\WINNT\system32\d3dx10_35.dll 2010-08-13 07:34:03 ----A---- C:\WINNT\system32\D3DCompiler_35.dll 2010-08-13 07:34:02 ----A---- C:\WINNT\system32\xactengine2_8.dll 2010-08-13 07:34:02 ----A---- C:\WINNT\system32\X3DAudio1_2.dll 2010-08-13 07:34:02 ----A---- C:\WINNT\system32\d3dx9_35.dll 2010-08-13 07:34:01 ----A---- C:\WINNT\system32\d3dx9_34.dll 2010-08-13 07:34:01 ----A---- C:\WINNT\system32\d3dx10_34.dll 2010-08-13 07:34:01 ----A---- C:\WINNT\system32\D3DCompiler_34.dll 2010-08-13 07:34:00 ----A---- C:\WINNT\system32\xinput1_3.dll 2010-08-13 07:34:00 ----A---- C:\WINNT\system32\xactengine2_7.dll 2010-08-13 07:33:58 ----A---- C:\WINNT\system32\d3dx10_33.dll 2010-08-13 07:33:58 ----A---- C:\WINNT\system32\D3DCompiler_33.dll 2010-08-13 07:33:57 ----A---- C:\WINNT\system32\xactengine2_6.dll 2010-08-13 07:33:57 ----A---- C:\WINNT\system32\d3dx9_33.dll 2010-08-13 07:33:56 ----A---- C:\WINNT\system32\xactengine2_5.dll 2010-08-13 07:33:56 ----A---- C:\WINNT\system32\d3dx9_32.dll 2010-08-13 07:33:55 ----A---- C:\WINNT\system32\xactengine2_4.dll 2010-08-13 07:33:55 ----A---- C:\WINNT\system32\x3daudio1_1.dll 2010-08-13 07:33:55 ----A---- C:\WINNT\system32\d3dx9_31.dll 2010-08-13 07:33:54 ----A---- C:\WINNT\system32\xinput1_2.dll 2010-08-13 07:33:54 ----A---- C:\WINNT\system32\xactengine2_3.dll 2010-08-13 07:33:54 ----A---- C:\WINNT\system32\xactengine2_2.dll 2010-08-13 07:33:53 ----A---- C:\WINNT\system32\xinput1_1.dll 2010-08-13 07:33:53 ----A---- C:\WINNT\system32\xactengine2_1.dll 2010-08-13 07:33:53 ----A---- C:\WINNT\system32\d3dx9_30.dll 2010-08-13 07:33:52 ----A---- C:\WINNT\system32\xactengine2_0.dll 2010-08-13 07:33:52 ----A---- C:\WINNT\system32\x3daudio1_0.dll 2010-08-13 07:33:52 ----A---- C:\WINNT\system32\d3dx9_29.dll 2010-08-13 07:33:51 ----A---- C:\WINNT\system32\xinput9_1_0.dll 2010-08-13 07:33:51 ----A---- C:\WINNT\system32\d3dx9_28.dll 2010-08-13 07:33:50 ----A---- C:\WINNT\system32\d3dx9_27.dll 2010-08-13 07:33:50 ----A---- C:\WINNT\system32\d3dx9_24.dll 2010-08-13 07:32:38 ----D---- C:\WINNT\Logs 2010-08-13 07:32:27 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts 2010-08-12 07:54:33 ----D---- C:\Program Files\BitSpirit 2010-08-11 16:14:21 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Yahoo! Companion 2010-08-10 18:21:28 ----D---- C:\Program Files\Common Files\DirectX 2010-08-10 12:57:27 ----D---- C:\Documents and Settings\user\Dane aplikacji\WinRAR 2010-08-10 08:17:35 ----D---- C:\Documents and Settings\user\Dane aplikacji\BitSpirit 2010-08-09 10:44:34 ----A---- C:\WINNT\system32\d3dx9.dll 2010-08-09 10:44:34 ----A---- C:\WINNT\system32\D3DX81ab.dll 2010-08-09 10:44:33 ----D---- C:\Program Files\Cheat Engine 2010-08-05 17:53:22 ----D---- C:\Documents and Settings\user\Dane aplikacji\InstallShield 2010-08-05 17:27:39 ----D---- C:\Program Files\The Games Factory 2 2010-08-05 14:36:38 ----D---- C:\Documents and Settings\user\Dane aplikacji\TeamViewer 2010-08-05 14:36:28 ----D---- C:\Program Files\TeamViewer 2010-08-05 09:46:37 ----A---- C:\WINNT\system32\msrpjt40.dll 2010-08-05 09:46:36 ----A---- C:\WINNT\system32\insrepim.exe 2010-08-05 09:46:24 ----A---- C:\WINNT\system32\mdt2fw95.dll 2010-08-05 09:46:14 ----A---- C:\WINNT\system32\ntwdblib.dll 2010-08-05 09:46:11 ----A---- C:\WINNT\system32\rdocurs.dll 2010-08-05 09:46:11 ----A---- C:\WINNT\system32\msrdo20.dll 2010-08-05 09:46:10 ----A---- C:\WINNT\system32\dbmsshrn.dll 2010-08-05 09:46:10 ----A---- C:\WINNT\system32\dbmslpcn.dll 2010-08-05 09:46:08 ----D---- C:\Program Files\Common Files\Designer 2010-08-05 09:45:34 ----D---- C:\Program Files\Microsoft SQL Server 2010-08-05 07:11:34 ----HDC---- C:\WINNT\$NtUninstallKB959426$ 2010-08-05 07:11:27 ----HDC---- C:\WINNT\$NtUninstallKB980195$ 2010-08-05 07:11:14 ----HDC---- C:\WINNT\$NtUninstallKB956572$ 2010-08-05 07:10:51 ----HDC---- C:\WINNT\$NtUninstallKB952004$ 2010-08-04 13:59:02 ----D---- C:\Program Files\X-World Team 2010-08-04 09:53:11 ----D---- C:\Documents and Settings\user\Dane aplikacji\skypePM 2010-08-04 09:44:46 ----D---- C:\Documents and Settings\user\Dane aplikacji\Skype 2010-08-04 09:44:16 ----D---- C:\Program Files\Common Files\Skype 2010-08-04 09:44:04 ----RD---- C:\Program Files\Skype 2010-08-04 09:43:59 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Skype 2010-08-04 09:13:22 ----HDC---- C:\WINNT\$NtUninstallKB980218$ 2010-08-04 09:13:16 ----HDC---- C:\WINNT\$NtUninstallKB951376-v2$ 2010-08-04 09:13:09 ----HDC---- C:\WINNT\$NtUninstallKB952954$ 2010-08-04 09:13:03 ----HDC---- C:\WINNT\$NtUninstallKB946648$ 2010-08-04 09:12:56 ----HDC---- C:\WINNT\$NtUninstallKB956803$ 2010-08-04 09:12:49 ----HDC---- C:\WINNT\$NtUninstallKB960859$ 2010-08-04 09:12:42 ----HDC---- C:\WINNT\$NtUninstallKB971468$ 2010-08-04 09:12:32 ----HDC---- C:\WINNT\$NtUninstallKB979683$ 2010-08-04 09:12:25 ----HDC---- C:\WINNT\$NtUninstallKB958869$ 2010-08-04 09:12:14 ----HDC---- C:\WINNT\$NtUninstallKB954155_WM9$ 2010-08-04 09:12:09 ----HDC---- C:\WINNT\$NtUninstallKB970430$ 2010-08-04 09:12:02 ----HDC---- C:\WINNT\$NtUninstallKB980232$ 2010-08-04 09:11:55 ----HDC---- C:\WINNT\$NtUninstallKB981350$ 2010-08-04 09:11:47 ----HDC---- C:\WINNT\$NtUninstallKB955759$ 2010-08-04 09:11:37 ----HDC---- C:\WINNT\$NtUninstallKB974318$ 2010-08-04 09:11:30 ----HDC---- C:\WINNT\$NtUninstallKB969059$ 2010-08-04 09:11:22 ----HDC---- C:\WINNT\$NtUninstallKB2229593$ 2010-08-04 09:11:14 ----HDC---- C:\WINNT\$NtUninstallKB950974$ 2010-08-04 09:10:55 ----HDC---- C:\WINNT\$NtUninstallKB978037$ 2010-08-04 09:10:46 ----HDC---- C:\WINNT\$NtUninstallKB971657$ 2010-08-04 09:10:39 ----HDC---- C:\WINNT\$NtUninstallKB978338$ 2010-08-04 09:10:31 ----HDC---- C:\WINNT\$NtUninstallKB972270$ 2010-08-04 09:08:46 ----A---- C:\WINNT\system32\MRT.exe 2010-08-04 09:08:38 ----HDC---- C:\WINNT\$NtUninstallKB974112$ 2010-08-04 09:08:31 ----HDC---- C:\WINNT\$NtUninstallKB956844$ 2010-08-04 09:08:24 ----HDC---- C:\WINNT\$NtUninstallKB961501$ 2010-08-04 09:08:17 ----HDC---- C:\WINNT\$NtUninstallKB975561$ 2010-08-04 09:08:03 ----HDC---- C:\WINNT\$NtUninstallKB952069_WM9$ 2010-08-04 09:07:59 ----HDC---- C:\WINNT\$NtUninstallKB973869$ 2010-08-04 09:07:51 ----HDC---- C:\WINNT\$NtUninstallKB975025$ 2010-08-04 09:07:40 ----HDC---- C:\WINNT\$NtUninstallKB973540_WM9L$ 2010-08-04 09:07:36 ----HDC---- C:\WINNT\$NtUninstallKB974571$ 2010-08-04 09:07:25 ----HDC---- C:\WINNT\$NtUninstallKB975560$ 2010-08-04 09:07:14 ----HDC---- C:\WINNT\$NtUninstallKB973507$ 2010-08-04 09:07:07 ----HDC---- C:\WINNT\$NtUninstallKB941569$ 2010-08-04 09:06:42 ----HDC---- C:\WINNT\$NtUninstallKB977816$ 2010-08-04 09:06:27 ----HDC---- C:\WINNT\$NtUninstallKB973687$ 2010-08-04 09:06:17 ----HDC---- C:\WINNT\$NtUninstallKB950762$ 2010-08-04 09:06:02 ----HDC---- C:\WINNT\$NtUninstallKB981793$ 2010-08-04 09:05:56 ----HDC---- C:\WINNT\$NtUninstallKB978601$ 2010-08-04 09:05:49 ----HDC---- C:\WINNT\$NtUninstallKB979559$ 2010-08-04 09:05:42 ----HDC---- C:\WINNT\$NtUninstallKB952287$ 2010-08-04 09:05:35 ----HDC---- C:\WINNT\$NtUninstallKB973904$ 2010-08-04 09:05:25 ----HDC---- C:\WINNT\$NtUninstallKB967715$ 2010-08-04 09:05:19 ----HDC---- C:\WINNT\$NtUninstallKB950760$ 2010-08-04 09:05:13 ----HDC---- C:\WINNT\$NtUninstallKB974392$ 2010-08-04 09:05:04 ----HDC---- C:\WINNT\$NtUninstallKB971737$ 2010-08-04 09:04:58 ----HDC---- C:\WINNT\$NtUninstallKB977914$ 2010-08-04 09:04:46 ----HDC---- C:\WINNT\$NtUninstallKB951748$ 2010-08-04 09:04:38 ----HDC---- C:\WINNT\$NtUninstallKB971961$ 2010-08-04 09:04:30 ----HDC---- C:\WINNT\$NtUninstallKB978542$ 2010-08-04 09:04:22 ----HDC---- C:\WINNT\$NtUninstallKB970238$ 2010-08-04 09:04:16 ----HDC---- C:\WINNT\$NtUninstallKB979309$ 2010-08-04 09:04:09 ----HDC---- C:\WINNT\$NtUninstallKB978695_WM9$ 2010-08-04 09:03:58 ----HDC---- C:\WINNT\$NtUninstallKB979482$ 2010-08-03 09:01:10 ----HDC---- C:\WINNT\$NtUninstallKB978706$ 2010-08-03 09:01:00 ----D---- C:\WINNT\ServicePackFiles 2010-08-03 09:00:57 ----HDC---- C:\WINNT\$NtUninstallKB958470$ 2010-08-03 09:00:49 ----HDC---- C:\WINNT\$NtUninstallKB960803$ 2010-08-03 09:00:42 ----HDC---- C:\WINNT\$NtUninstallKB973815$ 2010-08-03 09:00:35 ----HDC---- C:\WINNT\$NtUninstallKB975562$ 2010-08-03 09:00:14 ----HDC---- C:\WINNT\$NtUninstallKB971032$ 2010-08-01 20:59:56 ----D---- C:\Documents and Settings\user\Dane aplikacji\Gadu-Gadu 2010-08-01 18:29:35 ----HDC---- C:\WINNT\$NtUninstallKB958644$ 2010-08-01 18:29:28 ----HDC---- C:\WINNT\$NtUninstallKB955069$ 2010-08-01 17:32:45 ----A---- C:\WINNT\system32\CmdLineExt.dll 2010-08-01 15:56:06 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software 2010-08-01 15:53:50 ----D---- C:\WINNT\system32\KB905474 2010-07-31 11:45:45 ----HDC---- C:\WINNT\$NtUninstallKB956802$ 2010-07-31 11:45:25 ----HDC---- C:\WINNT\$NtUninstallKB982381$ 2010-07-31 11:45:17 ----HDC---- C:\WINNT\$NtUninstallKB944338-v2$ 2010-07-31 11:45:10 ----HDC---- C:\WINNT\$NtUninstallKB923561$ 2010-07-31 11:41:30 ----HDC---- C:\WINNT\$NtUninstallKB975467$ 2010-07-31 11:32:56 ----HDC---- C:\WINNT\$NtUninstallKB968389$ 2010-07-31 11:32:11 ----D---- C:\WINNT\system32\CatRoot_bak 2010-07-30 21:34:47 ----N---- C:\WINNT\system32\drivers\bthport.sys 2010-07-30 21:32:28 ----N---- C:\WINNT\system32\browserchoice.exe 2010-07-30 18:58:03 ----A---- C:\WINNT\NeroDigital.ini 2010-07-30 18:49:32 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\boost_interprocess 2010-07-30 18:30:28 ----N---- C:\WINNT\system32\tzchange.exe 2010-07-30 18:25:25 ----D---- C:\WINNT\system32\SoftwareDistribution 2010-07-30 18:22:27 ----D---- C:\Documents and Settings\user\Dane aplikacji\Ahead 2010-07-30 18:20:35 ----D---- C:\Program Files\Common Files\Ahead 2010-07-30 18:16:55 ----D---- C:\Program Files\Yahoo! 2010-07-30 17:28:54 ----D---- C:\Documents and Settings\user\Dane aplikacji\Nero 2010-07-30 17:27:29 ----D---- C:\Documents and Settings\user\Dane aplikacji\Real 2010-07-30 17:26:52 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Nero 2010-07-30 17:26:50 ----D---- C:\Program Files\Common Files\Nero 2010-07-30 16:40:28 ----D---- C:\Documents and Settings\user\Dane aplikacji\TigerPlayer 2010-07-30 16:39:38 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer 2010-07-30 15:09:44 ----A---- C:\WINNT\system32\unrar.dll 2010-07-30 15:09:41 ----A---- C:\WINNT\uncsetup.exe 2010-07-30 14:55:59 ----A---- C:\WINNT\system32\d3dx9_26.dll 2010-07-30 10:56:21 ----A---- C:\WINNT\CoD.INI 2010-07-29 16:03:57 ----D---- C:\WINNT\Minidump 2010-07-29 08:01:09 ----D---- C:\Documents and Settings\user\Dane aplikacji\Help 2010-07-29 07:42:52 ----N---- C:\WINNT\system32\ati2sgag.exe 2010-07-29 07:42:30 ----D---- C:\Program Files\ATI Technologies 2010-07-29 07:38:42 ----A---- C:\WINNT\system32\Oemdspif.dll 2010-07-29 07:38:42 ----A---- C:\WINNT\system32\ativcoxx.dll 2010-07-29 07:38:42 ----A---- C:\WINNT\system32\atitvo32.dll 2010-07-29 07:38:42 ----A---- C:\WINNT\system32\atipdlxx.dll 2010-07-29 07:38:41 ----A---- C:\WINNT\system32\drivers\ati2erec.dll 2010-07-29 07:38:41 ----A---- C:\WINNT\system32\atioglxx.dll 2010-07-29 07:38:41 ----A---- C:\WINNT\system32\atioglx1.dll 2010-07-29 07:38:41 ----A---- C:\WINNT\system32\atikvmag.dll 2010-07-29 07:38:41 ----A---- C:\WINNT\system32\atiiiexx.dll 2010-07-29 07:38:41 ----A---- C:\WINNT\system32\ATIDEMGR.dll 2010-07-29 07:38:41 ----A---- C:\WINNT\system32\ATIDDC.DLL 2010-07-29 07:38:41 ----A---- C:\WINNT\system32\Ati2mdxx.exe 2010-07-29 07:38:41 ----A---- C:\WINNT\system32\ati2evxx.exe 2010-07-29 07:38:41 ----A---- C:\WINNT\system32\ati2evxx.dll 2010-07-29 07:38:41 ----A---- C:\WINNT\system32\ati2edxx.dll 2010-07-29 07:33:37 ----D---- C:\Documents and Settings\user\Dane aplikacji\Macromedia 2010-07-29 07:33:37 ----D---- C:\Documents and Settings\user\Dane aplikacji\Adobe 2010-07-29 07:25:59 ----D---- C:\Program Files\Common Files\Adobe 2010-07-29 07:23:46 ----D---- C:\Program Files\Conduit 2010-07-29 07:23:45 ----D---- C:\Program Files\Softonic-Eng7 2010-07-28 21:30:24 ----D---- C:\Documents and Settings\user\Dane aplikacji\BitComet 2010-07-28 21:27:24 ----D---- C:\Documents and Settings\user\Dane aplikacji\Mozilla 2010-07-28 21:10:32 ----D---- C:\Downloads 2010-07-28 21:09:33 ----A---- C:\WINNT\system32\hidserv.dll 2010-07-28 21:09:30 ----A---- C:\WINNT\system32\drivers\kbdhid.sys 2010-07-28 21:09:28 ----A---- C:\WINNT\system32\drivers\mouhid.sys 2010-07-28 21:09:13 ----A---- C:\WINNT\system32\drivers\hidusb.sys 2010-07-28 21:09:09 ----A---- C:\WINNT\system32\drivers\usbccgp.sys 2010-07-28 20:44:33 ----A---- C:\WINNT\system32\h323log.txt 2010-07-28 20:43:22 ----A---- C:\WINNT\system32\drivers\audstub.sys 2010-07-28 20:42:50 ----A---- C:\WINNT\system32\drivers\redbook.sys 2010-07-28 20:42:35 ----A---- C:\WINNT\system32\drivers\ati2mtag.sys 2010-07-28 20:42:35 ----A---- C:\WINNT\system32\ativvaxx.dll 2010-07-28 20:42:35 ----A---- C:\WINNT\system32\ati3duag.dll 2010-07-28 20:42:35 ----A---- C:\WINNT\system32\ati3d1ag.dll 2010-07-28 20:42:35 ----A---- C:\WINNT\system32\ati2dvag.dll 2010-07-28 20:42:35 ----A---- C:\WINNT\system32\ati2cqag.dll 2010-07-28 20:42:22 ----A---- C:\WINNT\system32\drivers\gameenum.sys 2010-07-28 20:42:05 ----A---- C:\WINNT\system32\usbui.dll 2010-07-28 20:42:01 ----A---- C:\WINNT\system32\drivers\UAGP35.SYS 2010-07-28 20:41:59 ----A---- C:\WINNT\system32\drivers\e100b325.sys 2010-07-28 20:40:59 ----A---- C:\WINNT\imsins.BAK 2010-07-28 20:40:57 ----A---- C:\WINNT\system32\PerfStringBackup.INI 2010-07-28 20:40:56 ----SHD---- C:\WINNT\Installer 2010-07-28 20:40:56 ----D---- C:\Program Files\Common Files\ODBC 2010-07-28 20:40:56 ----A---- C:\WINNT\ODBCINST.INI 2010-07-28 20:40:53 ----D---- C:\Program Files\Common Files\SpeechEngines 2010-07-28 20:40:52 ----RD---- C:\Program Files 2010-07-28 20:40:52 ----D---- C:\Program Files\Common Files\Microsoft Shared 2010-07-28 20:40:52 ----D---- C:\Program Files\Common Files 2010-07-28 20:40:41 ----RA---- C:\WINNT\system32\kbdtuq.dll 2010-07-28 20:40:41 ----RA---- C:\WINNT\system32\kbdtuf.dll 2010-07-28 20:40:41 ----RA---- C:\WINNT\system32\kbdazel.dll 2010-07-28 20:40:38 ----RA---- C:\WINNT\system32\kbdycc.dll 2010-07-28 20:40:38 ----RA---- C:\WINNT\system32\kbduzb.dll 2010-07-28 20:40:38 ----RA---- C:\WINNT\system32\kbdur.dll 2010-07-28 20:40:38 ----RA---- C:\WINNT\system32\kbdtat.dll 2010-07-28 20:40:38 ----RA---- C:\WINNT\system32\kbdru1.dll 2010-07-28 20:40:38 ----RA---- C:\WINNT\system32\kbdru.dll 2010-07-28 20:40:38 ----RA---- C:\WINNT\system32\kbdmon.dll 2010-07-28 20:40:38 ----RA---- C:\WINNT\system32\kbdkyr.dll 2010-07-28 20:40:38 ----RA---- C:\WINNT\system32\kbdkaz.dll 2010-07-28 20:40:38 ----RA---- C:\WINNT\system32\kbdbu.dll 2010-07-28 20:40:38 ----RA---- C:\WINNT\system32\kbdblr.dll 2010-07-28 20:40:38 ----RA---- C:\WINNT\system32\kbdaze.dll 2010-07-28 20:40:35 ----RA---- C:\WINNT\system32\kbdhept.dll 2010-07-28 20:40:35 ----RA---- C:\WINNT\system32\kbdhela3.dll 2010-07-28 20:40:35 ----RA---- C:\WINNT\system32\kbdhela2.dll 2010-07-28 20:40:35 ----RA---- C:\WINNT\system32\kbdhe319.dll 2010-07-28 20:40:35 ----RA---- C:\WINNT\system32\kbdhe220.dll 2010-07-28 20:40:35 ----RA---- C:\WINNT\system32\kbdhe.dll 2010-07-28 20:40:35 ----RA---- C:\WINNT\system32\kbdgkl.dll 2010-07-28 20:40:33 ----RA---- C:\WINNT\system32\kbdlv1.dll 2010-07-28 20:40:33 ----RA---- C:\WINNT\system32\kbdlv.dll 2010-07-28 20:40:33 ----RA---- C:\WINNT\system32\kbdlt1.dll 2010-07-28 20:40:33 ----RA---- C:\WINNT\system32\kbdlt.dll 2010-07-28 20:40:33 ----RA---- C:\WINNT\system32\kbdest.dll 2010-07-28 20:40:22 ----RA---- C:\WINNT\system32\kbdycl.dll 2010-07-28 20:40:22 ----RA---- C:\WINNT\system32\kbdsl1.dll 2010-07-28 20:40:22 ----RA---- C:\WINNT\system32\kbdsl.dll 2010-07-28 20:40:22 ----RA---- C:\WINNT\system32\kbdro.dll 2010-07-28 20:40:22 ----RA---- C:\WINNT\system32\kbdhu1.dll 2010-07-28 20:40:22 ----RA---- C:\WINNT\system32\kbdhu.dll 2010-07-28 20:40:22 ----RA---- C:\WINNT\system32\kbdcz2.dll 2010-07-28 20:40:22 ----RA---- C:\WINNT\system32\kbdcz1.dll 2010-07-28 20:40:22 ----RA---- C:\WINNT\system32\kbdcz.dll 2010-07-28 20:40:22 ----RA---- C:\WINNT\system32\kbdcr.dll 2010-07-28 20:40:22 ----RA---- C:\WINNT\system32\KBDAL.DLL 2010-07-28 20:40:21 ----A---- C:\WINNT\system32\spxcoins.dll 2010-07-28 20:40:21 ----A---- C:\WINNT\system32\irclass.dll 2010-07-28 20:40:21 ----A---- C:\WINNT\system32\dgsetup.dll 2010-07-28 20:40:21 ----A---- C:\WINNT\system32\dgrpsetu.dll 2010-07-28 20:40:20 ----A---- C:\WINNT\system32\EqnClass.Dll 2010-07-28 20:40:18 ----A---- C:\WINNT\TASKMAN.EXE 2010-07-28 20:40:17 ----N---- C:\WINNT\system32\CONFIG.TMP 2010-07-28 20:40:17 ----A---- C:\WINNT\system32\drivers\irenum.sys 2010-07-28 20:40:17 ----A---- C:\WINNT\system32\batt.dll 2010-07-28 20:40:16 ----A---- C:\WINNT\system32\storprop.dll 2010-07-28 20:40:16 ----A---- C:\WINNT\NOTEPAD.EXE 2010-07-28 20:40:08 ----ASH---- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini 2010-07-28 20:39:59 ----RA---- C:\WINNT\SET8.tmp 2010-07-28 20:39:57 ----RA---- C:\WINNT\SET4.tmp 2010-07-28 20:39:56 ----RA---- C:\WINNT\SET3.tmp 2010-07-28 20:39:51 ----D---- C:\WINNT\system32\CatRoot2 2010-07-28 20:39:51 ----D---- C:\WINNT\system32\CatRoot 2010-07-28 20:39:45 ----SD---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft 2010-07-28 20:39:25 ----A---- C:\WINNT\setuplog.txt 2010-07-28 20:39:22 ----SHD---- C:\System Volume Information 2010-07-28 20:39:22 ----D---- C:\Documents and Settings 2010-07-28 20:38:30 ----SH---- C:\boot.ini 2010-07-28 20:35:12 ----RSHDC---- C:\WINNT\system32\dllcache 2010-07-28 20:35:12 ----RSD---- C:\WINNT\Fonts 2010-07-28 20:35:12 ----RD---- C:\WINNT\Web 2010-07-28 20:35:12 ----HD---- C:\WINNT\inf 2010-07-28 20:35:12 ----D---- C:\WINNT\WinSxS 2010-07-28 20:35:12 ----D---- C:\WINNT\twain_32 2010-07-28 20:35:12 ----D---- C:\WINNT\Temp 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\wins 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\wbem 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\usmt 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\spool 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\ShellExt 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\Setup 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\ras 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\PreInstall 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\oobe 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\npp 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\mui 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\inetsrv 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\IME 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\icsxml 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\ias 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\export 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\drivers\etc 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\drivers\disdn 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\drivers 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\dhcp 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\config 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\3com_dmi 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\3076 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\2052 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\1054 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\1045 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\1042 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\1041 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\1037 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\1033 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\1031 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\1028 2010-07-28 20:35:12 ----D---- C:\WINNT\system32\1025 2010-07-28 20:35:12 ----D---- C:\WINNT\system32 2010-07-28 20:35:12 ----D---- C:\WINNT\system 2010-07-28 20:35:12 ----D---- C:\WINNT\security 2010-07-28 20:35:12 ----D---- C:\WINNT\Resources 2010-07-28 20:35:12 ----D---- C:\WINNT\repair 2010-07-28 20:35:12 ----D---- C:\WINNT\Provisioning 2010-07-28 20:35:12 ----D---- C:\WINNT\PeerNet 2010-07-28 20:35:12 ----D---- C:\WINNT\pchealth 2010-07-28 20:35:12 ----D---- C:\WINNT\mui 2010-07-28 20:35:12 ----D---- C:\WINNT\msapps 2010-07-28 20:35:12 ----D---- C:\WINNT\msagent 2010-07-28 20:35:12 ----D---- C:\WINNT\Media 2010-07-28 20:35:12 ----D---- C:\WINNT\java 2010-07-28 20:35:12 ----D---- C:\WINNT\ime 2010-07-28 20:35:12 ----D---- C:\WINNT\Help 2010-07-28 20:35:12 ----D---- C:\WINNT\ehome 2010-07-28 20:35:12 ----D---- C:\WINNT\Driver Cache 2010-07-28 20:35:12 ----D---- C:\WINNT\Debug 2010-07-28 20:35:12 ----D---- C:\WINNT\Cursors 2010-07-28 20:35:12 ----D---- C:\WINNT\Connection Wizard 2010-07-28 20:35:12 ----D---- C:\WINNT\Config 2010-07-28 20:35:12 ----D---- C:\WINNT\AppPatch 2010-07-28 20:35:12 ----D---- C:\WINNT\addins 2010-07-28 20:35:12 ----D---- C:\WINNT 2010-07-28 20:35:12 ----ASH---- C:\pagefile.sys 2010-07-28 19:31:40 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe 2010-07-28 19:29:54 ----D---- C:\WINNT\RegisteredPackages 2010-07-28 19:24:29 ----D---- C:\Program Files\VIA 2010-07-28 19:24:11 ----A---- C:\WINNT\system32\drivers\viamraid.sys 2010-07-28 19:22:41 ----A---- C:\WINNT\system32\ntsim.sys 2010-07-28 19:22:13 ----A---- C:\WINNT\system32\drivers\VIAAGP1.SYS 2010-07-28 19:22:10 ----D---- C:\WINNT\system32\ReinstallBackups 2010-07-28 19:21:51 ----A---- C:\WINNT\IsUninst.exe 2010-07-28 19:21:18 ----SHD---- C:\RECYCLER 2010-07-28 19:19:39 ----A---- C:\WINNT\system32\ChCfg.exe 2010-07-28 19:19:36 ----A---- C:\WINNT\system32\drivers\splitter.sys 2010-07-28 19:19:35 ----A---- C:\WINNT\system32\drivers\wdmaud.sys 2010-07-28 19:19:34 ----A---- C:\WINNT\system32\drivers\DMusic.sys 2010-07-28 19:19:33 ----A---- C:\WINNT\system32\drivers\swmidi.sys 2010-07-28 19:19:32 ----A---- C:\WINNT\system32\drivers\aec.sys 2010-07-28 19:19:31 ----A---- C:\WINNT\system32\drivers\kmixer.sys 2010-07-28 19:19:29 ----A---- C:\WINNT\system32\drivers\drmkaud.sys 2010-07-28 19:19:28 ----A---- C:\WINNT\system32\drivers\sysaudio.sys 2010-07-28 19:19:27 ----A---- C:\WINNT\system32\drivers\MSKSSRV.sys 2010-07-28 19:19:26 ----A---- C:\WINNT\system32\drivers\MSPQM.sys 2010-07-28 19:19:25 ----A---- C:\WINNT\system32\drivers\MSPCLOCK.sys 2010-07-28 19:19:21 ----RA---- C:\WINNT\system32\drivers\alcxwdm.sys 2010-07-28 19:19:21 ----A---- C:\WINNT\system32\ksuser.dll 2010-07-28 19:19:21 ----A---- C:\WINNT\system32\drivers\portcls.sys 2010-07-28 19:19:20 ----A---- C:\WINNT\system32\drivers\drmk.sys 2010-07-28 19:19:18 ----D---- C:\Program Files\Realtek Sound Manager 2010-07-28 19:19:18 ----D---- C:\Program Files\AvRack 2010-07-28 19:19:18 ----A---- C:\WINNT\avrack.ini 2010-07-28 19:19:11 ----D---- C:\Program Files\Realtek AC97 2010-07-28 19:19:11 ----A---- C:\WINNT\system32\RTLCPL.exe 2010-07-28 19:19:10 ----HD---- C:\Program Files\InstallShield Installation Information 2010-07-28 19:19:10 ----A---- C:\WINNT\system32\RtlCPAPI.dll 2010-07-28 19:19:10 ----A---- C:\WINNT\soundman.exe 2010-07-28 19:19:10 ----A---- C:\WINNT\alcupd.exe 2010-07-28 19:19:10 ----A---- C:\WINNT\Alcrmv.exe 2010-07-28 19:18:58 ----D---- C:\Program Files\Common Files\InstallShield 2010-07-28 19:17:40 ----D---- C:\Program Files\totalcmd 2010-07-28 19:17:40 ----A---- C:\WINNT\wincmd.ini 2010-07-28 19:17:40 ----A---- C:\WINNT\UC.PIF 2010-07-28 19:17:40 ----A---- C:\WINNT\RAR.PIF 2010-07-28 19:17:40 ----A---- C:\WINNT\PKZIP.PIF 2010-07-28 19:17:40 ----A---- C:\WINNT\PKUNZIP.PIF 2010-07-28 19:17:40 ----A---- C:\WINNT\NOCLOSE.PIF 2010-07-28 19:17:40 ----A---- C:\WINNT\LHA.PIF 2010-07-28 19:17:40 ----A---- C:\WINNT\ARJ.PIF 2010-07-28 19:16:36 ----A---- C:\WINNT\system32\drivers\USBSTOR.SYS 2010-07-28 19:16:14 ----D---- C:\Documents and Settings\user\Dane aplikacji\Identities 2010-07-28 19:16:13 ----HD---- C:\Program Files\Uninstall Information 2010-07-28 19:16:05 ----SD---- C:\Documents and Settings\user\Dane aplikacji\Microsoft 2010-07-28 19:16:05 ----ASH---- C:\Documents and Settings\user\Dane aplikacji\desktop.ini 2010-07-28 19:16:03 ----ASH---- C:\hiberfil.sys 2010-07-28 19:15:13 ----D---- C:\WINNT\SoftwareDistribution 2010-07-28 19:15:12 ----D---- C:\WINNT\Prefetch 2010-07-28 19:15:11 ----SD---- C:\WINNT\system32\Microsoft 2010-07-28 19:15:11 ----A---- C:\WINNT\SchedLgU.Txt 2010-07-28 19:13:57 ----A---- C:\WINNT\system32\spupdsvc.exe 2010-07-28 19:13:50 ----N---- C:\WINNT\system32\verclsid.exe 2010-07-28 19:13:42 ----N---- C:\WINNT\system32\spmsg.dll 2010-07-28 19:13:41 ----HD---- C:\WINNT\$hf_mig$ 2010-07-28 19:13:28 ----RASH---- C:\MSDOS.SYS 2010-07-28 19:13:28 ----RASH---- C:\IO.SYS 2010-07-28 19:13:28 ----A---- C:\WINNT\control.ini 2010-07-28 19:13:28 ----A---- C:\CONFIG.SYS 2010-07-28 19:13:28 ----A---- C:\AUTOEXEC.BAT 2010-07-28 19:13:13 ----A---- C:\WINNT\OEWABLog.txt 2010-07-28 19:13:09 ----A---- C:\WINNT\system32\mapi32.dll 2010-07-28 19:12:19 ----SD---- C:\WINNT\Downloaded Program Files 2010-07-28 19:12:19 ----RD---- C:\WINNT\Offline Web Pages 2010-07-28 19:12:19 ----RAH---- C:\WINNT\system32\logonui.exe.manifest 2010-07-28 19:12:13 ----RAH---- C:\WINNT\system32\cdplayer.exe.manifest 2010-07-28 19:12:08 ----HD---- C:\Program Files\WindowsUpdate 2010-07-28 19:12:05 ----D---- C:\Program Files\Usługi online 2010-07-28 19:11:46 ----D---- C:\WINNT\system32\DirectX 2010-07-28 19:11:21 ----A---- C:\WINNT\system32\atrace.dll 2010-07-28 19:11:18 ----A---- C:\WINNT\system32\desktop.ini 2010-07-28 19:11:18 ----A---- C:\WINNT\desktop.ini 2010-07-28 19:11:10 ----A---- C:\WINNT\system32\nmevtmsg.dll 2010-07-28 19:11:09 ----A---- C:\WINNT\system32\acctres.dll 2010-07-28 19:11:08 ----D---- C:\Program Files\Common Files\Services 2010-07-28 19:11:05 ----SD---- C:\WINNT\Tasks 2010-07-28 19:11:05 ----A---- C:\WINNT\system32\icfgnt5.dll 2010-07-28 19:11:04 ----D---- C:\Program Files\Common Files\MSSoap 2010-07-28 19:10:59 ----D---- C:\WINNT\srchasst 2010-07-28 19:10:58 ----D---- C:\WINNT\system32\Macromed 2010-07-28 19:10:55 ----A---- C:\WINNT\system32\wuweb.dll 2010-07-28 19:10:55 ----A---- C:\WINNT\system32\wucltui.dll 2010-07-28 19:10:55 ----A---- C:\WINNT\system32\wuauserv.dll 2010-07-28 19:10:54 ----A---- C:\WINNT\system32\wups.dll 2010-07-28 19:10:54 ----A---- C:\WINNT\system32\wuaueng1.dll 2010-07-28 19:10:54 ----A---- C:\WINNT\system32\wuaueng.dll 2010-07-28 19:10:54 ----A---- C:\WINNT\system32\wuauclt1.exe 2010-07-28 19:10:54 ----A---- C:\WINNT\system32\wuauclt.exe 2010-07-28 19:10:54 ----A---- C:\WINNT\system32\wuapi.dll 2010-07-28 19:10:53 ----A---- C:\WINNT\system32\qmgrprxy.dll 2010-07-28 19:10:53 ----A---- C:\WINNT\system32\qmgr.dll 2010-07-28 19:10:53 ----A---- C:\WINNT\system32\bitsprx3.dll 2010-07-28 19:10:53 ----A---- C:\WINNT\system32\bitsprx2.dll 2010-07-28 19:10:49 ----D---- C:\Program Files\Movie Maker 2010-07-28 19:10:43 ----A---- C:\WINNT\system32\safrslv.dll 2010-07-28 19:10:43 ----A---- C:\WINNT\system32\safrdm.dll 2010-07-28 19:10:43 ----A---- C:\WINNT\system32\safrcdlg.dll 2010-07-28 19:10:43 ----A---- C:\WINNT\system32\racpldlg.dll 2010-07-28 19:10:38 ----A---- C:\WINNT\system32\fltMc.exe 2010-07-28 19:10:38 ----A---- C:\WINNT\system32\fltlib.dll 2010-07-28 19:10:38 ----A---- C:\WINNT\system32\drivers\fltMgr.sys 2010-07-28 19:10:37 ----D---- C:\WINNT\system32\Restore 2010-07-28 19:10:37 ----A---- C:\WINNT\system32\srsvc.dll 2010-07-28 19:10:37 ----A---- C:\WINNT\system32\srrstr.dll 2010-07-28 19:10:37 ----A---- C:\WINNT\system32\srclient.dll 2010-07-28 19:10:37 ----A---- C:\WINNT\system32\drivers\sr.sys 2010-07-28 19:10:36 ----A---- C:\WINNT\system32\nmmkcert.dll 2010-07-28 19:10:36 ----A---- C:\WINNT\system32\mnmsrvc.exe 2010-07-28 19:10:36 ----A---- C:\WINNT\system32\mnmdd.dll 2010-07-28 19:10:36 ----A---- C:\WINNT\system32\isrdbg32.dll 2010-07-28 19:10:36 ----A---- C:\WINNT\system32\ils.dll 2010-07-28 19:10:35 ----A---- C:\WINNT\system32\msconf.dll 2010-07-28 19:10:32 ----D---- C:\Program Files\NetMeeting 2010-07-28 19:10:32 ----A---- C:\WINNT\system32\msoert2.dll 2010-07-28 19:10:32 ----A---- C:\WINNT\system32\msoeacct.dll 2010-07-28 19:10:31 ----A---- C:\WINNT\system32\inetres.dll 2010-07-28 19:10:30 ----A---- C:\WINNT\system32\inetcomm.dll 2010-07-28 19:10:28 ----D---- C:\Program Files\Outlook Express 2010-07-28 19:10:28 ----A---- C:\WINNT\system32\schedsvc.dll 2010-07-28 19:10:28 ----A---- C:\WINNT\system32\mstinit.exe 2010-07-28 19:10:28 ----A---- C:\WINNT\system32\mstask.dll 2010-07-28 19:10:27 ----A---- C:\WINNT\system32\isign32.dll 2010-07-28 19:10:27 ----A---- C:\WINNT\system32\inetcfg.dll 2010-07-28 19:10:27 ----A---- C:\WINNT\system32\icwphbk.dll 2010-07-28 19:10:27 ----A---- C:\WINNT\system32\icwdial.dll 2010-07-28 19:10:20 ----D---- C:\Program Files\Common Files\System 2010-07-28 19:10:19 ----D---- C:\Program Files\Internet Explorer 2010-07-28 19:09:41 ----D---- C:\Program Files\ComPlus Applications 2010-07-28 19:09:40 ----A---- C:\WINNT\vbaddin.ini 2010-07-28 19:09:40 ----A---- C:\WINNT\vb.ini 2010-07-28 19:09:36 ----D---- C:\WINNT\Registration 2010-07-28 19:09:30 ----D---- C:\Program Files\Windows Media Player 2010-07-28 19:09:24 ----D---- C:\Program Files\Messenger 2010-07-28 19:09:20 ----D---- C:\Program Files\MSN Gaming Zone 2010-07-28 19:09:20 ----A---- C:\WINNT\system32\write.exe 2010-07-28 19:09:08 ----A---- C:\WINNT\system32\hticons.dll 2010-07-28 19:09:08 ----A---- C:\WINNT\system32\avwav.dll 2010-07-28 19:09:08 ----A---- C:\WINNT\system32\avtapi.dll 2010-07-28 19:09:08 ----A---- C:\WINNT\system32\avmeter.dll 2010-07-28 19:09:07 ----A---- C:\WINNT\system32\winchat.exe 2010-07-28 19:08:58 ----A---- C:\WINNT\system32\getuname.dll 2010-07-28 19:08:58 ----A---- C:\WINNT\system32\charmap.exe 2010-07-28 19:08:57 ----A---- C:\WINNT\system32\winmine.exe 2010-07-28 19:08:57 ----A---- C:\WINNT\system32\sol.exe 2010-07-28 19:08:57 ----A---- C:\WINNT\system32\calc.exe 2010-07-28 19:08:56 ----A---- C:\WINNT\system32\usrlogon.cmd 2010-07-28 19:08:56 ----A---- C:\WINNT\system32\tsshutdn.exe 2010-07-28 19:08:56 ----A---- C:\WINNT\system32\tslabels.ini 2010-07-28 19:08:56 ----A---- C:\WINNT\system32\tskill.exe 2010-07-28 19:08:56 ----A---- C:\WINNT\system32\tsdiscon.exe 2010-07-28 19:08:56 ----A---- C:\WINNT\system32\reset.exe 2010-07-28 19:08:56 ----A---- C:\WINNT\system32\mshearts.exe 2010-07-28 19:08:56 ----A---- C:\WINNT\system32\freecell.exe 2010-07-28 19:08:55 ----A---- C:\WINNT\system32\tscon.exe 2010-07-28 19:08:55 ----A---- C:\WINNT\system32\shadow.exe 2010-07-28 19:08:55 ----A---- C:\WINNT\system32\rwinsta.exe 2010-07-28 19:08:55 ----A---- C:\WINNT\system32\regini.exe 2010-07-28 19:08:55 ----A---- C:\WINNT\system32\rdpcfgex.dll 2010-07-28 19:08:55 ----A---- C:\WINNT\system32\qwinsta.exe 2010-07-28 19:08:55 ----A---- C:\WINNT\system32\qappsrv.exe 2010-07-28 19:08:55 ----A---- C:\WINNT\system32\msg.exe 2010-07-28 19:08:55 ----A---- C:\WINNT\system32\logoff.exe 2010-07-28 19:08:54 ----A---- C:\WINNT\system32\msdtcprf.ini 2010-07-28 19:08:54 ----A---- C:\WINNT\system32\cdmodem.dll 2010-07-28 19:08:53 ----A---- C:\WINNT\system32\stclient.dll 2010-07-28 19:08:53 ----A---- C:\WINNT\system32\mtxlegih.dll 2010-07-28 19:08:53 ----A---- C:\WINNT\system32\mtxex.dll 2010-07-28 19:08:53 ----A---- C:\WINNT\system32\mtxdm.dll 2010-07-28 19:08:53 ----A---- C:\WINNT\system32\dcomcnfg.exe 2010-07-28 19:08:53 ----A---- C:\WINNT\system32\comrepl.dll 2010-07-28 19:08:53 ----A---- C:\WINNT\system32\comaddin.dll 2010-07-28 19:08:52 ----A---- C:\WINNT\system32\comsnap.dll 2010-07-28 19:08:46 ----A---- C:\WINNT\system32\wmimgmt.msc 2010-07-28 19:08:45 ----A---- C:\WINNT\system32\sndrec32.exe 2010-07-28 19:08:45 ----A---- C:\WINNT\system32\accwiz.exe 2010-07-28 19:08:44 ----D---- C:\Program Files\Windows NT 2010-07-28 19:08:44 ----A---- C:\WINNT\system32\mplay32.exe 2010-07-28 19:08:44 ----A---- C:\WINNT\system32\hypertrm.dll 2010-07-28 19:08:43 ----A---- C:\WINNT\system32\spider.exe 2010-07-28 19:08:43 ----A---- C:\WINNT\system32\mspaint.exe 2010-07-28 19:08:43 ----A---- C:\WINNT\system32\drivers\tdtcp.sys 2010-07-28 19:08:43 ----A---- C:\WINNT\system32\clipbrd.exe 2010-07-28 19:08:42 ----A---- C:\WINNT\system32\tscfgwmi.dll 2010-07-28 19:08:42 ----A---- C:\WINNT\system32\mstscax.dll 2010-07-28 19:08:42 ----A---- C:\WINNT\system32\mstsc.exe 2010-07-28 19:08:42 ----A---- C:\WINNT\system32\drivers\tdpipe.sys 2010-07-28 19:08:42 ----A---- C:\WINNT\system32\drivers\rdpwd.sys 2010-07-28 19:08:41 ----A---- C:\WINNT\system32\tscupgrd.exe 2010-07-28 19:08:41 ----A---- C:\WINNT\system32\termsrv.dll 2010-07-28 19:08:41 ----A---- C:\WINNT\system32\sessmgr.exe 2010-07-28 19:08:41 ----A---- C:\WINNT\system32\remotepg.dll 2010-07-28 19:08:41 ----A---- C:\WINNT\system32\rdshost.exe 2010-07-28 19:08:41 ----A---- C:\WINNT\system32\rdsaddin.exe 2010-07-28 19:08:41 ----A---- C:\WINNT\system32\rdchost.dll 2010-07-28 19:08:40 ----D---- C:\WINNT\system32\MsDtc 2010-07-28 19:08:40 ----A---- C:\WINNT\system32\rdpwsx.dll 2010-07-28 19:08:40 ----A---- C:\WINNT\system32\rdpsnd.dll 2010-07-28 19:08:40 ----A---- C:\WINNT\system32\rdpclip.exe 2010-07-28 19:08:40 ----A---- C:\WINNT\system32\qprocess.exe 2010-07-28 19:08:40 ----A---- C:\WINNT\system32\mtxoci.dll 2010-07-28 19:08:40 ----A---- C:\WINNT\system32\msdtcuiu.dll 2010-07-28 19:08:40 ----A---- C:\WINNT\system32\icaapi.dll 2010-07-28 19:08:40 ----A---- C:\WINNT\system32\cfgbkend.dll 2010-07-28 19:08:39 ----A---- C:\WINNT\system32\xolehlp.dll 2010-07-28 19:08:39 ----A---- C:\WINNT\system32\msdtctm.dll 2010-07-28 19:08:39 ----A---- C:\WINNT\system32\msdtcprx.dll 2010-07-28 19:08:38 ----A---- C:\WINNT\system32\msdtclog.dll 2010-07-28 19:08:38 ----A---- C:\WINNT\system32\msdtc.exe 2010-07-28 19:08:37 ----D---- C:\WINNT\system32\Com 2010-07-28 19:08:37 ----A---- C:\WINNT\system32\colbact.dll 2010-07-28 19:08:37 ----A---- C:\WINNT\system32\clbcatex.dll 2010-07-28 19:08:37 ----A---- C:\WINNT\system32\catsrvut.dll 2010-07-28 19:08:37 ----A---- C:\WINNT\system32\catsrvps.dll 2010-07-28 19:08:37 ----A---- C:\WINNT\system32\catsrv.dll 2010-07-28 19:08:36 ----A---- C:\WINNT\system32\comuid.dll 2010-07-28 19:08:36 ----A---- C:\WINNT\system32\comsvcs.dll 2010-07-28 19:08:35 ----A---- C:\WINNT\system32\clbcatq.dll 2010-07-28 19:08:28 ----A---- C:\WINNT\system32\servdeps.dll 2010-07-28 19:08:28 ----A---- C:\WINNT\system32\mmfutil.dll 2010-07-28 19:08:28 ----A---- C:\WINNT\system32\licwmi.dll 2010-07-28 19:08:28 ----A---- C:\WINNT\system32\cmprops.dll 2010-07-28 19:08:23 ----A---- C:\WINNT\system32\drivers\termdd.sys 2010-07-28 19:08:23 ----A---- C:\WINNT\system32\drivers\rdpdr.sys ======List of files/folders modified in the last 1 months====== 2010-08-17 09:21:37 ----A---- C:\WINNT\system.ini 2010-07-28 19:13:27 ----A---- C:\WINNT\win.ini 2010-07-28 19:12:57 ----ASH---- C:\WINNT\fonts\desktop.ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AvgRkx86;avgrkx86.sys; C:\WINNT\System32\Drivers\avgrkx86.sys [2010-08-18 52872] R0 PxHelp20;PxHelp20; C:\WINNT\System32\Drivers\PxHelp20.sys [2009-04-28 44944] R0 uagp35;Filtr AGPv3.5 firmy Microsoft; C:\WINNT\system32\DRIVERS\uagp35.sys [2004-08-04 44672] R0 viaagp1;VIA AGP Filter; C:\WINNT\system32\DRIVERS\viaagp1.sys [2003-07-01 27904] R0 viamraid;viamraid; C:\WINNT\system32\DRIVERS\viamraid.sys [2005-04-26 60928] R1 AmdK7;Sterownik procesora AMD K7; C:\WINNT\system32\DRIVERS\amdk7.sys [2006-05-13 41472] R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINNT\System32\Drivers\avgldx86.sys [2010-08-18 216400] R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINNT\System32\Drivers\avgmfx86.sys [2010-08-18 29584] R1 AvgTdiX;AVG Network Redirector; C:\WINNT\System32\Drivers\avgtdix.sys [2010-08-18 243024] R1 kbdhid;Sterownik klawiatury HID; C:\WINNT\system32\DRIVERS\kbdhid.sys [2004-08-04 14848] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINNT\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536] R3 ati2mtag;ati2mtag; C:\WINNT\system32\DRIVERS\ati2mtag.sys [2010-07-29 1198080] R3 E100B;Sterownik karty Intel(R) PRO; C:\WINNT\system32\DRIVERS\e100b325.sys [2001-10-26 117760] R3 HidUsb;Sterownik Microsoft klasy HID; C:\WINNT\system32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 mouhid;Sterownik myszy HID; C:\WINNT\system32\DRIVERS\mouhid.sys [2001-10-26 12160] R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINNT\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINNT\system32\DRIVERS\usbuhci.sys [2004-08-04 20480] S1 InCDPass;InCDPass; C:\WINNT\system32\drivers\InCDPass.sys [] S1 InCDRm;InCD Reader; C:\WINNT\system32\drivers\InCDRm.sys [] S3 amsint32;amsint32; \??\C:\WINNT\system32\drivers\hedho.sys [] S3 hamachi;Hamachi Network Interface; C:\WINNT\system32\DRIVERS\hamachi.sys [2010-02-03 26176] S3 LLRING0;LLRING0; \??\D:\Mu1\MuGuard\llck1.sys [] S3 NTSIM;NTSIM; \??\C:\WINNT\system32\ntsim.sys [] S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINNT\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S4 InCDFs;InCD File System; C:\WINNT\system32\drivers\InCDFs.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINNT\system32\Ati2evxx.exe [2010-07-29 368640] R2 avg9emc;AVG E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-08-18 921952] R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-08-18 308136] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-08-18 153376] R2 MSSQLSERVER;MSSQLSERVER; C:\PROGRA~1\MICROS~1\MSSQL\binn\sqlservr.exe [2000-08-06 7442493] R2 UMWdf;Windows User Mode Driver Framework; C:\WINNT\system32\wdfmgr.exe [2005-01-28 38912] S2 ATI Smart;ATI Smart; C:\WINNT\system32\ati2sgag.exe [2005-05-24 516096] S2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 aspnet_state;ASP.NET State Service; C:\WINNT\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe [] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINNT\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; C:\WINNT\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [] S3 SQLSERVERAGENT;SQLSERVERAGENT; C:\PROGRA~1\MICROS~1\MSSQL\binn\sqlagent.exe [] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINNT\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- [/log] [log]OTL logfile created on: 2010-08-19 11:29:19 - Run 1 OTL by OldTimer - Version 3.2.10.0 Folder = C:\Program Files Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 767,00 Mb Total Physical Memory | 235,00 Mb Available Physical Memory | 31,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 60,00% Paging File free Paging file location(s): C:\pagefile.sys 1152 2304 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files Drive C: | 73,24 Gb Total Space | 0,88 Gb Free Space | 1,20% Space Free | Partition Type: NTFS Drive D: | 75,80 Gb Total Space | 51,10 Gb Free Space | 67,42% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: USER-E405A13E68 Current User Name: user Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-08-19 11:28:05 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe PRC - [2010-08-18 08:42:09 | 000,153,376 | ---- | M] (Oracle) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-08-18 08:02:29 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe PRC - [2010-08-18 08:02:29 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe PRC - [2010-08-18 08:02:29 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe PRC - [2010-08-18 08:02:29 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe PRC - [2010-08-18 08:02:23 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe PRC - [2010-08-18 08:02:21 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe PRC - [2010-08-18 08:02:21 | 000,842,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe PRC - [2010-08-18 08:02:19 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe PRC - [2010-07-29 07:38:41 | 000,368,640 | ---- | M] (ATI Technologies Inc.) -- C:\WINNT\system32\ati2evxx.exe PRC - [2010-07-23 04:15:35 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-07-23 04:15:35 | 000,014,808 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010-07-10 14:56:34 | 001,015,808 | ---- | M] (Ares Development Group) -- C:\Program Files\Ares\Ares.exe PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\wuauclt.exe PRC - [2009-02-09 11:55:23 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\services.exe PRC - [2008-07-25 11:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe PRC - [2006-08-02 23:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINNT\soundman.exe PRC - [2006-05-13 16:22:59 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\spoolsv.exe PRC - [2005-10-28 16:25:44 | 000,094,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2005-05-24 21:05:00 | 000,344,064 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe PRC - [2005-04-26 05:22:32 | 000,589,824 | ---- | M] (VIA Technologies) -- C:\Program Files\VIA\RAID\raid_tool.exe PRC - [2005-01-28 01:36:00 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\wdfmgr.exe PRC - [2004-08-04 02:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\winlogon.exe PRC - [2004-08-04 02:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\smss.exe PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\svchost.exe [RPCSS] PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\svchost.exe [NETSVCS] PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-04 02:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\lsass.exe PRC - [2004-08-04 02:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINNT\explorer.exe PRC - [2004-08-04 02:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\ctfmon.exe PRC - [2004-08-04 02:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\csrss.exe PRC - [2004-08-04 00:55:54 | 001,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe PRC - [2000-08-06 01:50:20 | 007,442,493 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-08-19 11:28:05 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe MOD - [2010-04-16 17:22:21 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\shlwapi.dll MOD - [2009-06-25 10:23:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\secur32.dll MOD - [2009-04-15 17:18:19 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\rpcrt4.dll MOD - [2009-03-21 16:21:24 | 001,014,784 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\kernel32.dll MOD - [2009-02-09 12:03:55 | 000,723,456 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\ntdll.dll MOD - [2009-02-09 12:03:55 | 000,687,104 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\advapi32.dll MOD - [2008-10-23 14:53:07 | 000,284,160 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\gdi32.dll MOD - [2008-07-03 15:16:27 | 008,483,328 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\shell32.dll MOD - [2006-05-13 16:25:54 | 001,285,632 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\ole32.dll MOD - [2006-05-13 16:25:30 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\clbcatq.dll MOD - [2006-05-13 16:22:00 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\user32.dll MOD - [2004-08-04 02:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\winspool.drv MOD - [2004-08-04 02:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\uxtheme.dll MOD - [2004-08-04 02:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\version.dll MOD - [2004-08-04 02:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\srclient.dll MOD - [2004-08-04 02:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\setupapi.dll MOD - [2004-08-04 02:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\psapi.dll MOD - [2004-08-04 02:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\oleaut32.dll MOD - [2004-08-04 02:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\olepro32.dll MOD - [2004-08-04 02:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\msvcrt.dll MOD - [2004-08-04 02:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\MSCTF.dll MOD - [2004-08-04 02:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\wbem\framedyn.dll MOD - [2004-08-04 02:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\comres.dll MOD - [2004-08-04 02:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\comdlg32.dll MOD - [2004-08-04 02:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINNT\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2004-08-04 01:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- C:\PROGRA~1\MICROS~1\MSSQL\binn\sqlagent.exe -- (SQLSERVERAGENT) SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper) SRV - File not found [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service) SRV - [2010-08-18 08:02:21 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc) SRV - [2010-08-18 08:02:19 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd) SRV - [2000-08-06 01:50:20 | 007,442,493 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe -- (MSSQLSERVER) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | System | Stopped] -- C:\WINNT\System32\drivers\InCDRm.sys -- (InCDRm) DRV - File not found [Kernel | System | Stopped] -- C:\WINNT\System32\drivers\InCDPass.sys -- (InCDPass) DRV - File not found [File_System | Disabled | Stopped] -- C:\WINNT\System32\drivers\InCDFs.sys -- (InCDFs) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINNT\System32\drivers\hedho.sys -- (amsint32) DRV - [2010-08-18 08:03:05 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINNT\System32\Drivers\avgrkx86.sys -- (AvgRkx86) DRV - [2010-08-18 08:03:04 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINNT\system32\drivers\avgtdix.sys -- (AvgTdiX) DRV - [2010-08-18 08:02:53 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINNT\system32\drivers\avgldx86.sys -- (AvgLdx86) DRV - [2010-08-18 08:02:52 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINNT\system32\drivers\avgmfx86.sys -- (AvgMfx86) DRV - [2010-07-29 07:38:41 | 001,198,080 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2010-05-29 00:52:18 | 000,003,840 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Mu1\MuGuard\llck1.sys -- (LLRING0) DRV - [2010-02-03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\hamachi.sys -- (hamachi) DRV - [2006-08-18 07:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2004-08-04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\gameenum.sys -- (gameenum) DRV - [2003-07-01 22:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINNT\system32\DRIVERS\viaagp1.sys -- (viaagp1) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-515967899-1035525444-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\system32\blank.htm IE - HKU\S-1-5-21-515967899-1035525444-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2405280 IE - HKU\S-1-5-21-515967899-1035525444-682003330-1003\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll (Conduit Ltd.) IE - HKU\S-1-5-21-515967899-1035525444-682003330-1003\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKU\S-1-5-21-515967899-1035525444-682003330-1003\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll () IE - HKU\S-1-5-21-515967899-1035525444-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Winamp Search" FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=" FF - prefs.js..browser.search.selectedEngine: "Winamp Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.start24.pl/" FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.21 FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:2.7.1.3 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.845 FF - prefs.js..extensions.enabledItems: avg@igeared:4.906.030.002 FF - prefs.js..keyword.URL: "http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p=" FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010-08-18 08:02:18 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010-08-18 08:02:39 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010-07-28 21:30:25 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010-08-16 19:39:27 | 000,000,000 | ---D | M] [2010-07-28 21:27:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Extensions [2010-08-19 10:55:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\jpplwnm9.default\extensions [2010-08-16 13:16:59 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\jpplwnm9.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} [2010-07-29 07:23:43 | 000,000,000 | ---D | M] (Softonic-Eng7 Toolbar) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\jpplwnm9.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} [2010-07-28 21:30:26 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\jpplwnm9.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2010-08-16 13:17:46 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\jpplwnm9.default\searchplugins\winamp-search.xml O1 HOSTS File: ([2001-10-26 19:45:16 | 000,000,742 | ---- | M]) - C:\WINNT\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll (BitComet) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll (Conduit Ltd.) O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll () O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKLM\..\Toolbar: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll () O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKU\S-1-5-21-515967899-1035525444-682003330-1003\..\Toolbar\WebBrowser: (Softonic-Eng7 Toolbar) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - C:\Program Files\Softonic-Eng7\tbSoft.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-515967899-1035525444-682003330-1003\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] D:\Program Files\AdobeReader 9.3.3\Reader\Reader_sl.exe File not found O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [NeroFilterCheck] C:\WINNT\System32\NeroCheck.exe File not found O4 - HKLM..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe (VIA Technologies) O4 - HKLM..\Run: [SoundMan] C:\WINNT\soundman.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe File not found O4 - HKU\S-1-5-21-515967899-1035525444-682003330-1003..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group) O4 - HKU\S-1-5-21-515967899-1035525444-682003330-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-515967899-1035525444-682003330-1003..\Run: [BitComet] D:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O4 - HKU\.DEFAULT..\RunOnce: [nlsf] C:\WINNT\System32\cmd.exe (Microsoft Corporation) O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINNT\system32\tscupgrd.exe (Microsoft Corporation) O4 - HKU\S-1-5-18..\RunOnce: [nlsf] C:\WINNT\System32\cmd.exe (Microsoft Corporation) O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINNT\system32\tscupgrd.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [nlsf] C:\WINNT\System32\cmd.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [tscuninstall] C:\WINNT\system32\tscupgrd.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [nlsf] C:\WINNT\System32\cmd.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [tscuninstall] C:\WINNT\system32\tscupgrd.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-515967899-1035525444-682003330-1003..\RunOnce: [FlashPlayerUpdate] C:\WINNT\System32\Macromed\Flash\FlashUtil10h_Plugin.exe (Adobe Systems, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-515967899-1035525444-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html () O8 - Extra context menu item: Pobierz wszystkie wideo za pomocą BitComet - D:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - D:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Pobierz za pomocą BitComet - D:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - D:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll (BitComet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62 O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll () O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINNT\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINNT\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINNT\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINNT\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINNT\Web\Wallpaper\Idylla.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-07-28 19:13:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-08-18 08:07:05 | 000,000,209 | RHS- | M] () - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-08-18 08:07:05 | 000,000,285 | RHS- | M] () - D:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{abf14160-9a76-11df-8f85-806d6172696f}\Shell\AutoplAY\comMand - "" = okcc.exe O33 - MountPoints2\{abf14160-9a76-11df-8f85-806d6172696f}\Shell\AutoRun\command - "" = okcc.exe O33 - MountPoints2\{abf14160-9a76-11df-8f85-806d6172696f}\Shell\eXpLoRE\COMmaND - "" = okcc.exe O33 - MountPoints2\{abf14160-9a76-11df-8f85-806d6172696f}\Shell\OpeN\cOmmanD - "" = okcc.exe O33 - MountPoints2\{abf14162-9a76-11df-8f85-806d6172696f}\Shell\AutOplay\cOmmanD - "" = gabn.exe O33 - MountPoints2\{abf14162-9a76-11df-8f85-806d6172696f}\Shell\AutoRun\command - "" = gabn.exe O33 - MountPoints2\{abf14162-9a76-11df-8f85-806d6172696f}\Shell\explore\COMMAnd - "" = gabn.exe O33 - MountPoints2\{abf14162-9a76-11df-8f85-806d6172696f}\Shell\oPen\comMANd - "" = gabn.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-08-19 11:28:04 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Program Files\OTL.exe [2010-08-19 10:50:49 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2010-08-19 10:50:17 | 000,000,000 | ---D | C] -- C:\rsit [2010-08-19 10:46:21 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010-08-19 06:33:02 | 000,000,000 | ---D | C] -- C:\WINNT\LastGood [2010-08-19 06:31:15 | 000,000,000 | ---D | C] -- C:\My Shared Folder [2010-08-18 08:42:36 | 000,073,728 | ---- | C] (Oracle) -- C:\WINNT\System32\javacpl.cpl [2010-08-18 08:42:35 | 000,153,376 | ---- | C] (Oracle) -- C:\WINNT\System32\javaws.exe [2010-08-18 08:42:35 | 000,145,184 | ---- | C] (Oracle) -- C:\WINNT\System32\javaw.exe [2010-08-18 08:42:35 | 000,145,184 | ---- | C] (Oracle) -- C:\WINNT\System32\java.exe [2010-08-18 08:17:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\AVG Security Toolbar [2010-08-18 08:09:45 | 000,000,000 | -H-D | C] -- C:\$AVG [2010-08-18 08:03:05 | 000,052,872 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\drivers\avgrkx86.sys [2010-08-18 08:03:05 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\avgrsstx.dll [2010-08-18 08:03:04 | 000,243,024 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\drivers\avgtdix.sys [2010-08-18 08:02:53 | 000,216,400 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\drivers\avgldx86.sys [2010-08-18 08:02:52 | 000,029,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\drivers\avgmfx86.sys [2010-08-18 08:02:42 | 000,000,000 | ---D | C] -- C:\WINNT\System32\drivers\Avg [2010-08-18 08:02:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Security Toolbar [2010-08-18 08:02:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9 [2010-08-18 08:02:17 | 000,000,000 | ---D | C] -- C:\Program Files\AVG [2010-08-18 07:56:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Windows Genuine Advantage [2010-08-18 07:50:41 | 000,153,184 | ---- | C] (ALWIL Software) -- C:\WINNT\System32\aswBoot.exe [2010-08-18 07:50:35 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software [2010-08-17 20:29:16 | 000,164,864 | ---- | C] (INCA Internet co., Ltd.) -- C:\Program Files\NPUpdate0.dll [2010-08-17 20:29:16 | 000,125,952 | ---- | C] (INCA Internet, Inc) -- C:\Program Files\NPX.dll [2010-08-17 20:29:16 | 000,122,940 | ---- | C] (안철수연구소) -- C:\Program Files\Mfsvc2.dll [2010-08-17 20:29:16 | 000,061,531 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Program Files\NPGmup.dll [2010-08-17 20:29:16 | 000,055,296 | ---- | C] (INCA Internet Co., Ltd) -- C:\Program Files\NPCipher.dll [2010-08-17 20:29:16 | 000,032,768 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Program Files\NPChk.dll [2010-08-17 20:29:16 | 000,031,744 | ---- | C] (incainternet) -- C:\Program Files\NPPsk.dll [2010-08-17 20:29:15 | 000,000,000 | ---D | C] -- C:\Program Files\MuGuard [2010-08-17 20:27:14 | 000,000,000 | ---D | C] -- C:\Program Files\Data [2010-08-17 09:14:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit\My Shared Folder [2010-08-17 09:14:00 | 000,000,000 | ---D | C] -- C:\Program Files\Ares [2010-08-17 07:36:30 | 000,000,000 | ---D | C] -- C:\WINNT\System32\XPSViewer [2010-08-17 07:36:25 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2010-08-17 07:36:23 | 000,000,000 | ---D | C] -- C:\WINNT\System32\en-US [2010-08-17 07:36:15 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2010-08-17 07:11:03 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0 [2010-08-16 19:41:19 | 000,000,000 | ---D | C] -- C:\WINNT\Sun [2010-08-16 19:39:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun [2010-08-16 19:39:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2010-08-16 19:39:27 | 000,423,656 | ---- | C] (Oracle) -- C:\WINNT\System32\deployJava1.dll [2010-08-16 19:39:11 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2010-08-16 19:38:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Sun [2010-08-16 13:17:02 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect [2010-08-16 13:16:56 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Toolbar [2010-08-16 13:16:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar [2010-08-16 13:16:41 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp [2010-08-16 13:16:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Winamp [2010-08-16 13:11:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\My Radios [2010-08-16 13:11:07 | 000,000,000 | ---D | C] -- C:\Program Files\3aLab [2010-08-13 08:03:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Need for Speed World [2010-08-13 07:43:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Electronic_Arts_Inc [2010-08-13 07:36:20 | 000,000,000 | R-SD | C] -- C:\WINNT\assembly [2010-08-13 07:35:49 | 000,000,000 | ---D | C] -- C:\WINNT\Microsoft.NET [2010-08-13 07:32:38 | 000,000,000 | ---D | C] -- C:\WINNT\Logs [2010-08-13 07:32:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2010-08-12 07:54:33 | 000,000,000 | ---D | C] -- C:\Program Files\BitSpirit [2010-08-11 16:14:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Yahoo! Companion [2010-08-10 18:21:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\NFS Underground 2 [2010-08-10 18:21:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DirectX [2010-08-10 12:57:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\WinRAR [2010-08-10 08:17:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\BitSpirit [2010-08-09 10:44:34 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\WINNT\System32\D3DX81ab.dll [2010-08-09 10:44:33 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine [2010-08-09 08:18:37 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\.# [2010-08-06 12:01:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Ares [2010-08-05 17:53:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\InstallShield [2010-08-05 17:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\The Games Factory 2 [2010-08-05 14:36:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\TeamViewer [2010-08-05 14:36:28 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer [2010-08-05 09:46:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Designer [2010-08-05 09:45:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server [2010-08-04 13:59:02 | 000,000,000 | ---D | C] -- C:\Program Files\X-World Team [2010-08-04 09:53:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\skypePM [2010-08-04 09:44:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Skype [2010-08-04 09:44:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2010-08-04 09:44:04 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2010-08-04 09:43:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype [2010-08-03 09:11:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\GTA San Andreas User Files [2010-08-03 09:01:00 | 000,000,000 | ---D | C] -- C:\WINNT\ServicePackFiles [2010-08-01 20:59:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Gadu-Gadu [2010-08-01 20:58:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Gadu-Gadu [2010-08-01 17:32:45 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\WINNT\System32\CmdLineExt.dll [2010-08-01 15:56:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-08-01 15:53:50 | 000,000,000 | ---D | C] -- C:\WINNT\System32\KB905474 [2010-07-31 11:32:11 | 000,000,000 | ---D | C] -- C:\WINNT\System32\CatRoot_bak [2010-07-30 18:49:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\boost_interprocess [2010-07-30 18:25:25 | 000,000,000 | ---D | C] -- C:\WINNT\System32\SoftwareDistribution [2010-07-30 18:24:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Ahead [2010-07-30 18:22:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Ahead [2010-07-30 18:20:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead [2010-07-30 18:16:55 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo! [2010-07-30 17:28:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Nero [2010-07-30 17:27:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Real [2010-07-30 17:26:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Nero [2010-07-30 17:26:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero [2010-07-30 16:40:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\TigerPlayer [2010-07-30 16:39:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer [2010-07-30 15:09:41 | 004,358,144 | ---- | C] (GSC Game World) -- C:\WINNT\uncsetup.exe [2010-07-29 16:03:57 | 000,000,000 | ---D | C] -- C:\WINNT\Minidump [2010-07-29 08:01:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Help [2010-07-29 08:01:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Help [2010-07-29 07:42:30 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2010-07-29 07:38:42 | 000,094,208 | ---- | C] (ATI Technologies, Inc.) -- C:\WINNT\System32\atipdlxx.dll [2010-07-29 07:38:42 | 000,073,728 | ---- | C] (ATI Technologies, Inc.) -- C:\WINNT\System32\Oemdspif.dll [2010-07-29 07:38:42 | 000,024,064 | ---- | C] (ATI Technologies, Inc.) -- C:\WINNT\System32\ativcoxx.dll [2010-07-29 07:38:41 | 000,039,936 | ---- | C] (ATI Technologies, Inc.) -- C:\WINNT\System32\ati2edxx.dll [2010-07-29 07:38:41 | 000,025,088 | ---- | C] (ATI Technologies, Inc.) -- C:\WINNT\System32\Ati2mdxx.exe [2010-07-29 07:33:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Macromedia [2010-07-29 07:33:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Adobe [2010-07-29 07:25:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2010-07-29 07:23:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Conduit [2010-07-29 07:23:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Softonic-Eng7 [2010-07-29 07:23:46 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit [2010-07-29 07:23:45 | 000,000,000 | ---D | C] -- C:\Program Files\Softonic-Eng7 [2010-07-29 07:23:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Adobe [2010-07-29 07:05:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Identities [2010-07-28 21:30:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\BitComet [2010-07-28 21:27:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\Pobieranie [2010-07-28 21:27:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Mozilla [2010-07-28 21:27:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla [2010-07-28 21:25:59 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user\UserData [2010-07-28 21:10:32 | 000,000,000 | ---D | C] -- C:\Downloads [2010-07-28 20:40:56 | 000,000,000 | -HSD | C] -- C:\WINNT\Installer [2010-07-28 20:40:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC [2010-07-28 20:40:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines [2010-07-28 20:40:52 | 000,000,000 | R--D | C] -- C:\Program Files [2010-07-28 20:40:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared [2010-07-28 20:40:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files [2010-07-28 20:40:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start [2010-07-28 20:40:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty [2010-07-28 20:40:08 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Szablony [2010-07-28 20:40:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Ulubione [2010-07-28 20:40:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Pulpit [2010-07-28 20:39:51 | 000,000,000 | ---D | C] -- C:\WINNT\System32\CatRoot2 [2010-07-28 20:39:51 | 000,000,000 | ---D | C] -- C:\WINNT\System32\CatRoot [2010-07-28 20:39:45 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft [2010-07-28 20:39:45 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji [2010-07-28 20:39:22 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2010-07-28 20:39:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings [2010-07-28 20:35:12 | 000,000,000 | R-SD | C] -- C:\WINNT\Fonts [2010-07-28 20:35:12 | 000,000,000 | RHSD | C] -- C:\WINNT\System32\dllcache [2010-07-28 20:35:12 | 000,000,000 | R--D | C] -- C:\WINNT\Web [2010-07-28 20:35:12 | 000,000,000 | -H-D | C] -- C:\WINNT\inf [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\WinSxS [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\wins [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\wbem [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\usmt [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\twain_32 [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\Temp [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\system32 [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\system [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\spool [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\ShellExt [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\Setup [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\security [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\Resources [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\repair [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\ras [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\Provisioning [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\PreInstall [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\PeerNet [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\pchealth [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\oobe [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\npp [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\mui [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\mui [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\msapps [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\msagent [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\Media [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\java [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\inetsrv [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\IME [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\ime [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\icsxml [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\ias [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\Help [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\export [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\drivers\etc [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\ehome [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\drivers [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\Driver Cache [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\drivers\disdn [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\dhcp [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\Debug [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\Cursors [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\Connection Wizard [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\config [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\Config [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\AppPatch [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\addins [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\3com_dmi [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\3076 [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\2052 [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\1054 [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\1045 [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\1042 [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\1041 [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\1037 [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\1033 [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\1031 [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\1028 [2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\1025 [2010-07-28 19:31:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe [2010-07-28 19:30:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Moje wideo [2010-07-28 19:29:54 | 000,000,000 | ---D | C] -- C:\WINNT\RegisteredPackages [2010-07-28 19:28:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GHISLER [2010-07-28 19:24:29 | 000,000,000 | ---D | C] -- C:\Program Files\VIA [2010-07-28 19:22:10 | 000,000,000 | ---D | C] -- C:\WINNT\System32\ReinstallBackups [2010-07-28 19:21:18 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2010-07-28 19:19:18 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek Sound Manager [2010-07-28 19:19:18 | 000,000,000 | ---D | C] -- C:\Program Files\AvRack [2010-07-28 19:19:11 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek AC97 [2010-07-28 19:19:10 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2010-07-28 19:18:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2010-07-28 19:17:40 | 000,000,000 | ---D | C] -- C:\Program Files\totalcmd [2010-07-28 19:16:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Identities [2010-07-28 19:16:13 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information [2010-07-28 19:16:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Moje obrazy [2010-07-28 19:16:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Moja muzyka [2010-07-28 19:16:05 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user\Dane aplikacji\Microsoft [2010-07-28 19:16:05 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user\Cookies [2010-07-28 19:16:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\SendTo [2010-07-28 19:16:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent [2010-07-28 19:16:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Dane aplikacji [2010-07-28 19:16:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Ulubione [2010-07-28 19:16:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty [2010-07-28 19:16:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Menu Start [2010-07-28 19:16:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\Ustawienia lokalne [2010-07-28 19:16:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\Szablony [2010-07-28 19:16:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\PrintHood [2010-07-28 19:16:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\NetHood [2010-07-28 19:16:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit [2010-07-28 19:16:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-07-28 19:15:13 | 000,000,000 | ---D | C] -- C:\WINNT\SoftwareDistribution [2010-07-28 19:15:12 | 000,000,000 | ---D | C] -- C:\WINNT\Prefetch [2010-07-28 19:15:11 | 000,000,000 | --SD | C] -- C:\WINNT\System32\Microsoft [2010-07-28 19:15:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-07-28 19:15:10 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2010-07-28 19:15:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-07-28 19:15:04 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2010-07-28 19:13:41 | 000,000,000 | -H-D | C] -- C:\WINNT\$hf_mig$ [2010-07-28 19:12:29 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM [2010-07-28 19:12:19 | 000,000,000 | --SD | C] -- C:\WINNT\Downloaded Program Files [2010-07-28 19:12:19 | 000,000,000 | R--D | C] -- C:\WINNT\Offline Web Pages [2010-07-28 19:12:08 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate [2010-07-28 19:12:05 | 000,000,000 | ---D | C] -- C:\Program Files\Usługi online [2010-07-28 19:11:46 | 000,000,000 | ---D | C] -- C:\WINNT\System32\DirectX [2010-07-28 19:11:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services [2010-07-28 19:11:05 | 000,000,000 | --SD | C] -- C:\WINNT\Tasks [2010-07-28 19:11:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap [2010-07-28 19:10:59 | 000,000,000 | ---D | C] -- C:\WINNT\srchasst [2010-07-28 19:10:58 | 000,000,000 | ---D | C] -- C:\WINNT\System32\Macromed [2010-07-28 19:10:49 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker [2010-07-28 19:10:37 | 000,000,000 | ---D | C] -- C:\WINNT\System32\Restore [2010-07-28 19:10:32 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting [2010-07-28 19:10:28 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express [2010-07-28 19:10:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System [2010-07-28 19:10:19 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer [2010-07-28 19:10:18 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy [2010-07-28 19:09:41 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications [2010-07-28 19:09:36 | 000,000,000 | ---D | C] -- C:\WINNT\Registration [2010-07-28 19:09:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka [2010-07-28 19:09:30 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player [2010-07-28 19:09:24 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger [2010-07-28 19:09:20 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone [2010-07-28 19:08:44 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT [2010-07-28 19:08:40 | 000,000,000 | ---D | C] -- C:\WINNT\System32\MsDtc [2010-07-28 19:08:37 | 000,000,000 | ---D | C] -- C:\WINNT\System32\Com [2010-07-28 19:08:22 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo [3 C:\WINNT\*.tmp files -> C:\WINNT\*.tmp -> ] [1 C:\WINNT\System32\*.tmp files -> C:\WINNT\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-08-19 11:28:05 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe [2010-08-19 11:15:40 | 001,094,102 | ---- | M] () -- C:\WINNT\System32\PerfStringBackup.INI [2010-08-19 11:15:40 | 000,508,114 | ---- | M] () -- C:\WINNT\System32\perfh015.dat [2010-08-19 11:15:40 | 000,450,186 | ---- | M] () -- C:\WINNT\System32\perfh009.dat [2010-08-19 11:15:40 | 000,091,004 | ---- | M] () -- C:\WINNT\System32\perfc015.dat [2010-08-19 11:15:40 | 000,074,656 | ---- | M] () -- C:\WINNT\System32\perfc009.dat [2010-08-19 10:37:47 | 000,001,374 | ---- | M] () -- C:\WINNT\imsins.BAK [2010-08-19 06:38:27 | 063,580,009 | ---- | M] () -- C:\WINNT\System32\drivers\Avg\incavi.avm [2010-08-19 06:35:30 | 000,002,206 | ---- | M] () -- C:\WINNT\System32\wpa.dbl [2010-08-19 06:30:49 | 000,000,006 | -H-- | M] () -- C:\WINNT\tasks\SA.DAT [2010-08-19 06:30:47 | 000,002,048 | --S- | M] () -- C:\WINNT\bootstat.dat [2010-08-19 06:30:44 | 804,835,328 | -HS- | M] () -- C:\hiberfil.sys [2010-08-18 10:24:54 | 000,002,263 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2010-08-18 09:40:31 | 002,621,440 | -H-- | M] () -- C:\Documents and Settings\user\NTUSER.DAT [2010-08-18 08:42:09 | 000,423,656 | ---- | M] (Oracle) -- C:\WINNT\System32\deployJava1.dll [2010-08-18 08:42:09 | 000,153,376 | ---- | M] (Oracle) -- C:\WINNT\System32\javaws.exe [2010-08-18 08:42:09 | 000,145,184 | ---- | M] (Oracle) -- C:\WINNT\System32\javaw.exe [2010-08-18 08:42:09 | 000,145,184 | ---- | M] (Oracle) -- C:\WINNT\System32\java.exe [2010-08-18 08:42:09 | 000,073,728 | ---- | M] (Oracle) -- C:\WINNT\System32\javacpl.cpl [2010-08-18 08:18:05 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\user\ntuser.ini [2010-08-18 08:17:49 | 004,804,558 | -H-- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-08-18 08:07:05 | 000,000,209 | RHS- | M] () -- C:\autorun.inf [2010-08-18 08:03:06 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AVG 9.0.lnk [2010-08-18 08:03:05 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\drivers\avgrkx86.sys [2010-08-18 08:03:05 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\avgrsstx.dll [2010-08-18 08:03:04 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\drivers\avgtdix.sys [2010-08-18 08:02:53 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\drivers\avgldx86.sys [2010-08-18 08:02:52 | 000,113,461 | ---- | M] () -- C:\WINNT\System32\drivers\Avg\iavichjw.avm [2010-08-18 08:02:52 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\drivers\avgmfx86.sys [2010-08-18 07:49:17 | 000,002,596 | ---- | M] () -- C:\WINNT\System32\CONFIG.NT [2010-08-17 21:13:54 | 000,000,103 | ---- | M] () -- C:\Documents and Settings\user\default.pls [2010-08-17 21:10:12 | 000,000,116 | ---- | M] () -- C:\WINNT\NeroDigital.ini [2010-08-17 09:21:37 | 000,000,266 | ---- | M] () -- C:\WINNT\system.ini [2010-08-17 09:14:07 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\Ares.lnk [2010-08-17 08:30:13 | 000,097,456 | ---- | M] () -- C:\WINNT\System32\FNTCACHE.DAT [2010-08-16 13:17:02 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk [2010-08-16 13:17:00 | 000,001,130 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\50 FREE MP3s +1 Free Audiobook!.lnk [2010-08-16 13:11:11 | 000,000,678 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\iRadio.lnk [2010-08-14 12:25:16 | 000,002,513 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\X-World MuOnline.lnk [2010-08-13 07:43:31 | 000,012,496 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-08-13 07:32:37 | 000,001,230 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Need For Speed World.lnk [2010-08-10 11:49:39 | 004,358,144 | ---- | M] (GSC Game World) -- C:\WINNT\uncsetup.exe [2010-08-09 10:44:37 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\Cheat Engine.lnk [2010-08-05 17:53:51 | 000,000,477 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Global MU Online.lnk [2010-08-05 17:27:46 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\The Games Factory 2.lnk [2010-08-05 09:47:42 | 000,007,595 | ---- | M] () -- C:\WINNT\setup.iss [2010-08-05 09:47:39 | 000,001,744 | ---- | M] () -- C:\WINNT\sql.mif [2010-08-05 09:47:38 | 000,001,852 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Service Manager.lnk [2010-08-04 14:55:14 | 000,002,265 | ---- | M] () -- C:\my.cnf [2010-08-04 09:53:14 | 000,000,056 | -H-- | M] () -- C:\WINNT\System32\ezsidmv.dat [2010-08-01 18:11:19 | 000,006,144 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-08-01 17:32:45 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\WINNT\System32\CmdLineExt.dll [2010-07-30 18:26:38 | 000,043,062 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\UserImages.bmp [2010-07-30 18:22:58 | 000,001,372 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart.lnk [2010-07-30 18:22:58 | 000,001,316 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero Home.lnk [2010-07-30 16:40:19 | 000,000,448 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\MpcStar.lnk [2010-07-30 15:09:44 | 000,053,248 | ---- | M] () -- C:\WINNT\System32\unrar.dll [2010-07-30 11:11:55 | 000,000,766 | ---- | M] () -- C:\WINNT\CoD.INI [2010-07-29 07:38:42 | 000,094,208 | ---- | M] (ATI Technologies, Inc.) -- C:\WINNT\System32\atipdlxx.dll [2010-07-29 07:38:42 | 000,073,728 | ---- | M] (ATI Technologies, Inc.) -- C:\WINNT\System32\Oemdspif.dll [2010-07-29 07:38:42 | 000,024,064 | ---- | M] (ATI Technologies, Inc.) -- C:\WINNT\System32\ativcoxx.dll [2010-07-29 07:38:41 | 000,093,878 | ---- | M] () -- C:\WINNT\System32\atiicdxx.dat [2010-07-29 07:38:41 | 000,039,936 | ---- | M] (ATI Technologies, Inc.) -- C:\WINNT\System32\ati2edxx.dll [2010-07-29 07:38:41 | 000,025,088 | ---- | M] (ATI Technologies, Inc.) -- C:\WINNT\System32\Ati2mdxx.exe [2010-07-29 07:38:41 | 000,005,195 | ---- | M] () -- C:\WINNT\System32\atifglpf.xml [2010-07-29 07:26:35 | 000,001,550 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-07-28 21:30:25 | 000,000,576 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\BitComet.lnk [2010-07-28 21:27:26 | 000,000,000 | ---- | M] () -- C:\WINNT\nsreg.dat [2010-07-28 21:27:21 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-07-28 19:33:51 | 000,000,980 | ---- | M] () -- C:\WINNT\wincmd.ini [2010-07-28 19:30:12 | 000,023,392 | ---- | M] () -- C:\WINNT\System32\nscompat.tlb [2010-07-28 19:30:12 | 000,016,832 | ---- | M] () -- C:\WINNT\System32\amcompat.tlb [2010-07-28 19:30:02 | 000,316,640 | ---- | M] () -- C:\WINNT\WMSysPr9.prx [2010-07-28 19:15:07 | 000,008,192 | ---- | M] () -- C:\WINNT\REGLOCS.OLD [2010-07-28 19:14:18 | 000,000,261 | ---- | M] () -- C:\WINNT\System32\$winnt$.inf [2010-07-28 19:13:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010-07-28 19:13:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-07-28 19:13:28 | 000,000,000 | ---- | M] () -- C:\WINNT\control.ini [2010-07-28 19:13:28 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-07-28 19:13:28 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-07-28 19:13:27 | 000,000,477 | ---- | M] () -- C:\WINNT\win.ini [2010-07-28 19:13:09 | 000,004,205 | ---- | M] () -- C:\WINNT\ODBCINST.INI [2010-07-28 19:12:19 | 000,000,488 | RH-- | M] () -- C:\WINNT\System32\WindowsLogon.manifest [2010-07-28 19:12:19 | 000,000,488 | RH-- | M] () -- C:\WINNT\System32\logonui.exe.manifest [2010-07-28 19:12:13 | 000,000,749 | RH-- | M] () -- C:\WINNT\System32\wuaucpl.cpl.manifest [2010-07-28 19:12:13 | 000,000,749 | RH-- | M] () -- C:\WINNT\WindowsShell.Manifest [2010-07-28 19:12:13 | 000,000,749 | RH-- | M] () -- C:\WINNT\System32\sapi.cpl.manifest [2010-07-28 19:12:13 | 000,000,749 | RH-- | M] () -- C:\WINNT\System32\nwc.cpl.manifest [2010-07-28 19:12:13 | 000,000,749 | RH-- | M] () -- C:\WINNT\System32\ncpa.cpl.manifest [2010-07-28 19:12:13 | 000,000,749 | RH-- | M] () -- C:\WINNT\System32\cdplayer.exe.manifest [2010-07-28 19:09:49 | 000,021,856 | ---- | M] () -- C:\WINNT\System32\emptyregdb.dat [2010-07-28 19:09:40 | 000,000,037 | ---- | M] () -- C:\WINNT\vbaddin.ini [2010-07-28 19:09:40 | 000,000,036 | ---- | M] () -- C:\WINNT\vb.ini [2010-07-28 19:07:39 | 000,000,207 | -HS- | M] () -- C:\boot.ini [2010-07-09 15:52:45 | 005,170,688 | ---- | M] () -- C:\Program Files\main.exe [2010-07-09 15:12:49 | 000,019,714 | ---- | M] () -- C:\Program Files\MuError.dmp [3 C:\WINNT\*.tmp files -> C:\WINNT\*.tmp -> ] [1 C:\WINNT\System32\*.tmp files -> C:\WINNT\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-08-18 08:09:13 | 000,000,209 | RHS- | C] () -- C:\autorun.inf [2010-08-18 08:03:06 | 000,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AVG 9.0.lnk [2010-08-18 08:02:52 | 000,113,461 | ---- | C] () -- C:\WINNT\System32\drivers\Avg\iavichjw.avm [2010-08-18 08:02:42 | 063,580,009 | ---- | C] () -- C:\WINNT\System32\drivers\Avg\incavi.avm [2010-08-17 20:29:16 | 000,999,424 | ---- | C] () -- C:\Program Files\VorbisFile.dll [2010-08-17 20:29:16 | 000,381,010 | ---- | C] () -- C:\Program Files\Wz_Zp.dll [2010-08-17 20:29:16 | 000,229,432 | ---- | C] () -- C:\Program Files\Wsctlcd.dll [2010-08-17 20:29:16 | 000,212,992 | ---- | C] () -- C:\Program Files\WzAudio.dll [2010-08-17 20:29:16 | 000,085,504 | ---- | C] () -- C:\Program Files\wzCipher.dll [2010-08-17 20:29:16 | 000,053,248 | ---- | C] () -- C:\Program Files\sound.dll [2010-08-17 20:29:16 | 000,053,248 | ---- | C] () -- C:\Program Files\Ogg.dll [2010-08-17 20:29:16 | 000,049,152 | ---- | C] () -- C:\Program Files\MuMsg.dll [2010-08-17 20:29:16 | 000,045,056 | ---- | C] () -- C:\Program Files\Wsctlc.dll [2010-08-17 20:29:16 | 000,019,714 | ---- | C] () -- C:\Program Files\MuError.dmp [2010-08-17 20:29:16 | 000,018,259 | ---- | C] () -- C:\Program Files\MuError.log [2010-08-17 20:29:16 | 000,011,264 | ---- | C] () -- C:\Program Files\MuJP.dll [2010-08-17 20:29:16 | 000,002,172 | ---- | C] () -- C:\Program Files\Message.wtf [2010-08-17 20:29:16 | 000,000,349 | ---- | C] () -- C:\Program Files\MuJP.ini [2010-08-17 20:29:15 | 005,170,688 | ---- | C] () -- C:\Program Files\main.exe [2010-08-17 20:29:15 | 000,049,152 | ---- | C] () -- C:\Program Files\hook.dll [2010-08-17 20:29:15 | 000,000,884 | ---- | C] () -- C:\Program Files\Format.cfg [2010-08-17 20:29:15 | 000,000,024 | ---- | C] () -- C:\Program Files\Config.ini [2010-08-17 09:14:07 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\Ares.lnk [2010-08-16 13:17:02 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk [2010-08-16 13:17:00 | 000,001,130 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\50 FREE MP3s +1 Free Audiobook!.lnk [2010-08-16 13:11:11 | 000,000,678 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\iRadio.lnk [2010-08-13 07:32:36 | 000,001,230 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Need For Speed World.lnk [2010-08-09 10:44:37 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\Cheat Engine.lnk [2010-08-09 10:44:34 | 001,970,176 | ---- | C] () -- C:\WINNT\System32\d3dx9.dll [2010-08-05 17:53:51 | 000,000,477 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Global MU Online.lnk [2010-08-05 17:27:46 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\The Games Factory 2.lnk [2010-08-05 09:47:39 | 000,001,744 | ---- | C] () -- C:\WINNT\sql.mif [2010-08-05 09:47:38 | 000,001,852 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Service Manager.lnk [2010-08-05 09:46:36 | 000,036,939 | ---- | C] () -- C:\WINNT\System32\insrepim.exe [2010-08-04 15:11:05 | 000,007,595 | ---- | C] () -- C:\WINNT\setup.iss [2010-08-04 14:00:35 | 000,002,513 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\X-World MuOnline.lnk [2010-08-04 09:53:14 | 000,000,056 | -H-- | C] () -- C:\WINNT\System32\ezsidmv.dat [2010-08-04 09:44:16 | 000,002,263 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2010-07-30 19:06:10 | 000,000,103 | ---- | C] () -- C:\Documents and Settings\user\default.pls [2010-07-30 18:58:03 | 000,000,116 | ---- | C] () -- C:\WINNT\NeroDigital.ini [2010-07-30 18:58:01 | 000,006,144 | ---- | C] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-07-30 18:26:38 | 000,043,062 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\UserImages.bmp [2010-07-30 18:22:58 | 000,001,372 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart.lnk [2010-07-30 18:22:57 | 000,001,316 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nero Home.lnk [2010-07-30 16:40:19 | 000,000,448 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\MpcStar.lnk [2010-07-30 15:09:44 | 000,053,248 | ---- | C] () -- C:\WINNT\System32\unrar.dll [2010-07-30 10:56:21 | 000,000,766 | ---- | C] () -- C:\WINNT\CoD.INI [2010-07-29 07:42:52 | 000,516,096 | ---- | C] () -- C:\WINNT\System32\ati2sgag.exe [2010-07-29 07:38:41 | 000,093,878 | ---- | C] () -- C:\WINNT\System32\atiicdxx.dat [2010-07-29 07:38:41 | 000,005,195 | ---- | C] () -- C:\WINNT\System32\atifglpf.xml [2010-07-29 07:26:35 | 000,001,550 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-07-28 21:30:25 | 000,000,576 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\BitComet.lnk [2010-07-28 21:27:26 | 000,000,000 | ---- | C] () -- C:\WINNT\nsreg.dat [2010-07-28 21:27:20 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-07-28 20:40:59 | 000,001,374 | ---- | C] () -- C:\WINNT\imsins.BAK [2010-07-28 20:40:43 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\c_28603.nls [2010-07-28 20:40:40 | 000,066,594 | ---- | C] () -- C:\WINNT\System32\c_857.nls [2010-07-28 20:40:40 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\c_28599.nls [2010-07-28 20:40:40 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\c_10081.nls [2010-07-28 20:40:37 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\C_28595.NLS [2010-07-28 20:40:37 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\c_10017.nls [2010-07-28 20:40:37 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\c_10007.nls [2010-07-28 20:40:35 | 000,066,594 | ---- | C] () -- C:\WINNT\System32\c_869.nls [2010-07-28 20:40:35 | 000,066,594 | ---- | C] () -- C:\WINNT\System32\c_737.nls [2010-07-28 20:40:35 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\c_875.nls [2010-07-28 20:40:35 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\C_28597.NLS [2010-07-28 20:40:35 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\c_10006.nls [2010-07-28 20:40:33 | 000,066,594 | ---- | C] () -- C:\WINNT\System32\c_866.nls [2010-07-28 20:40:33 | 000,066,594 | ---- | C] () -- C:\WINNT\System32\c_855.nls [2010-07-28 20:40:33 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\C_28594.NLS [2010-07-28 20:40:25 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\c_20127.nls [2010-07-28 20:40:22 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\c_10082.nls [2010-07-28 20:40:22 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\c_10029.nls [2010-07-28 20:40:22 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\c_10010.nls [2010-07-28 20:40:17 | 000,001,734 | ---- | C] () -- C:\WINNT\System32\AUTOEXEC.NT [2010-07-28 20:40:16 | 000,147,968 | ---- | C] () -- C:\WINNT\NOTEPAD.EXE [2010-07-28 20:40:03 | 000,141,702 | ---- | C] () -- C:\WINNT\System32\dllcache\netfx.cat [2010-07-28 20:40:03 | 000,102,826 | ---- | C] () -- C:\WINNT\System32\dllcache\tabletpc.cat [2010-07-28 20:40:03 | 000,031,965 | ---- | C] () -- C:\WINNT\System32\dllcache\mediactr.cat [2010-07-28 20:40:03 | 000,007,382 | ---- | C] () -- C:\WINNT\System32\dllcache\OEMBIOS.CAT [2010-07-28 20:40:03 | 000,007,245 | ---- | C] () -- C:\WINNT\System32\dllcache\MSTSWEB.CAT [2010-07-28 20:40:02 | 001,014,483 | ---- | C] () -- C:\WINNT\System32\dllcache\SP2.CAT [2010-07-28 20:40:02 | 000,808,524 | ---- | C] () -- C:\WINNT\System32\dllcache\NT5IIS.CAT [2010-07-28 20:40:02 | 000,399,670 | ---- | C] () -- C:\WINNT\System32\dllcache\MAPIMIG.CAT [2010-07-28 20:40:02 | 000,037,509 | ---- | C] () -- C:\WINNT\System32\dllcache\MW770.CAT [2010-07-28 20:40:02 | 000,030,983 | ---- | C] () -- C:\WINNT\System32\dllcache\FP4.CAT [2010-07-28 20:40:02 | 000,014,043 | ---- | C] () -- C:\WINNT\System32\dllcache\IMS.CAT [2010-07-28 20:40:02 | 000,013,497 | ---- | C] () -- C:\WINNT\System32\dllcache\HPCRDP.CAT [2010-07-28 20:40:02 | 000,009,581 | ---- | C] () -- C:\WINNT\System32\dllcache\MSMSGS.CAT [2010-07-28 20:40:02 | 000,008,599 | ---- | C] () -- C:\WINNT\System32\dllcache\IASNT4.CAT [2010-07-28 20:40:02 | 000,007,334 | ---- | C] () -- C:\WINNT\System32\dllcache\wmerrenu.cat [2010-07-28 20:40:01 | 001,896,400 | ---- | C] () -- C:\WINNT\System32\dllcache\NT5.CAT [2010-07-28 20:40:01 | 000,620,500 | ---- | C] () -- C:\WINNT\System32\dllcache\NT5INF.CAT [2010-07-28 20:39:21 | 000,097,456 | ---- | C] () -- C:\WINNT\System32\FNTCACHE.DAT [2010-07-28 20:38:30 | 000,000,207 | -HS- | C] () -- C:\boot.ini [2010-07-28 20:38:27 | 000,000,261 | ---- | C] () -- C:\WINNT\System32\$winnt$.inf [2010-07-28 19:19:39 | 000,049,152 | ---- | C] () -- C:\WINNT\System32\ChCfg.exe [2010-07-28 19:19:18 | 000,000,164 | ---- | C] () -- C:\WINNT\avrack.ini [2010-07-28 19:19:11 | 000,141,016 | ---- | C] () -- C:\WINNT\System32\alsndmgr.wav [2010-07-28 19:19:10 | 000,143,360 | ---- | C] () -- C:\WINNT\System32\RtlCPAPI.dll [2010-07-28 19:17:40 | 000,000,980 | ---- | C] () -- C:\WINNT\wincmd.ini [2010-07-28 19:17:40 | 000,000,545 | ---- | C] () -- C:\WINNT\UC.PIF [2010-07-28 19:17:40 | 000,000,545 | ---- | C] () -- C:\WINNT\RAR.PIF [2010-07-28 19:17:40 | 000,000,545 | ---- | C] () -- C:\WINNT\PKZIP.PIF [2010-07-28 19:17:40 | 000,000,545 | ---- | C] () -- C:\WINNT\PKUNZIP.PIF [2010-07-28 19:17:40 | 000,000,545 | ---- | C] () -- C:\WINNT\NOCLOSE.PIF [2010-07-28 19:17:40 | 000,000,545 | ---- | C] () -- C:\WINNT\LHA.PIF [2010-07-28 19:17:40 | 000,000,545 | ---- | C] () -- C:\WINNT\ARJ.PIF [2010-07-28 19:16:06 | 000,028,672 | -H-- | C] () -- C:\Documents and Settings\user\ntuser.dat.LOG [2010-07-28 19:16:06 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\user\ntuser.ini [2010-07-28 19:16:05 | 002,621,440 | -H-- | C] () -- C:\Documents and Settings\user\NTUSER.DAT [2010-07-28 19:16:03 | 804,835,328 | -HS- | C] () -- C:\hiberfil.sys [2010-07-28 19:15:07 | 000,008,192 | ---- | C] () -- C:\WINNT\REGLOCS.OLD [2010-07-28 19:14:18 | 000,002,048 | --S- | C] () -- C:\WINNT\bootstat.dat [2010-07-28 19:13:28 | 000,002,596 | ---- | C] () -- C:\WINNT\System32\CONFIG.NT [2010-07-28 19:13:28 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2010-07-28 19:13:28 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2010-07-28 19:13:28 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS [2010-07-28 19:13:28 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT [2010-07-28 19:13:18 | 000,023,392 | ---- | C] () -- C:\WINNT\System32\nscompat.tlb [2010-07-28 19:13:18 | 000,016,832 | ---- | C] () -- C:\WINNT\System32\amcompat.tlb [2010-07-28 19:13:17 | 000,316,640 | ---- | C] () -- C:\WINNT\WMSysPr9.prx [2010-07-28 19:12:19 | 000,000,488 | RH-- | C] () -- C:\WINNT\System32\WindowsLogon.manifest [2010-07-28 19:12:19 | 000,000,488 | RH-- | C] () -- C:\WINNT\System32\logonui.exe.manifest [2010-07-28 19:12:13 | 000,000,749 | RH-- | C] () -- C:\WINNT\System32\wuaucpl.cpl.manifest [2010-07-28 19:12:13 | 000,000,749 | RH-- | C] () -- C:\WINNT\WindowsShell.Manifest [2010-07-28 19:12:13 | 000,000,749 | RH-- | C] () -- C:\WINNT\System32\sapi.cpl.manifest [2010-07-28 19:12:13 | 000,000,749 | RH-- | C] () -- C:\WINNT\System32\nwc.cpl.manifest [2010-07-28 19:12:13 | 000,000,749 | RH-- | C] () -- C:\WINNT\System32\ncpa.cpl.manifest [2010-07-28 19:12:13 | 000,000,749 | RH-- | C] () -- C:\WINNT\System32\cdplayer.exe.manifest [2010-07-28 19:11:19 | 000,048,680 | -HS- | C] () -- C:\WINNT\winnt256.bmp [2010-07-28 19:11:19 | 000,048,680 | -HS- | C] () -- C:\WINNT\winnt.bmp [2010-07-28 19:09:49 | 000,021,856 | ---- | C] () -- C:\WINNT\System32\emptyregdb.dat [2010-07-28 19:09:00 | 000,065,954 | ---- | C] () -- C:\WINNT\Pod mikroskopem.bmp [2010-07-28 19:09:00 | 000,065,832 | ---- | C] () -- C:\WINNT\Stiuk z Santa Fe.bmp [2010-07-28 19:09:00 | 000,026,680 | ---- | C] () -- C:\WINNT\Wachlarze.bmp [2010-07-28 19:09:00 | 000,026,582 | ---- | C] () -- C:\WINNT\Nefryt.bmp [2010-07-28 19:09:00 | 000,017,362 | ---- | C] () -- C:\WINNT\Rododendron.bmp [2010-07-28 19:09:00 | 000,017,336 | ---- | C] () -- C:\WINNT\Na rybkach.bmp [2010-07-28 19:09:00 | 000,016,730 | ---- | C] () -- C:\WINNT\Puch.bmp [2010-07-28 19:09:00 | 000,009,522 | ---- | C] () -- C:\WINNT\Indiański pled.bmp [2010-07-28 19:08:59 | 000,093,702 | ---- | C] () -- C:\WINNT\System32\subrange.uce [2010-07-28 19:08:59 | 000,065,978 | ---- | C] () -- C:\WINNT\Bąbelki.bmp [2010-07-28 19:08:59 | 000,017,062 | ---- | C] () -- C:\WINNT\Kawa.bmp [2010-07-28 19:08:59 | 000,016,740 | ---- | C] () -- C:\WINNT\System32\shiftjis.uce [2010-07-28 19:08:59 | 000,012,876 | ---- | C] () -- C:\WINNT\System32\korean.uce [2010-07-28 19:08:59 | 000,008,484 | ---- | C] () -- C:\WINNT\System32\kanji_2.uce [2010-07-28 19:08:59 | 000,001,272 | ---- | C] () -- C:\WINNT\Niebieska koronka 16.bmp [2010-07-28 19:08:58 | 000,060,458 | ---- | C] () -- C:\WINNT\System32\ideograf.uce [2010-07-28 19:08:58 | 000,024,006 | ---- | C] () -- C:\WINNT\System32\gb2312.uce [2010-07-28 19:08:58 | 000,022,984 | ---- | C] () -- C:\WINNT\System32\bopomofo.uce [2010-07-28 19:08:58 | 000,006,948 | ---- | C] () -- C:\WINNT\System32\kanji_1.uce [2010-07-28 19:08:56 | 000,003,286 | ---- | C] () -- C:\WINNT\System32\tslabels.h [2010-07-28 19:08:56 | 000,001,225 | ---- | C] () -- C:\WINNT\System32\usrlogon.cmd [2010-07-28 19:08:54 | 000,000,768 | ---- | C] () -- C:\WINNT\System32\msdtcprf.h [2010-07-28 19:08:46 | 000,063,488 | ---- | C] () -- C:\WINNT\System32\wmimgmt.msc [2004-07-17 13:36:38 | 000,027,440 | ---- | C] () -- C:\WINNT\System32\drivers\secdrv.sys [color=#E56717]========== LOP Check ==========[/color] [2010-08-18 07:49:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-08-18 08:02:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Security Toolbar [2010-08-18 08:57:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9 [2010-08-01 17:53:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\boost_interprocess [2010-08-13 07:32:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2010-07-28 21:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\BitComet [2010-08-10 08:17:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\BitSpirit [2010-08-01 20:59:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Gadu-Gadu [2010-08-13 08:03:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Need for Speed World [2010-08-05 15:02:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\TeamViewer [2010-07-30 18:50:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\TigerPlayer [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-07-28 19:13:28 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-08-18 08:07:05 | 000,000,209 | RHS- | M] () -- C:\autorun.inf [2010-07-28 19:07:39 | 000,000,207 | -HS- | M] () -- C:\boot.ini [2001-07-22 02:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010-07-28 19:13:28 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-07-28 19:22:59 | 000,000,010 | ---- | M] () -- C:\csb.log [2010-08-19 06:30:44 | 804,835,328 | -HS- | M] () -- C:\hiberfil.sys [2010-07-28 19:13:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-07-28 19:13:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010-08-04 14:55:14 | 000,002,265 | ---- | M] () -- C:\my.cnf [2004-08-04 00:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2004-08-04 00:59:54 | 000,250,624 | RHS- | M] () -- C:\ntldr [2010-08-19 06:30:43 | 1207,959,552 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2006-05-13 17:04:48 | 016,726,349 | ---- | M] () .cab file -- C:\WINNT\Driver Cache\i386\sp2.cab:agp440.sys [2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINNT\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2006-05-13 17:04:48 | 016,726,349 | ---- | M] () .cab file -- C:\WINNT\Driver Cache\i386\sp2.cab:atapi.sys [2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINNT\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\atapi.sys [2004-08-04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINNT\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-18 01:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINNT\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2006-05-13 17:04:48 | 016,726,349 | ---- | M] () .cab file -- C:\WINNT\Driver Cache\i386\sp2.cab:cdrom.sys [2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINNT\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\cdrom.sys [2004-08-04 00:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINNT\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-04 02:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINNT\system32\eventlog.dll [2008-04-14 19:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINNT\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINNT\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\ndis.sys [2004-08-04 01:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINNT\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-04 02:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINNT\system32\winlogon.exe [2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINNT\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\winlogon.exe < End of report >[/log]
ziomal166 komentarz 19 sierpnia 2010 komentarz 19 sierpnia 2010 Wklej to do OTL i daj Wykonaj skrypt: [code] :Processes Explorer.exe :OTL O4 - HKU\.DEFAULT..\RunOnce: [nlsf] C:\WINNT\System32\cmd.exe (Microsoft Corporation) O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINNT\system32\tscupgrd.exe (Microsoft Corporation) O4 - HKU\S-1-5-18..\RunOnce: [nlsf] C:\WINNT\System32\cmd.exe (Microsoft Corporation) O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINNT\system32\tscupgrd.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [nlsf] C:\WINNT\System32\cmd.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [tscuninstall] C:\WINNT\system32\tscupgrd.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [nlsf] C:\WINNT\System32\cmd.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [tscuninstall] C:\WINNT\system32\tscupgrd.exe (Microsoft Corporation) O32 - AutoRun File - [2010-08-18 08:07:05 | 000,000,209 | RHS- | M] () - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-08-18 08:07:05 | 000,000,285 | RHS- | M] () - D:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{abf14160-9a76-11df-8f85-806d6172696f}\Shell\AutoplAY\comMand - "" = okcc.exe O33 - MountPoints2\{abf14160-9a76-11df-8f85-806d6172696f}\Shell\AutoRun\command - "" = okcc.exe O33 - MountPoints2\{abf14160-9a76-11df-8f85-806d6172696f}\Shell\eXpLoRE\COMmaND - "" = okcc.exe O33 - MountPoints2\{abf14160-9a76-11df-8f85-806d6172696f}\Shell\OpeN\cOmmanD - "" = okcc.exe O33 - MountPoints2\{abf14162-9a76-11df-8f85-806d6172696f}\Shell\AutOplay\cOmmanD - "" = gabn.exe O33 - MountPoints2\{abf14162-9a76-11df-8f85-806d6172696f}\Shell\AutoRun\command - "" = gabn.exe O33 - MountPoints2\{abf14162-9a76-11df-8f85-806d6172696f}\Shell\explore\COMMAnd - "" = gabn.exe O33 - MountPoints2\{abf14162-9a76-11df-8f85-806d6172696f}\Shell\oPen\comMANd - "" = gabn.exe :Files C:\autorun.inf :Command [emptytemp] [REBOOT] [/code] Dla profesjonalistów: Ja dopiero się uczę.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.