x-kom hosting

Dość duży problem

xdawidxd96
utworzono
utworzono (edytowane)

Witam serdecznie.Gdy dziś rano włączyłem komputer antywirus dał mi ostrzeżenie że ktoś przesyła mi trojana.Od razu odłączyłem internet po czym skanowałem komputer i wtedy się zaczęło.Nie mogę wejść na żaden z moich dysków,wirusy weszły mi nawet w pliki takie jak Win,System i takie podobne.Nie wiem co mam robić ponieważ chyba usunęły się programy systemowe gdy skanowałem komputer.Proszę o szybką pomoc.Z góry dziękuje.
[color="#ff0000"]
//przenoszę do Bezpieczeństwa
//dan[/color]

ziomal166
komentarz
komentarz

Nie ma co panikować ściągnij program OTL i daj loga: http://www.forumpc.pl/index.php?showtopic=104338

xdawidxd96
komentarz
komentarz

Tylko że wiesz mi przy skanowaniu innym programem usuneło mi kilka plików systemowych tak mi się wydaję.A ten program to co ma mi dać?

a i jeszcze 1 wyskoczyły mi te 2 pliki notatnika i co ja mam z nimi zrobić proszę szybką odpowiedz

ziomal166
komentarz
komentarz

Wstawić treść tych plików na forum w tagu "log".

xdawidxd96
komentarz
komentarz

[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by user at 2010-08-19 10:50:17
Microsoft Windows XP Professional Dodatek Service Pack 2
System drive C: has 771 MB (1%) free of 75 GB
Total RAM: 767 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:55:41, on 2010-08-19
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINNT\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\SOUNDMAN.EXE
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\MICROS~1\MSSQL\binn\sqlservr.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
D:\Program Files\Mozilla Firefox\firefox.exe
C:\WINNT\system32\wuauclt.exe
C:\WINNT\system32\msiexec.exe
D:\Pobieranie\OTL.exe
C:\WINNT\notepad.exe
C:\WINNT\notepad.exe
C:\WINNT\SoftwareDistribution\Download\Install\NDP20SP2-KB976576-x86.exe
d:\b08dc775ee867cf78f\HotFixInstaller.exe
C:\WINNT\system32\MsiExec.exe
C:\WINNT\notepad.exe
C:\WINNT\notepad.exe
D:\Pobieranie\RSIT.exe
C:\Program Files\trend micro\user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2405280
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\AdobeReader 9.3.3\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [BitComet] "D:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINNT\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINNT\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINNT\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINNT\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINNT\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Pobierz wszystkie wideo za pomocą BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Pobierz za pomocą BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll/206 (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINNT\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINNT\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe (file missing)
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing)
O23 - Service: SQLSERVERAGENT - Unknown owner - C:\PROGRA~1\MICROS~1\MSSQL\binn\sqlagent.exe (file missing)

--
End of file - 9420 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2010-07-28 1267024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - D:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll [2010-06-22 734512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-08-18 1619296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\tbSoft.dll [2010-06-03 2736736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-06-30 2102600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-18 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-18 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\tbSoft.dll [2010-06-03 2736736]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-08-04 343112]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2010-07-28 1267024]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-06-30 2102600]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINNT\SOUNDMAN.EXE [2006-08-02 577536]
"RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2005-04-26 589824]
"Adobe Reader Speed Launcher"=D:\Program Files\AdobeReader 9.3.3\Reader\Reader_sl.exe []
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-05-24 344064]
"KernelFaultCheck"=C:\WINNT\system32\dumprep 0 -k []
"NeroFilterCheck"=C:\WINNT\system32\NeroCheck.exe []
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-08-18 2065760]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINNT\system32\ctfmon.exe [2004-08-04 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1694208]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [2005-10-28 94208]
"BitComet"=D:\Program Files\BitComet\BitComet.exe [2010-06-30 3285296]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 27388200]
"ares"=C:\Program Files\Ares\Ares.exe [2010-07-10 1015808]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\WINNT\system32\Macromed\Flash\FlashUtil10h_Plugin.exe [2010-07-29 231888]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINNT\system32\Ati2evxx.dll [2010-07-29 46080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINNT\system32\avgrsstx.dll [2010-08-18 12536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINNT\system32\WgaLogon.dll [2009-03-10 265608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\BitComet\BitComet.exe"="D:\BitComet\BitComet.exe:*:Enabled:BitComet"
"D:\Program Files\BitComet\BitComet.exe"="D:\Program Files\BitComet\BitComet.exe:*:Enabled:ipsec"
"D:\Call Of Duty\CoDMP.exe"="D:\Call Of Duty\CoDMP.exe:*:Enabled:CoDMP"
"D:\Cossacks\Cossacks\dmcr.exe"="D:\Cossacks\Cossacks\dmcr.exe:*:Enabled:dmcr"
"D:\cossacks\Cossacks - The Art Of War\dmcr.exe"="D:\cossacks\Cossacks - The Art Of War\dmcr.exe:*:Enabled:dmcr"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:ipsec"
"D:\cossackss\Cossacks\dmcr.exe"="D:\cossackss\Cossacks\dmcr.exe:*:Enabled:dmcr"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:ipsec"
"D:\Pobieranie\SagaMu Client\mu.exe"="D:\Pobieranie\SagaMu Client\mu.exe:*:Enabled:ipsec"
"D:\Pobieranie\SagaMu Client\SagaMu Lancher.exe"="D:\Pobieranie\SagaMu Client\SagaMu Lancher.exe:*:Enabled:ipsec"
"C:\WINNT\Explorer.EXE"="C:\WINNT\Explorer.EXE:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\ubaxfq.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\ubaxfq.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\winvwrjnj.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winvwrjnj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\wrlet.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\wrlet.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\w36a9c6.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\w36a9c6.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\eqiqoe.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\eqiqoe.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\winijgfr.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winijgfr.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\winrfohut.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winrfohut.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\winhvxeqw.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winhvxeqw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\winmdhfe.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winmdhfe.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\legjv.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\legjv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\ofsxce.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\ofsxce.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\unhcjx.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\unhcjx.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\winuxmre.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winuxmre.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\mbgt.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\mbgt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\gepeoh.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\gepeoh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\bbgbcu.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\bbgbcu.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\wingutge.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\wingutge.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\winhnwu.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winhnwu.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\cydnvv.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\cydnvv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\winbiotu.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winbiotu.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\qsdf.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\qsdf.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\tupqqt.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\tupqqt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\snxv.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\snxv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\wintmli.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\wintmli.exe:*:Enabled:ipsec"
"D:\Program Files\AdobeReader 9.3.3\Reader\Reader_sl.exe"="D:\Program Files\AdobeReader 9.3.3\Reader\Reader_sl.exe:*:Enabled:ipsec"
"d:\812c3281e271f6ad977a\update\iesetup.exe"="d:\812c3281e271f6ad977a\update\iesetup.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\winkijc.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winkijc.exe:*:Enabled:ipsec"
"D:\Program Files\Mozilla Firefox\firefox.exe"="D:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\w761e4.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\w761e4.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\winxnoqng.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winxnoqng.exe:*:Enabled:ipsec"
"C:\WINNT\system32\dumprep.exe"="C:\WINNT\system32\dumprep.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\khsw.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\khsw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\windbvcam.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\windbvcam.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\w845eb.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\w845eb.exe:*:Enabled:ipsec"
"C:\WINNT\system32\NeroCheck.exe"="C:\WINNT\system32\NeroCheck.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\winppis.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winppis.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\tofes.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\tofes.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\winsbkc.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winsbkc.exe:*:Enabled:ipsec"
"C:\PROGRA~1\AVG\AVG9\avgtray.exe"="C:\PROGRA~1\AVG\AVG9\avgtray.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\winfjuw.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winfjuw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\winglowar.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\winglowar.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\obkp.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\obkp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\user\USTAWI~1\Temp\fsletf.exe"="C:\DOCUME~1\user\USTAWI~1\Temp\fsletf.exe:*:Enabled:ipsec"
"C:\WINNT\system32\Ati2evxx.exe"="C:\WINNT\system32\Ati2evxx.exe:*:Enabled:ipsec"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======File associations======

.inf - open - %windir%\NOTEPAD.EXE %1
.txt - open - %windir%\NOTEPAD.EXE %1

======List of files/folders created in the last 1 months======

2010-08-19 10:50:49 ----D---- C:\Program Files\trend micro
2010-08-19 10:50:17 ----D---- C:\rsit
2010-08-19 10:46:21 ----SHD---- C:\Config.Msi
2010-08-19 10:37:32 ----HDC---- C:\WINNT\$NtUninstallKB925720$
2010-08-19 06:33:02 ----D---- C:\WINNT\LastGood
2010-08-19 06:31:15 ----D---- C:\My Shared Folder
2010-08-18 08:42:35 ----A---- C:\WINNT\system32\javaws.exe
2010-08-18 08:42:35 ----A---- C:\WINNT\system32\javaw.exe
2010-08-18 08:42:35 ----A---- C:\WINNT\system32\java.exe
2010-08-18 08:09:45 ----HD---- C:\$AVG
2010-08-18 08:03:05 ----A---- C:\WINNT\system32\drivers\avgrkx86.sys
2010-08-18 08:03:05 ----A---- C:\WINNT\system32\avgrsstx.dll
2010-08-18 08:03:04 ----A---- C:\WINNT\system32\drivers\avgtdix.sys
2010-08-18 08:02:53 ----A---- C:\WINNT\system32\drivers\avgldx86.sys
2010-08-18 08:02:52 ----A---- C:\WINNT\system32\drivers\avgmfx86.sys
2010-08-18 08:02:42 ----D---- C:\WINNT\system32\drivers\Avg
2010-08-18 08:02:40 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\AVG Security Toolbar
2010-08-18 08:02:17 ----D---- C:\Program Files\AVG
2010-08-18 08:02:17 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\avg9
2010-08-18 07:56:58 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Windows Genuine Advantage
2010-08-18 07:50:41 ----N---- C:\WINNT\system32\aswBoot.exe
2010-08-18 07:50:35 ----D---- C:\Program Files\Alwil Software
2010-08-17 20:29:16 ----A---- C:\Program Files\wzCipher.dll
2010-08-17 20:29:16 ----A---- C:\Program Files\WzAudio.dll
2010-08-17 20:29:16 ----A---- C:\Program Files\Wz_Zp.dll
2010-08-17 20:29:16 ----A---- C:\Program Files\Wsctlcd.dll
2010-08-17 20:29:16 ----A---- C:\Program Files\Wsctlc.dll
2010-08-17 20:29:16 ----A---- C:\Program Files\VorbisFile.dll
2010-08-17 20:29:16 ----A---- C:\Program Files\sound.dll
2010-08-17 20:29:16 ----A---- C:\Program Files\Ogg.dll
2010-08-17 20:29:16 ----A---- C:\Program Files\NPX.dll
2010-08-17 20:29:16 ----A---- C:\Program Files\NPUpdate0.dll
2010-08-17 20:29:16 ----A---- C:\Program Files\NPPsk.dll
2010-08-17 20:29:16 ----A---- C:\Program Files\NPGmup.dll
2010-08-17 20:29:16 ----A---- C:\Program Files\NPCipher.dll
2010-08-17 20:29:16 ----A---- C:\Program Files\NPChk.dll
2010-08-17 20:29:16 ----A---- C:\Program Files\MuMsg.dll
2010-08-17 20:29:16 ----A---- C:\Program Files\MuJP.ini
2010-08-17 20:29:16 ----A---- C:\Program Files\MuJP.dll
2010-08-17 20:29:16 ----A---- C:\Program Files\Mfsvc2.dll
2010-08-17 20:29:15 ----D---- C:\Program Files\MuGuard
2010-08-17 20:29:15 ----A---- C:\Program Files\main.exe
2010-08-17 20:29:15 ----A---- C:\Program Files\hook.dll
2010-08-17 20:29:15 ----A---- C:\Program Files\Config.ini
2010-08-17 20:27:14 ----D---- C:\Program Files\Data
2010-08-17 09:14:00 ----D---- C:\Program Files\Ares
2010-08-17 07:36:30 ----D---- C:\WINNT\system32\XPSViewer
2010-08-17 07:36:25 ----D---- C:\Program Files\MSBuild
2010-08-17 07:36:23 ----D---- C:\WINNT\system32\en-US
2010-08-17 07:36:15 ----D---- C:\Program Files\Reference Assemblies
2010-08-17 07:35:31 ----N---- C:\WINNT\system32\xpssvcs.dll
2010-08-17 07:35:31 ----N---- C:\WINNT\system32\xpsshhdr.dll
2010-08-17 07:35:31 ----N---- C:\WINNT\system32\prntvpt.dll
2010-08-17 07:11:14 ----HDC---- C:\WINNT\$NtUninstallWIC$
2010-08-17 07:11:03 ----D---- C:\Program Files\MSXML 6.0
2010-08-16 19:41:19 ----D---- C:\WINNT\Sun
2010-08-16 19:39:41 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Sun
2010-08-16 19:39:39 ----D---- C:\Program Files\Common Files\Java
2010-08-16 19:39:27 ----A---- C:\WINNT\system32\deployJava1.dll
2010-08-16 19:39:11 ----D---- C:\Program Files\Java
2010-08-16 19:38:34 ----D---- C:\Documents and Settings\user\Dane aplikacji\Sun
2010-08-16 13:17:02 ----D---- C:\Program Files\Winamp Detect
2010-08-16 13:16:56 ----D---- C:\Program Files\Winamp Toolbar
2010-08-16 13:16:56 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar
2010-08-16 13:16:44 ----N---- C:\WINNT\system32\vxblock.dll
2010-08-16 13:16:44 ----N---- C:\WINNT\system32\pxwave.dll
2010-08-16 13:16:44 ----N---- C:\WINNT\system32\pxsfs.dll
2010-08-16 13:16:44 ----N---- C:\WINNT\system32\pxinsa64.exe
2010-08-16 13:16:44 ----N---- C:\WINNT\system32\pxhpinst.exe
2010-08-16 13:16:44 ----N---- C:\WINNT\system32\pxdrv.dll
2010-08-16 13:16:44 ----N---- C:\WINNT\system32\pxcpya64.exe
2010-08-16 13:16:44 ----N---- C:\WINNT\system32\pxafs.dll
2010-08-16 13:16:44 ----N---- C:\WINNT\system32\drivers\PxHelp20.sys
2010-08-16 13:16:44 ----N---- C:\WINNT\system32\drivers\cdralw2k.sys
2010-08-16 13:16:44 ----N---- C:\WINNT\system32\drivers\cdr4_xp.sys
2010-08-16 13:16:43 ----N---- C:\WINNT\system32\pxmas.dll
2010-08-16 13:16:43 ----N---- C:\WINNT\system32\px.dll
2010-08-16 13:16:41 ----D---- C:\Program Files\Winamp
2010-08-16 13:16:41 ----D---- C:\Documents and Settings\user\Dane aplikacji\Winamp
2010-08-16 13:11:07 ----D---- C:\Program Files\3aLab
2010-08-13 08:03:39 ----D---- C:\Documents and Settings\user\Dane aplikacji\Need for Speed World
2010-08-13 07:36:20 ----RSD---- C:\WINNT\assembly
2010-08-13 07:35:49 ----D---- C:\WINNT\Microsoft.NET
2010-08-13 07:34:29 ----A---- C:\WINNT\system32\XAudio2_7.dll
2010-08-13 07:34:29 ----A---- C:\WINNT\system32\XAPOFX1_5.dll
2010-08-13 07:34:29 ----A---- C:\WINNT\system32\xactengine3_7.dll
2010-08-13 07:34:28 ----A---- C:\WINNT\system32\d3dcsx_43.dll
2010-08-13 07:34:28 ----A---- C:\WINNT\system32\D3DCompiler_43.dll
2010-08-13 07:34:27 ----A---- C:\WINNT\system32\d3dx11_43.dll
2010-08-13 07:34:27 ----A---- C:\WINNT\system32\d3dx10_43.dll
2010-08-13 07:34:26 ----A---- C:\WINNT\system32\XAudio2_6.dll
2010-08-13 07:34:26 ----A---- C:\WINNT\system32\XAPOFX1_4.dll
2010-08-13 07:34:26 ----A---- C:\WINNT\system32\xactengine3_6.dll
2010-08-13 07:34:26 ----A---- C:\WINNT\system32\D3DX9_43.dll
2010-08-13 07:34:25 ----A---- C:\WINNT\system32\XAudio2_5.dll
2010-08-13 07:34:25 ----A---- C:\WINNT\system32\X3DAudio1_7.dll
2010-08-13 07:34:24 ----A---- C:\WINNT\system32\xactengine3_5.dll
2010-08-13 07:34:24 ----A---- C:\WINNT\system32\D3DCompiler_42.dll
2010-08-13 07:34:21 ----A---- C:\WINNT\system32\d3dcsx_42.dll
2010-08-13 07:34:20 ----A---- C:\WINNT\system32\d3dx11_42.dll
2010-08-13 07:34:20 ----A---- C:\WINNT\system32\d3dx10_42.dll
2010-08-13 07:34:19 ----A---- C:\WINNT\system32\D3DX9_42.dll
2010-08-13 07:34:19 ----A---- C:\WINNT\system32\D3DCompiler_41.dll
2010-08-13 07:34:18 ----A---- C:\WINNT\system32\D3DX9_41.dll
2010-08-13 07:34:18 ----A---- C:\WINNT\system32\d3dx10_41.dll
2010-08-13 07:34:17 ----A---- C:\WINNT\system32\XAudio2_4.dll
2010-08-13 07:34:17 ----A---- C:\WINNT\system32\XAPOFX1_3.dll
2010-08-13 07:34:17 ----A---- C:\WINNT\system32\xactengine3_4.dll
2010-08-13 07:34:16 ----A---- C:\WINNT\system32\X3DAudio1_6.dll
2010-08-13 07:34:16 ----A---- C:\WINNT\system32\d3dx10_40.dll
2010-08-13 07:34:16 ----A---- C:\WINNT\system32\D3DCompiler_40.dll
2010-08-13 07:34:15 ----A---- C:\WINNT\system32\XAPOFX1_2.dll
2010-08-13 07:34:15 ----A---- C:\WINNT\system32\D3DX9_40.dll
2010-08-13 07:34:14 ----A---- C:\WINNT\system32\XAudio2_3.dll
2010-08-13 07:34:14 ----A---- C:\WINNT\system32\xactengine3_3.dll
2010-08-13 07:34:14 ----A---- C:\WINNT\system32\X3DAudio1_5.dll
2010-08-13 07:34:13 ----A---- C:\WINNT\system32\XAudio2_2.dll
2010-08-13 07:34:13 ----A---- C:\WINNT\system32\XAPOFX1_1.dll
2010-08-13 07:34:13 ----A---- C:\WINNT\system32\xactengine3_2.dll
2010-08-13 07:34:12 ----A---- C:\WINNT\system32\d3dx10_39.dll
2010-08-13 07:34:12 ----A---- C:\WINNT\system32\D3DCompiler_39.dll
2010-08-13 07:34:11 ----A---- C:\WINNT\system32\XAudio2_1.dll
2010-08-13 07:34:11 ----A---- C:\WINNT\system32\XAPOFX1_0.dll
2010-08-13 07:34:11 ----A---- C:\WINNT\system32\D3DX9_39.dll
2010-08-13 07:34:10 ----A---- C:\WINNT\system32\xactengine3_1.dll
2010-08-13 07:34:10 ----A---- C:\WINNT\system32\X3DAudio1_4.dll
2010-08-13 07:34:10 ----A---- C:\WINNT\system32\D3DCompiler_38.dll
2010-08-13 07:34:09 ----A---- C:\WINNT\system32\D3DX9_38.dll
2010-08-13 07:34:09 ----A---- C:\WINNT\system32\d3dx10_38.dll
2010-08-13 07:34:08 ----A---- C:\WINNT\system32\XAudio2_0.dll
2010-08-13 07:34:08 ----A---- C:\WINNT\system32\xactengine3_0.dll
2010-08-13 07:34:08 ----A---- C:\WINNT\system32\X3DAudio1_3.dll
2010-08-13 07:34:07 ----A---- C:\WINNT\system32\d3dx10_37.dll
2010-08-13 07:34:07 ----A---- C:\WINNT\system32\D3DCompiler_37.dll
2010-08-13 07:34:06 ----A---- C:\WINNT\system32\xactengine2_10.dll
2010-08-13 07:34:06 ----A---- C:\WINNT\system32\D3DX9_37.dll
2010-08-13 07:34:05 ----A---- C:\WINNT\system32\d3dx10_36.dll
2010-08-13 07:34:05 ----A---- C:\WINNT\system32\D3DCompiler_36.dll
2010-08-13 07:34:04 ----A---- C:\WINNT\system32\xactengine2_9.dll
2010-08-13 07:34:04 ----A---- C:\WINNT\system32\d3dx9_36.dll
2010-08-13 07:34:03 ----A---- C:\WINNT\system32\d3dx10_35.dll
2010-08-13 07:34:03 ----A---- C:\WINNT\system32\D3DCompiler_35.dll
2010-08-13 07:34:02 ----A---- C:\WINNT\system32\xactengine2_8.dll
2010-08-13 07:34:02 ----A---- C:\WINNT\system32\X3DAudio1_2.dll
2010-08-13 07:34:02 ----A---- C:\WINNT\system32\d3dx9_35.dll
2010-08-13 07:34:01 ----A---- C:\WINNT\system32\d3dx9_34.dll
2010-08-13 07:34:01 ----A---- C:\WINNT\system32\d3dx10_34.dll
2010-08-13 07:34:01 ----A---- C:\WINNT\system32\D3DCompiler_34.dll
2010-08-13 07:34:00 ----A---- C:\WINNT\system32\xinput1_3.dll
2010-08-13 07:34:00 ----A---- C:\WINNT\system32\xactengine2_7.dll
2010-08-13 07:33:58 ----A---- C:\WINNT\system32\d3dx10_33.dll
2010-08-13 07:33:58 ----A---- C:\WINNT\system32\D3DCompiler_33.dll
2010-08-13 07:33:57 ----A---- C:\WINNT\system32\xactengine2_6.dll
2010-08-13 07:33:57 ----A---- C:\WINNT\system32\d3dx9_33.dll
2010-08-13 07:33:56 ----A---- C:\WINNT\system32\xactengine2_5.dll
2010-08-13 07:33:56 ----A---- C:\WINNT\system32\d3dx9_32.dll
2010-08-13 07:33:55 ----A---- C:\WINNT\system32\xactengine2_4.dll
2010-08-13 07:33:55 ----A---- C:\WINNT\system32\x3daudio1_1.dll
2010-08-13 07:33:55 ----A---- C:\WINNT\system32\d3dx9_31.dll
2010-08-13 07:33:54 ----A---- C:\WINNT\system32\xinput1_2.dll
2010-08-13 07:33:54 ----A---- C:\WINNT\system32\xactengine2_3.dll
2010-08-13 07:33:54 ----A---- C:\WINNT\system32\xactengine2_2.dll
2010-08-13 07:33:53 ----A---- C:\WINNT\system32\xinput1_1.dll
2010-08-13 07:33:53 ----A---- C:\WINNT\system32\xactengine2_1.dll
2010-08-13 07:33:53 ----A---- C:\WINNT\system32\d3dx9_30.dll
2010-08-13 07:33:52 ----A---- C:\WINNT\system32\xactengine2_0.dll
2010-08-13 07:33:52 ----A---- C:\WINNT\system32\x3daudio1_0.dll
2010-08-13 07:33:52 ----A---- C:\WINNT\system32\d3dx9_29.dll
2010-08-13 07:33:51 ----A---- C:\WINNT\system32\xinput9_1_0.dll
2010-08-13 07:33:51 ----A---- C:\WINNT\system32\d3dx9_28.dll
2010-08-13 07:33:50 ----A---- C:\WINNT\system32\d3dx9_27.dll
2010-08-13 07:33:50 ----A---- C:\WINNT\system32\d3dx9_24.dll
2010-08-13 07:32:38 ----D---- C:\WINNT\Logs
2010-08-13 07:32:27 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
2010-08-12 07:54:33 ----D---- C:\Program Files\BitSpirit
2010-08-11 16:14:21 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Yahoo! Companion
2010-08-10 18:21:28 ----D---- C:\Program Files\Common Files\DirectX
2010-08-10 12:57:27 ----D---- C:\Documents and Settings\user\Dane aplikacji\WinRAR
2010-08-10 08:17:35 ----D---- C:\Documents and Settings\user\Dane aplikacji\BitSpirit
2010-08-09 10:44:34 ----A---- C:\WINNT\system32\d3dx9.dll
2010-08-09 10:44:34 ----A---- C:\WINNT\system32\D3DX81ab.dll
2010-08-09 10:44:33 ----D---- C:\Program Files\Cheat Engine
2010-08-05 17:53:22 ----D---- C:\Documents and Settings\user\Dane aplikacji\InstallShield
2010-08-05 17:27:39 ----D---- C:\Program Files\The Games Factory 2
2010-08-05 14:36:38 ----D---- C:\Documents and Settings\user\Dane aplikacji\TeamViewer
2010-08-05 14:36:28 ----D---- C:\Program Files\TeamViewer
2010-08-05 09:46:37 ----A---- C:\WINNT\system32\msrpjt40.dll
2010-08-05 09:46:36 ----A---- C:\WINNT\system32\insrepim.exe
2010-08-05 09:46:24 ----A---- C:\WINNT\system32\mdt2fw95.dll
2010-08-05 09:46:14 ----A---- C:\WINNT\system32\ntwdblib.dll
2010-08-05 09:46:11 ----A---- C:\WINNT\system32\rdocurs.dll
2010-08-05 09:46:11 ----A---- C:\WINNT\system32\msrdo20.dll
2010-08-05 09:46:10 ----A---- C:\WINNT\system32\dbmsshrn.dll
2010-08-05 09:46:10 ----A---- C:\WINNT\system32\dbmslpcn.dll
2010-08-05 09:46:08 ----D---- C:\Program Files\Common Files\Designer
2010-08-05 09:45:34 ----D---- C:\Program Files\Microsoft SQL Server
2010-08-05 07:11:34 ----HDC---- C:\WINNT\$NtUninstallKB959426$
2010-08-05 07:11:27 ----HDC---- C:\WINNT\$NtUninstallKB980195$
2010-08-05 07:11:14 ----HDC---- C:\WINNT\$NtUninstallKB956572$
2010-08-05 07:10:51 ----HDC---- C:\WINNT\$NtUninstallKB952004$
2010-08-04 13:59:02 ----D---- C:\Program Files\X-World Team
2010-08-04 09:53:11 ----D---- C:\Documents and Settings\user\Dane aplikacji\skypePM
2010-08-04 09:44:46 ----D---- C:\Documents and Settings\user\Dane aplikacji\Skype
2010-08-04 09:44:16 ----D---- C:\Program Files\Common Files\Skype
2010-08-04 09:44:04 ----RD---- C:\Program Files\Skype
2010-08-04 09:43:59 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Skype
2010-08-04 09:13:22 ----HDC---- C:\WINNT\$NtUninstallKB980218$
2010-08-04 09:13:16 ----HDC---- C:\WINNT\$NtUninstallKB951376-v2$
2010-08-04 09:13:09 ----HDC---- C:\WINNT\$NtUninstallKB952954$
2010-08-04 09:13:03 ----HDC---- C:\WINNT\$NtUninstallKB946648$
2010-08-04 09:12:56 ----HDC---- C:\WINNT\$NtUninstallKB956803$
2010-08-04 09:12:49 ----HDC---- C:\WINNT\$NtUninstallKB960859$
2010-08-04 09:12:42 ----HDC---- C:\WINNT\$NtUninstallKB971468$
2010-08-04 09:12:32 ----HDC---- C:\WINNT\$NtUninstallKB979683$
2010-08-04 09:12:25 ----HDC---- C:\WINNT\$NtUninstallKB958869$
2010-08-04 09:12:14 ----HDC---- C:\WINNT\$NtUninstallKB954155_WM9$
2010-08-04 09:12:09 ----HDC---- C:\WINNT\$NtUninstallKB970430$
2010-08-04 09:12:02 ----HDC---- C:\WINNT\$NtUninstallKB980232$
2010-08-04 09:11:55 ----HDC---- C:\WINNT\$NtUninstallKB981350$
2010-08-04 09:11:47 ----HDC---- C:\WINNT\$NtUninstallKB955759$
2010-08-04 09:11:37 ----HDC---- C:\WINNT\$NtUninstallKB974318$
2010-08-04 09:11:30 ----HDC---- C:\WINNT\$NtUninstallKB969059$
2010-08-04 09:11:22 ----HDC---- C:\WINNT\$NtUninstallKB2229593$
2010-08-04 09:11:14 ----HDC---- C:\WINNT\$NtUninstallKB950974$
2010-08-04 09:10:55 ----HDC---- C:\WINNT\$NtUninstallKB978037$
2010-08-04 09:10:46 ----HDC---- C:\WINNT\$NtUninstallKB971657$
2010-08-04 09:10:39 ----HDC---- C:\WINNT\$NtUninstallKB978338$
2010-08-04 09:10:31 ----HDC---- C:\WINNT\$NtUninstallKB972270$
2010-08-04 09:08:46 ----A---- C:\WINNT\system32\MRT.exe
2010-08-04 09:08:38 ----HDC---- C:\WINNT\$NtUninstallKB974112$
2010-08-04 09:08:31 ----HDC---- C:\WINNT\$NtUninstallKB956844$
2010-08-04 09:08:24 ----HDC---- C:\WINNT\$NtUninstallKB961501$
2010-08-04 09:08:17 ----HDC---- C:\WINNT\$NtUninstallKB975561$
2010-08-04 09:08:03 ----HDC---- C:\WINNT\$NtUninstallKB952069_WM9$
2010-08-04 09:07:59 ----HDC---- C:\WINNT\$NtUninstallKB973869$
2010-08-04 09:07:51 ----HDC---- C:\WINNT\$NtUninstallKB975025$
2010-08-04 09:07:40 ----HDC---- C:\WINNT\$NtUninstallKB973540_WM9L$
2010-08-04 09:07:36 ----HDC---- C:\WINNT\$NtUninstallKB974571$
2010-08-04 09:07:25 ----HDC---- C:\WINNT\$NtUninstallKB975560$
2010-08-04 09:07:14 ----HDC---- C:\WINNT\$NtUninstallKB973507$
2010-08-04 09:07:07 ----HDC---- C:\WINNT\$NtUninstallKB941569$
2010-08-04 09:06:42 ----HDC---- C:\WINNT\$NtUninstallKB977816$
2010-08-04 09:06:27 ----HDC---- C:\WINNT\$NtUninstallKB973687$
2010-08-04 09:06:17 ----HDC---- C:\WINNT\$NtUninstallKB950762$
2010-08-04 09:06:02 ----HDC---- C:\WINNT\$NtUninstallKB981793$
2010-08-04 09:05:56 ----HDC---- C:\WINNT\$NtUninstallKB978601$
2010-08-04 09:05:49 ----HDC---- C:\WINNT\$NtUninstallKB979559$
2010-08-04 09:05:42 ----HDC---- C:\WINNT\$NtUninstallKB952287$
2010-08-04 09:05:35 ----HDC---- C:\WINNT\$NtUninstallKB973904$
2010-08-04 09:05:25 ----HDC---- C:\WINNT\$NtUninstallKB967715$
2010-08-04 09:05:19 ----HDC---- C:\WINNT\$NtUninstallKB950760$
2010-08-04 09:05:13 ----HDC---- C:\WINNT\$NtUninstallKB974392$
2010-08-04 09:05:04 ----HDC---- C:\WINNT\$NtUninstallKB971737$
2010-08-04 09:04:58 ----HDC---- C:\WINNT\$NtUninstallKB977914$
2010-08-04 09:04:46 ----HDC---- C:\WINNT\$NtUninstallKB951748$
2010-08-04 09:04:38 ----HDC---- C:\WINNT\$NtUninstallKB971961$
2010-08-04 09:04:30 ----HDC---- C:\WINNT\$NtUninstallKB978542$
2010-08-04 09:04:22 ----HDC---- C:\WINNT\$NtUninstallKB970238$
2010-08-04 09:04:16 ----HDC---- C:\WINNT\$NtUninstallKB979309$
2010-08-04 09:04:09 ----HDC---- C:\WINNT\$NtUninstallKB978695_WM9$
2010-08-04 09:03:58 ----HDC---- C:\WINNT\$NtUninstallKB979482$
2010-08-03 09:01:10 ----HDC---- C:\WINNT\$NtUninstallKB978706$
2010-08-03 09:01:00 ----D---- C:\WINNT\ServicePackFiles
2010-08-03 09:00:57 ----HDC---- C:\WINNT\$NtUninstallKB958470$
2010-08-03 09:00:49 ----HDC---- C:\WINNT\$NtUninstallKB960803$
2010-08-03 09:00:42 ----HDC---- C:\WINNT\$NtUninstallKB973815$
2010-08-03 09:00:35 ----HDC---- C:\WINNT\$NtUninstallKB975562$
2010-08-03 09:00:14 ----HDC---- C:\WINNT\$NtUninstallKB971032$
2010-08-01 20:59:56 ----D---- C:\Documents and Settings\user\Dane aplikacji\Gadu-Gadu
2010-08-01 18:29:35 ----HDC---- C:\WINNT\$NtUninstallKB958644$
2010-08-01 18:29:28 ----HDC---- C:\WINNT\$NtUninstallKB955069$
2010-08-01 17:32:45 ----A---- C:\WINNT\system32\CmdLineExt.dll
2010-08-01 15:56:06 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
2010-08-01 15:53:50 ----D---- C:\WINNT\system32\KB905474
2010-07-31 11:45:45 ----HDC---- C:\WINNT\$NtUninstallKB956802$
2010-07-31 11:45:25 ----HDC---- C:\WINNT\$NtUninstallKB982381$
2010-07-31 11:45:17 ----HDC---- C:\WINNT\$NtUninstallKB944338-v2$
2010-07-31 11:45:10 ----HDC---- C:\WINNT\$NtUninstallKB923561$
2010-07-31 11:41:30 ----HDC---- C:\WINNT\$NtUninstallKB975467$
2010-07-31 11:32:56 ----HDC---- C:\WINNT\$NtUninstallKB968389$
2010-07-31 11:32:11 ----D---- C:\WINNT\system32\CatRoot_bak
2010-07-30 21:34:47 ----N---- C:\WINNT\system32\drivers\bthport.sys
2010-07-30 21:32:28 ----N---- C:\WINNT\system32\browserchoice.exe
2010-07-30 18:58:03 ----A---- C:\WINNT\NeroDigital.ini
2010-07-30 18:49:32 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\boost_interprocess
2010-07-30 18:30:28 ----N---- C:\WINNT\system32\tzchange.exe
2010-07-30 18:25:25 ----D---- C:\WINNT\system32\SoftwareDistribution
2010-07-30 18:22:27 ----D---- C:\Documents and Settings\user\Dane aplikacji\Ahead
2010-07-30 18:20:35 ----D---- C:\Program Files\Common Files\Ahead
2010-07-30 18:16:55 ----D---- C:\Program Files\Yahoo!
2010-07-30 17:28:54 ----D---- C:\Documents and Settings\user\Dane aplikacji\Nero
2010-07-30 17:27:29 ----D---- C:\Documents and Settings\user\Dane aplikacji\Real
2010-07-30 17:26:52 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Nero
2010-07-30 17:26:50 ----D---- C:\Program Files\Common Files\Nero
2010-07-30 16:40:28 ----D---- C:\Documents and Settings\user\Dane aplikacji\TigerPlayer
2010-07-30 16:39:38 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
2010-07-30 15:09:44 ----A---- C:\WINNT\system32\unrar.dll
2010-07-30 15:09:41 ----A---- C:\WINNT\uncsetup.exe
2010-07-30 14:55:59 ----A---- C:\WINNT\system32\d3dx9_26.dll
2010-07-30 10:56:21 ----A---- C:\WINNT\CoD.INI
2010-07-29 16:03:57 ----D---- C:\WINNT\Minidump
2010-07-29 08:01:09 ----D---- C:\Documents and Settings\user\Dane aplikacji\Help
2010-07-29 07:42:52 ----N---- C:\WINNT\system32\ati2sgag.exe
2010-07-29 07:42:30 ----D---- C:\Program Files\ATI Technologies
2010-07-29 07:38:42 ----A---- C:\WINNT\system32\Oemdspif.dll
2010-07-29 07:38:42 ----A---- C:\WINNT\system32\ativcoxx.dll
2010-07-29 07:38:42 ----A---- C:\WINNT\system32\atitvo32.dll
2010-07-29 07:38:42 ----A---- C:\WINNT\system32\atipdlxx.dll
2010-07-29 07:38:41 ----A---- C:\WINNT\system32\drivers\ati2erec.dll
2010-07-29 07:38:41 ----A---- C:\WINNT\system32\atioglxx.dll
2010-07-29 07:38:41 ----A---- C:\WINNT\system32\atioglx1.dll
2010-07-29 07:38:41 ----A---- C:\WINNT\system32\atikvmag.dll
2010-07-29 07:38:41 ----A---- C:\WINNT\system32\atiiiexx.dll
2010-07-29 07:38:41 ----A---- C:\WINNT\system32\ATIDEMGR.dll
2010-07-29 07:38:41 ----A---- C:\WINNT\system32\ATIDDC.DLL
2010-07-29 07:38:41 ----A---- C:\WINNT\system32\Ati2mdxx.exe
2010-07-29 07:38:41 ----A---- C:\WINNT\system32\ati2evxx.exe
2010-07-29 07:38:41 ----A---- C:\WINNT\system32\ati2evxx.dll
2010-07-29 07:38:41 ----A---- C:\WINNT\system32\ati2edxx.dll
2010-07-29 07:33:37 ----D---- C:\Documents and Settings\user\Dane aplikacji\Macromedia
2010-07-29 07:33:37 ----D---- C:\Documents and Settings\user\Dane aplikacji\Adobe
2010-07-29 07:25:59 ----D---- C:\Program Files\Common Files\Adobe
2010-07-29 07:23:46 ----D---- C:\Program Files\Conduit
2010-07-29 07:23:45 ----D---- C:\Program Files\Softonic-Eng7
2010-07-28 21:30:24 ----D---- C:\Documents and Settings\user\Dane aplikacji\BitComet
2010-07-28 21:27:24 ----D---- C:\Documents and Settings\user\Dane aplikacji\Mozilla
2010-07-28 21:10:32 ----D---- C:\Downloads
2010-07-28 21:09:33 ----A---- C:\WINNT\system32\hidserv.dll
2010-07-28 21:09:30 ----A---- C:\WINNT\system32\drivers\kbdhid.sys
2010-07-28 21:09:28 ----A---- C:\WINNT\system32\drivers\mouhid.sys
2010-07-28 21:09:13 ----A---- C:\WINNT\system32\drivers\hidusb.sys
2010-07-28 21:09:09 ----A---- C:\WINNT\system32\drivers\usbccgp.sys
2010-07-28 20:44:33 ----A---- C:\WINNT\system32\h323log.txt
2010-07-28 20:43:22 ----A---- C:\WINNT\system32\drivers\audstub.sys
2010-07-28 20:42:50 ----A---- C:\WINNT\system32\drivers\redbook.sys
2010-07-28 20:42:35 ----A---- C:\WINNT\system32\drivers\ati2mtag.sys
2010-07-28 20:42:35 ----A---- C:\WINNT\system32\ativvaxx.dll
2010-07-28 20:42:35 ----A---- C:\WINNT\system32\ati3duag.dll
2010-07-28 20:42:35 ----A---- C:\WINNT\system32\ati3d1ag.dll
2010-07-28 20:42:35 ----A---- C:\WINNT\system32\ati2dvag.dll
2010-07-28 20:42:35 ----A---- C:\WINNT\system32\ati2cqag.dll
2010-07-28 20:42:22 ----A---- C:\WINNT\system32\drivers\gameenum.sys
2010-07-28 20:42:05 ----A---- C:\WINNT\system32\usbui.dll
2010-07-28 20:42:01 ----A---- C:\WINNT\system32\drivers\UAGP35.SYS
2010-07-28 20:41:59 ----A---- C:\WINNT\system32\drivers\e100b325.sys
2010-07-28 20:40:59 ----A---- C:\WINNT\imsins.BAK
2010-07-28 20:40:57 ----A---- C:\WINNT\system32\PerfStringBackup.INI
2010-07-28 20:40:56 ----SHD---- C:\WINNT\Installer
2010-07-28 20:40:56 ----D---- C:\Program Files\Common Files\ODBC
2010-07-28 20:40:56 ----A---- C:\WINNT\ODBCINST.INI
2010-07-28 20:40:53 ----D---- C:\Program Files\Common Files\SpeechEngines
2010-07-28 20:40:52 ----RD---- C:\Program Files
2010-07-28 20:40:52 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-07-28 20:40:52 ----D---- C:\Program Files\Common Files
2010-07-28 20:40:41 ----RA---- C:\WINNT\system32\kbdtuq.dll
2010-07-28 20:40:41 ----RA---- C:\WINNT\system32\kbdtuf.dll
2010-07-28 20:40:41 ----RA---- C:\WINNT\system32\kbdazel.dll
2010-07-28 20:40:38 ----RA---- C:\WINNT\system32\kbdycc.dll
2010-07-28 20:40:38 ----RA---- C:\WINNT\system32\kbduzb.dll
2010-07-28 20:40:38 ----RA---- C:\WINNT\system32\kbdur.dll
2010-07-28 20:40:38 ----RA---- C:\WINNT\system32\kbdtat.dll
2010-07-28 20:40:38 ----RA---- C:\WINNT\system32\kbdru1.dll
2010-07-28 20:40:38 ----RA---- C:\WINNT\system32\kbdru.dll
2010-07-28 20:40:38 ----RA---- C:\WINNT\system32\kbdmon.dll
2010-07-28 20:40:38 ----RA---- C:\WINNT\system32\kbdkyr.dll
2010-07-28 20:40:38 ----RA---- C:\WINNT\system32\kbdkaz.dll
2010-07-28 20:40:38 ----RA---- C:\WINNT\system32\kbdbu.dll
2010-07-28 20:40:38 ----RA---- C:\WINNT\system32\kbdblr.dll
2010-07-28 20:40:38 ----RA---- C:\WINNT\system32\kbdaze.dll
2010-07-28 20:40:35 ----RA---- C:\WINNT\system32\kbdhept.dll
2010-07-28 20:40:35 ----RA---- C:\WINNT\system32\kbdhela3.dll
2010-07-28 20:40:35 ----RA---- C:\WINNT\system32\kbdhela2.dll
2010-07-28 20:40:35 ----RA---- C:\WINNT\system32\kbdhe319.dll
2010-07-28 20:40:35 ----RA---- C:\WINNT\system32\kbdhe220.dll
2010-07-28 20:40:35 ----RA---- C:\WINNT\system32\kbdhe.dll
2010-07-28 20:40:35 ----RA---- C:\WINNT\system32\kbdgkl.dll
2010-07-28 20:40:33 ----RA---- C:\WINNT\system32\kbdlv1.dll
2010-07-28 20:40:33 ----RA---- C:\WINNT\system32\kbdlv.dll
2010-07-28 20:40:33 ----RA---- C:\WINNT\system32\kbdlt1.dll
2010-07-28 20:40:33 ----RA---- C:\WINNT\system32\kbdlt.dll
2010-07-28 20:40:33 ----RA---- C:\WINNT\system32\kbdest.dll
2010-07-28 20:40:22 ----RA---- C:\WINNT\system32\kbdycl.dll
2010-07-28 20:40:22 ----RA---- C:\WINNT\system32\kbdsl1.dll
2010-07-28 20:40:22 ----RA---- C:\WINNT\system32\kbdsl.dll
2010-07-28 20:40:22 ----RA---- C:\WINNT\system32\kbdro.dll
2010-07-28 20:40:22 ----RA---- C:\WINNT\system32\kbdhu1.dll
2010-07-28 20:40:22 ----RA---- C:\WINNT\system32\kbdhu.dll
2010-07-28 20:40:22 ----RA---- C:\WINNT\system32\kbdcz2.dll
2010-07-28 20:40:22 ----RA---- C:\WINNT\system32\kbdcz1.dll
2010-07-28 20:40:22 ----RA---- C:\WINNT\system32\kbdcz.dll
2010-07-28 20:40:22 ----RA---- C:\WINNT\system32\kbdcr.dll
2010-07-28 20:40:22 ----RA---- C:\WINNT\system32\KBDAL.DLL
2010-07-28 20:40:21 ----A---- C:\WINNT\system32\spxcoins.dll
2010-07-28 20:40:21 ----A---- C:\WINNT\system32\irclass.dll
2010-07-28 20:40:21 ----A---- C:\WINNT\system32\dgsetup.dll
2010-07-28 20:40:21 ----A---- C:\WINNT\system32\dgrpsetu.dll
2010-07-28 20:40:20 ----A---- C:\WINNT\system32\EqnClass.Dll
2010-07-28 20:40:18 ----A---- C:\WINNT\TASKMAN.EXE
2010-07-28 20:40:17 ----N---- C:\WINNT\system32\CONFIG.TMP
2010-07-28 20:40:17 ----A---- C:\WINNT\system32\drivers\irenum.sys
2010-07-28 20:40:17 ----A---- C:\WINNT\system32\batt.dll
2010-07-28 20:40:16 ----A---- C:\WINNT\system32\storprop.dll
2010-07-28 20:40:16 ----A---- C:\WINNT\NOTEPAD.EXE
2010-07-28 20:40:08 ----ASH---- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
2010-07-28 20:39:59 ----RA---- C:\WINNT\SET8.tmp
2010-07-28 20:39:57 ----RA---- C:\WINNT\SET4.tmp
2010-07-28 20:39:56 ----RA---- C:\WINNT\SET3.tmp
2010-07-28 20:39:51 ----D---- C:\WINNT\system32\CatRoot2
2010-07-28 20:39:51 ----D---- C:\WINNT\system32\CatRoot
2010-07-28 20:39:45 ----SD---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
2010-07-28 20:39:25 ----A---- C:\WINNT\setuplog.txt
2010-07-28 20:39:22 ----SHD---- C:\System Volume Information
2010-07-28 20:39:22 ----D---- C:\Documents and Settings
2010-07-28 20:38:30 ----SH---- C:\boot.ini
2010-07-28 20:35:12 ----RSHDC---- C:\WINNT\system32\dllcache
2010-07-28 20:35:12 ----RSD---- C:\WINNT\Fonts
2010-07-28 20:35:12 ----RD---- C:\WINNT\Web
2010-07-28 20:35:12 ----HD---- C:\WINNT\inf
2010-07-28 20:35:12 ----D---- C:\WINNT\WinSxS
2010-07-28 20:35:12 ----D---- C:\WINNT\twain_32
2010-07-28 20:35:12 ----D---- C:\WINNT\Temp
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\wins
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\wbem
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\usmt
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\spool
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\ShellExt
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\Setup
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\ras
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\PreInstall
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\oobe
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\npp
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\mui
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\inetsrv
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\IME
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\icsxml
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\ias
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\export
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\drivers\etc
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\drivers\disdn
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\drivers
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\dhcp
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\config
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\3com_dmi
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\3076
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\2052
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\1054
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\1045
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\1042
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\1041
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\1037
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\1033
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\1031
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\1028
2010-07-28 20:35:12 ----D---- C:\WINNT\system32\1025
2010-07-28 20:35:12 ----D---- C:\WINNT\system32
2010-07-28 20:35:12 ----D---- C:\WINNT\system
2010-07-28 20:35:12 ----D---- C:\WINNT\security
2010-07-28 20:35:12 ----D---- C:\WINNT\Resources
2010-07-28 20:35:12 ----D---- C:\WINNT\repair
2010-07-28 20:35:12 ----D---- C:\WINNT\Provisioning
2010-07-28 20:35:12 ----D---- C:\WINNT\PeerNet
2010-07-28 20:35:12 ----D---- C:\WINNT\pchealth
2010-07-28 20:35:12 ----D---- C:\WINNT\mui
2010-07-28 20:35:12 ----D---- C:\WINNT\msapps
2010-07-28 20:35:12 ----D---- C:\WINNT\msagent
2010-07-28 20:35:12 ----D---- C:\WINNT\Media
2010-07-28 20:35:12 ----D---- C:\WINNT\java
2010-07-28 20:35:12 ----D---- C:\WINNT\ime
2010-07-28 20:35:12 ----D---- C:\WINNT\Help
2010-07-28 20:35:12 ----D---- C:\WINNT\ehome
2010-07-28 20:35:12 ----D---- C:\WINNT\Driver Cache
2010-07-28 20:35:12 ----D---- C:\WINNT\Debug
2010-07-28 20:35:12 ----D---- C:\WINNT\Cursors
2010-07-28 20:35:12 ----D---- C:\WINNT\Connection Wizard
2010-07-28 20:35:12 ----D---- C:\WINNT\Config
2010-07-28 20:35:12 ----D---- C:\WINNT\AppPatch
2010-07-28 20:35:12 ----D---- C:\WINNT\addins
2010-07-28 20:35:12 ----D---- C:\WINNT
2010-07-28 20:35:12 ----ASH---- C:\pagefile.sys
2010-07-28 19:31:40 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
2010-07-28 19:29:54 ----D---- C:\WINNT\RegisteredPackages
2010-07-28 19:24:29 ----D---- C:\Program Files\VIA
2010-07-28 19:24:11 ----A---- C:\WINNT\system32\drivers\viamraid.sys
2010-07-28 19:22:41 ----A---- C:\WINNT\system32\ntsim.sys
2010-07-28 19:22:13 ----A---- C:\WINNT\system32\drivers\VIAAGP1.SYS
2010-07-28 19:22:10 ----D---- C:\WINNT\system32\ReinstallBackups
2010-07-28 19:21:51 ----A---- C:\WINNT\IsUninst.exe
2010-07-28 19:21:18 ----SHD---- C:\RECYCLER
2010-07-28 19:19:39 ----A---- C:\WINNT\system32\ChCfg.exe
2010-07-28 19:19:36 ----A---- C:\WINNT\system32\drivers\splitter.sys
2010-07-28 19:19:35 ----A---- C:\WINNT\system32\drivers\wdmaud.sys
2010-07-28 19:19:34 ----A---- C:\WINNT\system32\drivers\DMusic.sys
2010-07-28 19:19:33 ----A---- C:\WINNT\system32\drivers\swmidi.sys
2010-07-28 19:19:32 ----A---- C:\WINNT\system32\drivers\aec.sys
2010-07-28 19:19:31 ----A---- C:\WINNT\system32\drivers\kmixer.sys
2010-07-28 19:19:29 ----A---- C:\WINNT\system32\drivers\drmkaud.sys
2010-07-28 19:19:28 ----A---- C:\WINNT\system32\drivers\sysaudio.sys
2010-07-28 19:19:27 ----A---- C:\WINNT\system32\drivers\MSKSSRV.sys
2010-07-28 19:19:26 ----A---- C:\WINNT\system32\drivers\MSPQM.sys
2010-07-28 19:19:25 ----A---- C:\WINNT\system32\drivers\MSPCLOCK.sys
2010-07-28 19:19:21 ----RA---- C:\WINNT\system32\drivers\alcxwdm.sys
2010-07-28 19:19:21 ----A---- C:\WINNT\system32\ksuser.dll
2010-07-28 19:19:21 ----A---- C:\WINNT\system32\drivers\portcls.sys
2010-07-28 19:19:20 ----A---- C:\WINNT\system32\drivers\drmk.sys
2010-07-28 19:19:18 ----D---- C:\Program Files\Realtek Sound Manager
2010-07-28 19:19:18 ----D---- C:\Program Files\AvRack
2010-07-28 19:19:18 ----A---- C:\WINNT\avrack.ini
2010-07-28 19:19:11 ----D---- C:\Program Files\Realtek AC97
2010-07-28 19:19:11 ----A---- C:\WINNT\system32\RTLCPL.exe
2010-07-28 19:19:10 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-28 19:19:10 ----A---- C:\WINNT\system32\RtlCPAPI.dll
2010-07-28 19:19:10 ----A---- C:\WINNT\soundman.exe
2010-07-28 19:19:10 ----A---- C:\WINNT\alcupd.exe
2010-07-28 19:19:10 ----A---- C:\WINNT\Alcrmv.exe
2010-07-28 19:18:58 ----D---- C:\Program Files\Common Files\InstallShield
2010-07-28 19:17:40 ----D---- C:\Program Files\totalcmd
2010-07-28 19:17:40 ----A---- C:\WINNT\wincmd.ini
2010-07-28 19:17:40 ----A---- C:\WINNT\UC.PIF
2010-07-28 19:17:40 ----A---- C:\WINNT\RAR.PIF
2010-07-28 19:17:40 ----A---- C:\WINNT\PKZIP.PIF
2010-07-28 19:17:40 ----A---- C:\WINNT\PKUNZIP.PIF
2010-07-28 19:17:40 ----A---- C:\WINNT\NOCLOSE.PIF
2010-07-28 19:17:40 ----A---- C:\WINNT\LHA.PIF
2010-07-28 19:17:40 ----A---- C:\WINNT\ARJ.PIF
2010-07-28 19:16:36 ----A---- C:\WINNT\system32\drivers\USBSTOR.SYS
2010-07-28 19:16:14 ----D---- C:\Documents and Settings\user\Dane aplikacji\Identities
2010-07-28 19:16:13 ----HD---- C:\Program Files\Uninstall Information
2010-07-28 19:16:05 ----SD---- C:\Documents and Settings\user\Dane aplikacji\Microsoft
2010-07-28 19:16:05 ----ASH---- C:\Documents and Settings\user\Dane aplikacji\desktop.ini
2010-07-28 19:16:03 ----ASH---- C:\hiberfil.sys
2010-07-28 19:15:13 ----D---- C:\WINNT\SoftwareDistribution
2010-07-28 19:15:12 ----D---- C:\WINNT\Prefetch
2010-07-28 19:15:11 ----SD---- C:\WINNT\system32\Microsoft
2010-07-28 19:15:11 ----A---- C:\WINNT\SchedLgU.Txt
2010-07-28 19:13:57 ----A---- C:\WINNT\system32\spupdsvc.exe
2010-07-28 19:13:50 ----N---- C:\WINNT\system32\verclsid.exe
2010-07-28 19:13:42 ----N---- C:\WINNT\system32\spmsg.dll
2010-07-28 19:13:41 ----HD---- C:\WINNT\$hf_mig$
2010-07-28 19:13:28 ----RASH---- C:\MSDOS.SYS
2010-07-28 19:13:28 ----RASH---- C:\IO.SYS
2010-07-28 19:13:28 ----A---- C:\WINNT\control.ini
2010-07-28 19:13:28 ----A---- C:\CONFIG.SYS
2010-07-28 19:13:28 ----A---- C:\AUTOEXEC.BAT
2010-07-28 19:13:13 ----A---- C:\WINNT\OEWABLog.txt
2010-07-28 19:13:09 ----A---- C:\WINNT\system32\mapi32.dll
2010-07-28 19:12:19 ----SD---- C:\WINNT\Downloaded Program Files
2010-07-28 19:12:19 ----RD---- C:\WINNT\Offline Web Pages
2010-07-28 19:12:19 ----RAH---- C:\WINNT\system32\logonui.exe.manifest
2010-07-28 19:12:13 ----RAH---- C:\WINNT\system32\cdplayer.exe.manifest
2010-07-28 19:12:08 ----HD---- C:\Program Files\WindowsUpdate
2010-07-28 19:12:05 ----D---- C:\Program Files\Usługi online
2010-07-28 19:11:46 ----D---- C:\WINNT\system32\DirectX
2010-07-28 19:11:21 ----A---- C:\WINNT\system32\atrace.dll
2010-07-28 19:11:18 ----A---- C:\WINNT\system32\desktop.ini
2010-07-28 19:11:18 ----A---- C:\WINNT\desktop.ini
2010-07-28 19:11:10 ----A---- C:\WINNT\system32\nmevtmsg.dll
2010-07-28 19:11:09 ----A---- C:\WINNT\system32\acctres.dll
2010-07-28 19:11:08 ----D---- C:\Program Files\Common Files\Services
2010-07-28 19:11:05 ----SD---- C:\WINNT\Tasks
2010-07-28 19:11:05 ----A---- C:\WINNT\system32\icfgnt5.dll
2010-07-28 19:11:04 ----D---- C:\Program Files\Common Files\MSSoap
2010-07-28 19:10:59 ----D---- C:\WINNT\srchasst
2010-07-28 19:10:58 ----D---- C:\WINNT\system32\Macromed
2010-07-28 19:10:55 ----A---- C:\WINNT\system32\wuweb.dll
2010-07-28 19:10:55 ----A---- C:\WINNT\system32\wucltui.dll
2010-07-28 19:10:55 ----A---- C:\WINNT\system32\wuauserv.dll
2010-07-28 19:10:54 ----A---- C:\WINNT\system32\wups.dll
2010-07-28 19:10:54 ----A---- C:\WINNT\system32\wuaueng1.dll
2010-07-28 19:10:54 ----A---- C:\WINNT\system32\wuaueng.dll
2010-07-28 19:10:54 ----A---- C:\WINNT\system32\wuauclt1.exe
2010-07-28 19:10:54 ----A---- C:\WINNT\system32\wuauclt.exe
2010-07-28 19:10:54 ----A---- C:\WINNT\system32\wuapi.dll
2010-07-28 19:10:53 ----A---- C:\WINNT\system32\qmgrprxy.dll
2010-07-28 19:10:53 ----A---- C:\WINNT\system32\qmgr.dll
2010-07-28 19:10:53 ----A---- C:\WINNT\system32\bitsprx3.dll
2010-07-28 19:10:53 ----A---- C:\WINNT\system32\bitsprx2.dll
2010-07-28 19:10:49 ----D---- C:\Program Files\Movie Maker
2010-07-28 19:10:43 ----A---- C:\WINNT\system32\safrslv.dll
2010-07-28 19:10:43 ----A---- C:\WINNT\system32\safrdm.dll
2010-07-28 19:10:43 ----A---- C:\WINNT\system32\safrcdlg.dll
2010-07-28 19:10:43 ----A---- C:\WINNT\system32\racpldlg.dll
2010-07-28 19:10:38 ----A---- C:\WINNT\system32\fltMc.exe
2010-07-28 19:10:38 ----A---- C:\WINNT\system32\fltlib.dll
2010-07-28 19:10:38 ----A---- C:\WINNT\system32\drivers\fltMgr.sys
2010-07-28 19:10:37 ----D---- C:\WINNT\system32\Restore
2010-07-28 19:10:37 ----A---- C:\WINNT\system32\srsvc.dll
2010-07-28 19:10:37 ----A---- C:\WINNT\system32\srrstr.dll
2010-07-28 19:10:37 ----A---- C:\WINNT\system32\srclient.dll
2010-07-28 19:10:37 ----A---- C:\WINNT\system32\drivers\sr.sys
2010-07-28 19:10:36 ----A---- C:\WINNT\system32\nmmkcert.dll
2010-07-28 19:10:36 ----A---- C:\WINNT\system32\mnmsrvc.exe
2010-07-28 19:10:36 ----A---- C:\WINNT\system32\mnmdd.dll
2010-07-28 19:10:36 ----A---- C:\WINNT\system32\isrdbg32.dll
2010-07-28 19:10:36 ----A---- C:\WINNT\system32\ils.dll
2010-07-28 19:10:35 ----A---- C:\WINNT\system32\msconf.dll
2010-07-28 19:10:32 ----D---- C:\Program Files\NetMeeting
2010-07-28 19:10:32 ----A---- C:\WINNT\system32\msoert2.dll
2010-07-28 19:10:32 ----A---- C:\WINNT\system32\msoeacct.dll
2010-07-28 19:10:31 ----A---- C:\WINNT\system32\inetres.dll
2010-07-28 19:10:30 ----A---- C:\WINNT\system32\inetcomm.dll
2010-07-28 19:10:28 ----D---- C:\Program Files\Outlook Express
2010-07-28 19:10:28 ----A---- C:\WINNT\system32\schedsvc.dll
2010-07-28 19:10:28 ----A---- C:\WINNT\system32\mstinit.exe
2010-07-28 19:10:28 ----A---- C:\WINNT\system32\mstask.dll
2010-07-28 19:10:27 ----A---- C:\WINNT\system32\isign32.dll
2010-07-28 19:10:27 ----A---- C:\WINNT\system32\inetcfg.dll
2010-07-28 19:10:27 ----A---- C:\WINNT\system32\icwphbk.dll
2010-07-28 19:10:27 ----A---- C:\WINNT\system32\icwdial.dll
2010-07-28 19:10:20 ----D---- C:\Program Files\Common Files\System
2010-07-28 19:10:19 ----D---- C:\Program Files\Internet Explorer
2010-07-28 19:09:41 ----D---- C:\Program Files\ComPlus Applications
2010-07-28 19:09:40 ----A---- C:\WINNT\vbaddin.ini
2010-07-28 19:09:40 ----A---- C:\WINNT\vb.ini
2010-07-28 19:09:36 ----D---- C:\WINNT\Registration
2010-07-28 19:09:30 ----D---- C:\Program Files\Windows Media Player
2010-07-28 19:09:24 ----D---- C:\Program Files\Messenger
2010-07-28 19:09:20 ----D---- C:\Program Files\MSN Gaming Zone
2010-07-28 19:09:20 ----A---- C:\WINNT\system32\write.exe
2010-07-28 19:09:08 ----A---- C:\WINNT\system32\hticons.dll
2010-07-28 19:09:08 ----A---- C:\WINNT\system32\avwav.dll
2010-07-28 19:09:08 ----A---- C:\WINNT\system32\avtapi.dll
2010-07-28 19:09:08 ----A---- C:\WINNT\system32\avmeter.dll
2010-07-28 19:09:07 ----A---- C:\WINNT\system32\winchat.exe
2010-07-28 19:08:58 ----A---- C:\WINNT\system32\getuname.dll
2010-07-28 19:08:58 ----A---- C:\WINNT\system32\charmap.exe
2010-07-28 19:08:57 ----A---- C:\WINNT\system32\winmine.exe
2010-07-28 19:08:57 ----A---- C:\WINNT\system32\sol.exe
2010-07-28 19:08:57 ----A---- C:\WINNT\system32\calc.exe
2010-07-28 19:08:56 ----A---- C:\WINNT\system32\usrlogon.cmd
2010-07-28 19:08:56 ----A---- C:\WINNT\system32\tsshutdn.exe
2010-07-28 19:08:56 ----A---- C:\WINNT\system32\tslabels.ini
2010-07-28 19:08:56 ----A---- C:\WINNT\system32\tskill.exe
2010-07-28 19:08:56 ----A---- C:\WINNT\system32\tsdiscon.exe
2010-07-28 19:08:56 ----A---- C:\WINNT\system32\reset.exe
2010-07-28 19:08:56 ----A---- C:\WINNT\system32\mshearts.exe
2010-07-28 19:08:56 ----A---- C:\WINNT\system32\freecell.exe
2010-07-28 19:08:55 ----A---- C:\WINNT\system32\tscon.exe
2010-07-28 19:08:55 ----A---- C:\WINNT\system32\shadow.exe
2010-07-28 19:08:55 ----A---- C:\WINNT\system32\rwinsta.exe
2010-07-28 19:08:55 ----A---- C:\WINNT\system32\regini.exe
2010-07-28 19:08:55 ----A---- C:\WINNT\system32\rdpcfgex.dll
2010-07-28 19:08:55 ----A---- C:\WINNT\system32\qwinsta.exe
2010-07-28 19:08:55 ----A---- C:\WINNT\system32\qappsrv.exe
2010-07-28 19:08:55 ----A---- C:\WINNT\system32\msg.exe
2010-07-28 19:08:55 ----A---- C:\WINNT\system32\logoff.exe
2010-07-28 19:08:54 ----A---- C:\WINNT\system32\msdtcprf.ini
2010-07-28 19:08:54 ----A---- C:\WINNT\system32\cdmodem.dll
2010-07-28 19:08:53 ----A---- C:\WINNT\system32\stclient.dll
2010-07-28 19:08:53 ----A---- C:\WINNT\system32\mtxlegih.dll
2010-07-28 19:08:53 ----A---- C:\WINNT\system32\mtxex.dll
2010-07-28 19:08:53 ----A---- C:\WINNT\system32\mtxdm.dll
2010-07-28 19:08:53 ----A---- C:\WINNT\system32\dcomcnfg.exe
2010-07-28 19:08:53 ----A---- C:\WINNT\system32\comrepl.dll
2010-07-28 19:08:53 ----A---- C:\WINNT\system32\comaddin.dll
2010-07-28 19:08:52 ----A---- C:\WINNT\system32\comsnap.dll
2010-07-28 19:08:46 ----A---- C:\WINNT\system32\wmimgmt.msc
2010-07-28 19:08:45 ----A---- C:\WINNT\system32\sndrec32.exe
2010-07-28 19:08:45 ----A---- C:\WINNT\system32\accwiz.exe
2010-07-28 19:08:44 ----D---- C:\Program Files\Windows NT
2010-07-28 19:08:44 ----A---- C:\WINNT\system32\mplay32.exe
2010-07-28 19:08:44 ----A---- C:\WINNT\system32\hypertrm.dll
2010-07-28 19:08:43 ----A---- C:\WINNT\system32\spider.exe
2010-07-28 19:08:43 ----A---- C:\WINNT\system32\mspaint.exe
2010-07-28 19:08:43 ----A---- C:\WINNT\system32\drivers\tdtcp.sys
2010-07-28 19:08:43 ----A---- C:\WINNT\system32\clipbrd.exe
2010-07-28 19:08:42 ----A---- C:\WINNT\system32\tscfgwmi.dll
2010-07-28 19:08:42 ----A---- C:\WINNT\system32\mstscax.dll
2010-07-28 19:08:42 ----A---- C:\WINNT\system32\mstsc.exe
2010-07-28 19:08:42 ----A---- C:\WINNT\system32\drivers\tdpipe.sys
2010-07-28 19:08:42 ----A---- C:\WINNT\system32\drivers\rdpwd.sys
2010-07-28 19:08:41 ----A---- C:\WINNT\system32\tscupgrd.exe
2010-07-28 19:08:41 ----A---- C:\WINNT\system32\termsrv.dll
2010-07-28 19:08:41 ----A---- C:\WINNT\system32\sessmgr.exe
2010-07-28 19:08:41 ----A---- C:\WINNT\system32\remotepg.dll
2010-07-28 19:08:41 ----A---- C:\WINNT\system32\rdshost.exe
2010-07-28 19:08:41 ----A---- C:\WINNT\system32\rdsaddin.exe
2010-07-28 19:08:41 ----A---- C:\WINNT\system32\rdchost.dll
2010-07-28 19:08:40 ----D---- C:\WINNT\system32\MsDtc
2010-07-28 19:08:40 ----A---- C:\WINNT\system32\rdpwsx.dll
2010-07-28 19:08:40 ----A---- C:\WINNT\system32\rdpsnd.dll
2010-07-28 19:08:40 ----A---- C:\WINNT\system32\rdpclip.exe
2010-07-28 19:08:40 ----A---- C:\WINNT\system32\qprocess.exe
2010-07-28 19:08:40 ----A---- C:\WINNT\system32\mtxoci.dll
2010-07-28 19:08:40 ----A---- C:\WINNT\system32\msdtcuiu.dll
2010-07-28 19:08:40 ----A---- C:\WINNT\system32\icaapi.dll
2010-07-28 19:08:40 ----A---- C:\WINNT\system32\cfgbkend.dll
2010-07-28 19:08:39 ----A---- C:\WINNT\system32\xolehlp.dll
2010-07-28 19:08:39 ----A---- C:\WINNT\system32\msdtctm.dll
2010-07-28 19:08:39 ----A---- C:\WINNT\system32\msdtcprx.dll
2010-07-28 19:08:38 ----A---- C:\WINNT\system32\msdtclog.dll
2010-07-28 19:08:38 ----A---- C:\WINNT\system32\msdtc.exe
2010-07-28 19:08:37 ----D---- C:\WINNT\system32\Com
2010-07-28 19:08:37 ----A---- C:\WINNT\system32\colbact.dll
2010-07-28 19:08:37 ----A---- C:\WINNT\system32\clbcatex.dll
2010-07-28 19:08:37 ----A---- C:\WINNT\system32\catsrvut.dll
2010-07-28 19:08:37 ----A---- C:\WINNT\system32\catsrvps.dll
2010-07-28 19:08:37 ----A---- C:\WINNT\system32\catsrv.dll
2010-07-28 19:08:36 ----A---- C:\WINNT\system32\comuid.dll
2010-07-28 19:08:36 ----A---- C:\WINNT\system32\comsvcs.dll
2010-07-28 19:08:35 ----A---- C:\WINNT\system32\clbcatq.dll
2010-07-28 19:08:28 ----A---- C:\WINNT\system32\servdeps.dll
2010-07-28 19:08:28 ----A---- C:\WINNT\system32\mmfutil.dll
2010-07-28 19:08:28 ----A---- C:\WINNT\system32\licwmi.dll
2010-07-28 19:08:28 ----A---- C:\WINNT\system32\cmprops.dll
2010-07-28 19:08:23 ----A---- C:\WINNT\system32\drivers\termdd.sys
2010-07-28 19:08:23 ----A---- C:\WINNT\system32\drivers\rdpdr.sys

======List of files/folders modified in the last 1 months======

2010-08-17 09:21:37 ----A---- C:\WINNT\system.ini
2010-07-28 19:13:27 ----A---- C:\WINNT\win.ini
2010-07-28 19:12:57 ----ASH---- C:\WINNT\fonts\desktop.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AvgRkx86;avgrkx86.sys; C:\WINNT\System32\Drivers\avgrkx86.sys [2010-08-18 52872]
R0 PxHelp20;PxHelp20; C:\WINNT\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 uagp35;Filtr AGPv3.5 firmy Microsoft; C:\WINNT\system32\DRIVERS\uagp35.sys [2004-08-04 44672]
R0 viaagp1;VIA AGP Filter; C:\WINNT\system32\DRIVERS\viaagp1.sys [2003-07-01 27904]
R0 viamraid;viamraid; C:\WINNT\system32\DRIVERS\viamraid.sys [2005-04-26 60928]
R1 AmdK7;Sterownik procesora AMD K7; C:\WINNT\system32\DRIVERS\amdk7.sys [2006-05-13 41472]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINNT\System32\Drivers\avgldx86.sys [2010-08-18 216400]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINNT\System32\Drivers\avgmfx86.sys [2010-08-18 29584]
R1 AvgTdiX;AVG Network Redirector; C:\WINNT\System32\Drivers\avgtdix.sys [2010-08-18 243024]
R1 kbdhid;Sterownik klawiatury HID; C:\WINNT\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINNT\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]
R3 ati2mtag;ati2mtag; C:\WINNT\system32\DRIVERS\ati2mtag.sys [2010-07-29 1198080]
R3 E100B;Sterownik karty Intel(R) PRO; C:\WINNT\system32\DRIVERS\e100b325.sys [2001-10-26 117760]
R3 HidUsb;Sterownik Microsoft klasy HID; C:\WINNT\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 mouhid;Sterownik myszy HID; C:\WINNT\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINNT\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINNT\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
S1 InCDPass;InCDPass; C:\WINNT\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINNT\system32\drivers\InCDRm.sys []
S3 amsint32;amsint32; \??\C:\WINNT\system32\drivers\hedho.sys []
S3 hamachi;Hamachi Network Interface; C:\WINNT\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 LLRING0;LLRING0; \??\D:\Mu1\MuGuard\llck1.sys []
S3 NTSIM;NTSIM; \??\C:\WINNT\system32\ntsim.sys []
S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINNT\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 InCDFs;InCD File System; C:\WINNT\system32\drivers\InCDFs.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINNT\system32\Ati2evxx.exe [2010-07-29 368640]
R2 avg9emc;AVG E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-08-18 921952]
R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-08-18 308136]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-08-18 153376]
R2 MSSQLSERVER;MSSQLSERVER; C:\PROGRA~1\MICROS~1\MSSQL\binn\sqlservr.exe [2000-08-06 7442493]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINNT\system32\wdfmgr.exe [2005-01-28 38912]
S2 ATI Smart;ATI Smart; C:\WINNT\system32\ati2sgag.exe [2005-05-24 516096]
S2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 aspnet_state;ASP.NET State Service; C:\WINNT\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe []
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINNT\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINNT\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe []
S3 SQLSERVERAGENT;SQLSERVERAGENT; C:\PROGRA~1\MICROS~1\MSSQL\binn\sqlagent.exe []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINNT\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
[/log]

[log]OTL logfile created on: 2010-08-19 11:29:19 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Program Files
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

767,00 Mb Total Physical Memory | 235,00 Mb Available Physical Memory | 31,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 60,00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files
Drive C: | 73,24 Gb Total Space | 0,88 Gb Free Space | 1,20% Space Free | Partition Type: NTFS
Drive D: | 75,80 Gb Total Space | 51,10 Gb Free Space | 67,42% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: USER-E405A13E68
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-08-19 11:28:05 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe
PRC - [2010-08-18 08:42:09 | 000,153,376 | ---- | M] (Oracle) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-08-18 08:02:29 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010-08-18 08:02:29 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010-08-18 08:02:29 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010-08-18 08:02:29 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010-08-18 08:02:23 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010-08-18 08:02:21 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010-08-18 08:02:21 | 000,842,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2010-08-18 08:02:19 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010-07-29 07:38:41 | 000,368,640 | ---- | M] (ATI Technologies Inc.) -- C:\WINNT\system32\ati2evxx.exe
PRC - [2010-07-23 04:15:35 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-07-23 04:15:35 | 000,014,808 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-07-10 14:56:34 | 001,015,808 | ---- | M] (Ares Development Group) -- C:\Program Files\Ares\Ares.exe
PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\wuauclt.exe
PRC - [2009-02-09 11:55:23 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\services.exe
PRC - [2008-07-25 11:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
PRC - [2006-08-02 23:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINNT\soundman.exe
PRC - [2006-05-13 16:22:59 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\spoolsv.exe
PRC - [2005-10-28 16:25:44 | 000,094,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2005-05-24 21:05:00 | 000,344,064 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
PRC - [2005-04-26 05:22:32 | 000,589,824 | ---- | M] (VIA Technologies) -- C:\Program Files\VIA\RAID\raid_tool.exe
PRC - [2005-01-28 01:36:00 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\wdfmgr.exe
PRC - [2004-08-04 02:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\winlogon.exe
PRC - [2004-08-04 02:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\smss.exe
PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\svchost.exe [RPCSS]
PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\svchost.exe [NETSVCS]
PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004-08-04 02:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\lsass.exe
PRC - [2004-08-04 02:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINNT\explorer.exe
PRC - [2004-08-04 02:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\ctfmon.exe
PRC - [2004-08-04 02:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\csrss.exe
PRC - [2004-08-04 00:55:54 | 001,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2000-08-06 01:50:20 | 007,442,493 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-08-19 11:28:05 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe
MOD - [2010-04-16 17:22:21 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\shlwapi.dll
MOD - [2009-06-25 10:23:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\secur32.dll
MOD - [2009-04-15 17:18:19 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\rpcrt4.dll
MOD - [2009-03-21 16:21:24 | 001,014,784 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\kernel32.dll
MOD - [2009-02-09 12:03:55 | 000,723,456 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\ntdll.dll
MOD - [2009-02-09 12:03:55 | 000,687,104 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\advapi32.dll
MOD - [2008-10-23 14:53:07 | 000,284,160 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\gdi32.dll
MOD - [2008-07-03 15:16:27 | 008,483,328 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\shell32.dll
MOD - [2006-05-13 16:25:54 | 001,285,632 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\ole32.dll
MOD - [2006-05-13 16:25:30 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\clbcatq.dll
MOD - [2006-05-13 16:22:00 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\user32.dll
MOD - [2004-08-04 02:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\winspool.drv
MOD - [2004-08-04 02:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\uxtheme.dll
MOD - [2004-08-04 02:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\version.dll
MOD - [2004-08-04 02:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\srclient.dll
MOD - [2004-08-04 02:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\setupapi.dll
MOD - [2004-08-04 02:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\psapi.dll
MOD - [2004-08-04 02:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\oleaut32.dll
MOD - [2004-08-04 02:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\olepro32.dll
MOD - [2004-08-04 02:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\msvcrt.dll
MOD - [2004-08-04 02:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\MSCTF.dll
MOD - [2004-08-04 02:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\wbem\framedyn.dll
MOD - [2004-08-04 02:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\comres.dll
MOD - [2004-08-04 02:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\comdlg32.dll
MOD - [2004-08-04 02:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINNT\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004-08-04 01:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\msscript.ocx


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [On_Demand | Stopped] -- C:\PROGRA~1\MICROS~1\MSSQL\binn\sqlagent.exe -- (SQLSERVERAGENT)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010-08-18 08:02:21 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010-08-18 08:02:19 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2000-08-06 01:50:20 | 007,442,493 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe -- (MSSQLSERVER)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | System | Stopped] -- C:\WINNT\System32\drivers\InCDRm.sys -- (InCDRm)
DRV - File not found [Kernel | System | Stopped] -- C:\WINNT\System32\drivers\InCDPass.sys -- (InCDPass)
DRV - File not found [File_System | Disabled | Stopped] -- C:\WINNT\System32\drivers\InCDFs.sys -- (InCDFs)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINNT\System32\drivers\hedho.sys -- (amsint32)
DRV - [2010-08-18 08:03:05 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINNT\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2010-08-18 08:03:04 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINNT\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010-08-18 08:02:53 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINNT\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010-08-18 08:02:52 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINNT\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010-07-29 07:38:41 | 001,198,080 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010-05-29 00:52:18 | 000,003,840 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Mu1\MuGuard\llck1.sys -- (LLRING0)
DRV - [2010-02-03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2006-08-18 07:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004-08-04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2003-07-01 22:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINNT\system32\DRIVERS\viaagp1.sys -- (viaagp1)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-515967899-1035525444-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\system32\blank.htm
IE - HKU\S-1-5-21-515967899-1035525444-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2405280
IE - HKU\S-1-5-21-515967899-1035525444-682003330-1003\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-515967899-1035525444-682003330-1003\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-515967899-1035525444-682003330-1003\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-515967899-1035525444-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Winamp Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query="
FF - prefs.js..browser.search.selectedEngine: "Winamp Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.start24.pl/"
FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.21
FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.845
FF - prefs.js..extensions.enabledItems: avg@igeared:4.906.030.002
FF - prefs.js..keyword.URL: "http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p="

FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010-08-18 08:02:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010-08-18 08:02:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010-07-28 21:30:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010-08-16 19:39:27 | 000,000,000 | ---D | M]

[2010-07-28 21:27:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Extensions
[2010-08-19 10:55:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\jpplwnm9.default\extensions
[2010-08-16 13:16:59 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\jpplwnm9.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2010-07-29 07:23:43 | 000,000,000 | ---D | M] (Softonic-Eng7 Toolbar) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\jpplwnm9.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
[2010-07-28 21:30:26 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\jpplwnm9.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2010-08-16 13:17:46 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\jpplwnm9.default\searchplugins\winamp-search.xml

O1 HOSTS File: ([2001-10-26 19:45:16 | 000,000,742 | ---- | M]) - C:\WINNT\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll (BitComet)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-515967899-1035525444-682003330-1003\..\Toolbar\WebBrowser: (Softonic-Eng7 Toolbar) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - C:\Program Files\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-515967899-1035525444-682003330-1003\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] D:\Program Files\AdobeReader 9.3.3\Reader\Reader_sl.exe File not found
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINNT\System32\NeroCheck.exe File not found
O4 - HKLM..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe (VIA Technologies)
O4 - HKLM..\Run: [SoundMan] C:\WINNT\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe File not found
O4 - HKU\S-1-5-21-515967899-1035525444-682003330-1003..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)
O4 - HKU\S-1-5-21-515967899-1035525444-682003330-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-515967899-1035525444-682003330-1003..\Run: [BitComet] D:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O4 - HKU\.DEFAULT..\RunOnce: [nlsf] C:\WINNT\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINNT\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [nlsf] C:\WINNT\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINNT\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [nlsf] C:\WINNT\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [tscuninstall] C:\WINNT\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [nlsf] C:\WINNT\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [tscuninstall] C:\WINNT\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-515967899-1035525444-682003330-1003..\RunOnce: [FlashPlayerUpdate] C:\WINNT\System32\Macromed\Flash\FlashUtil10h_Plugin.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-515967899-1035525444-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Pobierz wszystkie wideo za pomocą BitComet - D:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - D:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Pobierz za pomocą BitComet - D:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - D:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll (BitComet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINNT\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINNT\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINNT\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINNT\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINNT\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-07-28 19:13:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010-08-18 08:07:05 | 000,000,209 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-08-18 08:07:05 | 000,000,285 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{abf14160-9a76-11df-8f85-806d6172696f}\Shell\AutoplAY\comMand - "" = okcc.exe
O33 - MountPoints2\{abf14160-9a76-11df-8f85-806d6172696f}\Shell\AutoRun\command - "" = okcc.exe
O33 - MountPoints2\{abf14160-9a76-11df-8f85-806d6172696f}\Shell\eXpLoRE\COMmaND - "" = okcc.exe
O33 - MountPoints2\{abf14160-9a76-11df-8f85-806d6172696f}\Shell\OpeN\cOmmanD - "" = okcc.exe
O33 - MountPoints2\{abf14162-9a76-11df-8f85-806d6172696f}\Shell\AutOplay\cOmmanD - "" = gabn.exe
O33 - MountPoints2\{abf14162-9a76-11df-8f85-806d6172696f}\Shell\AutoRun\command - "" = gabn.exe
O33 - MountPoints2\{abf14162-9a76-11df-8f85-806d6172696f}\Shell\explore\COMMAnd - "" = gabn.exe
O33 - MountPoints2\{abf14162-9a76-11df-8f85-806d6172696f}\Shell\oPen\comMANd - "" = gabn.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found




[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-08-19 11:28:04 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Program Files\OTL.exe
[2010-08-19 10:50:49 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010-08-19 10:50:17 | 000,000,000 | ---D | C] -- C:\rsit
[2010-08-19 10:46:21 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010-08-19 06:33:02 | 000,000,000 | ---D | C] -- C:\WINNT\LastGood
[2010-08-19 06:31:15 | 000,000,000 | ---D | C] -- C:\My Shared Folder
[2010-08-18 08:42:36 | 000,073,728 | ---- | C] (Oracle) -- C:\WINNT\System32\javacpl.cpl
[2010-08-18 08:42:35 | 000,153,376 | ---- | C] (Oracle) -- C:\WINNT\System32\javaws.exe
[2010-08-18 08:42:35 | 000,145,184 | ---- | C] (Oracle) -- C:\WINNT\System32\javaw.exe
[2010-08-18 08:42:35 | 000,145,184 | ---- | C] (Oracle) -- C:\WINNT\System32\java.exe
[2010-08-18 08:17:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\AVG Security Toolbar
[2010-08-18 08:09:45 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010-08-18 08:03:05 | 000,052,872 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\drivers\avgrkx86.sys
[2010-08-18 08:03:05 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\avgrsstx.dll
[2010-08-18 08:03:04 | 000,243,024 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\drivers\avgtdix.sys
[2010-08-18 08:02:53 | 000,216,400 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\drivers\avgldx86.sys
[2010-08-18 08:02:52 | 000,029,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\drivers\avgmfx86.sys
[2010-08-18 08:02:42 | 000,000,000 | ---D | C] -- C:\WINNT\System32\drivers\Avg
[2010-08-18 08:02:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Security Toolbar
[2010-08-18 08:02:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9
[2010-08-18 08:02:17 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010-08-18 07:56:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Windows Genuine Advantage
[2010-08-18 07:50:41 | 000,153,184 | ---- | C] (ALWIL Software) -- C:\WINNT\System32\aswBoot.exe
[2010-08-18 07:50:35 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-08-17 20:29:16 | 000,164,864 | ---- | C] (INCA Internet co., Ltd.) -- C:\Program Files\NPUpdate0.dll
[2010-08-17 20:29:16 | 000,125,952 | ---- | C] (INCA Internet, Inc) -- C:\Program Files\NPX.dll
[2010-08-17 20:29:16 | 000,122,940 | ---- | C] (안철수연구소) -- C:\Program Files\Mfsvc2.dll
[2010-08-17 20:29:16 | 000,061,531 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Program Files\NPGmup.dll
[2010-08-17 20:29:16 | 000,055,296 | ---- | C] (INCA Internet Co., Ltd) -- C:\Program Files\NPCipher.dll
[2010-08-17 20:29:16 | 000,032,768 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Program Files\NPChk.dll
[2010-08-17 20:29:16 | 000,031,744 | ---- | C] (incainternet) -- C:\Program Files\NPPsk.dll
[2010-08-17 20:29:15 | 000,000,000 | ---D | C] -- C:\Program Files\MuGuard
[2010-08-17 20:27:14 | 000,000,000 | ---D | C] -- C:\Program Files\Data
[2010-08-17 09:14:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit\My Shared Folder
[2010-08-17 09:14:00 | 000,000,000 | ---D | C] -- C:\Program Files\Ares
[2010-08-17 07:36:30 | 000,000,000 | ---D | C] -- C:\WINNT\System32\XPSViewer
[2010-08-17 07:36:25 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010-08-17 07:36:23 | 000,000,000 | ---D | C] -- C:\WINNT\System32\en-US
[2010-08-17 07:36:15 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010-08-17 07:11:03 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2010-08-16 19:41:19 | 000,000,000 | ---D | C] -- C:\WINNT\Sun
[2010-08-16 19:39:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2010-08-16 19:39:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010-08-16 19:39:27 | 000,423,656 | ---- | C] (Oracle) -- C:\WINNT\System32\deployJava1.dll
[2010-08-16 19:39:11 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010-08-16 19:38:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Sun
[2010-08-16 13:17:02 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2010-08-16 13:16:56 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Toolbar
[2010-08-16 13:16:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar
[2010-08-16 13:16:41 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2010-08-16 13:16:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Winamp
[2010-08-16 13:11:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\My Radios
[2010-08-16 13:11:07 | 000,000,000 | ---D | C] -- C:\Program Files\3aLab
[2010-08-13 08:03:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Need for Speed World
[2010-08-13 07:43:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Electronic_Arts_Inc
[2010-08-13 07:36:20 | 000,000,000 | R-SD | C] -- C:\WINNT\assembly
[2010-08-13 07:35:49 | 000,000,000 | ---D | C] -- C:\WINNT\Microsoft.NET
[2010-08-13 07:32:38 | 000,000,000 | ---D | C] -- C:\WINNT\Logs
[2010-08-13 07:32:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2010-08-12 07:54:33 | 000,000,000 | ---D | C] -- C:\Program Files\BitSpirit
[2010-08-11 16:14:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Yahoo! Companion
[2010-08-10 18:21:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\NFS Underground 2
[2010-08-10 18:21:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DirectX
[2010-08-10 12:57:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\WinRAR
[2010-08-10 08:17:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\BitSpirit
[2010-08-09 10:44:34 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\WINNT\System32\D3DX81ab.dll
[2010-08-09 10:44:33 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine
[2010-08-09 08:18:37 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\.#
[2010-08-06 12:01:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Ares
[2010-08-05 17:53:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\InstallShield
[2010-08-05 17:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\The Games Factory 2
[2010-08-05 14:36:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\TeamViewer
[2010-08-05 14:36:28 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2010-08-05 09:46:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Designer
[2010-08-05 09:45:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2010-08-04 13:59:02 | 000,000,000 | ---D | C] -- C:\Program Files\X-World Team
[2010-08-04 09:53:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\skypePM
[2010-08-04 09:44:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Skype
[2010-08-04 09:44:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010-08-04 09:44:04 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010-08-04 09:43:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype
[2010-08-03 09:11:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\GTA San Andreas User Files
[2010-08-03 09:01:00 | 000,000,000 | ---D | C] -- C:\WINNT\ServicePackFiles
[2010-08-01 20:59:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Gadu-Gadu
[2010-08-01 20:58:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Gadu-Gadu
[2010-08-01 17:32:45 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\WINNT\System32\CmdLineExt.dll
[2010-08-01 15:56:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-08-01 15:53:50 | 000,000,000 | ---D | C] -- C:\WINNT\System32\KB905474
[2010-07-31 11:32:11 | 000,000,000 | ---D | C] -- C:\WINNT\System32\CatRoot_bak
[2010-07-30 18:49:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\boost_interprocess
[2010-07-30 18:25:25 | 000,000,000 | ---D | C] -- C:\WINNT\System32\SoftwareDistribution
[2010-07-30 18:24:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Ahead
[2010-07-30 18:22:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Ahead
[2010-07-30 18:20:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2010-07-30 18:16:55 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010-07-30 17:28:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Nero
[2010-07-30 17:27:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Real
[2010-07-30 17:26:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Nero
[2010-07-30 17:26:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2010-07-30 16:40:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\TigerPlayer
[2010-07-30 16:39:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
[2010-07-30 15:09:41 | 004,358,144 | ---- | C] (GSC Game World) -- C:\WINNT\uncsetup.exe
[2010-07-29 16:03:57 | 000,000,000 | ---D | C] -- C:\WINNT\Minidump
[2010-07-29 08:01:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Help
[2010-07-29 08:01:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Help
[2010-07-29 07:42:30 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010-07-29 07:38:42 | 000,094,208 | ---- | C] (ATI Technologies, Inc.) -- C:\WINNT\System32\atipdlxx.dll
[2010-07-29 07:38:42 | 000,073,728 | ---- | C] (ATI Technologies, Inc.) -- C:\WINNT\System32\Oemdspif.dll
[2010-07-29 07:38:42 | 000,024,064 | ---- | C] (ATI Technologies, Inc.) -- C:\WINNT\System32\ativcoxx.dll
[2010-07-29 07:38:41 | 000,039,936 | ---- | C] (ATI Technologies, Inc.) -- C:\WINNT\System32\ati2edxx.dll
[2010-07-29 07:38:41 | 000,025,088 | ---- | C] (ATI Technologies, Inc.) -- C:\WINNT\System32\Ati2mdxx.exe
[2010-07-29 07:33:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Macromedia
[2010-07-29 07:33:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Adobe
[2010-07-29 07:25:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010-07-29 07:23:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Conduit
[2010-07-29 07:23:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Softonic-Eng7
[2010-07-29 07:23:46 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010-07-29 07:23:45 | 000,000,000 | ---D | C] -- C:\Program Files\Softonic-Eng7
[2010-07-29 07:23:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Adobe
[2010-07-29 07:05:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Identities
[2010-07-28 21:30:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\BitComet
[2010-07-28 21:27:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\Pobieranie
[2010-07-28 21:27:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Mozilla
[2010-07-28 21:27:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla
[2010-07-28 21:25:59 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user\UserData
[2010-07-28 21:10:32 | 000,000,000 | ---D | C] -- C:\Downloads
[2010-07-28 20:40:56 | 000,000,000 | -HSD | C] -- C:\WINNT\Installer
[2010-07-28 20:40:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010-07-28 20:40:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010-07-28 20:40:52 | 000,000,000 | R--D | C] -- C:\Program Files
[2010-07-28 20:40:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010-07-28 20:40:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010-07-28 20:40:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start
[2010-07-28 20:40:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty
[2010-07-28 20:40:08 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Szablony
[2010-07-28 20:40:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Ulubione
[2010-07-28 20:40:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Pulpit
[2010-07-28 20:39:51 | 000,000,000 | ---D | C] -- C:\WINNT\System32\CatRoot2
[2010-07-28 20:39:51 | 000,000,000 | ---D | C] -- C:\WINNT\System32\CatRoot
[2010-07-28 20:39:45 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
[2010-07-28 20:39:45 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji
[2010-07-28 20:39:22 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010-07-28 20:39:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010-07-28 20:35:12 | 000,000,000 | R-SD | C] -- C:\WINNT\Fonts
[2010-07-28 20:35:12 | 000,000,000 | RHSD | C] -- C:\WINNT\System32\dllcache
[2010-07-28 20:35:12 | 000,000,000 | R--D | C] -- C:\WINNT\Web
[2010-07-28 20:35:12 | 000,000,000 | -H-D | C] -- C:\WINNT\inf
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\WinSxS
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\wins
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\wbem
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\usmt
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\twain_32
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\Temp
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\system32
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\system
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\spool
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\ShellExt
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\Setup
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\security
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\Resources
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\repair
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\ras
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\Provisioning
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\PreInstall
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\PeerNet
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\pchealth
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\oobe
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\npp
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\mui
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\mui
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\msapps
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\msagent
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\Media
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\java
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\inetsrv
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\IME
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\ime
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\icsxml
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\ias
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\Help
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\export
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\drivers\etc
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\ehome
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\drivers
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\Driver Cache
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\drivers\disdn
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\dhcp
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\Debug
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\Cursors
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\Connection Wizard
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\config
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\Config
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\AppPatch
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\addins
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\3com_dmi
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\3076
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\2052
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\1054
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\1045
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\1042
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\1041
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\1037
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\1033
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\1031
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\1028
[2010-07-28 20:35:12 | 000,000,000 | ---D | C] -- C:\WINNT\System32\1025
[2010-07-28 19:31:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
[2010-07-28 19:30:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Moje wideo
[2010-07-28 19:29:54 | 000,000,000 | ---D | C] -- C:\WINNT\RegisteredPackages
[2010-07-28 19:28:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GHISLER
[2010-07-28 19:24:29 | 000,000,000 | ---D | C] -- C:\Program Files\VIA
[2010-07-28 19:22:10 | 000,000,000 | ---D | C] -- C:\WINNT\System32\ReinstallBackups
[2010-07-28 19:21:18 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010-07-28 19:19:18 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek Sound Manager
[2010-07-28 19:19:18 | 000,000,000 | ---D | C] -- C:\Program Files\AvRack
[2010-07-28 19:19:11 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek AC97
[2010-07-28 19:19:10 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010-07-28 19:18:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010-07-28 19:17:40 | 000,000,000 | ---D | C] -- C:\Program Files\totalcmd
[2010-07-28 19:16:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Identities
[2010-07-28 19:16:13 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010-07-28 19:16:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Moje obrazy
[2010-07-28 19:16:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty\Moja muzyka
[2010-07-28 19:16:05 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user\Dane aplikacji\Microsoft
[2010-07-28 19:16:05 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user\Cookies
[2010-07-28 19:16:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\SendTo
[2010-07-28 19:16:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent
[2010-07-28 19:16:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Dane aplikacji
[2010-07-28 19:16:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Ulubione
[2010-07-28 19:16:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Moje dokumenty
[2010-07-28 19:16:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Menu Start
[2010-07-28 19:16:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\Ustawienia lokalne
[2010-07-28 19:16:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\Szablony
[2010-07-28 19:16:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\PrintHood
[2010-07-28 19:16:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\NetHood
[2010-07-28 19:16:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit
[2010-07-28 19:16:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-07-28 19:15:13 | 000,000,000 | ---D | C] -- C:\WINNT\SoftwareDistribution
[2010-07-28 19:15:12 | 000,000,000 | ---D | C] -- C:\WINNT\Prefetch
[2010-07-28 19:15:11 | 000,000,000 | --SD | C] -- C:\WINNT\System32\Microsoft
[2010-07-28 19:15:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-07-28 19:15:10 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2010-07-28 19:15:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-07-28 19:15:04 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2010-07-28 19:13:41 | 000,000,000 | -H-D | C] -- C:\WINNT\$hf_mig$
[2010-07-28 19:12:29 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010-07-28 19:12:19 | 000,000,000 | --SD | C] -- C:\WINNT\Downloaded Program Files
[2010-07-28 19:12:19 | 000,000,000 | R--D | C] -- C:\WINNT\Offline Web Pages
[2010-07-28 19:12:08 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010-07-28 19:12:05 | 000,000,000 | ---D | C] -- C:\Program Files\Usługi online
[2010-07-28 19:11:46 | 000,000,000 | ---D | C] -- C:\WINNT\System32\DirectX
[2010-07-28 19:11:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010-07-28 19:11:05 | 000,000,000 | --SD | C] -- C:\WINNT\Tasks
[2010-07-28 19:11:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010-07-28 19:10:59 | 000,000,000 | ---D | C] -- C:\WINNT\srchasst
[2010-07-28 19:10:58 | 000,000,000 | ---D | C] -- C:\WINNT\System32\Macromed
[2010-07-28 19:10:49 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010-07-28 19:10:37 | 000,000,000 | ---D | C] -- C:\WINNT\System32\Restore
[2010-07-28 19:10:32 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010-07-28 19:10:28 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010-07-28 19:10:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010-07-28 19:10:19 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010-07-28 19:10:18 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy
[2010-07-28 19:09:41 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2010-07-28 19:09:36 | 000,000,000 | ---D | C] -- C:\WINNT\Registration
[2010-07-28 19:09:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka
[2010-07-28 19:09:30 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010-07-28 19:09:24 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2010-07-28 19:09:20 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010-07-28 19:08:44 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010-07-28 19:08:40 | 000,000,000 | ---D | C] -- C:\WINNT\System32\MsDtc
[2010-07-28 19:08:37 | 000,000,000 | ---D | C] -- C:\WINNT\System32\Com
[2010-07-28 19:08:22 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo
[3 C:\WINNT\*.tmp files -> C:\WINNT\*.tmp -> ]
[1 C:\WINNT\System32\*.tmp files -> C:\WINNT\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-08-19 11:28:05 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe
[2010-08-19 11:15:40 | 001,094,102 | ---- | M] () -- C:\WINNT\System32\PerfStringBackup.INI
[2010-08-19 11:15:40 | 000,508,114 | ---- | M] () -- C:\WINNT\System32\perfh015.dat
[2010-08-19 11:15:40 | 000,450,186 | ---- | M] () -- C:\WINNT\System32\perfh009.dat
[2010-08-19 11:15:40 | 000,091,004 | ---- | M] () -- C:\WINNT\System32\perfc015.dat
[2010-08-19 11:15:40 | 000,074,656 | ---- | M] () -- C:\WINNT\System32\perfc009.dat
[2010-08-19 10:37:47 | 000,001,374 | ---- | M] () -- C:\WINNT\imsins.BAK
[2010-08-19 06:38:27 | 063,580,009 | ---- | M] () -- C:\WINNT\System32\drivers\Avg\incavi.avm
[2010-08-19 06:35:30 | 000,002,206 | ---- | M] () -- C:\WINNT\System32\wpa.dbl
[2010-08-19 06:30:49 | 000,000,006 | -H-- | M] () -- C:\WINNT\tasks\SA.DAT
[2010-08-19 06:30:47 | 000,002,048 | --S- | M] () -- C:\WINNT\bootstat.dat
[2010-08-19 06:30:44 | 804,835,328 | -HS- | M] () -- C:\hiberfil.sys
[2010-08-18 10:24:54 | 000,002,263 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-08-18 09:40:31 | 002,621,440 | -H-- | M] () -- C:\Documents and Settings\user\NTUSER.DAT
[2010-08-18 08:42:09 | 000,423,656 | ---- | M] (Oracle) -- C:\WINNT\System32\deployJava1.dll
[2010-08-18 08:42:09 | 000,153,376 | ---- | M] (Oracle) -- C:\WINNT\System32\javaws.exe
[2010-08-18 08:42:09 | 000,145,184 | ---- | M] (Oracle) -- C:\WINNT\System32\javaw.exe
[2010-08-18 08:42:09 | 000,145,184 | ---- | M] (Oracle) -- C:\WINNT\System32\java.exe
[2010-08-18 08:42:09 | 000,073,728 | ---- | M] (Oracle) -- C:\WINNT\System32\javacpl.cpl
[2010-08-18 08:18:05 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\user\ntuser.ini
[2010-08-18 08:17:49 | 004,804,558 | -H-- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-08-18 08:07:05 | 000,000,209 | RHS- | M] () -- C:\autorun.inf
[2010-08-18 08:03:06 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AVG 9.0.lnk
[2010-08-18 08:03:05 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\drivers\avgrkx86.sys
[2010-08-18 08:03:05 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\avgrsstx.dll
[2010-08-18 08:03:04 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\drivers\avgtdix.sys
[2010-08-18 08:02:53 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\drivers\avgldx86.sys
[2010-08-18 08:02:52 | 000,113,461 | ---- | M] () -- C:\WINNT\System32\drivers\Avg\iavichjw.avm
[2010-08-18 08:02:52 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\drivers\avgmfx86.sys
[2010-08-18 07:49:17 | 000,002,596 | ---- | M] () -- C:\WINNT\System32\CONFIG.NT
[2010-08-17 21:13:54 | 000,000,103 | ---- | M] () -- C:\Documents and Settings\user\default.pls
[2010-08-17 21:10:12 | 000,000,116 | ---- | M] () -- C:\WINNT\NeroDigital.ini
[2010-08-17 09:21:37 | 000,000,266 | ---- | M] () -- C:\WINNT\system.ini
[2010-08-17 09:14:07 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\Ares.lnk
[2010-08-17 08:30:13 | 000,097,456 | ---- | M] () -- C:\WINNT\System32\FNTCACHE.DAT
[2010-08-16 13:17:02 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk
[2010-08-16 13:17:00 | 000,001,130 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\50 FREE MP3s +1 Free Audiobook!.lnk
[2010-08-16 13:11:11 | 000,000,678 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\iRadio.lnk
[2010-08-14 12:25:16 | 000,002,513 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\X-World MuOnline.lnk
[2010-08-13 07:43:31 | 000,012,496 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-08-13 07:32:37 | 000,001,230 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Need For Speed World.lnk
[2010-08-10 11:49:39 | 004,358,144 | ---- | M] (GSC Game World) -- C:\WINNT\uncsetup.exe
[2010-08-09 10:44:37 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\Cheat Engine.lnk
[2010-08-05 17:53:51 | 000,000,477 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Global MU Online.lnk
[2010-08-05 17:27:46 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\The Games Factory 2.lnk
[2010-08-05 09:47:42 | 000,007,595 | ---- | M] () -- C:\WINNT\setup.iss
[2010-08-05 09:47:39 | 000,001,744 | ---- | M] () -- C:\WINNT\sql.mif
[2010-08-05 09:47:38 | 000,001,852 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Service Manager.lnk
[2010-08-04 14:55:14 | 000,002,265 | ---- | M] () -- C:\my.cnf
[2010-08-04 09:53:14 | 000,000,056 | -H-- | M] () -- C:\WINNT\System32\ezsidmv.dat
[2010-08-01 18:11:19 | 000,006,144 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-08-01 17:32:45 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\WINNT\System32\CmdLineExt.dll
[2010-07-30 18:26:38 | 000,043,062 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\UserImages.bmp
[2010-07-30 18:22:58 | 000,001,372 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart.lnk
[2010-07-30 18:22:58 | 000,001,316 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero Home.lnk
[2010-07-30 16:40:19 | 000,000,448 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\MpcStar.lnk
[2010-07-30 15:09:44 | 000,053,248 | ---- | M] () -- C:\WINNT\System32\unrar.dll
[2010-07-30 11:11:55 | 000,000,766 | ---- | M] () -- C:\WINNT\CoD.INI
[2010-07-29 07:38:42 | 000,094,208 | ---- | M] (ATI Technologies, Inc.) -- C:\WINNT\System32\atipdlxx.dll
[2010-07-29 07:38:42 | 000,073,728 | ---- | M] (ATI Technologies, Inc.) -- C:\WINNT\System32\Oemdspif.dll
[2010-07-29 07:38:42 | 000,024,064 | ---- | M] (ATI Technologies, Inc.) -- C:\WINNT\System32\ativcoxx.dll
[2010-07-29 07:38:41 | 000,093,878 | ---- | M] () -- C:\WINNT\System32\atiicdxx.dat
[2010-07-29 07:38:41 | 000,039,936 | ---- | M] (ATI Technologies, Inc.) -- C:\WINNT\System32\ati2edxx.dll
[2010-07-29 07:38:41 | 000,025,088 | ---- | M] (ATI Technologies, Inc.) -- C:\WINNT\System32\Ati2mdxx.exe
[2010-07-29 07:38:41 | 000,005,195 | ---- | M] () -- C:\WINNT\System32\atifglpf.xml
[2010-07-29 07:26:35 | 000,001,550 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-07-28 21:30:25 | 000,000,576 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\BitComet.lnk
[2010-07-28 21:27:26 | 000,000,000 | ---- | M] () -- C:\WINNT\nsreg.dat
[2010-07-28 21:27:21 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2010-07-28 19:33:51 | 000,000,980 | ---- | M] () -- C:\WINNT\wincmd.ini
[2010-07-28 19:30:12 | 000,023,392 | ---- | M] () -- C:\WINNT\System32\nscompat.tlb
[2010-07-28 19:30:12 | 000,016,832 | ---- | M] () -- C:\WINNT\System32\amcompat.tlb
[2010-07-28 19:30:02 | 000,316,640 | ---- | M] () -- C:\WINNT\WMSysPr9.prx
[2010-07-28 19:15:07 | 000,008,192 | ---- | M] () -- C:\WINNT\REGLOCS.OLD
[2010-07-28 19:14:18 | 000,000,261 | ---- | M] () -- C:\WINNT\System32\$winnt$.inf
[2010-07-28 19:13:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010-07-28 19:13:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-07-28 19:13:28 | 000,000,000 | ---- | M] () -- C:\WINNT\control.ini
[2010-07-28 19:13:28 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-07-28 19:13:28 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-07-28 19:13:27 | 000,000,477 | ---- | M] () -- C:\WINNT\win.ini
[2010-07-28 19:13:09 | 000,004,205 | ---- | M] () -- C:\WINNT\ODBCINST.INI
[2010-07-28 19:12:19 | 000,000,488 | RH-- | M] () -- C:\WINNT\System32\WindowsLogon.manifest
[2010-07-28 19:12:19 | 000,000,488 | RH-- | M] () -- C:\WINNT\System32\logonui.exe.manifest
[2010-07-28 19:12:13 | 000,000,749 | RH-- | M] () -- C:\WINNT\System32\wuaucpl.cpl.manifest
[2010-07-28 19:12:13 | 000,000,749 | RH-- | M] () -- C:\WINNT\WindowsShell.Manifest
[2010-07-28 19:12:13 | 000,000,749 | RH-- | M] () -- C:\WINNT\System32\sapi.cpl.manifest
[2010-07-28 19:12:13 | 000,000,749 | RH-- | M] () -- C:\WINNT\System32\nwc.cpl.manifest
[2010-07-28 19:12:13 | 000,000,749 | RH-- | M] () -- C:\WINNT\System32\ncpa.cpl.manifest
[2010-07-28 19:12:13 | 000,000,749 | RH-- | M] () -- C:\WINNT\System32\cdplayer.exe.manifest
[2010-07-28 19:09:49 | 000,021,856 | ---- | M] () -- C:\WINNT\System32\emptyregdb.dat
[2010-07-28 19:09:40 | 000,000,037 | ---- | M] () -- C:\WINNT\vbaddin.ini
[2010-07-28 19:09:40 | 000,000,036 | ---- | M] () -- C:\WINNT\vb.ini
[2010-07-28 19:07:39 | 000,000,207 | -HS- | M] () -- C:\boot.ini
[2010-07-09 15:52:45 | 005,170,688 | ---- | M] () -- C:\Program Files\main.exe
[2010-07-09 15:12:49 | 000,019,714 | ---- | M] () -- C:\Program Files\MuError.dmp
[3 C:\WINNT\*.tmp files -> C:\WINNT\*.tmp -> ]
[1 C:\WINNT\System32\*.tmp files -> C:\WINNT\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-08-18 08:09:13 | 000,000,209 | RHS- | C] () -- C:\autorun.inf
[2010-08-18 08:03:06 | 000,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AVG 9.0.lnk
[2010-08-18 08:02:52 | 000,113,461 | ---- | C] () -- C:\WINNT\System32\drivers\Avg\iavichjw.avm
[2010-08-18 08:02:42 | 063,580,009 | ---- | C] () -- C:\WINNT\System32\drivers\Avg\incavi.avm
[2010-08-17 20:29:16 | 000,999,424 | ---- | C] () -- C:\Program Files\VorbisFile.dll
[2010-08-17 20:29:16 | 000,381,010 | ---- | C] () -- C:\Program Files\Wz_Zp.dll
[2010-08-17 20:29:16 | 000,229,432 | ---- | C] () -- C:\Program Files\Wsctlcd.dll
[2010-08-17 20:29:16 | 000,212,992 | ---- | C] () -- C:\Program Files\WzAudio.dll
[2010-08-17 20:29:16 | 000,085,504 | ---- | C] () -- C:\Program Files\wzCipher.dll
[2010-08-17 20:29:16 | 000,053,248 | ---- | C] () -- C:\Program Files\sound.dll
[2010-08-17 20:29:16 | 000,053,248 | ---- | C] () -- C:\Program Files\Ogg.dll
[2010-08-17 20:29:16 | 000,049,152 | ---- | C] () -- C:\Program Files\MuMsg.dll
[2010-08-17 20:29:16 | 000,045,056 | ---- | C] () -- C:\Program Files\Wsctlc.dll
[2010-08-17 20:29:16 | 000,019,714 | ---- | C] () -- C:\Program Files\MuError.dmp
[2010-08-17 20:29:16 | 000,018,259 | ---- | C] () -- C:\Program Files\MuError.log
[2010-08-17 20:29:16 | 000,011,264 | ---- | C] () -- C:\Program Files\MuJP.dll
[2010-08-17 20:29:16 | 000,002,172 | ---- | C] () -- C:\Program Files\Message.wtf
[2010-08-17 20:29:16 | 000,000,349 | ---- | C] () -- C:\Program Files\MuJP.ini
[2010-08-17 20:29:15 | 005,170,688 | ---- | C] () -- C:\Program Files\main.exe
[2010-08-17 20:29:15 | 000,049,152 | ---- | C] () -- C:\Program Files\hook.dll
[2010-08-17 20:29:15 | 000,000,884 | ---- | C] () -- C:\Program Files\Format.cfg
[2010-08-17 20:29:15 | 000,000,024 | ---- | C] () -- C:\Program Files\Config.ini
[2010-08-17 09:14:07 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\Ares.lnk
[2010-08-16 13:17:02 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk
[2010-08-16 13:17:00 | 000,001,130 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\50 FREE MP3s +1 Free Audiobook!.lnk
[2010-08-16 13:11:11 | 000,000,678 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\iRadio.lnk
[2010-08-13 07:32:36 | 000,001,230 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Need For Speed World.lnk
[2010-08-09 10:44:37 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\Cheat Engine.lnk
[2010-08-09 10:44:34 | 001,970,176 | ---- | C] () -- C:\WINNT\System32\d3dx9.dll
[2010-08-05 17:53:51 | 000,000,477 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Global MU Online.lnk
[2010-08-05 17:27:46 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\The Games Factory 2.lnk
[2010-08-05 09:47:39 | 000,001,744 | ---- | C] () -- C:\WINNT\sql.mif
[2010-08-05 09:47:38 | 000,001,852 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Service Manager.lnk
[2010-08-05 09:46:36 | 000,036,939 | ---- | C] () -- C:\WINNT\System32\insrepim.exe
[2010-08-04 15:11:05 | 000,007,595 | ---- | C] () -- C:\WINNT\setup.iss
[2010-08-04 14:00:35 | 000,002,513 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\X-World MuOnline.lnk
[2010-08-04 09:53:14 | 000,000,056 | -H-- | C] () -- C:\WINNT\System32\ezsidmv.dat
[2010-08-04 09:44:16 | 000,002,263 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-07-30 19:06:10 | 000,000,103 | ---- | C] () -- C:\Documents and Settings\user\default.pls
[2010-07-30 18:58:03 | 000,000,116 | ---- | C] () -- C:\WINNT\NeroDigital.ini
[2010-07-30 18:58:01 | 000,006,144 | ---- | C] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-07-30 18:26:38 | 000,043,062 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\UserImages.bmp
[2010-07-30 18:22:58 | 000,001,372 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart.lnk
[2010-07-30 18:22:57 | 000,001,316 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nero Home.lnk
[2010-07-30 16:40:19 | 000,000,448 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\MpcStar.lnk
[2010-07-30 15:09:44 | 000,053,248 | ---- | C] () -- C:\WINNT\System32\unrar.dll
[2010-07-30 10:56:21 | 000,000,766 | ---- | C] () -- C:\WINNT\CoD.INI
[2010-07-29 07:42:52 | 000,516,096 | ---- | C] () -- C:\WINNT\System32\ati2sgag.exe
[2010-07-29 07:38:41 | 000,093,878 | ---- | C] () -- C:\WINNT\System32\atiicdxx.dat
[2010-07-29 07:38:41 | 000,005,195 | ---- | C] () -- C:\WINNT\System32\atifglpf.xml
[2010-07-29 07:26:35 | 000,001,550 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-07-28 21:30:25 | 000,000,576 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\BitComet.lnk
[2010-07-28 21:27:26 | 000,000,000 | ---- | C] () -- C:\WINNT\nsreg.dat
[2010-07-28 21:27:20 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2010-07-28 20:40:59 | 000,001,374 | ---- | C] () -- C:\WINNT\imsins.BAK
[2010-07-28 20:40:43 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\c_28603.nls
[2010-07-28 20:40:40 | 000,066,594 | ---- | C] () -- C:\WINNT\System32\c_857.nls
[2010-07-28 20:40:40 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\c_28599.nls
[2010-07-28 20:40:40 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\c_10081.nls
[2010-07-28 20:40:37 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\C_28595.NLS
[2010-07-28 20:40:37 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\c_10017.nls
[2010-07-28 20:40:37 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\c_10007.nls
[2010-07-28 20:40:35 | 000,066,594 | ---- | C] () -- C:\WINNT\System32\c_869.nls
[2010-07-28 20:40:35 | 000,066,594 | ---- | C] () -- C:\WINNT\System32\c_737.nls
[2010-07-28 20:40:35 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\c_875.nls
[2010-07-28 20:40:35 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\C_28597.NLS
[2010-07-28 20:40:35 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\c_10006.nls
[2010-07-28 20:40:33 | 000,066,594 | ---- | C] () -- C:\WINNT\System32\c_866.nls
[2010-07-28 20:40:33 | 000,066,594 | ---- | C] () -- C:\WINNT\System32\c_855.nls
[2010-07-28 20:40:33 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\C_28594.NLS
[2010-07-28 20:40:25 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\c_20127.nls
[2010-07-28 20:40:22 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\c_10082.nls
[2010-07-28 20:40:22 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\c_10029.nls
[2010-07-28 20:40:22 | 000,066,082 | ---- | C] () -- C:\WINNT\System32\c_10010.nls
[2010-07-28 20:40:17 | 000,001,734 | ---- | C] () -- C:\WINNT\System32\AUTOEXEC.NT
[2010-07-28 20:40:16 | 000,147,968 | ---- | C] () -- C:\WINNT\NOTEPAD.EXE
[2010-07-28 20:40:03 | 000,141,702 | ---- | C] () -- C:\WINNT\System32\dllcache\netfx.cat
[2010-07-28 20:40:03 | 000,102,826 | ---- | C] () -- C:\WINNT\System32\dllcache\tabletpc.cat
[2010-07-28 20:40:03 | 000,031,965 | ---- | C] () -- C:\WINNT\System32\dllcache\mediactr.cat
[2010-07-28 20:40:03 | 000,007,382 | ---- | C] () -- C:\WINNT\System32\dllcache\OEMBIOS.CAT
[2010-07-28 20:40:03 | 000,007,245 | ---- | C] () -- C:\WINNT\System32\dllcache\MSTSWEB.CAT
[2010-07-28 20:40:02 | 001,014,483 | ---- | C] () -- C:\WINNT\System32\dllcache\SP2.CAT
[2010-07-28 20:40:02 | 000,808,524 | ---- | C] () -- C:\WINNT\System32\dllcache\NT5IIS.CAT
[2010-07-28 20:40:02 | 000,399,670 | ---- | C] () -- C:\WINNT\System32\dllcache\MAPIMIG.CAT
[2010-07-28 20:40:02 | 000,037,509 | ---- | C] () -- C:\WINNT\System32\dllcache\MW770.CAT
[2010-07-28 20:40:02 | 000,030,983 | ---- | C] () -- C:\WINNT\System32\dllcache\FP4.CAT
[2010-07-28 20:40:02 | 000,014,043 | ---- | C] () -- C:\WINNT\System32\dllcache\IMS.CAT
[2010-07-28 20:40:02 | 000,013,497 | ---- | C] () -- C:\WINNT\System32\dllcache\HPCRDP.CAT
[2010-07-28 20:40:02 | 000,009,581 | ---- | C] () -- C:\WINNT\System32\dllcache\MSMSGS.CAT
[2010-07-28 20:40:02 | 000,008,599 | ---- | C] () -- C:\WINNT\System32\dllcache\IASNT4.CAT
[2010-07-28 20:40:02 | 000,007,334 | ---- | C] () -- C:\WINNT\System32\dllcache\wmerrenu.cat
[2010-07-28 20:40:01 | 001,896,400 | ---- | C] () -- C:\WINNT\System32\dllcache\NT5.CAT
[2010-07-28 20:40:01 | 000,620,500 | ---- | C] () -- C:\WINNT\System32\dllcache\NT5INF.CAT
[2010-07-28 20:39:21 | 000,097,456 | ---- | C] () -- C:\WINNT\System32\FNTCACHE.DAT
[2010-07-28 20:38:30 | 000,000,207 | -HS- | C] () -- C:\boot.ini
[2010-07-28 20:38:27 | 000,000,261 | ---- | C] () -- C:\WINNT\System32\$winnt$.inf
[2010-07-28 19:19:39 | 000,049,152 | ---- | C] () -- C:\WINNT\System32\ChCfg.exe
[2010-07-28 19:19:18 | 000,000,164 | ---- | C] () -- C:\WINNT\avrack.ini
[2010-07-28 19:19:11 | 000,141,016 | ---- | C] () -- C:\WINNT\System32\alsndmgr.wav
[2010-07-28 19:19:10 | 000,143,360 | ---- | C] () -- C:\WINNT\System32\RtlCPAPI.dll
[2010-07-28 19:17:40 | 000,000,980 | ---- | C] () -- C:\WINNT\wincmd.ini
[2010-07-28 19:17:40 | 000,000,545 | ---- | C] () -- C:\WINNT\UC.PIF
[2010-07-28 19:17:40 | 000,000,545 | ---- | C] () -- C:\WINNT\RAR.PIF
[2010-07-28 19:17:40 | 000,000,545 | ---- | C] () -- C:\WINNT\PKZIP.PIF
[2010-07-28 19:17:40 | 000,000,545 | ---- | C] () -- C:\WINNT\PKUNZIP.PIF
[2010-07-28 19:17:40 | 000,000,545 | ---- | C] () -- C:\WINNT\NOCLOSE.PIF
[2010-07-28 19:17:40 | 000,000,545 | ---- | C] () -- C:\WINNT\LHA.PIF
[2010-07-28 19:17:40 | 000,000,545 | ---- | C] () -- C:\WINNT\ARJ.PIF
[2010-07-28 19:16:06 | 000,028,672 | -H-- | C] () -- C:\Documents and Settings\user\ntuser.dat.LOG
[2010-07-28 19:16:06 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\user\ntuser.ini
[2010-07-28 19:16:05 | 002,621,440 | -H-- | C] () -- C:\Documents and Settings\user\NTUSER.DAT
[2010-07-28 19:16:03 | 804,835,328 | -HS- | C] () -- C:\hiberfil.sys
[2010-07-28 19:15:07 | 000,008,192 | ---- | C] () -- C:\WINNT\REGLOCS.OLD
[2010-07-28 19:14:18 | 000,002,048 | --S- | C] () -- C:\WINNT\bootstat.dat
[2010-07-28 19:13:28 | 000,002,596 | ---- | C] () -- C:\WINNT\System32\CONFIG.NT
[2010-07-28 19:13:28 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010-07-28 19:13:28 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010-07-28 19:13:28 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010-07-28 19:13:28 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010-07-28 19:13:18 | 000,023,392 | ---- | C] () -- C:\WINNT\System32\nscompat.tlb
[2010-07-28 19:13:18 | 000,016,832 | ---- | C] () -- C:\WINNT\System32\amcompat.tlb
[2010-07-28 19:13:17 | 000,316,640 | ---- | C] () -- C:\WINNT\WMSysPr9.prx
[2010-07-28 19:12:19 | 000,000,488 | RH-- | C] () -- C:\WINNT\System32\WindowsLogon.manifest
[2010-07-28 19:12:19 | 000,000,488 | RH-- | C] () -- C:\WINNT\System32\logonui.exe.manifest
[2010-07-28 19:12:13 | 000,000,749 | RH-- | C] () -- C:\WINNT\System32\wuaucpl.cpl.manifest
[2010-07-28 19:12:13 | 000,000,749 | RH-- | C] () -- C:\WINNT\WindowsShell.Manifest
[2010-07-28 19:12:13 | 000,000,749 | RH-- | C] () -- C:\WINNT\System32\sapi.cpl.manifest
[2010-07-28 19:12:13 | 000,000,749 | RH-- | C] () -- C:\WINNT\System32\nwc.cpl.manifest
[2010-07-28 19:12:13 | 000,000,749 | RH-- | C] () -- C:\WINNT\System32\ncpa.cpl.manifest
[2010-07-28 19:12:13 | 000,000,749 | RH-- | C] () -- C:\WINNT\System32\cdplayer.exe.manifest
[2010-07-28 19:11:19 | 000,048,680 | -HS- | C] () -- C:\WINNT\winnt256.bmp
[2010-07-28 19:11:19 | 000,048,680 | -HS- | C] () -- C:\WINNT\winnt.bmp
[2010-07-28 19:09:49 | 000,021,856 | ---- | C] () -- C:\WINNT\System32\emptyregdb.dat
[2010-07-28 19:09:00 | 000,065,954 | ---- | C] () -- C:\WINNT\Pod mikroskopem.bmp
[2010-07-28 19:09:00 | 000,065,832 | ---- | C] () -- C:\WINNT\Stiuk z Santa Fe.bmp
[2010-07-28 19:09:00 | 000,026,680 | ---- | C] () -- C:\WINNT\Wachlarze.bmp
[2010-07-28 19:09:00 | 000,026,582 | ---- | C] () -- C:\WINNT\Nefryt.bmp
[2010-07-28 19:09:00 | 000,017,362 | ---- | C] () -- C:\WINNT\Rododendron.bmp
[2010-07-28 19:09:00 | 000,017,336 | ---- | C] () -- C:\WINNT\Na rybkach.bmp
[2010-07-28 19:09:00 | 000,016,730 | ---- | C] () -- C:\WINNT\Puch.bmp
[2010-07-28 19:09:00 | 000,009,522 | ---- | C] () -- C:\WINNT\Indiański pled.bmp
[2010-07-28 19:08:59 | 000,093,702 | ---- | C] () -- C:\WINNT\System32\subrange.uce
[2010-07-28 19:08:59 | 000,065,978 | ---- | C] () -- C:\WINNT\Bąbelki.bmp
[2010-07-28 19:08:59 | 000,017,062 | ---- | C] () -- C:\WINNT\Kawa.bmp
[2010-07-28 19:08:59 | 000,016,740 | ---- | C] () -- C:\WINNT\System32\shiftjis.uce
[2010-07-28 19:08:59 | 000,012,876 | ---- | C] () -- C:\WINNT\System32\korean.uce
[2010-07-28 19:08:59 | 000,008,484 | ---- | C] () -- C:\WINNT\System32\kanji_2.uce
[2010-07-28 19:08:59 | 000,001,272 | ---- | C] () -- C:\WINNT\Niebieska koronka 16.bmp
[2010-07-28 19:08:58 | 000,060,458 | ---- | C] () -- C:\WINNT\System32\ideograf.uce
[2010-07-28 19:08:58 | 000,024,006 | ---- | C] () -- C:\WINNT\System32\gb2312.uce
[2010-07-28 19:08:58 | 000,022,984 | ---- | C] () -- C:\WINNT\System32\bopomofo.uce
[2010-07-28 19:08:58 | 000,006,948 | ---- | C] () -- C:\WINNT\System32\kanji_1.uce
[2010-07-28 19:08:56 | 000,003,286 | ---- | C] () -- C:\WINNT\System32\tslabels.h
[2010-07-28 19:08:56 | 000,001,225 | ---- | C] () -- C:\WINNT\System32\usrlogon.cmd
[2010-07-28 19:08:54 | 000,000,768 | ---- | C] () -- C:\WINNT\System32\msdtcprf.h
[2010-07-28 19:08:46 | 000,063,488 | ---- | C] () -- C:\WINNT\System32\wmimgmt.msc
[2004-07-17 13:36:38 | 000,027,440 | ---- | C] () -- C:\WINNT\System32\drivers\secdrv.sys

[color=#E56717]========== LOP Check ==========[/color]

[2010-08-18 07:49:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-08-18 08:02:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Security Toolbar
[2010-08-18 08:57:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9
[2010-08-01 17:53:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\boost_interprocess
[2010-08-13 07:32:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2010-07-28 21:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\BitComet
[2010-08-10 08:17:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\BitSpirit
[2010-08-01 20:59:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Gadu-Gadu
[2010-08-13 08:03:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Need for Speed World
[2010-08-05 15:02:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\TeamViewer
[2010-07-30 18:50:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\TigerPlayer

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-07-28 19:13:28 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-08-18 08:07:05 | 000,000,209 | RHS- | M] () -- C:\autorun.inf
[2010-07-28 19:07:39 | 000,000,207 | -HS- | M] () -- C:\boot.ini
[2001-07-22 02:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2010-07-28 19:13:28 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-07-28 19:22:59 | 000,000,010 | ---- | M] () -- C:\csb.log
[2010-08-19 06:30:44 | 804,835,328 | -HS- | M] () -- C:\hiberfil.sys
[2010-07-28 19:13:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-07-28 19:13:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010-08-04 14:55:14 | 000,002,265 | ---- | M] () -- C:\my.cnf
[2004-08-04 00:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004-08-04 00:59:54 | 000,250,624 | RHS- | M] () -- C:\ntldr
[2010-08-19 06:30:43 | 1207,959,552 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2006-05-13 17:04:48 | 016,726,349 | ---- | M] () .cab file -- C:\WINNT\Driver Cache\i386\sp2.cab:agp440.sys
[2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINNT\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2006-05-13 17:04:48 | 016,726,349 | ---- | M] () .cab file -- C:\WINNT\Driver Cache\i386\sp2.cab:atapi.sys
[2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINNT\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\atapi.sys
[2004-08-04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINNT\system32\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-18 01:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINNT\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2006-05-13 17:04:48 | 016,726,349 | ---- | M] () .cab file -- C:\WINNT\Driver Cache\i386\sp2.cab:cdrom.sys
[2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINNT\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\cdrom.sys
[2004-08-04 00:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINNT\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-04 02:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINNT\system32\eventlog.dll
[2008-04-14 19:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINNT\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINNT\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\ndis.sys
[2004-08-04 01:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINNT\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-04 02:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINNT\system32\winlogon.exe
[2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINNT\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\winlogon.exe
< End of report >[/log]

ziomal166
komentarz
komentarz

Wklej to do OTL i daj Wykonaj skrypt:
[code]

:Processes
Explorer.exe

:OTL
O4 - HKU\.DEFAULT..\RunOnce: [nlsf] C:\WINNT\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINNT\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [nlsf] C:\WINNT\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINNT\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [nlsf] C:\WINNT\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [tscuninstall] C:\WINNT\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [nlsf] C:\WINNT\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [tscuninstall] C:\WINNT\system32\tscupgrd.exe (Microsoft Corporation)
O32 - AutoRun File - [2010-08-18 08:07:05 | 000,000,209 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-08-18 08:07:05 | 000,000,285 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{abf14160-9a76-11df-8f85-806d6172696f}\Shell\AutoplAY\comMand - "" = okcc.exe
O33 - MountPoints2\{abf14160-9a76-11df-8f85-806d6172696f}\Shell\AutoRun\command - "" = okcc.exe
O33 - MountPoints2\{abf14160-9a76-11df-8f85-806d6172696f}\Shell\eXpLoRE\COMmaND - "" = okcc.exe
O33 - MountPoints2\{abf14160-9a76-11df-8f85-806d6172696f}\Shell\OpeN\cOmmanD - "" = okcc.exe
O33 - MountPoints2\{abf14162-9a76-11df-8f85-806d6172696f}\Shell\AutOplay\cOmmanD - "" = gabn.exe
O33 - MountPoints2\{abf14162-9a76-11df-8f85-806d6172696f}\Shell\AutoRun\command - "" = gabn.exe
O33 - MountPoints2\{abf14162-9a76-11df-8f85-806d6172696f}\Shell\explore\COMMAnd - "" = gabn.exe
O33 - MountPoints2\{abf14162-9a76-11df-8f85-806d6172696f}\Shell\oPen\comMANd - "" = gabn.exe

:Files
C:\autorun.inf

:Command
[emptytemp]
[REBOOT]
[/code]

Dla profesjonalistów: Ja dopiero się uczę.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.