x-kom hosting

problem po formacie.

tiger2aa
utworzono
utworzono (edytowane)

witam. w poniedzialek formatowalem komputer. mam wgrany XP sp3. I problem, gdy siedzie na stronach roznych itp jest wszystko w pozadku . aale gdy np gram 10 min w meti2 to komputer sie resetuje ;/ gdy sie wlonczy wyskakuje okno ,, system odzyskkal sprawnosc po powaznym bledzie '' lub gdy gram blad z explorer.exe i drwtsn32.exe oraz dzis jeszcze cos takiego ,,generic host process for win32 services'' . i dodam jeszcze ze po formacie gdy nie dziala mi menadzer zadan i regedit - wyskakuje okno ze zostalo to wylonczone przez administratora ( jestem na koncie admina ) .
moj sprzet:
płyta głowna - Asus A7V880
procesor - AMD SEMPRON 2800+
karta - RADEON 9600 SERIES
ram -1,5gb
2x kosc 256mb -kingstona i 1 kosc 1gb goodram . te resety to moze byc wina pamieci ? moga nie wspolpracowac ?
moze wyciagnac te kosci kingstona i zobaczyc czy dalej tak bedzie ? co radzicie ?
Prosze o pomoc .
Pozdrawiam.

ps. i gdyby byly potrzebne logi z combofix i hijackthis czy cos takiego to napizcie jak je zrobic gdzy nigdy tego nie robilem i nawet nie wiem co to jest to combofix i hijackthis ^ ^.
sry za bledy

[color="#ff0000"]
//przenoszę do Bezpieczeństwa
//dan[/color]

raazor90
komentarz
komentarz

Daj logi z OTL i RSIT: http://www.forumpc.pl/index.php?showtopic=104338

tiger2aa
komentarz
komentarz

wypiołem te 2 kosci kingstona i błedy ustały ? czyli chyba cos nie tak z pamiecią . jest jakis sposob zeby 3 kosci dzialały poprawnie ?
jezeli beda bardzo potrzebne logi to piszcie to wrzuce.

adsko
komentarz
komentarz

Ty czytasz posty jakie ci piszą ludzie?? Podaj logi jakie ci każe dać razoor. Po drugie: ściągnij program memtest z internetu. Podłącz 1 kość ramu i nim ją sprawdź, jak nie będzie błędów to ją wyciągnij i podłącz drugą i tak w kółko aż pojawią sprawdzisz wszystkie. A co do problemu to prawdopodobnie masz infekcję więc daj te logi o które prosi cię raazor

tiger2aa
komentarz
komentarz (edytowane)

[log]OTL logfile created on: 2010-09-19 12:28:24 - Run 1
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Documents and Settings\Administrator\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1 023,00 Mb Total Physical Memory | 679,00 Mb Available Physical Memory | 66,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 12,23 Gb Free Space | 62,59% Space Free | Partition Type: NTFS
Drive D: | 54,99 Gb Total Space | 51,31 Gb Free Space | 93,32% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: A-CF324B649AB84
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-09-19 12:21:44 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
PRC - [2010-09-07 02:10:44 | 000,836,464 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2010-08-12 14:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2010-08-12 14:16:12 | 002,215,064 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 22:51:40 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\savedump.exe
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-01-11 22:16:00 | 000,039,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
PRC - [2002-09-20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-09-19 12:21:44 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 22:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 22:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 22:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010-08-12 14:18:40 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010-08-12 14:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2002-09-20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\kfjmln.sys -- (abp470n5)
DRV - [2010-09-14 10:56:34 | 000,013,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2010-09-14 10:55:41 | 000,297,344 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2010-09-14 10:55:33 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2010-09-14 10:55:29 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2010-08-04 11:50:36 | 000,140,752 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2010-08-03 13:28:36 | 000,055,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2010-07-29 13:31:26 | 000,134,512 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2010-07-29 13:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010-07-29 13:31:26 | 000,032,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2009-08-06 07:23:22 | 000,588,032 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2008-04-14 23:30:58 | 000,701,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008-04-14 00:26:50 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (usb_rndis)
DRV - [2003-11-01 03:22:38 | 000,077,312 | ---- | M] (VIA Technologies inc,.ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viasraid.sys -- (viasraid)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-790525478-1364589140-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-09-17 10:35:06 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2001-10-26 19:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKU\S-1-5-21-790525478-1364589140-1801674531-500..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-790525478-1364589140-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-09-13 16:48:11 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{8272f1cf-bfdd-11df-b9a1-0002728aaec2}\Shell\AutOpLay\cOmmand - "" = F:\bdql.cmd -- File not found
O33 - MountPoints2\{8272f1cf-bfdd-11df-b9a1-0002728aaec2}\Shell\AutoRun\command - "" = F:\bdql.cmd -- File not found
O33 - MountPoints2\{8272f1cf-bfdd-11df-b9a1-0002728aaec2}\Shell\explOre\command - "" = F:\bdql.cmd -- File not found
O33 - MountPoints2\{8272f1cf-bfdd-11df-b9a1-0002728aaec2}\Shell\oPen\COMmAnD - "" = F:\bdql.cmd -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: PEVSystemStart - Service
SafeBootMin: procexp90.Sys - Driver

SafeBootNet: PEVSystemStart - Service
SafeBootNet: procexp90.Sys - Driver

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-09-19 12:21:20 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
[2010-09-18 17:57:46 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010-09-17 22:31:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\Lazien
[2010-09-17 19:21:38 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010-09-17 15:12:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\FIFA 09
[2010-09-17 15:04:39 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10
[2010-09-17 14:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010-09-17 10:37:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\ESET
[2010-09-17 10:37:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\ESET
[2010-09-17 10:36:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET
[2010-09-17 10:35:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2010-09-16 16:49:39 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010-09-16 16:40:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010-09-14 22:32:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\COMODO
[2010-09-14 21:08:18 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2010-09-14 20:55:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-09-14 20:08:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010-09-14 17:39:01 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2010-09-14 17:31:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.gstreamer-0.10
[2010-09-14 17:28:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-09-14 17:28:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenFM
[2010-09-14 17:24:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu 10
[2010-09-14 17:24:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-09-14 17:22:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Opera
[2010-09-14 17:22:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera
[2010-09-14 17:22:04 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2010-09-14 17:15:02 | 000,000,000 | ---D | C] -- C:\Program Files\Pirelli
[2010-09-14 17:05:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe
[2010-09-14 17:04:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
[2010-09-14 17:04:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010-09-14 17:04:29 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010-09-14 11:29:25 | 001,285,632 | ---- | C] (Analog Devices) -- C:\WINDOWS\System32\SMMedia.dll
[2010-09-14 11:29:25 | 000,991,232 | ---- | C] (Sensaura) -- C:\WINDOWS\System32\virtear.dll
[2010-09-14 11:29:25 | 000,049,152 | ---- | C] (SoundMAX) -- C:\WINDOWS\System32\S11thk32.dll
[2010-09-14 11:29:25 | 000,040,820 | ---- | C] (SoundMAX) -- C:\WINDOWS\System32\Syncor11.dll
[2010-09-14 11:29:25 | 000,030,208 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\wdmioctl.dll
[2010-09-14 11:29:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\VirtualEar
[2010-09-14 11:29:24 | 000,049,152 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\DSndUp.exe
[2010-09-14 11:29:24 | 000,045,056 | ---- | C] (adi) -- C:\WINDOWS\System32\CleanUp.exe
[2010-09-14 11:29:24 | 000,000,000 | ---D | C] -- C:\Program Files\Analog Devices
[2010-09-14 11:29:14 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010-09-14 11:29:09 | 000,077,312 | ---- | C] (VIA Technologies inc,.ltd) -- C:\WINDOWS\System32\drivers\viasraid.sys
[2010-09-14 11:29:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\WinRAR
[2010-09-14 11:28:56 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010-09-14 11:22:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Macromedia
[2010-09-14 11:22:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe
[2010-09-14 11:21:26 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\UserData
[2010-09-14 11:17:08 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010-09-14 11:16:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010-09-14 11:16:49 | 000,000,000 | ---D | C] -- C:\Program Files\VIA
[2010-09-14 11:16:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010-09-14 10:55:41 | 000,297,344 | ---- | C] (Marvell) -- C:\WINDOWS\System32\drivers\yk51x86.sys
[2010-09-14 10:55:40 | 000,282,624 | ---- | C] (Marvell) -- C:\WINDOWS\System32\yk51x86.dll
[2010-09-14 10:54:53 | 000,000,000 | ---D | C] -- C:\Program Files\Driver Checker
[2010-09-14 10:50:33 | 000,588,032 | R--- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\RTL8192su.sys
[2010-09-13 18:37:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start
[2010-09-13 18:37:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty
[2010-09-13 18:37:31 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Szablony
[2010-09-13 18:37:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Ulubione
[2010-09-13 18:37:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Pulpit
[2010-09-13 18:35:24 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
[2010-09-13 18:35:24 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji
[2010-09-13 18:08:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010-09-13 17:41:41 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010-09-13 17:41:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010-09-13 17:41:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010-09-13 17:41:36 | 000,000,000 | R--D | C] -- C:\Program Files
[2010-09-13 17:41:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010-09-13 17:41:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010-09-13 17:39:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010-09-13 17:39:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010-09-13 17:38:42 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010-09-13 17:38:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010-09-13 17:33:08 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010-09-13 17:33:08 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010-09-13 17:33:08 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010-09-13 17:33:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-pl
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\NLDRV
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1045
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2010-09-13 17:10:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Identities
[2010-09-13 17:10:38 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010-09-13 17:10:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moje obrazy
[2010-09-13 17:10:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moja muzyka
[2010-09-13 17:10:20 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft
[2010-09-13 17:10:20 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Cookies
[2010-09-13 17:10:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\SendTo
[2010-09-13 17:10:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2010-09-13 17:10:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji
[2010-09-13 17:10:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Ulubione
[2010-09-13 17:10:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty
[2010-09-13 17:10:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start
[2010-09-13 17:10:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Szablony
[2010-09-13 17:10:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\PrintHood
[2010-09-13 17:10:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\NetHood
[2010-09-13 17:10:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit
[2010-09-13 17:10:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-09-13 17:10:19 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne
[2010-09-13 17:08:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010-09-13 17:08:39 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010-09-13 17:08:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010-09-13 17:08:38 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2010-09-13 17:08:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-09-13 16:51:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-09-13 16:51:36 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2010-09-13 16:50:14 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010-09-13 16:50:14 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010-09-13 16:50:14 | 000,029,184 | ---- | C] (RICOH Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2010-09-13 16:49:06 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010-09-13 16:48:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010-09-13 16:48:33 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010-09-13 16:48:33 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010-09-13 16:47:23 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010-09-13 16:46:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy
[2010-09-13 16:45:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010-09-13 16:45:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka
[2010-09-13 16:44:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo
[2010-09-13 16:04:54 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010-09-13 16:04:53 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010-09-13 16:04:41 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010-09-13 16:04:37 | 000,000,000 | ---D | C] -- C:\Program Files\Usługi online
[2010-09-13 16:04:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010-09-13 16:04:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010-09-13 16:03:58 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010-09-13 16:03:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010-09-13 16:03:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010-09-13 16:03:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010-09-13 16:03:44 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010-09-13 16:03:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010-09-13 16:03:15 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010-09-13 16:03:11 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010-09-13 16:03:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010-09-13 16:03:02 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010-09-13 16:02:12 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2010-09-13 16:01:59 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010-09-13 16:01:52 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2010-09-13 16:01:48 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010-09-13 16:01:19 | 000,283,136 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2010-09-13 16:01:18 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010-09-13 16:01:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010-09-13 16:01:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010-08-04 11:50:36 | 000,140,752 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\eamon.sys
[2010-08-03 13:28:36 | 000,055,256 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\epfwtdi.sys
[2010-07-29 13:31:26 | 000,134,512 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\epfw.sys
[2010-07-29 13:31:26 | 000,115,008 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\ehdrv.sys
[2010-07-29 13:31:26 | 000,032,608 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\epfwndis.sys
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-09-19 12:26:03 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-09-19 12:25:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-09-19 12:25:57 | 1072,549,888 | -HS- | M] () -- C:\hiberfil.sys
[2010-09-19 12:24:52 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\RSIT.exe
[2010-09-19 12:21:44 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
[2010-09-19 10:15:10 | 001,310,720 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010-09-19 10:15:10 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010-09-19 10:15:04 | 001,395,316 | -H-- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-09-18 17:56:55 | 003,846,590 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\ComboFix.exe
[2010-09-17 22:30:01 | 000,000,556 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Metin2.lnk
[2010-09-17 19:03:59 | 000,397,144 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-09-17 19:03:59 | 000,351,080 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-09-17 19:03:59 | 000,063,994 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-09-17 19:03:59 | 000,051,358 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-09-17 19:03:56 | 000,872,688 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-09-17 15:05:51 | 000,000,791 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2010-09-17 15:05:51 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2010-09-17 14:44:49 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2010-09-17 14:31:51 | 000,232,112 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2010-09-16 15:19:04 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Administrator\Counter Strike 1.6 High-Detailed.lnk
[2010-09-14 22:35:54 | 000,000,152 | ---- | M] () -- C:\WINDOWS\cavscan.INI
[2010-09-14 22:19:31 | 000,000,130 | ---- | M] () -- C:\WINDOWS\cfplogvw.INI
[2010-09-14 17:22:22 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Mój komputer.lnk
[2010-09-14 17:15:14 | 000,000,126 | ---- | M] () -- C:\WINDOWS\PRLTP_USBdrv.ini
[2010-09-14 17:04:45 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 8.lnk
[2010-09-14 11:30:19 | 000,000,763 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\VIA RAID TOOL.lnk
[2010-09-14 11:29:24 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\msssc.dll
[2010-09-14 10:55:41 | 000,297,344 | ---- | M] (Marvell) -- C:\WINDOWS\System32\drivers\yk51x86.sys
[2010-09-14 10:55:40 | 000,282,624 | ---- | M] (Marvell) -- C:\WINDOWS\System32\yk51x86.dll
[2010-09-14 10:54:33 | 000,000,267 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-09-13 17:41:46 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2010-09-13 17:10:59 | 000,012,328 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-09-13 17:10:14 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-09-13 17:10:06 | 000,093,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-09-13 16:51:39 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010-09-13 16:50:54 | 000,004,512 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-09-13 16:50:48 | 000,000,689 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010-09-13 16:48:11 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-09-13 16:48:11 | 000,000,477 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-09-13 16:48:11 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010-09-13 16:48:11 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-09-13 16:48:11 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010-09-13 16:48:11 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-09-13 16:48:11 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-09-13 16:48:03 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010-09-13 16:48:02 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010-09-13 16:48:02 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010-09-13 16:47:52 | 000,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010-09-13 16:47:12 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010-09-13 16:47:12 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010-09-13 16:47:05 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010-09-13 16:47:05 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010-09-13 16:47:05 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010-09-13 16:47:05 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010-09-13 16:47:05 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010-09-13 16:47:05 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010-09-13 16:46:07 | 000,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010-09-13 16:44:08 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010-09-13 16:02:10 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010-09-13 16:02:10 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010-08-04 11:50:36 | 000,140,752 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\eamon.sys
[2010-08-03 13:28:36 | 000,055,256 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\epfwtdi.sys
[2010-07-29 13:31:26 | 000,134,512 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\epfw.sys
[2010-07-29 13:31:26 | 000,115,008 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\ehdrv.sys
[2010-07-29 13:31:26 | 000,032,608 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\epfwndis.sys
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-09-19 12:24:52 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\RSIT.exe
[2010-09-18 17:53:47 | 003,846,590 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\ComboFix.exe
[2010-09-17 22:30:01 | 000,000,556 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Metin2.lnk
[2010-09-17 15:05:51 | 000,000,791 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2010-09-17 15:05:51 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2010-09-17 14:44:49 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2010-09-16 15:19:04 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\Counter Strike 1.6 High-Detailed.lnk
[2010-09-14 22:35:54 | 000,000,152 | ---- | C] () -- C:\WINDOWS\cavscan.INI
[2010-09-14 21:42:53 | 000,000,130 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI
[2010-09-14 21:23:30 | 000,232,112 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2010-09-14 17:22:22 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Mój komputer.lnk
[2010-09-14 17:14:59 | 000,000,126 | ---- | C] () -- C:\WINDOWS\PRLTP_USBdrv.ini
[2010-09-14 17:04:44 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 8.lnk
[2010-09-14 11:31:57 | 1072,549,888 | -HS- | C] () -- C:\hiberfil.sys
[2010-09-14 11:30:19 | 000,000,763 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\VIA RAID TOOL.lnk
[2010-09-14 11:29:24 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2010-09-13 17:41:46 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2010-09-13 17:41:44 | 000,004,512 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010-09-13 17:41:38 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010-09-13 17:41:38 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010-09-13 17:41:37 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010-09-13 17:41:37 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010-09-13 17:41:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2010-09-13 17:41:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010-09-13 17:41:32 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2010-09-13 17:41:32 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010-09-13 17:41:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2010-09-13 17:41:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010-09-13 17:41:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2010-09-13 17:41:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010-09-13 17:41:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2010-09-13 17:41:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010-09-13 17:41:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2010-09-13 17:41:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010-09-13 17:41:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2010-09-13 17:41:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010-09-13 17:41:28 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2010-09-13 17:41:28 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010-09-13 17:41:28 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2010-09-13 17:41:28 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010-09-13 17:41:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2010-09-13 17:41:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010-09-13 17:41:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2010-09-13 17:41:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010-09-13 17:41:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2010-09-13 17:41:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010-09-13 17:41:26 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2010-09-13 17:41:26 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010-09-13 17:41:26 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2010-09-13 17:41:26 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010-09-13 17:41:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2010-09-13 17:41:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010-09-13 17:41:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2010-09-13 17:41:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010-09-13 17:41:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2010-09-13 17:41:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010-09-13 17:41:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2010-09-13 17:41:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010-09-13 17:41:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2010-09-13 17:41:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010-09-13 17:41:14 | 000,001,734 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010-09-13 17:39:22 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2010-09-13 17:39:22 | 000,105,628 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2010-09-13 17:39:22 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2010-09-13 17:39:22 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2010-09-13 17:39:22 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010-09-13 17:39:21 | 000,808,524 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010-09-13 17:39:21 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010-09-13 17:39:21 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010-09-13 17:39:21 | 000,033,765 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2010-09-13 17:39:21 | 000,016,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2010-09-13 17:39:21 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010-09-13 17:39:21 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2010-09-13 17:39:21 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010-09-13 17:39:21 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010-09-13 17:39:20 | 002,033,887 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2010-09-13 17:39:20 | 001,246,357 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2010-09-13 17:39:20 | 000,634,012 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2010-09-13 17:38:41 | 000,093,480 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-09-13 17:38:01 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2010-09-13 17:37:58 | 000,000,689 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2010-09-13 17:10:21 | 000,073,728 | -H-- | C] () -- C:\Documents and Settings\Administrator\ntuser.dat.LOG
[2010-09-13 17:10:21 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010-09-13 17:10:19 | 001,310,720 | -H-- | C] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010-09-13 16:51:39 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010-09-13 16:50:48 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010-09-13 16:50:41 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010-09-13 16:50:09 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010-09-13 16:50:09 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010-09-13 16:50:08 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010-09-13 16:49:48 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010-09-13 16:49:47 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010-09-13 16:49:40 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010-09-13 16:49:38 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010-09-13 16:49:36 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010-09-13 16:49:28 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010-09-13 16:49:24 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010-09-13 16:49:19 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2010-09-13 16:49:09 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010-09-13 16:49:05 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010-09-13 16:49:05 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010-09-13 16:49:05 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010-09-13 16:49:05 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010-09-13 16:49:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010-09-13 16:49:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010-09-13 16:49:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010-09-13 16:49:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010-09-13 16:49:04 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010-09-13 16:49:04 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010-09-13 16:49:04 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010-09-13 16:49:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010-09-13 16:49:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010-09-13 16:49:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010-09-13 16:49:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010-09-13 16:49:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010-09-13 16:49:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010-09-13 16:49:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010-09-13 16:49:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010-09-13 16:49:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010-09-13 16:49:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010-09-13 16:49:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010-09-13 16:49:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010-09-13 16:49:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010-09-13 16:49:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010-09-13 16:49:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010-09-13 16:49:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010-09-13 16:49:02 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010-09-13 16:49:02 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010-09-13 16:49:02 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010-09-13 16:49:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010-09-13 16:49:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010-09-13 16:49:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010-09-13 16:49:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010-09-13 16:49:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010-09-13 16:49:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010-09-13 16:49:01 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010-09-13 16:49:01 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010-09-13 16:49:01 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010-09-13 16:49:01 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010-09-13 16:49:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010-09-13 16:49:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010-09-13 16:49:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010-09-13 16:49:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010-09-13 16:49:00 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010-09-13 16:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010-09-13 16:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010-09-13 16:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010-09-13 16:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010-09-13 16:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010-09-13 16:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010-09-13 16:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010-09-13 16:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010-09-13 16:48:59 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010-09-13 16:48:59 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010-09-13 16:48:59 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010-09-13 16:48:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010-09-13 16:48:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010-09-13 16:48:58 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010-09-13 16:48:58 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010-09-13 16:48:11 | 000,002,596 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-09-13 16:48:11 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010-09-13 16:48:11 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010-09-13 16:48:11 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010-09-13 16:48:11 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010-09-13 16:48:02 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010-09-13 16:48:02 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010-09-13 16:48:01 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010-09-13 16:04:53 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010-09-13 16:04:53 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010-09-13 16:04:46 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010-09-13 16:04:46 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010-09-13 16:04:46 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010-09-13 16:04:46 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010-09-13 16:04:46 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010-09-13 16:04:46 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010-09-13 16:04:27 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010-09-13 16:04:10 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010-09-13 16:04:10 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010-09-13 16:04:03 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010-09-13 16:03:23 | 000,380,416 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2010-09-13 16:02:20 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010-09-13 16:01:31 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Pod mikroskopem.bmp
[2010-09-13 16:01:31 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Stiuk z Santa Fe.bmp
[2010-09-13 16:01:31 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Wachlarze.bmp
[2010-09-13 16:01:31 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Nefryt.bmp
[2010-09-13 16:01:31 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp
[2010-09-13 16:01:31 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Na rybkach.bmp
[2010-09-13 16:01:31 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Indiański pled.bmp
[2010-09-13 16:01:30 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010-09-13 16:01:30 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Bąbelki.bmp
[2010-09-13 16:01:30 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kawa.bmp
[2010-09-13 16:01:30 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010-09-13 16:01:30 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Puch.bmp
[2010-09-13 16:01:30 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010-09-13 16:01:30 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010-09-13 16:01:30 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Niebieska koronka 16.bmp
[2010-09-13 16:01:29 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010-09-13 16:01:29 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010-09-13 16:01:29 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010-09-13 16:01:29 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010-09-13 16:01:27 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010-09-13 16:01:27 | 000,001,225 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010-09-13 16:01:26 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010-09-13 16:01:20 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc

[color=#E56717]========== LOP Check ==========[/color]

[2010-09-17 10:37:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ESET
[2010-09-18 23:04:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu 10
[2010-09-14 17:28:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenFM
[2010-09-14 17:22:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera
[2010-09-17 10:35:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2010-09-14 17:24:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-09-15 20:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-09-14 20:59:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-09-13 16:48:11 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-09-13 16:44:08 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2001-07-22 02:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2010-09-13 16:48:11 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-09-19 12:25:57 | 1072,549,888 | -HS- | M] () -- C:\hiberfil.sys
[2010-09-13 16:48:11 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-09-13 16:48:11 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008-04-13 22:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-04-14 00:02:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-09-19 12:25:56 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 02:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-18 01:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-18 01:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:CB0AACC9
< End of report >
[/log]

[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2010-09-19 12:37:27
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive C: has 13 GB (63%) free of 20 GB
Total RAM: 1023 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:37:35, on 2010-09-19
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\notepad.exe
C:\WINDOWS\notepad.exe
C:\Documents and Settings\Administrator\Pulpit\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Gadu-Gadu 10] "C:\Program Files\Gadu-Gadu 10\gg.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 3147 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-08-12 2215064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Gadu-Gadu 10"=C:\Program Files\Gadu-Gadu 10\gg.exe [2010-09-13 12653152]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
VIA RAID TOOL.lnk - C:\Program Files\VIA\RAID\raid_tool.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"F:\udjbjp.cmd"="F:\udjbjp.cmd:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\gigwf.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\gigwf.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winnnea.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winnnea.exe:*:Enabled:ipsec"
"C:\Program Files\Driver Checker\DriverChecker.exe"="C:\Program Files\Driver Checker\DriverChecker.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\wintwgp.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\wintwgp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w16bc6f.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w16bc6f.exe:*:Enabled:ipsec"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:ipsec"
"C:\Program Files\Gadu-Gadu 10\gg.exe"="C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:ipsec"
"D:\Program Files\Metin2\metin2client.bin"="D:\Program Files\Metin2\metin2client.bin:*:Enabled:metin2client"
"D:\Program Files\Counter Strike 1.6 HD NonSteam\cstrike.exe"="D:\Program Files\Counter Strike 1.6 HD NonSteam\cstrike.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winjrms.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winjrms.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\wa77840.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\wa77840.exe:*:Enabled:ipsec"
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\sypxy.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\sypxy.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w79eaf.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w79eaf.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\tpos.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\tpos.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\ulehi.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\ulehi.exe:*:Enabled:ipsec"
"C:\WINDOWS\Explorer.EXE"="C:\WINDOWS\Explorer.EXE:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w6b355.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w6b355.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\bpuwhf.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\bpuwhf.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\wfga.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\wfga.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winnfgm.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winnfgm.exe:*:Enabled:ipsec"
"C:\Program Files\Analog Devices\SoundMAX\SMTray.exe"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w7436f.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w7436f.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\ojoc.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\ojoc.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\sjeh.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\sjeh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w16caa7.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w16caa7.exe:*:Enabled:ipsec"
"D:\Program Files\Metin2\metin2.exe"="D:\Program Files\Metin2\metin2.exe:*:Enabled:ipsec"
"C:\Program Files\COMODO\COMODO Internet Security\cfpupdat.exe"="C:\Program Files\COMODO\COMODO Internet Security\cfpupdat.exe:*:Enabled:ipsec"
"C:\Program Files\COMODO\COMODO Internet Security\cfp.exe"="C:\Program Files\COMODO\COMODO Internet Security\cfp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\wingupwbu.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\wingupwbu.exe:*:Enabled:ipsec"
"C:\Program Files\VIA\RAID\raid_tool.exe"="C:\Program Files\VIA\RAID\raid_tool.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winrnfql.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winrnfql.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w83f92.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w83f92.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winwvjc.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winwvjc.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\wintgfq.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\wintgfq.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\hgbk.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\hgbk.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w127392.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w127392.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winhmdmsa.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winhmdmsa.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\ybgi.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\ybgi.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\wa491e.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\wa491e.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\qtdi.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\qtdi.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\liid.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\liid.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w8197c.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w8197c.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winrsgfs.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winrsgfs.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\yojnt.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\yojnt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winrpmbs.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winrpmbs.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w1042f6.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w1042f6.exe:*:Enabled:ipsec"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-09-19 12:37:28 ----D---- C:\Program Files\trend micro
2010-09-19 12:37:27 ----D---- C:\rsit
2010-09-18 21:11:03 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2010-09-18 21:08:41 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
2010-09-18 17:57:46 ----D---- C:\Qoobox
2010-09-17 19:21:38 ----HD---- C:\WINDOWS\system32\GroupPolicy
2010-09-17 15:04:39 ----D---- C:\Program Files\Gadu-Gadu 10
2010-09-17 14:40:15 ----D---- C:\WINDOWS\system32\appmgmt
2010-09-17 10:37:02 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\ESET
2010-09-17 10:35:04 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\ESET
2010-09-16 16:49:39 ----D---- C:\Program Files\ESET
2010-09-16 16:40:02 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-09-14 22:35:54 ----A---- C:\WINDOWS\cavscan.INI
2010-09-14 21:42:53 ----A---- C:\WINDOWS\cfplogvw.INI
2010-09-14 21:08:18 ----D---- C:\Program Files\COMODO
2010-09-14 20:55:11 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2010-09-14 20:08:49 ----D---- C:\WINDOWS\system32\LogFiles
2010-09-14 17:39:01 ----D---- C:\Program Files\Lavalys
2010-09-14 17:28:15 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
2010-09-14 17:28:14 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\OpenFM
2010-09-14 17:24:43 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu 10
2010-09-14 17:24:36 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
2010-09-14 17:22:12 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Opera
2010-09-14 17:22:04 ----D---- C:\Program Files\Opera
2010-09-14 17:15:02 ----D---- C:\Program Files\Pirelli
2010-09-14 17:14:59 ----A---- C:\WINDOWS\PRLTP_USBdrv.ini
2010-09-14 17:04:37 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
2010-09-14 17:04:30 ----D---- C:\Program Files\Common Files\Adobe
2010-09-14 17:04:29 ----D---- C:\Program Files\Adobe
2010-09-14 16:58:58 ----A---- C:\WINDOWS\system32\drivers\mouhid.sys
2010-09-14 16:58:50 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys
2010-09-14 11:31:57 ----ASH---- C:\hiberfil.sys
2010-09-14 11:29:49 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2010-09-14 11:29:48 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2010-09-14 11:29:46 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys
2010-09-14 11:29:45 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2010-09-14 11:29:43 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2010-09-14 11:29:41 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2010-09-14 11:29:40 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2010-09-14 11:29:39 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2010-09-14 11:29:37 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010-09-14 11:29:35 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys
2010-09-14 11:29:33 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010-09-14 11:29:29 ----A---- C:\WINDOWS\system32\ksuser.dll
2010-09-14 11:29:29 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2010-09-14 11:29:28 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2010-09-14 11:29:26 ----A---- C:\WINDOWS\system32\drivers\smsens.sys
2010-09-14 11:29:26 ----A---- C:\WINDOWS\system32\drivers\aeaudio.sys
2010-09-14 11:29:25 ----D---- C:\WINDOWS\VirtualEar
2010-09-14 11:29:25 ----A---- C:\WINDOWS\system32\wdmioctl.dll
2010-09-14 11:29:25 ----A---- C:\WINDOWS\system32\virtear.dll
2010-09-14 11:29:25 ----A---- C:\WINDOWS\system32\SynthCore11Resources.dll
2010-09-14 11:29:25 ----A---- C:\WINDOWS\system32\Syncor11.dll
2010-09-14 11:29:25 ----A---- C:\WINDOWS\system32\SMMedia.dll
2010-09-14 11:29:25 ----A---- C:\WINDOWS\system32\S11thk32.dll
2010-09-14 11:29:25 ----A---- C:\WINDOWS\system32\Audio3d.dll
2010-09-14 11:29:25 ----A---- C:\WINDOWS\SynthCoreA.Dll
2010-09-14 11:29:25 ----A---- C:\WINDOWS\SynCor.exe
2010-09-14 11:29:24 ----D---- C:\Program Files\Analog Devices
2010-09-14 11:29:24 ----A---- C:\WINDOWS\system32\msssc.dll
2010-09-14 11:29:24 ----A---- C:\WINDOWS\system32\DSndUp.exe
2010-09-14 11:29:24 ----A---- C:\WINDOWS\system32\drivers\smwdm.sys
2010-09-14 11:29:24 ----A---- C:\WINDOWS\system32\CleanUp.exe
2010-09-14 11:29:24 ----A---- C:\WINDOWS\system32\a3d.dll
2010-09-14 11:29:14 ----SHD---- C:\RECYCLER
2010-09-14 11:29:09 ----A---- C:\WINDOWS\system32\drivers\viasraid.sys
2010-09-14 11:29:08 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\WinRAR
2010-09-14 11:28:56 ----D---- C:\Program Files\WinRAR
2010-09-14 11:22:45 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Macromedia
2010-09-14 11:22:45 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe
2010-09-14 11:18:51 ----A---- C:\WINDOWS\IsUninst.exe
2010-09-14 11:17:08 ----HD---- C:\Program Files\InstallShield Installation Information
2010-09-14 11:16:59 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-09-14 11:16:49 ----N---- C:\WINDOWS\system32\difxapi.dll
2010-09-14 11:16:49 ----D---- C:\Program Files\VIA
2010-09-14 11:16:44 ----D---- C:\Program Files\Common Files\InstallShield
2010-09-14 10:56:45 ----A---- C:\WINDOWS\system32\drivers\videX32.sys
2010-09-14 10:55:41 ----A---- C:\WINDOWS\system32\drivers\yk51x86.sys
2010-09-14 10:55:40 ----A---- C:\WINDOWS\system32\yk51x86.dll
2010-09-14 10:55:33 ----A---- C:\WINDOWS\system32\drivers\VIAAGP1.SYS
2010-09-14 10:55:29 ----A---- C:\WINDOWS\system32\drivers\PS2.sys
2010-09-14 10:54:53 ----D---- C:\Program Files\Driver Checker
2010-09-14 10:53:12 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2010-09-14 10:50:33 ----RA---- C:\WINDOWS\system32\drivers\RTL8192su.sys
2010-09-13 18:37:31 ----ASH---- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
2010-09-13 18:35:49 ----RA---- C:\WINDOWS\SET2A.tmp
2010-09-13 18:35:46 ----RA---- C:\WINDOWS\SET1E.tmp
2010-09-13 18:35:45 ----RA---- C:\WINDOWS\SET1B.tmp
2010-09-13 18:35:24 ----SD---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
2010-09-13 18:09:05 ----RA---- C:\WINDOWS\SET29.tmp
2010-09-13 18:09:02 ----RA---- C:\WINDOWS\SET1D.tmp
2010-09-13 18:09:00 ----RA---- C:\WINDOWS\SET1A.tmp
2010-09-13 18:08:18 ----D---- C:\WINDOWS\Minidump
2010-09-13 17:59:54 ----A---- C:\WINDOWS\system32\h323log.txt
2010-09-13 17:44:47 ----A---- C:\WINDOWS\system32\drivers\audstub.sys
2010-09-13 17:44:09 ----A---- C:\WINDOWS\system32\drivers\redbook.sys
2010-09-13 17:43:37 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2010-09-13 17:43:37 ----A---- C:\WINDOWS\system32\ati3duag.dll
2010-09-13 17:43:36 ----A---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2010-09-13 17:43:36 ----A---- C:\WINDOWS\system32\ati3d1ag.dll
2010-09-13 17:43:36 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2010-09-13 17:43:36 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2010-09-13 17:43:09 ----A---- C:\WINDOWS\system32\usbui.dll
2010-09-13 17:43:02 ----A---- C:\WINDOWS\system32\drivers\UAGP35.SYS
2010-09-13 17:41:44 ----A---- C:\WINDOWS\imsins.BAK
2010-09-13 17:41:41 ----SHD---- C:\WINDOWS\Installer
2010-09-13 17:41:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-09-13 17:41:40 ----D---- C:\Program Files\Common Files\ODBC
2010-09-13 17:41:40 ----A---- C:\WINDOWS\ODBCINST.INI
2010-09-13 17:41:37 ----D---- C:\Program Files\Common Files\SpeechEngines
2010-09-13 17:41:36 ----RD---- C:\Program Files
2010-09-13 17:41:36 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-09-13 17:41:36 ----D---- C:\Program Files\Common Files
2010-09-13 17:41:32 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2010-09-13 17:41:32 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2010-09-13 17:41:32 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2010-09-13 17:41:30 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2010-09-13 17:41:30 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2010-09-13 17:41:30 ----RA---- C:\WINDOWS\system32\kbdur.dll
2010-09-13 17:41:30 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2010-09-13 17:41:30 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2010-09-13 17:41:30 ----RA---- C:\WINDOWS\system32\kbdru.dll
2010-09-13 17:41:30 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2010-09-13 17:41:30 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2010-09-13 17:41:30 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2010-09-13 17:41:30 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2010-09-13 17:41:30 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2010-09-13 17:41:30 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2010-09-13 17:41:28 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2010-09-13 17:41:28 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2010-09-13 17:41:28 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2010-09-13 17:41:28 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2010-09-13 17:41:28 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2010-09-13 17:41:28 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2010-09-13 17:41:28 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2010-09-13 17:41:27 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2010-09-13 17:41:27 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2010-09-13 17:41:27 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2010-09-13 17:41:27 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2010-09-13 17:41:27 ----RA---- C:\WINDOWS\system32\kbdest.dll
2010-09-13 17:41:20 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2010-09-13 17:41:20 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2010-09-13 17:41:20 ----RA---- C:\WINDOWS\system32\kbdro.dll
2010-09-13 17:41:20 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2010-09-13 17:41:20 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2010-09-13 17:41:20 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2010-09-13 17:41:20 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2010-09-13 17:41:19 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2010-09-13 17:41:19 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2010-09-13 17:41:19 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2010-09-13 17:41:19 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2010-09-13 17:41:17 ----A---- C:\WINDOWS\system32\spxcoins.dll
2010-09-13 17:41:17 ----A---- C:\WINDOWS\system32\irclass.dll
2010-09-13 17:41:17 ----A---- C:\WINDOWS\system32\dgsetup.dll
2010-09-13 17:41:17 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2010-09-13 17:41:16 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2010-09-13 17:41:14 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2010-09-13 17:41:14 ----A---- C:\WINDOWS\TASKMAN.EXE
2010-09-13 17:41:14 ----A---- C:\WINDOWS\system32\drivers\irenum.sys
2010-09-13 17:41:14 ----A---- C:\WINDOWS\system32\batt.dll
2010-09-13 17:41:13 ----A---- C:\WINDOWS\NOTEPAD.EXE
2010-09-13 17:41:09 ----A---- C:\WINDOWS\system32\storprop.dll
2010-09-13 17:39:18 ----RA---- C:\WINDOWS\SET8.tmp
2010-09-13 17:39:15 ----RA---- C:\WINDOWS\SET4.tmp
2010-09-13 17:39:14 ----RA---- C:\WINDOWS\SET3.tmp
2010-09-13 17:39:09 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-13 17:39:09 ----D---- C:\WINDOWS\system32\CatRoot
2010-09-13 17:38:46 ----A---- C:\WINDOWS\setuplog.txt
2010-09-13 17:38:42 ----SHD---- C:\System Volume Information
2010-09-13 17:38:42 ----D---- C:\Documents and Settings
2010-09-13 17:38:01 ----SH---- C:\boot.ini
2010-09-13 17:33:08 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-09-13 17:33:08 ----RSD---- C:\WINDOWS\Fonts
2010-09-13 17:33:08 ----RD---- C:\WINDOWS\Web
2010-09-13 17:33:08 ----HD---- C:\WINDOWS\inf
2010-09-13 17:33:08 ----D---- C:\WINDOWS\WinSxS
2010-09-13 17:33:08 ----D---- C:\WINDOWS\twain_32
2010-09-13 17:33:08 ----D---- C:\WINDOWS\Temp
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\wins
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\wbem
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\usmt
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\spool
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\ShellExt
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\Setup
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\ras
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\pl-pl
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\pl
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\oobe
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\npp
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\mui
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\inetsrv
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\IME
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\icsxml
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\ias
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\export
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\drivers\etc
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\drivers\disdn
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\drivers
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\dhcp
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\config
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\3com_dmi
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\3076
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\2052
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\1054
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\1045
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\1042
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\1041
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\1037
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\1033
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\1031
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\1028
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\1025
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32
2010-09-13 17:33:08 ----D---- C:\WINDOWS\system
2010-09-13 17:33:08 ----D---- C:\WINDOWS\security
2010-09-13 17:33:08 ----D---- C:\WINDOWS\Resources
2010-09-13 17:33:08 ----D---- C:\WINDOWS\repair
2010-09-13 17:33:08 ----D---- C:\WINDOWS\Provisioning
2010-09-13 17:33:08 ----D---- C:\WINDOWS\PeerNet
2010-09-13 17:33:08 ----D---- C:\WINDOWS\pchealth
2010-09-13 17:33:08 ----D---- C:\WINDOWS\NLDRV
2010-09-13 17:33:08 ----D---- C:\WINDOWS\Network Diagnostic
2010-09-13 17:33:08 ----D---- C:\WINDOWS\mui
2010-09-13 17:33:08 ----D---- C:\WINDOWS\msapps
2010-09-13 17:33:08 ----D---- C:\WINDOWS\msagent
2010-09-13 17:33:08 ----D---- C:\WINDOWS\Media
2010-09-13 17:33:08 ----D---- C:\WINDOWS\L2Schemas
2010-09-13 17:33:08 ----D---- C:\WINDOWS\java
2010-09-13 17:33:08 ----D---- C:\WINDOWS\ime
2010-09-13 17:33:08 ----D---- C:\WINDOWS\Help
2010-09-13 17:33:08 ----D---- C:\WINDOWS\ehome
2010-09-13 17:33:08 ----D---- C:\WINDOWS\Driver Cache
2010-09-13 17:33:08 ----D---- C:\WINDOWS\Debug
2010-09-13 17:33:08 ----D---- C:\WINDOWS\Cursors
2010-09-13 17:33:08 ----D---- C:\WINDOWS\Connection Wizard
2010-09-13 17:33:08 ----D---- C:\WINDOWS\Config
2010-09-13 17:33:08 ----D---- C:\WINDOWS\AppPatch
2010-09-13 17:33:08 ----D---- C:\WINDOWS\addins
2010-09-13 17:33:08 ----D---- C:\WINDOWS
2010-09-13 17:33:08 ----ASH---- C:\pagefile.sys
2010-09-13 17:10:40 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Identities
2010-09-13 17:10:38 ----HD---- C:\Program Files\Uninstall Information
2010-09-13 17:10:20 ----SD---- C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft
2010-09-13 17:10:20 ----ASH---- C:\Documents and Settings\Administrator\Dane aplikacji\desktop.ini
2010-09-13 17:08:40 ----D---- C:\WINDOWS\SoftwareDistribution
2010-09-13 17:08:39 ----SD---- C:\WINDOWS\system32\Microsoft
2010-09-13 17:08:39 ----D---- C:\WINDOWS\Prefetch
2010-09-13 17:08:38 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-13 16:48:33 ----D---- C:\WINDOWS\system32\xircom
2010-09-13 16:48:33 ----D---- C:\Program Files\xerox
2010-09-13 16:48:33 ----D---- C:\Program Files\microsoft frontpage
2010-09-13 16:48:11 ----RASH---- C:\MSDOS.SYS
2010-09-13 16:48:11 ----RASH---- C:\IO.SYS
2010-09-13 16:48:11 ----A---- C:\WINDOWS\control.ini
2010-09-13 16:48:11 ----A---- C:\CONFIG.SYS
2010-09-13 16:48:11 ----A---- C:\AUTOEXEC.BAT
2010-09-13 16:47:56 ----A---- C:\WINDOWS\OEWABLog.txt
2010-09-13 16:47:52 ----A---- C:\WINDOWS\system32\mapi32.dll
2010-09-13 16:45:59 ----D---- C:\WINDOWS\Registration
2010-09-13 16:04:54 ----RD---- C:\WINDOWS\Offline Web Pages
2010-09-13 16:04:53 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-09-13 16:04:53 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2010-09-13 16:04:46 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-09-13 16:04:41 ----HD---- C:\Program Files\WindowsUpdate
2010-09-13 16:04:37 ----D---- C:\Program Files\Usługi online
2010-09-13 16:04:18 ----D---- C:\WINDOWS\system32\DirectX
2010-09-13 16:04:12 ----A---- C:\WINDOWS\system32\atrace.dll
2010-09-13 16:04:09 ----A---- C:\WINDOWS\system32\desktop.ini
2010-09-13 16:04:09 ----A---- C:\WINDOWS\desktop.ini
2010-09-13 16:04:03 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2010-09-13 16:04:01 ----D---- C:\Program Files\Common Files\Services
2010-09-13 16:04:01 ----A---- C:\WINDOWS\system32\acctres.dll
2010-09-13 16:03:58 ----SD---- C:\WINDOWS\Tasks
2010-09-13 16:03:58 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2010-09-13 16:03:57 ----D---- C:\Program Files\Common Files\MSSoap
2010-09-13 16:03:53 ----D---- C:\WINDOWS\srchasst
2010-09-13 16:03:52 ----D---- C:\WINDOWS\system32\Macromed
2010-09-13 16:03:49 ----A---- C:\WINDOWS\system32\wuweb.dll
2010-09-13 16:03:49 ----A---- C:\WINDOWS\system32\wucltui.dll
2010-09-13 16:03:49 ----A---- C:\WINDOWS\system32\wuauserv.dll
2010-09-13 16:03:49 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2010-09-13 16:03:49 ----A---- C:\WINDOWS\system32\wuaueng.dll
2010-09-13 16:03:48 ----A---- C:\WINDOWS\system32\wups.dll
2010-09-13 16:03:48 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2010-09-13 16:03:48 ----A---- C:\WINDOWS\system32\wuauclt.exe
2010-09-13 16:03:48 ----A---- C:\WINDOWS\system32\wuapi.dll
2010-09-13 16:03:48 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2010-09-13 16:03:48 ----A---- C:\WINDOWS\system32\qmgr.dll
2010-09-13 16:03:48 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2010-09-13 16:03:48 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2010-09-13 16:03:48 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2010-09-13 16:03:44 ----D---- C:\Program Files\Movie Maker
2010-09-13 16:03:25 ----A---- C:\WINDOWS\system32\safrslv.dll
2010-09-13 16:03:25 ----A---- C:\WINDOWS\system32\safrdm.dll
2010-09-13 16:03:25 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2010-09-13 16:03:25 ----A---- C:\WINDOWS\system32\racpldlg.dll
2010-09-13 16:03:21 ----D---- C:\WINDOWS\system32\Restore
2010-09-13 16:03:21 ----A---- C:\WINDOWS\system32\srsvc.dll
2010-09-13 16:03:21 ----A---- C:\WINDOWS\system32\srrstr.dll
2010-09-13 16:03:21 ----A---- C:\WINDOWS\system32\fltMc.exe
2010-09-13 16:03:21 ----A---- C:\WINDOWS\system32\fltlib.dll
2010-09-13 16:03:21 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2010-09-13 16:03:18 ----A---- C:\WINDOWS\system32\srclient.dll
2010-09-13 16:03:18 ----A---- C:\WINDOWS\system32\mnmdd.dll
2010-09-13 16:03:18 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2010-09-13 16:03:18 ----A---- C:\WINDOWS\system32\ils.dll
2010-09-13 16:03:18 ----A---- C:\WINDOWS\system32\drivers\sr.sys
2010-09-13 16:03:17 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2010-09-13 16:03:17 ----A---- C:\WINDOWS\system32\msconf.dll
2010-09-13 16:03:17 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2010-09-13 16:03:15 ----D---- C:\Program Files\NetMeeting
2010-09-13 16:03:14 ----A---- C:\WINDOWS\system32\msoert2.dll
2010-09-13 16:03:14 ----A---- C:\WINDOWS\system32\msoeacct.dll
2010-09-13 16:03:13 ----A---- C:\WINDOWS\system32\inetres.dll
2010-09-13 16:03:13 ----A---- C:\WINDOWS\system32\inetcomm.dll
2010-09-13 16:03:11 ----D---- C:\Program Files\Outlook Express
2010-09-13 16:03:11 ----A---- C:\WINDOWS\system32\schedsvc.dll
2010-09-13 16:03:11 ----A---- C:\WINDOWS\system32\mstinit.exe
2010-09-13 16:03:11 ----A---- C:\WINDOWS\system32\mstask.dll
2010-09-13 16:03:10 ----A---- C:\WINDOWS\system32\isign32.dll
2010-09-13 16:03:10 ----A---- C:\WINDOWS\system32\inetcfg.dll
2010-09-13 16:03:10 ----A---- C:\WINDOWS\system32\icwphbk.dll
2010-09-13 16:03:10 ----A---- C:\WINDOWS\system32\icwdial.dll
2010-09-13 16:03:04 ----D---- C:\Program Files\Common Files\System
2010-09-13 16:03:02 ----D---- C:\Program Files\Internet Explorer
2010-09-13 16:02:12 ----D---- C:\Program Files\ComPlus Applications
2010-09-13 16:02:10 ----A---- C:\WINDOWS\vbaddin.ini
2010-09-13 16:02:10 ----A---- C:\WINDOWS\vb.ini
2010-09-13 16:01:59 ----D---- C:\Program Files\Windows Media Player
2010-09-13 16:01:52 ----D---- C:\Program Files\Messenger
2010-09-13 16:01:48 ----D---- C:\Program Files\MSN Gaming Zone
2010-09-13 16:01:48 ----A---- C:\WINDOWS\system32\write.exe
2010-09-13 16:01:37 ----A---- C:\WINDOWS\system32\sndvol32.exe
2010-09-13 16:01:37 ----A---- C:\WINDOWS\system32\hticons.dll
2010-09-13 16:01:37 ----A---- C:\WINDOWS\system32\avwav.dll
2010-09-13 16:01:37 ----A---- C:\WINDOWS\system32\avtapi.dll
2010-09-13 16:01:37 ----A---- C:\WINDOWS\system32\avmeter.dll
2010-09-13 16:01:36 ----A---- C:\WINDOWS\system32\winchat.exe
2010-09-13 16:01:29 ----A---- C:\WINDOWS\system32\getuname.dll
2010-09-13 16:01:29 ----A---- C:\WINDOWS\system32\charmap.exe
2010-09-13 16:01:29 ----A---- C:\WINDOWS\system32\calc.exe
2010-09-13 16:01:28 ----A---- C:\WINDOWS\system32\winmine.exe
2010-09-13 16:01:28 ----A---- C:\WINDOWS\system32\sol.exe
2010-09-13 16:01:28 ----A---- C:\WINDOWS\system32\mshearts.exe
2010-09-13 16:01:28 ----A---- C:\WINDOWS\system32\freecell.exe
2010-09-13 16:01:27 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2010-09-13 16:01:27 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2010-09-13 16:01:27 ----A---- C:\WINDOWS\system32\tslabels.ini
2010-09-13 16:01:27 ----A---- C:\WINDOWS\system32\tskill.exe
2010-09-13 16:01:27 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2010-09-13 16:01:27 ----A---- C:\WINDOWS\system32\tscon.exe
2010-09-13 16:01:27 ----A---- C:\WINDOWS\system32\shadow.exe
2010-09-13 16:01:27 ----A---- C:\WINDOWS\system32\rwinsta.exe
2010-09-13 16:01:27 ----A---- C:\WINDOWS\system32\reset.exe
2010-09-13 16:01:27 ----A---- C:\WINDOWS\system32\regini.exe
2010-09-13 16:01:27 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2010-09-13 16:01:27 ----A---- C:\WINDOWS\system32\qwinsta.exe
2010-09-13 16:01:26 ----A---- C:\WINDOWS\system32\qappsrv.exe
2010-09-13 16:01:26 ----A---- C:\WINDOWS\system32\msg.exe
2010-09-13 16:01:26 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2010-09-13 16:01:26 ----A---- C:\WINDOWS\system32\logoff.exe
2010-09-13 16:01:26 ----A---- C:\WINDOWS\system32\cdmodem.dll
2010-09-13 16:01:20 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2010-09-13 16:01:19 ----A---- C:\WINDOWS\system32\sndrec32.exe
2010-09-13 16:01:19 ----A---- C:\WINDOWS\system32\accwiz.exe
2010-09-13 16:01:18 ----D---- C:\Program Files\Windows NT
2010-09-13 16:01:18 ----A---- C:\WINDOWS\system32\mspaint.exe
2010-09-13 16:01:18 ----A---- C:\WINDOWS\system32\mplay32.exe
2010-09-13 16:01:18 ----A---- C:\WINDOWS\system32\hypertrm.dll
2010-09-13 16:01:17 ----A---- C:\WINDOWS\system32\spider.exe
2010-09-13 16:01:17 ----A---- C:\WINDOWS\system32\clipbrd.exe
2010-09-13 16:01:16 ----A---- C:\WINDOWS\system32\tsgqec.dll
2010-09-13 16:01:16 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2010-09-13 16:01:16 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2010-09-13 16:01:16 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys
2010-09-13 16:01:16 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys
2010-09-13 16:01:16 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys
2010-09-13 16:01:16 ----A---- C:\WINDOWS\system32\aaclient.dll
2010-09-13 16:01:15 ----A---- C:\WINDOWS\system32\mstscax.dll
2010-09-13 16:01:15 ----A---- C:\WINDOWS\system32\mstsc.exe
2010-09-13 16:01:14 ----A---- C:\WINDOWS\system32\termsrv.dll
2010-09-13 16:01:14 ----A---- C:\WINDOWS\system32\sessmgr.exe
2010-09-13 16:01:14 ----A---- C:\WINDOWS\system32\remotepg.dll
2010-09-13 16:01:14 ----A---- C:\WINDOWS\system32\rdshost.exe
2010-09-13 16:01:14 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2010-09-13 16:01:14 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2010-09-13 16:01:14 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2010-09-13 16:01:14 ----A---- C:\WINDOWS\system32\rdpclip.exe
2010-09-13 16:01:14 ----A---- C:\WINDOWS\system32\rdchost.dll
2010-09-13 16:01:14 ----A---- C:\WINDOWS\system32\qprocess.exe
2010-09-13 16:01:13 ----D---- C:\WINDOWS\system32\MsDtc
2010-09-13 16:01:13 ----A---- C:\WINDOWS\system32\mtxoci.dll
2010-09-13 16:01:13 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2010-09-13 16:01:13 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2010-09-13 16:01:13 ----A---- C:\WINDOWS\system32\icaapi.dll
2010-09-13 16:01:13 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2010-09-13 16:01:12 ----A---- C:\WINDOWS\system32\xolehlp.dll
2010-09-13 16:01:12 ----A---- C:\WINDOWS\system32\msdtctm.dll
2010-09-13 16:01:12 ----A---- C:\WINDOWS\system32\msdtclog.dll
2010-09-13 16:01:12 ----A---- C:\WINDOWS\system32\msdtc.exe
2010-09-13 16:01:11 ----D---- C:\WINDOWS\system32\Com
2010-09-13 16:01:11 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2010-09-13 16:01:11 ----A---- C:\WINDOWS\system32\mtxex.dll
2010-09-13 16:01:11 ----A---- C:\WINDOWS\system32\mtxdm.dll
2010-09-13 16:01:11 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2010-09-13 16:01:11 ----A---- C:\WINDOWS\system32\comrepl.dll
2010-09-13 16:01:11 ----A---- C:\WINDOWS\system32\comaddin.dll
2010-09-13 16:01:11 ----A---- C:\WINDOWS\system32\colbact.dll
2010-09-13 16:01:10 ----A---- C:\WINDOWS\system32\stclient.dll
2010-09-13 16:01:10 ----A---- C:\WINDOWS\system32\clbcatex.dll
2010-09-13 16:01:10 ----A---- C:\WINDOWS\system32\catsrvut.dll
2010-09-13 16:01:10 ----A---- C:\WINDOWS\system32\catsrvps.dll
2010-09-13 16:01:10 ----A---- C:\WINDOWS\system32\catsrv.dll
2010-09-13 16:01:09 ----A---- C:\WINDOWS\system32\comuid.dll
2010-09-13 16:01:09 ----A---- C:\WINDOWS\system32\comsvcs.dll
2010-09-13 16:01:09 ----A---- C:\WINDOWS\system32\comsnap.dll
2010-09-13 16:01:09 ----A---- C:\WINDOWS\system32\clbcatq.dll
2010-09-13 16:01:02 ----A---- C:\WINDOWS\system32\servdeps.dll
2010-09-13 16:01:02 ----A---- C:\WINDOWS\system32\mmfutil.dll
2010-09-13 16:01:02 ----A---- C:\WINDOWS\system32\licwmi.dll
2010-09-13 16:01:02 ----A---- C:\WINDOWS\system32\cmprops.dll
2010-09-13 16:00:58 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2010-09-13 16:00:57 ----A---- C:\WINDOWS\system32\drivers\termdd.sys

======List of files/folders modified in the last 1 months======

2010-09-14 10:54:33 ----A---- C:\WINDOWS\system.ini
2010-09-13 16:48:11 ----A---- C:\WINDOWS\win.ini
2010-09-13 16:47:41 ----ASH---- C:\WINDOWS\fonts\desktop.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 uagp35;Filtr AGPv3.5 firmy Microsoft; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2010-09-14 27904]
R0 viasraid;viasraid; C:\WINDOWS\system32\DRIVERS\viasraid.sys [2003-11-01 77312]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2010-09-14 13976]
R1 AmdK7;Sterownik procesora AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41856]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2010-08-03 55256]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2010-07-29 134512]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-04-14 701440]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2010-07-29 32608]
R3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
R3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2010-09-14 19072]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-07-15 578368]
R3 usb_rndis;Pirelli Discus Multiplay AG; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-14 12800]
R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2010-09-14 297344]
S3 abp470n5;abp470n5; \??\C:\WINDOWS\system32\drivers\kfjmln.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\WINDOWS\system32\DRIVERS\RTL8192su.sys [2009-08-06 588032]
S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-08-12 33584]

-----------------EOF-----------------
[/log]


[log]info.txt logfile of random's system information tool 1.08 2010-09-19 12:37:37

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A81200000003}
Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Gadu-Gadu 10-->C:\Program Files\Gadu-Gadu 10\Uninstall.exe
Metin2-->"D:\Program Files\Metin2\unins000.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Opera 10.62-->MsiExec.exe /X{18E65799-76BD-46EF-9E53-972FE5A40736}
Pirelli USB Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B4708DEA-9F56-4994-A57D-334708627813}\setup.exe" -l0x9 -removeonly
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
VIA Integrated Setup Wizard-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{9497EBAA-87AD-41E6-8ED6-E1E52995A76C}
VIA Platforma Menedżera urządzeń-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}

======System event log======

Computer Name: A-CF324B649AB84
Event Code: 7036
Message: Usługa Usługi terminalowe weszła w stan uruchomienia.

Record Number: 1453
Source Name: Service Control Manager
Time Written: 20100918171419.000000+120
Event Type: informacje
User:

Computer Name: A-CF324B649AB84
Event Code: 7035
Message: Do usługi Usługi terminalowe został pomyślnie wysłany kod sterowania uruchom.

Record Number: 1452
Source Name: Service Control Manager
Time Written: 20100918171419.000000+120
Event Type: informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: A-CF324B649AB84
Event Code: 1002
Message: Adres IP połączenia 192.168.1.40 dla karty sieciowej o adresie 00238EDFBCE9 został
zabroniony przez serwer DHCP 0.0.0.0 (Serwer DHCP wysłał komunikat DHCPNACK).

Record Number: 1451
Source Name: Dhcp
Time Written: 20100918171408.000000+120
Event Type: błąd
User:

Computer Name: A-CF324B649AB84
Event Code: 6005
Message: Uruchomiono usługę Dziennik zdarzeń.

Record Number: 1450
Source Name: EventLog
Time Written: 20100918171404.000000+120
Event Type: informacje
User:

Computer Name: A-CF324B649AB84
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Dodatek Service Pack 3 Uniprocessor Free.

Record Number: 1449
Source Name: EventLog
Time Written: 20100918171404.000000+120
Event Type: informacje
User:

=====Application event log=====

Computer Name: A-CF324B649AB84
Event Code: 1000
Message: Liczniki wydajności dla usługi RSVP (QoS RSVP) zostały pomyślnie załadowane.
Dane rekordu zawierają nowe wartości indeksu przypisane
do tej usługi.

Record Number: 5
Source Name: LoadPerf
Time Written: 20100913164417.000000+120
Event Type: informacje
User:

Computer Name: A-CF324B649AB84
Event Code: 3001
Message: Występująca w rejestrze wartość ciągu nazwy licznika wydajności jest
niepoprawnie sformatowana. Nieprawdziwy ciąg to 1848, nieprawdziwa wartość
indeksu to pierwszy wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe
wartości indeksu to drugi i trzeci wpis DWORD w sekcji danych.

Record Number: 4
Source Name: LoadPerf
Time Written: 20100913164417.000000+120
Event Type: błąd
User:

Computer Name: A-CF324B649AB84
Event Code: 2006
Message: Wartości LastCounter i LastHelp rejestru wydajności są uszkodzone i muszą
zostać zaktualizowane. Pierwszy i drugi wpis DWORD w sekcji danych (Data)
to wartości oryginalne, zaś trzeci i czwarty wpis DWORD w sekcji danych
(Data) to nowe, zaktualizowane wartości.

Record Number: 3
Source Name: LoadPerf
Time Written: 20100913164417.000000+120
Event Type: ostrzeżenie
User:

Computer Name: MACHINENAME
Event Code: 3001
Message: Występująca w rejestrze wartość ciągu nazwy licznika wydajności jest
niepoprawnie sformatowana. Nieprawdziwy ciąg to 1848, nieprawdziwa wartość
indeksu to pierwszy wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe
wartości indeksu to drugi i trzeci wpis DWORD w sekcji danych.

Record Number: 2
Source Name: LoadPerf
Time Written: 20100913183759.000000+120
Event Type: błąd
User:

Computer Name: MACHINENAME
Event Code: 3001
Message: Występująca w rejestrze wartość ciągu nazwy licznika wydajności jest
niepoprawnie sformatowana. Nieprawdziwy ciąg to 1848, nieprawdziwa wartość
indeksu to pierwszy wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe
wartości indeksu to drugi i trzeci wpis DWORD w sekcji danych.

Record Number: 1
Source Name: LoadPerf
Time Written: 20100913183759.000000+120
Event Type: błąd
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0801
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------
[/log]








jak za mało albo za duzo to sorry - 1 raz dodaje logi.

Tomek01
komentarz
komentarz

Niestety nie mam dobrej wiadomości, Jest wirus Sality infekujący wszystkie pliki wykonywalne oraz niektóre biblioteki DLL.
Świadczy o tym usługa: DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\kfjmln.sys -- ([b]abp470n5[/b])



Do ponownego postawienia systemu może być potrzebna płytka z systemem.
Pobierz i nagraj na płytkę na [b]niezainfekowanym[/b] komputerze [url=http://www.freedrweb.pl/livecd.php][b]DR Web LiveCD[/b][/url].
Włóż płytkę do zainfekowanego komputera, zakładając, że wcześniej ustawiłeś w BIOS-ie na startowanie kompa z CD/DVD, więc po restarcie powinien się uruchomić się skaner.
Wykonujesz pełny skan, leczysz co się da, reszta do usunięcia.
Skanujesz tyle razy, aż skaner nic nie znajdzie.
Jeśli po usuwaniu system się nie uruchomi, wkładasz do komputera płytkę z systemem i wykonujesz [url=http://www.searchengines.pl/index.php?showtopic=24500&view=findpost&p=109540]instalację nakładkową Windows[/url].
Po ewentualnej instalacji nakładkowej [b]wyłącz i włącz Przywracanie systemu[/b] na wszystkich dyskach. Instrukcja [url=http://support.microsoft.com/kb/310405/pl][b]XP[/b][/url] lub [url=http://windowshelp.microsoft.com/Windows/pl-PL/Help/517d3b8e-3379-46c1-b479-05b30d6fb3f01045.mspx][b]Vista[/b][/url].
Wykonaj pełny skan [url=http://dobreprogramy.pl/index.php?dz=2&id=1998][b]DR WEB CureIt[/b][/url].
Jeśli skaner nic nie znajdzie, dla pewności podaj log z [url=http://forum.dobreprogramy.pl/post1170959.html#p1170959][b]Combofix[/b][/url] i wyłącz ponownie przywracanie systemu włączone przez Combofixa.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.