tiger2aa utworzono 18 września 2010 utworzono 18 września 2010 (edytowane) witam. w poniedzialek formatowalem komputer. mam wgrany XP sp3. I problem, gdy siedzie na stronach roznych itp jest wszystko w pozadku . aale gdy np gram 10 min w meti2 to komputer sie resetuje ;/ gdy sie wlonczy wyskakuje okno ,, system odzyskkal sprawnosc po powaznym bledzie '' lub gdy gram blad z explorer.exe i drwtsn32.exe oraz dzis jeszcze cos takiego ,,generic host process for win32 services'' . i dodam jeszcze ze po formacie gdy nie dziala mi menadzer zadan i regedit - wyskakuje okno ze zostalo to wylonczone przez administratora ( jestem na koncie admina ) . moj sprzet: płyta głowna - Asus A7V880 procesor - AMD SEMPRON 2800+ karta - RADEON 9600 SERIES ram -1,5gb 2x kosc 256mb -kingstona i 1 kosc 1gb goodram . te resety to moze byc wina pamieci ? moga nie wspolpracowac ? moze wyciagnac te kosci kingstona i zobaczyc czy dalej tak bedzie ? co radzicie ? Prosze o pomoc . Pozdrawiam. ps. i gdyby byly potrzebne logi z combofix i hijackthis czy cos takiego to napizcie jak je zrobic gdzy nigdy tego nie robilem i nawet nie wiem co to jest to combofix i hijackthis ^ ^. sry za bledy [color="#ff0000"] //przenoszę do Bezpieczeństwa //dan[/color]
raazor90 komentarz 18 września 2010 komentarz 18 września 2010 Daj logi z OTL i RSIT: http://www.forumpc.pl/index.php?showtopic=104338
tiger2aa komentarz 18 września 2010 Autor komentarz 18 września 2010 wypiołem te 2 kosci kingstona i błedy ustały ? czyli chyba cos nie tak z pamiecią . jest jakis sposob zeby 3 kosci dzialały poprawnie ? jezeli beda bardzo potrzebne logi to piszcie to wrzuce.
adsko komentarz 18 września 2010 komentarz 18 września 2010 Ty czytasz posty jakie ci piszą ludzie?? Podaj logi jakie ci każe dać razoor. Po drugie: ściągnij program memtest z internetu. Podłącz 1 kość ramu i nim ją sprawdź, jak nie będzie błędów to ją wyciągnij i podłącz drugą i tak w kółko aż pojawią sprawdzisz wszystkie. A co do problemu to prawdopodobnie masz infekcję więc daj te logi o które prosi cię raazor
tiger2aa komentarz 19 września 2010 Autor komentarz 19 września 2010 (edytowane) [log]OTL logfile created on: 2010-09-19 12:28:24 - Run 1 OTL by OldTimer - Version 3.2.12.1 Folder = C:\Documents and Settings\Administrator\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1 023,00 Mb Total Physical Memory | 679,00 Mb Available Physical Memory | 66,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 90,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 19,53 Gb Total Space | 12,23 Gb Free Space | 62,59% Space Free | Partition Type: NTFS Drive D: | 54,99 Gb Total Space | 51,31 Gb Free Space | 93,32% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: A-CF324B649AB84 Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-09-19 12:21:44 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe PRC - [2010-09-07 02:10:44 | 000,836,464 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2010-08-12 14:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe PRC - [2010-08-12 14:16:12 | 002,215,064 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-04-14 22:51:40 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\savedump.exe PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-01-11 22:16:00 | 000,039,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe PRC - [2002-09-20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-09-19 12:21:44 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 22:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2008-04-14 22:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 22:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2008-04-14 22:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008-04-14 22:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - [2010-08-12 14:18:40 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV - [2010-08-12 14:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn) SRV - [2002-09-20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default)) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\kfjmln.sys -- (abp470n5) DRV - [2010-09-14 10:56:34 | 000,013,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32) DRV - [2010-09-14 10:55:41 | 000,297,344 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp) DRV - [2010-09-14 10:55:33 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1) DRV - [2010-09-14 10:55:29 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2) DRV - [2010-08-04 11:50:36 | 000,140,752 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2010-08-03 13:28:36 | 000,055,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi) DRV - [2010-07-29 13:31:26 | 000,134,512 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw) DRV - [2010-07-29 13:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010-07-29 13:31:26 | 000,032,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis) DRV - [2009-08-06 07:23:22 | 000,588,032 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su) DRV - [2008-04-14 23:30:58 | 000,701,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2008-04-14 00:26:50 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (usb_rndis) DRV - [2003-11-01 03:22:38 | 000,077,312 | ---- | M] (VIA Technologies inc,.ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viasraid.sys -- (viasraid) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-790525478-1364589140-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-09-17 10:35:06 | 000,000,000 | ---D | M] O1 HOSTS File: ([2001-10-26 19:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4 - HKU\S-1-5-21-790525478-1364589140-1801674531-500..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-790525478-1364589140-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-09-13 16:48:11 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{8272f1cf-bfdd-11df-b9a1-0002728aaec2}\Shell\AutOpLay\cOmmand - "" = F:\bdql.cmd -- File not found O33 - MountPoints2\{8272f1cf-bfdd-11df-b9a1-0002728aaec2}\Shell\AutoRun\command - "" = F:\bdql.cmd -- File not found O33 - MountPoints2\{8272f1cf-bfdd-11df-b9a1-0002728aaec2}\Shell\explOre\command - "" = F:\bdql.cmd -- File not found O33 - MountPoints2\{8272f1cf-bfdd-11df-b9a1-0002728aaec2}\Shell\oPen\COMmAnD - "" = F:\bdql.cmd -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found SafeBootMin: PEVSystemStart - Service SafeBootMin: procexp90.Sys - Driver SafeBootNet: PEVSystemStart - Service SafeBootNet: procexp90.Sys - Driver [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-09-19 12:21:20 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe [2010-09-18 17:57:46 | 000,000,000 | ---D | C] -- C:\Qoobox [2010-09-17 22:31:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\Lazien [2010-09-17 19:21:38 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy [2010-09-17 15:12:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\FIFA 09 [2010-09-17 15:04:39 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10 [2010-09-17 14:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt [2010-09-17 10:37:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\ESET [2010-09-17 10:37:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\ESET [2010-09-17 10:36:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET [2010-09-17 10:35:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-09-16 16:49:39 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2010-09-16 16:40:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution [2010-09-14 22:32:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\COMODO [2010-09-14 21:08:18 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO [2010-09-14 20:55:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-09-14 20:08:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles [2010-09-14 17:39:01 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys [2010-09-14 17:31:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.gstreamer-0.10 [2010-09-14 17:28:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-09-14 17:28:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenFM [2010-09-14 17:24:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu 10 [2010-09-14 17:24:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-09-14 17:22:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Opera [2010-09-14 17:22:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera [2010-09-14 17:22:04 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2010-09-14 17:15:02 | 000,000,000 | ---D | C] -- C:\Program Files\Pirelli [2010-09-14 17:05:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe [2010-09-14 17:04:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe [2010-09-14 17:04:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2010-09-14 17:04:29 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2010-09-14 11:29:25 | 001,285,632 | ---- | C] (Analog Devices) -- C:\WINDOWS\System32\SMMedia.dll [2010-09-14 11:29:25 | 000,991,232 | ---- | C] (Sensaura) -- C:\WINDOWS\System32\virtear.dll [2010-09-14 11:29:25 | 000,049,152 | ---- | C] (SoundMAX) -- C:\WINDOWS\System32\S11thk32.dll [2010-09-14 11:29:25 | 000,040,820 | ---- | C] (SoundMAX) -- C:\WINDOWS\System32\Syncor11.dll [2010-09-14 11:29:25 | 000,030,208 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\wdmioctl.dll [2010-09-14 11:29:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\VirtualEar [2010-09-14 11:29:24 | 000,049,152 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\DSndUp.exe [2010-09-14 11:29:24 | 000,045,056 | ---- | C] (adi) -- C:\WINDOWS\System32\CleanUp.exe [2010-09-14 11:29:24 | 000,000,000 | ---D | C] -- C:\Program Files\Analog Devices [2010-09-14 11:29:14 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2010-09-14 11:29:09 | 000,077,312 | ---- | C] (VIA Technologies inc,.ltd) -- C:\WINDOWS\System32\drivers\viasraid.sys [2010-09-14 11:29:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\WinRAR [2010-09-14 11:28:56 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2010-09-14 11:22:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Macromedia [2010-09-14 11:22:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe [2010-09-14 11:21:26 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\UserData [2010-09-14 11:17:08 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2010-09-14 11:16:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups [2010-09-14 11:16:49 | 000,000,000 | ---D | C] -- C:\Program Files\VIA [2010-09-14 11:16:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2010-09-14 10:55:41 | 000,297,344 | ---- | C] (Marvell) -- C:\WINDOWS\System32\drivers\yk51x86.sys [2010-09-14 10:55:40 | 000,282,624 | ---- | C] (Marvell) -- C:\WINDOWS\System32\yk51x86.dll [2010-09-14 10:54:53 | 000,000,000 | ---D | C] -- C:\Program Files\Driver Checker [2010-09-14 10:50:33 | 000,588,032 | R--- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\RTL8192su.sys [2010-09-13 18:37:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start [2010-09-13 18:37:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty [2010-09-13 18:37:31 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Szablony [2010-09-13 18:37:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Ulubione [2010-09-13 18:37:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Pulpit [2010-09-13 18:35:24 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft [2010-09-13 18:35:24 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji [2010-09-13 18:08:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2010-09-13 17:41:41 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer [2010-09-13 17:41:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC [2010-09-13 17:41:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines [2010-09-13 17:41:36 | 000,000,000 | R--D | C] -- C:\Program Files [2010-09-13 17:41:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared [2010-09-13 17:41:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files [2010-09-13 17:39:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2 [2010-09-13 17:39:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot [2010-09-13 17:38:42 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2010-09-13 17:38:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings [2010-09-13 17:33:08 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts [2010-09-13 17:33:08 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache [2010-09-13 17:33:08 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web [2010-09-13 17:33:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32 [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32 [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\system [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\security [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-pl [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\NLDRV [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\java [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076 [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052 [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054 [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1045 [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042 [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041 [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037 [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033 [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031 [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028 [2010-09-13 17:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025 [2010-09-13 17:10:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Identities [2010-09-13 17:10:38 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information [2010-09-13 17:10:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moje obrazy [2010-09-13 17:10:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moja muzyka [2010-09-13 17:10:20 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft [2010-09-13 17:10:20 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Cookies [2010-09-13 17:10:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\SendTo [2010-09-13 17:10:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent [2010-09-13 17:10:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji [2010-09-13 17:10:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Ulubione [2010-09-13 17:10:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty [2010-09-13 17:10:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start [2010-09-13 17:10:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Szablony [2010-09-13 17:10:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\PrintHood [2010-09-13 17:10:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\NetHood [2010-09-13 17:10:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit [2010-09-13 17:10:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-09-13 17:10:19 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne [2010-09-13 17:08:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution [2010-09-13 17:08:39 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft [2010-09-13 17:08:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2010-09-13 17:08:38 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2010-09-13 17:08:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-09-13 16:51:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-09-13 16:51:36 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2010-09-13 16:50:14 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll [2010-09-13 16:50:14 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll [2010-09-13 16:50:14 | 000,029,184 | ---- | C] (RICOH Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll [2010-09-13 16:49:06 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys [2010-09-13 16:48:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom [2010-09-13 16:48:33 | 000,000,000 | ---D | C] -- C:\Program Files\xerox [2010-09-13 16:48:33 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage [2010-09-13 16:47:23 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM [2010-09-13 16:46:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy [2010-09-13 16:45:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration [2010-09-13 16:45:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka [2010-09-13 16:44:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo [2010-09-13 16:04:54 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages [2010-09-13 16:04:53 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files [2010-09-13 16:04:41 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate [2010-09-13 16:04:37 | 000,000,000 | ---D | C] -- C:\Program Files\Usługi online [2010-09-13 16:04:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX [2010-09-13 16:04:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services [2010-09-13 16:03:58 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks [2010-09-13 16:03:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap [2010-09-13 16:03:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst [2010-09-13 16:03:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed [2010-09-13 16:03:44 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker [2010-09-13 16:03:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore [2010-09-13 16:03:15 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting [2010-09-13 16:03:11 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express [2010-09-13 16:03:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System [2010-09-13 16:03:02 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer [2010-09-13 16:02:12 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications [2010-09-13 16:01:59 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player [2010-09-13 16:01:52 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger [2010-09-13 16:01:48 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone [2010-09-13 16:01:19 | 000,283,136 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe [2010-09-13 16:01:18 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT [2010-09-13 16:01:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc [2010-09-13 16:01:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com [2010-08-04 11:50:36 | 000,140,752 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\eamon.sys [2010-08-03 13:28:36 | 000,055,256 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\epfwtdi.sys [2010-07-29 13:31:26 | 000,134,512 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\epfw.sys [2010-07-29 13:31:26 | 000,115,008 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\ehdrv.sys [2010-07-29 13:31:26 | 000,032,608 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\epfwndis.sys [9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-09-19 12:26:03 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-09-19 12:25:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-09-19 12:25:57 | 1072,549,888 | -HS- | M] () -- C:\hiberfil.sys [2010-09-19 12:24:52 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\RSIT.exe [2010-09-19 12:21:44 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe [2010-09-19 10:15:10 | 001,310,720 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT [2010-09-19 10:15:10 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini [2010-09-19 10:15:04 | 001,395,316 | -H-- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-09-18 17:56:55 | 003,846,590 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\ComboFix.exe [2010-09-17 22:30:01 | 000,000,556 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Metin2.lnk [2010-09-17 19:03:59 | 000,397,144 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-09-17 19:03:59 | 000,351,080 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-09-17 19:03:59 | 000,063,994 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-09-17 19:03:59 | 000,051,358 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-09-17 19:03:56 | 000,872,688 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-09-17 15:05:51 | 000,000,791 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk [2010-09-17 15:05:51 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk [2010-09-17 14:44:49 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2010-09-17 14:31:51 | 000,232,112 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat [2010-09-16 15:19:04 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Administrator\Counter Strike 1.6 High-Detailed.lnk [2010-09-14 22:35:54 | 000,000,152 | ---- | M] () -- C:\WINDOWS\cavscan.INI [2010-09-14 22:19:31 | 000,000,130 | ---- | M] () -- C:\WINDOWS\cfplogvw.INI [2010-09-14 17:22:22 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Mój komputer.lnk [2010-09-14 17:15:14 | 000,000,126 | ---- | M] () -- C:\WINDOWS\PRLTP_USBdrv.ini [2010-09-14 17:04:45 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 8.lnk [2010-09-14 11:30:19 | 000,000,763 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\VIA RAID TOOL.lnk [2010-09-14 11:29:24 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\msssc.dll [2010-09-14 10:55:41 | 000,297,344 | ---- | M] (Marvell) -- C:\WINDOWS\System32\drivers\yk51x86.sys [2010-09-14 10:55:40 | 000,282,624 | ---- | M] (Marvell) -- C:\WINDOWS\System32\yk51x86.dll [2010-09-14 10:54:33 | 000,000,267 | ---- | M] () -- C:\WINDOWS\system.ini [2010-09-13 17:41:46 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF [2010-09-13 17:10:59 | 000,012,328 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-09-13 17:10:14 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-09-13 17:10:06 | 000,093,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-09-13 16:51:39 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD [2010-09-13 16:50:54 | 000,004,512 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-09-13 16:50:48 | 000,000,689 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2010-09-13 16:48:11 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2010-09-13 16:48:11 | 000,000,477 | ---- | M] () -- C:\WINDOWS\win.ini [2010-09-13 16:48:11 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010-09-13 16:48:11 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-09-13 16:48:11 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini [2010-09-13 16:48:11 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-09-13 16:48:11 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-09-13 16:48:03 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2010-09-13 16:48:02 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2010-09-13 16:48:02 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2010-09-13 16:47:52 | 000,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2010-09-13 16:47:12 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2010-09-13 16:47:12 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010-09-13 16:47:05 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010-09-13 16:47:05 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest [2010-09-13 16:47:05 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010-09-13 16:47:05 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010-09-13 16:47:05 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010-09-13 16:47:05 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2010-09-13 16:46:07 | 000,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2010-09-13 16:44:08 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2010-09-13 16:02:10 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini [2010-09-13 16:02:10 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini [2010-08-04 11:50:36 | 000,140,752 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\eamon.sys [2010-08-03 13:28:36 | 000,055,256 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\epfwtdi.sys [2010-07-29 13:31:26 | 000,134,512 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\epfw.sys [2010-07-29 13:31:26 | 000,115,008 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\ehdrv.sys [2010-07-29 13:31:26 | 000,032,608 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\epfwndis.sys [9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-09-19 12:24:52 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\RSIT.exe [2010-09-18 17:53:47 | 003,846,590 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\ComboFix.exe [2010-09-17 22:30:01 | 000,000,556 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Metin2.lnk [2010-09-17 15:05:51 | 000,000,791 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk [2010-09-17 15:05:51 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk [2010-09-17 14:44:49 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2010-09-16 15:19:04 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\Counter Strike 1.6 High-Detailed.lnk [2010-09-14 22:35:54 | 000,000,152 | ---- | C] () -- C:\WINDOWS\cavscan.INI [2010-09-14 21:42:53 | 000,000,130 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI [2010-09-14 21:23:30 | 000,232,112 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat [2010-09-14 17:22:22 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Mój komputer.lnk [2010-09-14 17:14:59 | 000,000,126 | ---- | C] () -- C:\WINDOWS\PRLTP_USBdrv.ini [2010-09-14 17:04:44 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 8.lnk [2010-09-14 11:31:57 | 1072,549,888 | -HS- | C] () -- C:\hiberfil.sys [2010-09-14 11:30:19 | 000,000,763 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\VIA RAID TOOL.lnk [2010-09-14 11:29:24 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll [2010-09-13 17:41:46 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF [2010-09-13 17:41:44 | 000,004,512 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2010-09-13 17:41:38 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd [2010-09-13 17:41:38 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf [2010-09-13 17:41:37 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa [2010-09-13 17:41:37 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa [2010-09-13 17:41:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls [2010-09-13 17:41:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls [2010-09-13 17:41:32 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls [2010-09-13 17:41:32 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls [2010-09-13 17:41:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls [2010-09-13 17:41:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls [2010-09-13 17:41:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls [2010-09-13 17:41:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls [2010-09-13 17:41:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls [2010-09-13 17:41:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS [2010-09-13 17:41:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls [2010-09-13 17:41:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls [2010-09-13 17:41:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls [2010-09-13 17:41:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls [2010-09-13 17:41:28 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls [2010-09-13 17:41:28 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls [2010-09-13 17:41:28 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls [2010-09-13 17:41:28 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls [2010-09-13 17:41:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls [2010-09-13 17:41:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls [2010-09-13 17:41:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls [2010-09-13 17:41:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS [2010-09-13 17:41:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls [2010-09-13 17:41:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls [2010-09-13 17:41:26 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls [2010-09-13 17:41:26 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls [2010-09-13 17:41:26 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls [2010-09-13 17:41:26 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls [2010-09-13 17:41:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls [2010-09-13 17:41:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS [2010-09-13 17:41:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls [2010-09-13 17:41:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls [2010-09-13 17:41:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls [2010-09-13 17:41:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls [2010-09-13 17:41:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls [2010-09-13 17:41:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls [2010-09-13 17:41:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls [2010-09-13 17:41:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls [2010-09-13 17:41:14 | 000,001,734 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT [2010-09-13 17:39:22 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat [2010-09-13 17:39:22 | 000,105,628 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat [2010-09-13 17:39:22 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat [2010-09-13 17:39:22 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT [2010-09-13 17:39:22 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT [2010-09-13 17:39:21 | 000,808,524 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT [2010-09-13 17:39:21 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2010-09-13 17:39:21 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT [2010-09-13 17:39:21 | 000,033,765 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT [2010-09-13 17:39:21 | 000,016,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT [2010-09-13 17:39:21 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT [2010-09-13 17:39:21 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT [2010-09-13 17:39:21 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT [2010-09-13 17:39:21 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat [2010-09-13 17:39:20 | 002,033,887 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT [2010-09-13 17:39:20 | 001,246,357 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT [2010-09-13 17:39:20 | 000,634,012 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT [2010-09-13 17:38:41 | 000,093,480 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-09-13 17:38:01 | 000,000,211 | -HS- | C] () -- C:\boot.ini [2010-09-13 17:37:58 | 000,000,689 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf [2010-09-13 17:10:21 | 000,073,728 | -H-- | C] () -- C:\Documents and Settings\Administrator\ntuser.dat.LOG [2010-09-13 17:10:21 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\Administrator\ntuser.ini [2010-09-13 17:10:19 | 001,310,720 | -H-- | C] () -- C:\Documents and Settings\Administrator\NTUSER.DAT [2010-09-13 16:51:39 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD [2010-09-13 16:50:48 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010-09-13 16:50:41 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls [2010-09-13 16:50:09 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls [2010-09-13 16:50:09 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls [2010-09-13 16:50:08 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll [2010-09-13 16:49:48 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls [2010-09-13 16:49:47 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex [2010-09-13 16:49:40 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe [2010-09-13 16:49:38 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe [2010-09-13 16:49:36 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex [2010-09-13 16:49:28 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll [2010-09-13 16:49:24 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex [2010-09-13 16:49:19 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll [2010-09-13 16:49:09 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll [2010-09-13 16:49:05 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls [2010-09-13 16:49:05 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls [2010-09-13 16:49:05 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls [2010-09-13 16:49:05 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls [2010-09-13 16:49:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls [2010-09-13 16:49:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls [2010-09-13 16:49:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls [2010-09-13 16:49:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls [2010-09-13 16:49:04 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls [2010-09-13 16:49:04 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls [2010-09-13 16:49:04 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls [2010-09-13 16:49:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls [2010-09-13 16:49:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls [2010-09-13 16:49:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls [2010-09-13 16:49:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls [2010-09-13 16:49:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls [2010-09-13 16:49:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls [2010-09-13 16:49:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls [2010-09-13 16:49:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls [2010-09-13 16:49:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls [2010-09-13 16:49:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls [2010-09-13 16:49:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls [2010-09-13 16:49:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls [2010-09-13 16:49:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls [2010-09-13 16:49:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls [2010-09-13 16:49:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls [2010-09-13 16:49:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls [2010-09-13 16:49:02 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls [2010-09-13 16:49:02 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls [2010-09-13 16:49:02 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls [2010-09-13 16:49:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls [2010-09-13 16:49:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls [2010-09-13 16:49:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls [2010-09-13 16:49:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls [2010-09-13 16:49:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls [2010-09-13 16:49:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls [2010-09-13 16:49:01 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls [2010-09-13 16:49:01 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls [2010-09-13 16:49:01 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls [2010-09-13 16:49:01 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls [2010-09-13 16:49:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls [2010-09-13 16:49:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls [2010-09-13 16:49:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls [2010-09-13 16:49:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls [2010-09-13 16:49:00 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls [2010-09-13 16:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls [2010-09-13 16:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls [2010-09-13 16:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls [2010-09-13 16:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls [2010-09-13 16:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls [2010-09-13 16:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls [2010-09-13 16:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls [2010-09-13 16:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls [2010-09-13 16:48:59 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls [2010-09-13 16:48:59 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls [2010-09-13 16:48:59 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls [2010-09-13 16:48:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls [2010-09-13 16:48:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls [2010-09-13 16:48:58 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls [2010-09-13 16:48:58 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls [2010-09-13 16:48:11 | 000,002,596 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT [2010-09-13 16:48:11 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2010-09-13 16:48:11 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2010-09-13 16:48:11 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS [2010-09-13 16:48:11 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT [2010-09-13 16:48:02 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb [2010-09-13 16:48:02 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb [2010-09-13 16:48:01 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx [2010-09-13 16:04:53 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2010-09-13 16:04:53 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010-09-13 16:04:46 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010-09-13 16:04:46 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest [2010-09-13 16:04:46 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010-09-13 16:04:46 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010-09-13 16:04:46 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010-09-13 16:04:46 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2010-09-13 16:04:27 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex [2010-09-13 16:04:10 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp [2010-09-13 16:04:10 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp [2010-09-13 16:04:03 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf [2010-09-13 16:03:23 | 000,380,416 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll [2010-09-13 16:02:20 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2010-09-13 16:01:31 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Pod mikroskopem.bmp [2010-09-13 16:01:31 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Stiuk z Santa Fe.bmp [2010-09-13 16:01:31 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Wachlarze.bmp [2010-09-13 16:01:31 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Nefryt.bmp [2010-09-13 16:01:31 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp [2010-09-13 16:01:31 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Na rybkach.bmp [2010-09-13 16:01:31 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Indiański pled.bmp [2010-09-13 16:01:30 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce [2010-09-13 16:01:30 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Bąbelki.bmp [2010-09-13 16:01:30 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kawa.bmp [2010-09-13 16:01:30 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce [2010-09-13 16:01:30 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Puch.bmp [2010-09-13 16:01:30 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce [2010-09-13 16:01:30 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce [2010-09-13 16:01:30 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Niebieska koronka 16.bmp [2010-09-13 16:01:29 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce [2010-09-13 16:01:29 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce [2010-09-13 16:01:29 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce [2010-09-13 16:01:29 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce [2010-09-13 16:01:27 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h [2010-09-13 16:01:27 | 000,001,225 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd [2010-09-13 16:01:26 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h [2010-09-13 16:01:20 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc [color=#E56717]========== LOP Check ==========[/color] [2010-09-17 10:37:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ESET [2010-09-18 23:04:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu 10 [2010-09-14 17:28:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenFM [2010-09-14 17:22:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera [2010-09-17 10:35:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-09-14 17:24:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-09-15 20:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-09-14 20:59:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-09-13 16:48:11 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-09-13 16:44:08 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2001-07-22 02:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010-09-13 16:48:11 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-09-19 12:25:57 | 1072,549,888 | -HS- | M] () -- C:\hiberfil.sys [2010-09-13 16:48:11 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-09-13 16:48:11 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008-04-13 22:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008-04-14 00:02:00 | 000,251,152 | RHS- | M] () -- C:\ntldr [2010-09-19 12:25:56 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-14 02:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-18 01:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2001-08-18 01:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys [2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:CB0AACC9 < End of report > [/log] [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Administrator at 2010-09-19 12:37:27 Microsoft Windows XP Professional Dodatek Service Pack 3 System drive C: has 13 GB (63%) free of 20 GB Total RAM: 1023 MB (67% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:37:35, on 2010-09-19 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Opera\opera.exe C:\WINDOWS\notepad.exe C:\WINDOWS\notepad.exe C:\Documents and Settings\Administrator\Pulpit\RSIT.exe C:\Program Files\trend micro\Administrator.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKCU\..\Run: [Gadu-Gadu 10] "C:\Program Files\Gadu-Gadu 10\gg.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab O20 - AppInit_DLLs: O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 3147 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792] "egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-08-12 2215064] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Gadu-Gadu 10"=C:\Program Files\Gadu-Gadu 10\gg.exe [2010-09-13 12653152] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart VIA RAID TOOL.lnk - C:\Program Files\VIA\RAID\raid_tool.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" " [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableLUA"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "F:\udjbjp.cmd"="F:\udjbjp.cmd:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\gigwf.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\gigwf.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winnnea.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winnnea.exe:*:Enabled:ipsec" "C:\Program Files\Driver Checker\DriverChecker.exe"="C:\Program Files\Driver Checker\DriverChecker.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\wintwgp.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\wintwgp.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w16bc6f.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w16bc6f.exe:*:Enabled:ipsec" "C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:ipsec" "C:\Program Files\Gadu-Gadu 10\gg.exe"="C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:ipsec" "D:\Program Files\Metin2\metin2client.bin"="D:\Program Files\Metin2\metin2client.bin:*:Enabled:metin2client" "D:\Program Files\Counter Strike 1.6 HD NonSteam\cstrike.exe"="D:\Program Files\Counter Strike 1.6 HD NonSteam\cstrike.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winjrms.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winjrms.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\wa77840.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\wa77840.exe:*:Enabled:ipsec" "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\sypxy.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\sypxy.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w79eaf.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w79eaf.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\tpos.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\tpos.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\ulehi.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\ulehi.exe:*:Enabled:ipsec" "C:\WINDOWS\Explorer.EXE"="C:\WINDOWS\Explorer.EXE:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w6b355.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w6b355.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\bpuwhf.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\bpuwhf.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\wfga.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\wfga.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winnfgm.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winnfgm.exe:*:Enabled:ipsec" "C:\Program Files\Analog Devices\SoundMAX\SMTray.exe"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w7436f.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w7436f.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\ojoc.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\ojoc.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\sjeh.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\sjeh.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w16caa7.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w16caa7.exe:*:Enabled:ipsec" "D:\Program Files\Metin2\metin2.exe"="D:\Program Files\Metin2\metin2.exe:*:Enabled:ipsec" "C:\Program Files\COMODO\COMODO Internet Security\cfpupdat.exe"="C:\Program Files\COMODO\COMODO Internet Security\cfpupdat.exe:*:Enabled:ipsec" "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe"="C:\Program Files\COMODO\COMODO Internet Security\cfp.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\wingupwbu.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\wingupwbu.exe:*:Enabled:ipsec" "C:\Program Files\VIA\RAID\raid_tool.exe"="C:\Program Files\VIA\RAID\raid_tool.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winrnfql.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winrnfql.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w83f92.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w83f92.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winwvjc.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winwvjc.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\wintgfq.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\wintgfq.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\hgbk.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\hgbk.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w127392.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w127392.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winhmdmsa.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winhmdmsa.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\ybgi.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\ybgi.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\wa491e.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\wa491e.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\qtdi.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\qtdi.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\liid.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\liid.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w8197c.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w8197c.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winrsgfs.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winrsgfs.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\yojnt.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\yojnt.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winrpmbs.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winrpmbs.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w1042f6.exe"="C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\w1042f6.exe:*:Enabled:ipsec" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" ======List of files/folders created in the last 1 months====== 2010-09-19 12:37:28 ----D---- C:\Program Files\trend micro 2010-09-19 12:37:27 ----D---- C:\rsit 2010-09-18 21:11:03 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys 2010-09-18 21:08:41 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys 2010-09-18 17:57:46 ----D---- C:\Qoobox 2010-09-17 19:21:38 ----HD---- C:\WINDOWS\system32\GroupPolicy 2010-09-17 15:04:39 ----D---- C:\Program Files\Gadu-Gadu 10 2010-09-17 14:40:15 ----D---- C:\WINDOWS\system32\appmgmt 2010-09-17 10:37:02 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\ESET 2010-09-17 10:35:04 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\ESET 2010-09-16 16:49:39 ----D---- C:\Program Files\ESET 2010-09-16 16:40:02 ----D---- C:\WINDOWS\system32\SoftwareDistribution 2010-09-14 22:35:54 ----A---- C:\WINDOWS\cavscan.INI 2010-09-14 21:42:53 ----A---- C:\WINDOWS\cfplogvw.INI 2010-09-14 21:08:18 ----D---- C:\Program Files\COMODO 2010-09-14 20:55:11 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2010-09-14 20:08:49 ----D---- C:\WINDOWS\system32\LogFiles 2010-09-14 17:39:01 ----D---- C:\Program Files\Lavalys 2010-09-14 17:28:15 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM 2010-09-14 17:28:14 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\OpenFM 2010-09-14 17:24:43 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu 10 2010-09-14 17:24:36 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 2010-09-14 17:22:12 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Opera 2010-09-14 17:22:04 ----D---- C:\Program Files\Opera 2010-09-14 17:15:02 ----D---- C:\Program Files\Pirelli 2010-09-14 17:14:59 ----A---- C:\WINDOWS\PRLTP_USBdrv.ini 2010-09-14 17:04:37 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe 2010-09-14 17:04:30 ----D---- C:\Program Files\Common Files\Adobe 2010-09-14 17:04:29 ----D---- C:\Program Files\Adobe 2010-09-14 16:58:58 ----A---- C:\WINDOWS\system32\drivers\mouhid.sys 2010-09-14 16:58:50 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys 2010-09-14 11:31:57 ----ASH---- C:\hiberfil.sys 2010-09-14 11:29:49 ----A---- C:\WINDOWS\system32\drivers\splitter.sys 2010-09-14 11:29:48 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys 2010-09-14 11:29:46 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys 2010-09-14 11:29:45 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys 2010-09-14 11:29:43 ----A---- C:\WINDOWS\system32\drivers\aec.sys 2010-09-14 11:29:41 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys 2010-09-14 11:29:40 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys 2010-09-14 11:29:39 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys 2010-09-14 11:29:37 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys 2010-09-14 11:29:35 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys 2010-09-14 11:29:33 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2010-09-14 11:29:29 ----A---- C:\WINDOWS\system32\ksuser.dll 2010-09-14 11:29:29 ----A---- C:\WINDOWS\system32\drivers\portcls.sys 2010-09-14 11:29:28 ----A---- C:\WINDOWS\system32\drivers\drmk.sys 2010-09-14 11:29:26 ----A---- C:\WINDOWS\system32\drivers\smsens.sys 2010-09-14 11:29:26 ----A---- C:\WINDOWS\system32\drivers\aeaudio.sys 2010-09-14 11:29:25 ----D---- C:\WINDOWS\VirtualEar 2010-09-14 11:29:25 ----A---- C:\WINDOWS\system32\wdmioctl.dll 2010-09-14 11:29:25 ----A---- C:\WINDOWS\system32\virtear.dll 2010-09-14 11:29:25 ----A---- C:\WINDOWS\system32\SynthCore11Resources.dll 2010-09-14 11:29:25 ----A---- C:\WINDOWS\system32\Syncor11.dll 2010-09-14 11:29:25 ----A---- C:\WINDOWS\system32\SMMedia.dll 2010-09-14 11:29:25 ----A---- C:\WINDOWS\system32\S11thk32.dll 2010-09-14 11:29:25 ----A---- C:\WINDOWS\system32\Audio3d.dll 2010-09-14 11:29:25 ----A---- C:\WINDOWS\SynthCoreA.Dll 2010-09-14 11:29:25 ----A---- C:\WINDOWS\SynCor.exe 2010-09-14 11:29:24 ----D---- C:\Program Files\Analog Devices 2010-09-14 11:29:24 ----A---- C:\WINDOWS\system32\msssc.dll 2010-09-14 11:29:24 ----A---- C:\WINDOWS\system32\DSndUp.exe 2010-09-14 11:29:24 ----A---- C:\WINDOWS\system32\drivers\smwdm.sys 2010-09-14 11:29:24 ----A---- C:\WINDOWS\system32\CleanUp.exe 2010-09-14 11:29:24 ----A---- C:\WINDOWS\system32\a3d.dll 2010-09-14 11:29:14 ----SHD---- C:\RECYCLER 2010-09-14 11:29:09 ----A---- C:\WINDOWS\system32\drivers\viasraid.sys 2010-09-14 11:29:08 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\WinRAR 2010-09-14 11:28:56 ----D---- C:\Program Files\WinRAR 2010-09-14 11:22:45 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Macromedia 2010-09-14 11:22:45 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe 2010-09-14 11:18:51 ----A---- C:\WINDOWS\IsUninst.exe 2010-09-14 11:17:08 ----HD---- C:\Program Files\InstallShield Installation Information 2010-09-14 11:16:59 ----D---- C:\WINDOWS\system32\ReinstallBackups 2010-09-14 11:16:49 ----N---- C:\WINDOWS\system32\difxapi.dll 2010-09-14 11:16:49 ----D---- C:\Program Files\VIA 2010-09-14 11:16:44 ----D---- C:\Program Files\Common Files\InstallShield 2010-09-14 10:56:45 ----A---- C:\WINDOWS\system32\drivers\videX32.sys 2010-09-14 10:55:41 ----A---- C:\WINDOWS\system32\drivers\yk51x86.sys 2010-09-14 10:55:40 ----A---- C:\WINDOWS\system32\yk51x86.dll 2010-09-14 10:55:33 ----A---- C:\WINDOWS\system32\drivers\VIAAGP1.SYS 2010-09-14 10:55:29 ----A---- C:\WINDOWS\system32\drivers\PS2.sys 2010-09-14 10:54:53 ----D---- C:\Program Files\Driver Checker 2010-09-14 10:53:12 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS 2010-09-14 10:50:33 ----RA---- C:\WINDOWS\system32\drivers\RTL8192su.sys 2010-09-13 18:37:31 ----ASH---- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini 2010-09-13 18:35:49 ----RA---- C:\WINDOWS\SET2A.tmp 2010-09-13 18:35:46 ----RA---- C:\WINDOWS\SET1E.tmp 2010-09-13 18:35:45 ----RA---- C:\WINDOWS\SET1B.tmp 2010-09-13 18:35:24 ----SD---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft 2010-09-13 18:09:05 ----RA---- C:\WINDOWS\SET29.tmp 2010-09-13 18:09:02 ----RA---- C:\WINDOWS\SET1D.tmp 2010-09-13 18:09:00 ----RA---- C:\WINDOWS\SET1A.tmp 2010-09-13 18:08:18 ----D---- C:\WINDOWS\Minidump 2010-09-13 17:59:54 ----A---- C:\WINDOWS\system32\h323log.txt 2010-09-13 17:44:47 ----A---- C:\WINDOWS\system32\drivers\audstub.sys 2010-09-13 17:44:09 ----A---- C:\WINDOWS\system32\drivers\redbook.sys 2010-09-13 17:43:37 ----A---- C:\WINDOWS\system32\ativvaxx.dll 2010-09-13 17:43:37 ----A---- C:\WINDOWS\system32\ati3duag.dll 2010-09-13 17:43:36 ----A---- C:\WINDOWS\system32\drivers\ati2mtag.sys 2010-09-13 17:43:36 ----A---- C:\WINDOWS\system32\ati3d1ag.dll 2010-09-13 17:43:36 ----A---- C:\WINDOWS\system32\ati2dvag.dll 2010-09-13 17:43:36 ----A---- C:\WINDOWS\system32\ati2cqag.dll 2010-09-13 17:43:09 ----A---- C:\WINDOWS\system32\usbui.dll 2010-09-13 17:43:02 ----A---- C:\WINDOWS\system32\drivers\UAGP35.SYS 2010-09-13 17:41:44 ----A---- C:\WINDOWS\imsins.BAK 2010-09-13 17:41:41 ----SHD---- C:\WINDOWS\Installer 2010-09-13 17:41:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-09-13 17:41:40 ----D---- C:\Program Files\Common Files\ODBC 2010-09-13 17:41:40 ----A---- C:\WINDOWS\ODBCINST.INI 2010-09-13 17:41:37 ----D---- C:\Program Files\Common Files\SpeechEngines 2010-09-13 17:41:36 ----RD---- C:\Program Files 2010-09-13 17:41:36 ----D---- C:\Program Files\Common Files\Microsoft Shared 2010-09-13 17:41:36 ----D---- C:\Program Files\Common Files 2010-09-13 17:41:32 ----RA---- C:\WINDOWS\system32\kbdtuq.dll 2010-09-13 17:41:32 ----RA---- C:\WINDOWS\system32\kbdtuf.dll 2010-09-13 17:41:32 ----RA---- C:\WINDOWS\system32\kbdazel.dll 2010-09-13 17:41:30 ----RA---- C:\WINDOWS\system32\kbdycc.dll 2010-09-13 17:41:30 ----RA---- C:\WINDOWS\system32\kbduzb.dll 2010-09-13 17:41:30 ----RA---- C:\WINDOWS\system32\kbdur.dll 2010-09-13 17:41:30 ----RA---- C:\WINDOWS\system32\kbdtat.dll 2010-09-13 17:41:30 ----RA---- C:\WINDOWS\system32\kbdru1.dll 2010-09-13 17:41:30 ----RA---- C:\WINDOWS\system32\kbdru.dll 2010-09-13 17:41:30 ----RA---- C:\WINDOWS\system32\kbdmon.dll 2010-09-13 17:41:30 ----RA---- C:\WINDOWS\system32\kbdkyr.dll 2010-09-13 17:41:30 ----RA---- C:\WINDOWS\system32\kbdkaz.dll 2010-09-13 17:41:30 ----RA---- C:\WINDOWS\system32\kbdbu.dll 2010-09-13 17:41:30 ----RA---- C:\WINDOWS\system32\kbdblr.dll 2010-09-13 17:41:30 ----RA---- C:\WINDOWS\system32\kbdaze.dll 2010-09-13 17:41:28 ----RA---- C:\WINDOWS\system32\kbdhept.dll 2010-09-13 17:41:28 ----RA---- C:\WINDOWS\system32\kbdhela3.dll 2010-09-13 17:41:28 ----RA---- C:\WINDOWS\system32\kbdhela2.dll 2010-09-13 17:41:28 ----RA---- C:\WINDOWS\system32\kbdhe319.dll 2010-09-13 17:41:28 ----RA---- C:\WINDOWS\system32\kbdhe220.dll 2010-09-13 17:41:28 ----RA---- C:\WINDOWS\system32\kbdhe.dll 2010-09-13 17:41:28 ----RA---- C:\WINDOWS\system32\kbdgkl.dll 2010-09-13 17:41:27 ----RA---- C:\WINDOWS\system32\kbdlv1.dll 2010-09-13 17:41:27 ----RA---- C:\WINDOWS\system32\kbdlv.dll 2010-09-13 17:41:27 ----RA---- C:\WINDOWS\system32\kbdlt1.dll 2010-09-13 17:41:27 ----RA---- C:\WINDOWS\system32\kbdlt.dll 2010-09-13 17:41:27 ----RA---- C:\WINDOWS\system32\kbdest.dll 2010-09-13 17:41:20 ----RA---- C:\WINDOWS\system32\kbdsl1.dll 2010-09-13 17:41:20 ----RA---- C:\WINDOWS\system32\kbdsl.dll 2010-09-13 17:41:20 ----RA---- C:\WINDOWS\system32\kbdro.dll 2010-09-13 17:41:20 ----RA---- C:\WINDOWS\system32\kbdhu1.dll 2010-09-13 17:41:20 ----RA---- C:\WINDOWS\system32\kbdhu.dll 2010-09-13 17:41:20 ----RA---- C:\WINDOWS\system32\kbdcz2.dll 2010-09-13 17:41:20 ----RA---- C:\WINDOWS\system32\kbdcz1.dll 2010-09-13 17:41:19 ----RA---- C:\WINDOWS\system32\kbdycl.dll 2010-09-13 17:41:19 ----RA---- C:\WINDOWS\system32\kbdcz.dll 2010-09-13 17:41:19 ----RA---- C:\WINDOWS\system32\kbdcr.dll 2010-09-13 17:41:19 ----RA---- C:\WINDOWS\system32\KBDAL.DLL 2010-09-13 17:41:17 ----A---- C:\WINDOWS\system32\spxcoins.dll 2010-09-13 17:41:17 ----A---- C:\WINDOWS\system32\irclass.dll 2010-09-13 17:41:17 ----A---- C:\WINDOWS\system32\dgsetup.dll 2010-09-13 17:41:17 ----A---- C:\WINDOWS\system32\dgrpsetu.dll 2010-09-13 17:41:16 ----A---- C:\WINDOWS\system32\EqnClass.Dll 2010-09-13 17:41:14 ----N---- C:\WINDOWS\system32\CONFIG.TMP 2010-09-13 17:41:14 ----A---- C:\WINDOWS\TASKMAN.EXE 2010-09-13 17:41:14 ----A---- C:\WINDOWS\system32\drivers\irenum.sys 2010-09-13 17:41:14 ----A---- C:\WINDOWS\system32\batt.dll 2010-09-13 17:41:13 ----A---- C:\WINDOWS\NOTEPAD.EXE 2010-09-13 17:41:09 ----A---- C:\WINDOWS\system32\storprop.dll 2010-09-13 17:39:18 ----RA---- C:\WINDOWS\SET8.tmp 2010-09-13 17:39:15 ----RA---- C:\WINDOWS\SET4.tmp 2010-09-13 17:39:14 ----RA---- C:\WINDOWS\SET3.tmp 2010-09-13 17:39:09 ----D---- C:\WINDOWS\system32\CatRoot2 2010-09-13 17:39:09 ----D---- C:\WINDOWS\system32\CatRoot 2010-09-13 17:38:46 ----A---- C:\WINDOWS\setuplog.txt 2010-09-13 17:38:42 ----SHD---- C:\System Volume Information 2010-09-13 17:38:42 ----D---- C:\Documents and Settings 2010-09-13 17:38:01 ----SH---- C:\boot.ini 2010-09-13 17:33:08 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-09-13 17:33:08 ----RSD---- C:\WINDOWS\Fonts 2010-09-13 17:33:08 ----RD---- C:\WINDOWS\Web 2010-09-13 17:33:08 ----HD---- C:\WINDOWS\inf 2010-09-13 17:33:08 ----D---- C:\WINDOWS\WinSxS 2010-09-13 17:33:08 ----D---- C:\WINDOWS\twain_32 2010-09-13 17:33:08 ----D---- C:\WINDOWS\Temp 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\wins 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\wbem 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\usmt 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\spool 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\ShellExt 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\Setup 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\ras 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\pl-pl 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\pl 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\oobe 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\npp 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\mui 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\inetsrv 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\IME 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\icsxml 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\ias 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\export 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\drivers\etc 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\drivers\disdn 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\drivers 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\dhcp 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\config 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\3com_dmi 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\3076 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\2052 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\1054 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\1045 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\1042 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\1041 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\1037 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\1033 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\1031 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\1028 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32\1025 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system32 2010-09-13 17:33:08 ----D---- C:\WINDOWS\system 2010-09-13 17:33:08 ----D---- C:\WINDOWS\security 2010-09-13 17:33:08 ----D---- C:\WINDOWS\Resources 2010-09-13 17:33:08 ----D---- C:\WINDOWS\repair 2010-09-13 17:33:08 ----D---- C:\WINDOWS\Provisioning 2010-09-13 17:33:08 ----D---- C:\WINDOWS\PeerNet 2010-09-13 17:33:08 ----D---- C:\WINDOWS\pchealth 2010-09-13 17:33:08 ----D---- C:\WINDOWS\NLDRV 2010-09-13 17:33:08 ----D---- C:\WINDOWS\Network Diagnostic 2010-09-13 17:33:08 ----D---- C:\WINDOWS\mui 2010-09-13 17:33:08 ----D---- C:\WINDOWS\msapps 2010-09-13 17:33:08 ----D---- C:\WINDOWS\msagent 2010-09-13 17:33:08 ----D---- C:\WINDOWS\Media 2010-09-13 17:33:08 ----D---- C:\WINDOWS\L2Schemas 2010-09-13 17:33:08 ----D---- C:\WINDOWS\java 2010-09-13 17:33:08 ----D---- C:\WINDOWS\ime 2010-09-13 17:33:08 ----D---- C:\WINDOWS\Help 2010-09-13 17:33:08 ----D---- C:\WINDOWS\ehome 2010-09-13 17:33:08 ----D---- C:\WINDOWS\Driver Cache 2010-09-13 17:33:08 ----D---- C:\WINDOWS\Debug 2010-09-13 17:33:08 ----D---- C:\WINDOWS\Cursors 2010-09-13 17:33:08 ----D---- C:\WINDOWS\Connection Wizard 2010-09-13 17:33:08 ----D---- C:\WINDOWS\Config 2010-09-13 17:33:08 ----D---- C:\WINDOWS\AppPatch 2010-09-13 17:33:08 ----D---- C:\WINDOWS\addins 2010-09-13 17:33:08 ----D---- C:\WINDOWS 2010-09-13 17:33:08 ----ASH---- C:\pagefile.sys 2010-09-13 17:10:40 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Identities 2010-09-13 17:10:38 ----HD---- C:\Program Files\Uninstall Information 2010-09-13 17:10:20 ----SD---- C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft 2010-09-13 17:10:20 ----ASH---- C:\Documents and Settings\Administrator\Dane aplikacji\desktop.ini 2010-09-13 17:08:40 ----D---- C:\WINDOWS\SoftwareDistribution 2010-09-13 17:08:39 ----SD---- C:\WINDOWS\system32\Microsoft 2010-09-13 17:08:39 ----D---- C:\WINDOWS\Prefetch 2010-09-13 17:08:38 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-09-13 16:48:33 ----D---- C:\WINDOWS\system32\xircom 2010-09-13 16:48:33 ----D---- C:\Program Files\xerox 2010-09-13 16:48:33 ----D---- C:\Program Files\microsoft frontpage 2010-09-13 16:48:11 ----RASH---- C:\MSDOS.SYS 2010-09-13 16:48:11 ----RASH---- C:\IO.SYS 2010-09-13 16:48:11 ----A---- C:\WINDOWS\control.ini 2010-09-13 16:48:11 ----A---- C:\CONFIG.SYS 2010-09-13 16:48:11 ----A---- C:\AUTOEXEC.BAT 2010-09-13 16:47:56 ----A---- C:\WINDOWS\OEWABLog.txt 2010-09-13 16:47:52 ----A---- C:\WINDOWS\system32\mapi32.dll 2010-09-13 16:45:59 ----D---- C:\WINDOWS\Registration 2010-09-13 16:04:54 ----RD---- C:\WINDOWS\Offline Web Pages 2010-09-13 16:04:53 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-09-13 16:04:53 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest 2010-09-13 16:04:46 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest 2010-09-13 16:04:41 ----HD---- C:\Program Files\WindowsUpdate 2010-09-13 16:04:37 ----D---- C:\Program Files\Usługi online 2010-09-13 16:04:18 ----D---- C:\WINDOWS\system32\DirectX 2010-09-13 16:04:12 ----A---- C:\WINDOWS\system32\atrace.dll 2010-09-13 16:04:09 ----A---- C:\WINDOWS\system32\desktop.ini 2010-09-13 16:04:09 ----A---- C:\WINDOWS\desktop.ini 2010-09-13 16:04:03 ----A---- C:\WINDOWS\system32\nmevtmsg.dll 2010-09-13 16:04:01 ----D---- C:\Program Files\Common Files\Services 2010-09-13 16:04:01 ----A---- C:\WINDOWS\system32\acctres.dll 2010-09-13 16:03:58 ----SD---- C:\WINDOWS\Tasks 2010-09-13 16:03:58 ----A---- C:\WINDOWS\system32\icfgnt5.dll 2010-09-13 16:03:57 ----D---- C:\Program Files\Common Files\MSSoap 2010-09-13 16:03:53 ----D---- C:\WINDOWS\srchasst 2010-09-13 16:03:52 ----D---- C:\WINDOWS\system32\Macromed 2010-09-13 16:03:49 ----A---- C:\WINDOWS\system32\wuweb.dll 2010-09-13 16:03:49 ----A---- C:\WINDOWS\system32\wucltui.dll 2010-09-13 16:03:49 ----A---- C:\WINDOWS\system32\wuauserv.dll 2010-09-13 16:03:49 ----A---- C:\WINDOWS\system32\wuaueng1.dll 2010-09-13 16:03:49 ----A---- C:\WINDOWS\system32\wuaueng.dll 2010-09-13 16:03:48 ----A---- C:\WINDOWS\system32\wups.dll 2010-09-13 16:03:48 ----A---- C:\WINDOWS\system32\wuauclt1.exe 2010-09-13 16:03:48 ----A---- C:\WINDOWS\system32\wuauclt.exe 2010-09-13 16:03:48 ----A---- C:\WINDOWS\system32\wuapi.dll 2010-09-13 16:03:48 ----A---- C:\WINDOWS\system32\qmgrprxy.dll 2010-09-13 16:03:48 ----A---- C:\WINDOWS\system32\qmgr.dll 2010-09-13 16:03:48 ----A---- C:\WINDOWS\system32\bitsprx4.dll 2010-09-13 16:03:48 ----A---- C:\WINDOWS\system32\bitsprx3.dll 2010-09-13 16:03:48 ----A---- C:\WINDOWS\system32\bitsprx2.dll 2010-09-13 16:03:44 ----D---- C:\Program Files\Movie Maker 2010-09-13 16:03:25 ----A---- C:\WINDOWS\system32\safrslv.dll 2010-09-13 16:03:25 ----A---- C:\WINDOWS\system32\safrdm.dll 2010-09-13 16:03:25 ----A---- C:\WINDOWS\system32\safrcdlg.dll 2010-09-13 16:03:25 ----A---- C:\WINDOWS\system32\racpldlg.dll 2010-09-13 16:03:21 ----D---- C:\WINDOWS\system32\Restore 2010-09-13 16:03:21 ----A---- C:\WINDOWS\system32\srsvc.dll 2010-09-13 16:03:21 ----A---- C:\WINDOWS\system32\srrstr.dll 2010-09-13 16:03:21 ----A---- C:\WINDOWS\system32\fltMc.exe 2010-09-13 16:03:21 ----A---- C:\WINDOWS\system32\fltlib.dll 2010-09-13 16:03:21 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys 2010-09-13 16:03:18 ----A---- C:\WINDOWS\system32\srclient.dll 2010-09-13 16:03:18 ----A---- C:\WINDOWS\system32\mnmdd.dll 2010-09-13 16:03:18 ----A---- C:\WINDOWS\system32\isrdbg32.dll 2010-09-13 16:03:18 ----A---- C:\WINDOWS\system32\ils.dll 2010-09-13 16:03:18 ----A---- C:\WINDOWS\system32\drivers\sr.sys 2010-09-13 16:03:17 ----A---- C:\WINDOWS\system32\nmmkcert.dll 2010-09-13 16:03:17 ----A---- C:\WINDOWS\system32\msconf.dll 2010-09-13 16:03:17 ----A---- C:\WINDOWS\system32\mnmsrvc.exe 2010-09-13 16:03:15 ----D---- C:\Program Files\NetMeeting 2010-09-13 16:03:14 ----A---- C:\WINDOWS\system32\msoert2.dll 2010-09-13 16:03:14 ----A---- C:\WINDOWS\system32\msoeacct.dll 2010-09-13 16:03:13 ----A---- C:\WINDOWS\system32\inetres.dll 2010-09-13 16:03:13 ----A---- C:\WINDOWS\system32\inetcomm.dll 2010-09-13 16:03:11 ----D---- C:\Program Files\Outlook Express 2010-09-13 16:03:11 ----A---- C:\WINDOWS\system32\schedsvc.dll 2010-09-13 16:03:11 ----A---- C:\WINDOWS\system32\mstinit.exe 2010-09-13 16:03:11 ----A---- C:\WINDOWS\system32\mstask.dll 2010-09-13 16:03:10 ----A---- C:\WINDOWS\system32\isign32.dll 2010-09-13 16:03:10 ----A---- C:\WINDOWS\system32\inetcfg.dll 2010-09-13 16:03:10 ----A---- C:\WINDOWS\system32\icwphbk.dll 2010-09-13 16:03:10 ----A---- C:\WINDOWS\system32\icwdial.dll 2010-09-13 16:03:04 ----D---- C:\Program Files\Common Files\System 2010-09-13 16:03:02 ----D---- C:\Program Files\Internet Explorer 2010-09-13 16:02:12 ----D---- C:\Program Files\ComPlus Applications 2010-09-13 16:02:10 ----A---- C:\WINDOWS\vbaddin.ini 2010-09-13 16:02:10 ----A---- C:\WINDOWS\vb.ini 2010-09-13 16:01:59 ----D---- C:\Program Files\Windows Media Player 2010-09-13 16:01:52 ----D---- C:\Program Files\Messenger 2010-09-13 16:01:48 ----D---- C:\Program Files\MSN Gaming Zone 2010-09-13 16:01:48 ----A---- C:\WINDOWS\system32\write.exe 2010-09-13 16:01:37 ----A---- C:\WINDOWS\system32\sndvol32.exe 2010-09-13 16:01:37 ----A---- C:\WINDOWS\system32\hticons.dll 2010-09-13 16:01:37 ----A---- C:\WINDOWS\system32\avwav.dll 2010-09-13 16:01:37 ----A---- C:\WINDOWS\system32\avtapi.dll 2010-09-13 16:01:37 ----A---- C:\WINDOWS\system32\avmeter.dll 2010-09-13 16:01:36 ----A---- C:\WINDOWS\system32\winchat.exe 2010-09-13 16:01:29 ----A---- C:\WINDOWS\system32\getuname.dll 2010-09-13 16:01:29 ----A---- C:\WINDOWS\system32\charmap.exe 2010-09-13 16:01:29 ----A---- C:\WINDOWS\system32\calc.exe 2010-09-13 16:01:28 ----A---- C:\WINDOWS\system32\winmine.exe 2010-09-13 16:01:28 ----A---- C:\WINDOWS\system32\sol.exe 2010-09-13 16:01:28 ----A---- C:\WINDOWS\system32\mshearts.exe 2010-09-13 16:01:28 ----A---- C:\WINDOWS\system32\freecell.exe 2010-09-13 16:01:27 ----A---- C:\WINDOWS\system32\usrlogon.cmd 2010-09-13 16:01:27 ----A---- C:\WINDOWS\system32\tsshutdn.exe 2010-09-13 16:01:27 ----A---- C:\WINDOWS\system32\tslabels.ini 2010-09-13 16:01:27 ----A---- C:\WINDOWS\system32\tskill.exe 2010-09-13 16:01:27 ----A---- C:\WINDOWS\system32\tsdiscon.exe 2010-09-13 16:01:27 ----A---- C:\WINDOWS\system32\tscon.exe 2010-09-13 16:01:27 ----A---- C:\WINDOWS\system32\shadow.exe 2010-09-13 16:01:27 ----A---- C:\WINDOWS\system32\rwinsta.exe 2010-09-13 16:01:27 ----A---- C:\WINDOWS\system32\reset.exe 2010-09-13 16:01:27 ----A---- C:\WINDOWS\system32\regini.exe 2010-09-13 16:01:27 ----A---- C:\WINDOWS\system32\rdpcfgex.dll 2010-09-13 16:01:27 ----A---- C:\WINDOWS\system32\qwinsta.exe 2010-09-13 16:01:26 ----A---- C:\WINDOWS\system32\qappsrv.exe 2010-09-13 16:01:26 ----A---- C:\WINDOWS\system32\msg.exe 2010-09-13 16:01:26 ----A---- C:\WINDOWS\system32\msdtcprf.ini 2010-09-13 16:01:26 ----A---- C:\WINDOWS\system32\logoff.exe 2010-09-13 16:01:26 ----A---- C:\WINDOWS\system32\cdmodem.dll 2010-09-13 16:01:20 ----A---- C:\WINDOWS\system32\wmimgmt.msc 2010-09-13 16:01:19 ----A---- C:\WINDOWS\system32\sndrec32.exe 2010-09-13 16:01:19 ----A---- C:\WINDOWS\system32\accwiz.exe 2010-09-13 16:01:18 ----D---- C:\Program Files\Windows NT 2010-09-13 16:01:18 ----A---- C:\WINDOWS\system32\mspaint.exe 2010-09-13 16:01:18 ----A---- C:\WINDOWS\system32\mplay32.exe 2010-09-13 16:01:18 ----A---- C:\WINDOWS\system32\hypertrm.dll 2010-09-13 16:01:17 ----A---- C:\WINDOWS\system32\spider.exe 2010-09-13 16:01:17 ----A---- C:\WINDOWS\system32\clipbrd.exe 2010-09-13 16:01:16 ----A---- C:\WINDOWS\system32\tsgqec.dll 2010-09-13 16:01:16 ----A---- C:\WINDOWS\system32\tscfgwmi.dll 2010-09-13 16:01:16 ----A---- C:\WINDOWS\system32\rhttpaa.dll 2010-09-13 16:01:16 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys 2010-09-13 16:01:16 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys 2010-09-13 16:01:16 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys 2010-09-13 16:01:16 ----A---- C:\WINDOWS\system32\aaclient.dll 2010-09-13 16:01:15 ----A---- C:\WINDOWS\system32\mstscax.dll 2010-09-13 16:01:15 ----A---- C:\WINDOWS\system32\mstsc.exe 2010-09-13 16:01:14 ----A---- C:\WINDOWS\system32\termsrv.dll 2010-09-13 16:01:14 ----A---- C:\WINDOWS\system32\sessmgr.exe 2010-09-13 16:01:14 ----A---- C:\WINDOWS\system32\remotepg.dll 2010-09-13 16:01:14 ----A---- C:\WINDOWS\system32\rdshost.exe 2010-09-13 16:01:14 ----A---- C:\WINDOWS\system32\rdsaddin.exe 2010-09-13 16:01:14 ----A---- C:\WINDOWS\system32\rdpwsx.dll 2010-09-13 16:01:14 ----A---- C:\WINDOWS\system32\rdpsnd.dll 2010-09-13 16:01:14 ----A---- C:\WINDOWS\system32\rdpclip.exe 2010-09-13 16:01:14 ----A---- C:\WINDOWS\system32\rdchost.dll 2010-09-13 16:01:14 ----A---- C:\WINDOWS\system32\qprocess.exe 2010-09-13 16:01:13 ----D---- C:\WINDOWS\system32\MsDtc 2010-09-13 16:01:13 ----A---- C:\WINDOWS\system32\mtxoci.dll 2010-09-13 16:01:13 ----A---- C:\WINDOWS\system32\msdtcuiu.dll 2010-09-13 16:01:13 ----A---- C:\WINDOWS\system32\msdtcprx.dll 2010-09-13 16:01:13 ----A---- C:\WINDOWS\system32\icaapi.dll 2010-09-13 16:01:13 ----A---- C:\WINDOWS\system32\cfgbkend.dll 2010-09-13 16:01:12 ----A---- C:\WINDOWS\system32\xolehlp.dll 2010-09-13 16:01:12 ----A---- C:\WINDOWS\system32\msdtctm.dll 2010-09-13 16:01:12 ----A---- C:\WINDOWS\system32\msdtclog.dll 2010-09-13 16:01:12 ----A---- C:\WINDOWS\system32\msdtc.exe 2010-09-13 16:01:11 ----D---- C:\WINDOWS\system32\Com 2010-09-13 16:01:11 ----A---- C:\WINDOWS\system32\mtxlegih.dll 2010-09-13 16:01:11 ----A---- C:\WINDOWS\system32\mtxex.dll 2010-09-13 16:01:11 ----A---- C:\WINDOWS\system32\mtxdm.dll 2010-09-13 16:01:11 ----A---- C:\WINDOWS\system32\dcomcnfg.exe 2010-09-13 16:01:11 ----A---- C:\WINDOWS\system32\comrepl.dll 2010-09-13 16:01:11 ----A---- C:\WINDOWS\system32\comaddin.dll 2010-09-13 16:01:11 ----A---- C:\WINDOWS\system32\colbact.dll 2010-09-13 16:01:10 ----A---- C:\WINDOWS\system32\stclient.dll 2010-09-13 16:01:10 ----A---- C:\WINDOWS\system32\clbcatex.dll 2010-09-13 16:01:10 ----A---- C:\WINDOWS\system32\catsrvut.dll 2010-09-13 16:01:10 ----A---- C:\WINDOWS\system32\catsrvps.dll 2010-09-13 16:01:10 ----A---- C:\WINDOWS\system32\catsrv.dll 2010-09-13 16:01:09 ----A---- C:\WINDOWS\system32\comuid.dll 2010-09-13 16:01:09 ----A---- C:\WINDOWS\system32\comsvcs.dll 2010-09-13 16:01:09 ----A---- C:\WINDOWS\system32\comsnap.dll 2010-09-13 16:01:09 ----A---- C:\WINDOWS\system32\clbcatq.dll 2010-09-13 16:01:02 ----A---- C:\WINDOWS\system32\servdeps.dll 2010-09-13 16:01:02 ----A---- C:\WINDOWS\system32\mmfutil.dll 2010-09-13 16:01:02 ----A---- C:\WINDOWS\system32\licwmi.dll 2010-09-13 16:01:02 ----A---- C:\WINDOWS\system32\cmprops.dll 2010-09-13 16:00:58 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys 2010-09-13 16:00:57 ----A---- C:\WINDOWS\system32\drivers\termdd.sys ======List of files/folders modified in the last 1 months====== 2010-09-14 10:54:33 ----A---- C:\WINDOWS\system.ini 2010-09-13 16:48:11 ----A---- C:\WINDOWS\win.ini 2010-09-13 16:47:41 ----ASH---- C:\WINDOWS\fonts\desktop.ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 uagp35;Filtr AGPv3.5 firmy Microsoft; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672] R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2010-09-14 27904] R0 viasraid;viasraid; C:\WINDOWS\system32\DRIVERS\viasraid.sys [2003-11-01 77312] R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2010-09-14 13976] R1 AmdK7;Sterownik procesora AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41856] R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008] R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2010-08-03 55256] R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752] R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2010-07-29 134512] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-04-14 701440] R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2010-07-29 32608] R3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160] R3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2010-09-14 19072] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-07-15 578368] R3 usb_rndis;Pirelli Discus Multiplay AG; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-14 12800] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608] R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2010-09-14 297344] S3 abp470n5;abp470n5; \??\C:\WINDOWS\system32\drivers\kfjmln.sys [] S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys [] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\WINDOWS\system32\DRIVERS\RTL8192su.sys [2009-08-06 588032] S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856] S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144] R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056] S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-08-12 33584] -----------------EOF----------------- [/log] [log]info.txt logfile of random's system information tool 1.08 2010-09-19 12:37:37 ======Uninstall list====== -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe -maintain activex Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 8 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A81200000003} Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exe ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe" Gadu-Gadu 10-->C:\Program Files\Gadu-Gadu 10\Uninstall.exe Metin2-->"D:\Program Files\Metin2\unins000.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Opera 10.62-->MsiExec.exe /X{18E65799-76BD-46EF-9E53-972FE5A40736} Pirelli USB Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B4708DEA-9F56-4994-A57D-334708627813}\setup.exe" -l0x9 -removeonly SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe" VIA Integrated Setup Wizard-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{9497EBAA-87AD-41E6-8ED6-E1E52995A76C} VIA Platforma Menedżera urządzeń-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169} ======System event log====== Computer Name: A-CF324B649AB84 Event Code: 7036 Message: Usługa Usługi terminalowe weszła w stan uruchomienia. Record Number: 1453 Source Name: Service Control Manager Time Written: 20100918171419.000000+120 Event Type: informacje User: Computer Name: A-CF324B649AB84 Event Code: 7035 Message: Do usługi Usługi terminalowe został pomyślnie wysłany kod sterowania uruchom. Record Number: 1452 Source Name: Service Control Manager Time Written: 20100918171419.000000+120 Event Type: informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: A-CF324B649AB84 Event Code: 1002 Message: Adres IP połączenia 192.168.1.40 dla karty sieciowej o adresie 00238EDFBCE9 został zabroniony przez serwer DHCP 0.0.0.0 (Serwer DHCP wysłał komunikat DHCPNACK). Record Number: 1451 Source Name: Dhcp Time Written: 20100918171408.000000+120 Event Type: błąd User: Computer Name: A-CF324B649AB84 Event Code: 6005 Message: Uruchomiono usługę Dziennik zdarzeń. Record Number: 1450 Source Name: EventLog Time Written: 20100918171404.000000+120 Event Type: informacje User: Computer Name: A-CF324B649AB84 Event Code: 6009 Message: Microsoft (R) Windows (R) 5.01. 2600 Dodatek Service Pack 3 Uniprocessor Free. Record Number: 1449 Source Name: EventLog Time Written: 20100918171404.000000+120 Event Type: informacje User: =====Application event log===== Computer Name: A-CF324B649AB84 Event Code: 1000 Message: Liczniki wydajności dla usługi RSVP (QoS RSVP) zostały pomyślnie załadowane. Dane rekordu zawierają nowe wartości indeksu przypisane do tej usługi. Record Number: 5 Source Name: LoadPerf Time Written: 20100913164417.000000+120 Event Type: informacje User: Computer Name: A-CF324B649AB84 Event Code: 3001 Message: Występująca w rejestrze wartość ciągu nazwy licznika wydajności jest niepoprawnie sformatowana. Nieprawdziwy ciąg to 1848, nieprawdziwa wartość indeksu to pierwszy wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe wartości indeksu to drugi i trzeci wpis DWORD w sekcji danych. Record Number: 4 Source Name: LoadPerf Time Written: 20100913164417.000000+120 Event Type: błąd User: Computer Name: A-CF324B649AB84 Event Code: 2006 Message: Wartości LastCounter i LastHelp rejestru wydajności są uszkodzone i muszą zostać zaktualizowane. Pierwszy i drugi wpis DWORD w sekcji danych (Data) to wartości oryginalne, zaś trzeci i czwarty wpis DWORD w sekcji danych (Data) to nowe, zaktualizowane wartości. Record Number: 3 Source Name: LoadPerf Time Written: 20100913164417.000000+120 Event Type: ostrzeżenie User: Computer Name: MACHINENAME Event Code: 3001 Message: Występująca w rejestrze wartość ciągu nazwy licznika wydajności jest niepoprawnie sformatowana. Nieprawdziwy ciąg to 1848, nieprawdziwa wartość indeksu to pierwszy wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe wartości indeksu to drugi i trzeci wpis DWORD w sekcji danych. Record Number: 2 Source Name: LoadPerf Time Written: 20100913183759.000000+120 Event Type: błąd User: Computer Name: MACHINENAME Event Code: 3001 Message: Występująca w rejestrze wartość ciągu nazwy licznika wydajności jest niepoprawnie sformatowana. Nieprawdziwy ciąg to 1848, nieprawdziwa wartość indeksu to pierwszy wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe wartości indeksu to drugi i trzeci wpis DWORD w sekcji danych. Record Number: 1 Source Name: LoadPerf Time Written: 20100913183759.000000+120 Event Type: błąd User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 8 Stepping 1, AuthenticAMD "PROCESSOR_REVISION"=0801 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF----------------- [/log] jak za mało albo za duzo to sorry - 1 raz dodaje logi.
Tomek01 komentarz 20 września 2010 komentarz 20 września 2010 Niestety nie mam dobrej wiadomości, Jest wirus Sality infekujący wszystkie pliki wykonywalne oraz niektóre biblioteki DLL. Świadczy o tym usługa: DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\kfjmln.sys -- ([b]abp470n5[/b]) Do ponownego postawienia systemu może być potrzebna płytka z systemem. Pobierz i nagraj na płytkę na [b]niezainfekowanym[/b] komputerze [url=http://www.freedrweb.pl/livecd.php][b]DR Web LiveCD[/b][/url]. Włóż płytkę do zainfekowanego komputera, zakładając, że wcześniej ustawiłeś w BIOS-ie na startowanie kompa z CD/DVD, więc po restarcie powinien się uruchomić się skaner. Wykonujesz pełny skan, leczysz co się da, reszta do usunięcia. Skanujesz tyle razy, aż skaner nic nie znajdzie. Jeśli po usuwaniu system się nie uruchomi, wkładasz do komputera płytkę z systemem i wykonujesz [url=http://www.searchengines.pl/index.php?showtopic=24500&view=findpost&p=109540]instalację nakładkową Windows[/url]. Po ewentualnej instalacji nakładkowej [b]wyłącz i włącz Przywracanie systemu[/b] na wszystkich dyskach. Instrukcja [url=http://support.microsoft.com/kb/310405/pl][b]XP[/b][/url] lub [url=http://windowshelp.microsoft.com/Windows/pl-PL/Help/517d3b8e-3379-46c1-b479-05b30d6fb3f01045.mspx][b]Vista[/b][/url]. Wykonaj pełny skan [url=http://dobreprogramy.pl/index.php?dz=2&id=1998][b]DR WEB CureIt[/b][/url]. Jeśli skaner nic nie znajdzie, dla pewności podaj log z [url=http://forum.dobreprogramy.pl/post1170959.html#p1170959][b]Combofix[/b][/url] i wyłącz ponownie przywracanie systemu włączone przez Combofixa.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.