x-kom hosting

Logi ! Proszę o sprawdzenie

icam87
utworzono
utworzono

Witam Państwa.
2 dni temu admin sieci zablokował mi dostęp do internetu, powód: " liczba pakietów wysłanych 2x przekraczała liczbę pakietów odebranych "
Admin uznal ze wysylam mnostwo pustych ramek co znacznie zakluca sieć. ( radiówka )
Przeinstalowałem system, przeskanowałem Anti-Malware.

[log]
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Wersja bazy: 5672

Windows 5.1.2600 Dodatek Service Pack 2
Internet Explorer 6.0.2900.2180

2011-02-04 08:10:42
mbam-log-2011-02-04 (08-10-35).txt

Typ skanowania: Szybkie skanowanie
Przeskanowano obiektów: 127747
Upłynęło: 1 minut(y), 10 sekund(y)

Zainfekowanych procesów w pamięci: 0
Zainfekowanych modułów w pamięci: 0
Zainfekowanych kluczy rejestru: 0
Zainfekowanych wartości rejestru: 0
Zainfekowane informacje rejestru systemowego: 1
Zainfekowanych folderów: 0
Zainfekowanych plików: 0

Zainfekowanych procesów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych modułów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych kluczy rejestru:
(Nie znaleziono zagrożeń)

Zainfekowanych wartości rejestru:
(Nie znaleziono zagrożeń)

Zainfekowane informacje rejestru systemowego:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Zainfekowanych folderów:
(Nie znaleziono zagrożeń)

Zainfekowanych plików:
(Nie znaleziono zagrożeń)

[/log]

Postanowiłem poprosić was o pomoc.


Extras.txt
[log] OTL Extras logfile created on: 2011-02-04 08:16:57 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Kiciński\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 390,63 Gb Total Space | 384,10 Gb Free Space | 98,33% Space Free | Partition Type: NTFS
Drive D: | 149,42 Gb Total Space | 100,50 Gb Free Space | 67,26% Space Free | Partition Type: NTFS
Drive E: | 391,33 Gb Total Space | 380,72 Gb Free Space | 97,29% Space Free | Partition Type: NTFS

Computer Name: KICINSKI-D36BDF | User Name: Kiciński | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1343024091-1482476501-682003330-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
"C:\Program Files\Symulator Farmy 2011\game.exe" = C:\Program Files\Symulator Farmy 2011\game.exe:*:Disabled:Symulator Farmy 2011 -- (GIANTS Software GmbH)
"C:\Program Files\Symulator Farmy 2011\FarmingSimulator2011.exe" = C:\Program Files\Symulator Farmy 2011\FarmingSimulator2011.exe:*:Disabled:Symulator Farmy 2011 -- (GIANTS Software GmbH)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.0610.1
"{20E26A4C-07BA-4BED-9FB3-145CF0304383}" = ESET NOD32 Antivirus
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B10.0422.2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}" = Browser Configuration Utility
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30
"FarmingSimulator2011PL_is1" = Symulator Farmy 2011
"Gadu-Gadu 10" = Gadu-Gadu 10
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mortyr 2_is1" = Mortyr 2 v1.352
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"UltraISO_is1" = UltraISO Premium V9.12
"WinRAR archiver" = WinRAR archiver

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2011-02-03 02:56:59 | Computer Name = KICINSKI-D36BDF | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd game.exe, wersja 4.1.6.1, moduł powodujący
błąd game.exe, wersja 4.1.6.1, adres błędu 0x0002ce8e.

Error - 2011-02-03 15:14:52 | Computer Name = KICINSKI-D36BDF | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd game.exe, wersja 4.1.6.1, moduł powodujący
błąd nvoglnt.dll, wersja 6.14.11.9038, adres błędu 0x0052def8.

Error - 2011-02-03 17:24:40 | Computer Name = KICINSKI-D36BDF | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd game.exe, wersja 4.1.6.1, moduł powodujący
błąd nvoglnt.dll, wersja 6.14.11.9038, adres błędu 0x0052def8.

Error - 2011-02-04 02:55:08 | Computer Name = KICINSKI-D36BDF | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 2011-02-04 03:03:05 | Computer Name = KICINSKI-D36BDF | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Operacja została zwrócona, ponieważ przekroczono limit czasu.

Error - 2011-02-04 03:03:35 | Computer Name = KICINSKI-D36BDF | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Operacja została zwrócona, ponieważ przekroczono limit czasu.

Error - 2011-02-04 03:03:37 | Computer Name = KICINSKI-D36BDF | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2011-02-04 03:03:37 | Computer Name = KICINSKI-D36BDF | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2011-02-04 03:03:37 | Computer Name = KICINSKI-D36BDF | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2011-02-04 03:03:37 | Computer Name = KICINSKI-D36BDF | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

[ System Events ]
Error - 2011-02-02 11:00:13 | Computer Name = KICINSKI-D36BDF | Source = W32Time | ID = 39452689
Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera
DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi
próbę wyszukania serwera DNS za 60 min. Wystąpił błąd: Próba przeprowadzenia operacji,
wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751)

Error - 2011-02-02 11:00:13 | Computer Name = KICINSKI-D36BDF | Source = W32Time | ID = 39452701
Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas
z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
Przez 59 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego
czasu.

Error - 2011-02-02 12:00:15 | Computer Name = KICINSKI-D36BDF | Source = W32Time | ID = 39452689
Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera
DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi
próbę wyszukania serwera DNS za 120 min. Wystąpił błąd: Próba przeprowadzenia operacji,
wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751)

Error - 2011-02-02 12:00:15 | Computer Name = KICINSKI-D36BDF | Source = W32Time | ID = 39452701
Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas
z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
Przez 119 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego
czasu.

Error - 2011-02-02 14:00:16 | Computer Name = KICINSKI-D36BDF | Source = W32Time | ID = 39452689
Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera
DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi
próbę wyszukania serwera DNS za 240 min. Wystąpił błąd: Próba przeprowadzenia operacji,
wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751)

Error - 2011-02-02 14:00:16 | Computer Name = KICINSKI-D36BDF | Source = W32Time | ID = 39452701
Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas
z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
Przez 239 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego
czasu.

Error - 2011-02-02 18:00:18 | Computer Name = KICINSKI-D36BDF | Source = W32Time | ID = 39452689
Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera
DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi
próbę wyszukania serwera DNS za 480 min. Wystąpił błąd: Próba przeprowadzenia operacji,
wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751)

Error - 2011-02-02 18:00:18 | Computer Name = KICINSKI-D36BDF | Source = W32Time | ID = 39452701
Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas
z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
Przez 479 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego
czasu.

Error - 2011-02-03 02:00:32 | Computer Name = KICINSKI-D36BDF | Source = W32Time | ID = 39452689
Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera
DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi
próbę wyszukania serwera DNS za 960 min. Wystąpił błąd: Próba przeprowadzenia operacji,
wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751)

Error - 2011-02-03 02:00:32 | Computer Name = KICINSKI-D36BDF | Source = W32Time | ID = 39452701
Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas
z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
Przez 959 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego
czasu.


< End of report >
[/log]

OTL.txt

[log] OTL logfile created on: 2011-02-04 08:16:57 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Kiciński\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 390,63 Gb Total Space | 384,10 Gb Free Space | 98,33% Space Free | Partition Type: NTFS
Drive D: | 149,42 Gb Total Space | 100,50 Gb Free Space | 67,26% Space Free | Partition Type: NTFS
Drive E: | 391,33 Gb Total Space | 380,72 Gb Free Space | 97,29% Space Free | Partition Type: NTFS

Computer Name: KICINSKI-D36BDF | User Name: Kiciński | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2011-02-04 08:11:38 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kiciński\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2010-12-03 20:58:04 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-12-03 20:58:04 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-03-26 11:01:32 | 019,522,592 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2009-10-15 14:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009-10-15 14:06:42 | 000,375,000 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe
PRC - [2009-07-14 13:34:58 | 000,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2009-03-02 14:06:16 | 000,068,136 | ---- | M] () -- C:\Program Files\Gigabyte\EasySaver\essvr.exe
PRC - [2008-09-16 10:21:19 | 001,447,168 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2007-12-21 06:21:16 | 000,468,224 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2006-10-27 00:47:42 | 000,031,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2006-10-26 13:45:04 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WISPTIS.EXE
PRC - [2005-02-17 07:15:20 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2004-08-03 23:44:30 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2004-08-03 23:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2004-08-03 23:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2004-08-03 23:44:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HTTPFILTER]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004-08-03 23:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2004-08-03 23:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2004-08-03 23:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011-02-04 08:11:38 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kiciński\Moje dokumenty\Pobieranie\OTL.exe
MOD - [2009-07-09 00:05:38 | 000,301,600 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\nView\NVWRSPL.dll
MOD - [2009-07-09 00:03:50 | 001,108,512 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nvwimg.dll
MOD - [2009-07-09 00:03:46 | 001,514,016 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nView.dll
MOD - [2004-08-03 23:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2004-08-03 23:44:16 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2004-08-03 23:44:16 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2004-08-03 23:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2004-08-03 23:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2004-08-03 23:44:12 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2004-08-03 23:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2004-08-03 23:44:10 | 008,412,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2004-08-03 23:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2004-08-03 23:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2004-08-03 23:44:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2004-08-03 23:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2004-08-03 23:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2004-08-03 23:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2004-08-03 23:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2004-08-03 23:44:08 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2004-08-03 23:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2004-08-03 23:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2004-08-03 23:44:06 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll
MOD - [2004-08-03 23:44:04 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll
MOD - [2004-08-03 23:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2004-08-03 23:44:02 | 001,012,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2004-08-03 23:44:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2004-08-03 23:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004-08-03 23:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2004-08-03 23:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2004-08-03 23:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2004-08-03 23:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2004-08-03 23:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2004-08-03 23:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004-08-03 22:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-04-06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2009-10-15 14:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009-03-02 14:06:16 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE -- (ES lite Service)
SRV - [2008-08-18 13:30:58 | 000,019,200 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2007-12-21 06:21:16 | 000,468,224 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-02-04 08:01:26 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2010-04-22 15:08:26 | 000,019,496 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AppleCharger.sys -- (AppleCharger)
DRV - [2010-03-26 11:21:26 | 005,883,936 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009-11-18 00:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009-11-18 00:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009-07-27 08:09:52 | 000,044,032 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2009-07-14 19:54:00 | 007,741,664 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008-08-18 13:27:42 | 000,034,312 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2008-08-18 13:19:26 | 000,053,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv)
DRV - [2008-08-18 13:18:26 | 000,039,944 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2008-03-31 16:12:16 | 000,073,728 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2005-01-07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm






IE - HKU\S-1-5-21-1343024091-1482476501-682003330-1003\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKU\S-1-5-21-1343024091-1482476501-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-02-03 12:51:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-02-03 12:48:38 | 000,000,000 | ---D | M]

[2011-02-03 12:52:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kiciński\Dane aplikacji\Mozilla\Extensions
[2011-02-03 12:52:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kiciński\Dane aplikacji\Mozilla\Firefox\Profiles\2uxym67z.default\extensions
[2011-02-03 12:48:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-12-03 18:54:54 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-12-03 18:54:54 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-12-03 18:54:54 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-12-03 18:54:54 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-12-03 18:54:54 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-12-03 18:54:54 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [BCU] C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKU\S-1-5-21-1343024091-1482476501-682003330-1003..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1343024091-1482476501-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.178.7.3 83.142.201.12
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Kiciński\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Kiciński\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-02-02 09:24:57 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011-02-04 08:12:15 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011-02-04 08:12:15 | 000,000,000 | ---D | C] -- C:\rsit
[2011-02-04 08:05:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiciński\Dane aplikacji\Malwarebytes
[2011-02-04 08:05:31 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011-02-04 08:05:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
[2011-02-04 08:05:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2011-02-04 08:05:27 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011-02-04 08:05:27 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011-02-04 08:05:17 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011-02-04 07:59:59 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011-02-04 07:55:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiciński\Ustawienia lokalne\Dane aplikacji\Sunbelt Software
[2011-02-04 07:53:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\~0
[2011-02-04 07:53:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft
[2011-02-04 06:35:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Lavalys
[2011-02-04 06:35:28 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2011-02-03 22:36:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiciński\Ustawienia lokalne\Dane aplikacji\GIANTS Editor 4.1.6
[2011-02-03 22:20:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Techland
[2011-02-03 22:17:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiciński\Moje dokumenty\My Games
[2011-02-03 19:45:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2011-02-03 19:45:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiciński\Dane aplikacji\OpenFM
[2011-02-03 18:58:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiciński\Dane aplikacji\Gadu-Gadu 10
[2011-02-03 18:58:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2011-02-03 13:44:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\WinRAR
[2011-02-03 13:44:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiciński\Menu Start\Programy\WinRAR
[2011-02-03 13:44:35 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011-02-03 13:20:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiciński\Moje dokumenty\Pobieranie
[2011-02-03 12:53:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiciński\Dane aplikacji\Macromedia
[2011-02-03 12:53:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiciński\Dane aplikacji\Adobe
[2011-02-03 12:51:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiciński\Ustawienia lokalne\Dane aplikacji\Mozilla
[2011-02-03 12:51:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiciński\Dane aplikacji\Mozilla
[2011-02-03 12:48:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox
[2011-02-03 12:48:38 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011-02-03 12:45:09 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Kiciński\UserData
[2011-02-03 11:39:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Office
[2011-02-03 11:39:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2011-02-03 11:39:15 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2011-02-03 11:39:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2011-02-03 11:39:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011-02-03 11:37:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2011-02-03 11:36:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiciński\Ustawienia lokalne\Dane aplikacji\Microsoft Help
[2011-02-03 11:36:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011-02-03 11:36:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
[2011-02-03 11:36:22 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011-02-03 08:14:14 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10
[2011-02-03 07:52:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2011-02-03 07:49:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Kiciński\Dane aplikacji\SecuROM
[2011-02-02 13:33:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiciński\Ustawienia lokalne\Dane aplikacji\ESET
[2011-02-02 12:52:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Mortyr 2
[2011-02-02 12:51:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\nView_Profiles
[2011-02-02 12:47:53 | 000,000,000 | ---D | C] -- C:\Program Files\Mirage Interactive
[2011-02-02 10:59:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2011-02-02 10:58:32 | 000,000,000 | ---D | C] -- C:\Program Files\Symulator Farmy 2011
[2011-02-02 10:20:47 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011-02-02 10:20:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ESET
[2011-02-02 10:20:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2011-02-02 10:16:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2011-02-02 09:45:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiciński\Dane aplikacji\WinRAR
[2011-02-02 09:36:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2011-02-02 09:36:36 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2011-02-02 09:36:10 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011-02-02 09:36:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA Corporation
[2011-02-02 09:33:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2011-02-02 09:33:15 | 000,044,032 | R--- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\l1c51x86.sys
[2011-02-02 09:33:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\InstallShield
[2011-02-02 09:33:13 | 000,358,944 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2011-02-02 09:33:12 | 000,129,568 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe
[2011-02-02 09:33:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Atheros_L1e
[2011-02-02 09:33:03 | 002,815,520 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
[2011-02-02 09:33:02 | 001,691,480 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys
[2011-02-02 09:33:02 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011-02-02 09:32:31 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011-02-02 09:30:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2011-02-02 09:30:41 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\System32\CSVer.dll
[2011-02-02 09:30:41 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2011-02-02 09:30:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2011-02-02 09:30:37 | 000,000,000 | ---D | C] -- C:\Intel
[2011-02-02 09:30:28 | 000,000,000 | -H-D | C] -- C:\Program Files\DeviceVM
[2011-02-02 09:30:14 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2011-02-02 09:30:14 | 000,000,000 | ---D | C] -- C:\Program Files\Gigabyte
[2011-02-02 09:30:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\GIGABYTE
[2011-02-02 09:30:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2011-02-02 09:29:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\UltraISO
[2011-02-02 09:29:04 | 000,000,000 | ---D | C] -- C:\Program Files\UltraISO
[2011-02-02 09:29:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiciński\Moje dokumenty\My ISO Files
[2011-02-02 09:29:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EZB Systems
[2011-02-02 09:28:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiciński\Dane aplikacji\Identities
[2011-02-02 09:28:09 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2011-02-02 09:28:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kiciński\Moje dokumenty\Moje obrazy
[2011-02-02 09:28:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kiciński\Moje dokumenty\Moja muzyka
[2011-02-02 09:28:05 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Kiciński\Dane aplikacji\Microsoft
[2011-02-02 09:28:05 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Kiciński\Cookies
[2011-02-02 09:28:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Kiciński\SendTo
[2011-02-02 09:28:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Kiciński\Recent
[2011-02-02 09:28:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Kiciński\Dane aplikacji
[2011-02-02 09:28:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kiciński\Ulubione
[2011-02-02 09:28:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kiciński\Moje dokumenty
[2011-02-02 09:28:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kiciński\Menu Start
[2011-02-02 09:28:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kiciński\Menu Start\Programy\Autostart
[2011-02-02 09:28:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kiciński\Menu Start\Programy\Akcesoria
[2011-02-02 09:28:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Kiciński\Ustawienia lokalne
[2011-02-02 09:28:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Kiciński\Szablony
[2011-02-02 09:28:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Kiciński\PrintHood
[2011-02-02 09:28:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Kiciński\NetHood
[2011-02-02 09:28:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiciński\Pulpit
[2011-02-02 09:28:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiciński\Ustawienia lokalne\Dane aplikacji\Microsoft
[2011-02-02 09:27:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2011-02-02 09:27:31 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2011-02-02 09:27:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011-02-02 09:27:30 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2011-02-02 09:27:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2011-02-02 09:27:18 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2011-02-02 09:27:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2011-02-02 09:26:16 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011-02-02 09:26:16 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011-02-02 09:26:16 | 000,026,624 | ---- | C] (RICOH Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2011-02-02 09:26:09 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2011-02-02 09:26:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2011-02-02 09:26:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2011-02-02 09:26:05 | 000,000,000 | R--D | C] -- C:\Program Files
[2011-02-02 09:26:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2011-02-02 09:26:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2011-02-02 09:25:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start
[2011-02-02 09:25:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty
[2011-02-02 09:25:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
[2011-02-02 09:25:44 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Szablony
[2011-02-02 09:25:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Ulubione
[2011-02-02 09:25:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Pulpit
[2011-02-02 09:25:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2011-02-02 09:25:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2011-02-02 09:25:30 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011-02-02 09:25:29 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
[2011-02-02 09:25:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji
[2011-02-02 09:25:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2011-02-02 09:25:13 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2011-02-02 09:25:13 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2011-02-02 09:25:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2011-02-02 09:25:10 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011-02-02 09:24:17 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2011-02-02 09:24:10 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2011-02-02 09:24:10 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2011-02-02 09:24:02 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2011-02-02 09:23:59 | 000,000,000 | ---D | C] -- C:\Program Files\Usługi online
[2011-02-02 09:23:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2011-02-02 09:23:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2011-02-02 09:23:21 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2011-02-02 09:23:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2011-02-02 09:23:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2011-02-02 09:23:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2011-02-02 09:23:10 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2011-02-02 09:23:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2011-02-02 09:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2011-02-02 09:22:55 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2011-02-02 09:22:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2011-02-02 09:22:49 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2011-02-02 09:22:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy
[2011-02-02 09:22:32 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Gry
[2011-02-02 09:22:23 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2011-02-02 09:22:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Narzędzia administracyjne
[2011-02-02 09:22:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2011-02-02 09:22:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka
[2011-02-02 09:22:12 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2011-02-02 09:22:07 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2011-02-02 09:22:05 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2011-02-02 09:21:45 | 000,283,136 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2011-02-02 09:21:44 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2011-02-02 09:21:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2011-02-02 09:21:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2011-02-02 09:21:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo
[2011-02-02 09:21:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria
[2011-02-02 09:20:45 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2011-02-02 09:20:45 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2011-02-02 09:20:45 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2011-02-02 09:20:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1045
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2011-02-02 09:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011-02-04 08:05:41 | 000,763,990 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2011-02-04 08:05:41 | 000,355,830 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-02-04 08:05:41 | 000,311,740 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-02-04 08:05:41 | 000,049,712 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-02-04 08:05:41 | 000,040,128 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-02-04 08:05:31 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2011-02-04 08:01:21 | 001,310,720 | -H-- | M] () -- C:\Documents and Settings\Kiciński\NTUSER.DAT
[2011-02-04 08:01:20 | 000,243,457 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2011-02-04 08:01:19 | 000,000,458 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011-02-04 08:01:19 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2011-02-04 08:01:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-02-04 08:00:25 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Kiciński\ntuser.ini
[2011-02-04 08:00:21 | 005,324,708 | -H-- | M] () -- C:\Documents and Settings\Kiciński\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2011-02-04 07:59:56 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011-02-04 06:35:48 | 000,000,787 | ---- | M] () -- C:\Documents and Settings\Kiciński\Pulpit\EVEREST Ultimate Edition.lnk
[2011-02-04 06:25:48 | 000,266,208 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-02-03 22:20:47 | 000,000,868 | ---- | M] () -- C:\Documents and Settings\Kiciński\Pulpit\Symulator Farmy 2011 .lnk
[2011-02-03 18:58:24 | 000,000,791 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2011-02-03 18:58:24 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2011-02-03 12:51:37 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2011-02-03 12:48:40 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2011-02-03 11:37:14 | 000,000,552 | ---- | M] () -- C:\WINDOWS\win.ini
[2011-02-03 07:49:55 | 000,427,193 | ---- | M] () -- C:\Documents and Settings\Kiciński\Pulpit\AnalysisLog.sr0
[2011-02-02 12:52:47 | 000,000,842 | ---- | M] () -- C:\Documents and Settings\Kiciński\Pulpit\Mortyr 2.lnk
[2011-02-02 10:23:48 | 000,012,328 | ---- | M] () -- C:\Documents and Settings\Kiciński\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2011-02-02 10:16:29 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2011-02-02 10:16:29 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2011-02-02 09:36:45 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011-02-02 09:32:27 | 000,000,010 | ---- | M] () -- C:\WINDOWS\GSetup.ini
[2011-02-02 09:29:05 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Kiciński\Pulpit\UltraISO.lnk
[2011-02-02 09:28:04 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-02-02 09:27:21 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2011-02-02 09:26:34 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011-02-02 09:26:04 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2011-02-02 09:24:57 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011-02-02 09:24:57 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011-02-02 09:24:57 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011-02-02 09:24:57 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2011-02-02 09:24:57 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011-02-02 09:24:57 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011-02-02 09:24:55 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011-02-02 09:24:55 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011-02-02 09:24:55 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011-02-02 09:24:47 | 000,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011-02-02 09:24:10 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2011-02-02 09:24:10 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2011-02-02 09:24:05 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2011-02-02 09:24:05 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2011-02-02 09:24:05 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2011-02-02 09:24:05 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2011-02-02 09:24:05 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2011-02-02 09:24:05 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2011-02-02 09:22:31 | 000,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011-02-02 09:22:21 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2011-02-02 09:22:21 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2011-02-02 09:20:56 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-02-04 08:05:31 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2011-02-04 08:00:36 | 000,000,458 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011-02-04 06:35:48 | 000,000,787 | ---- | C] () -- C:\Documents and Settings\Kiciński\Pulpit\EVEREST Ultimate Edition.lnk
[2011-02-03 22:20:47 | 000,000,868 | ---- | C] () -- C:\Documents and Settings\Kiciński\Pulpit\Symulator Farmy 2011 .lnk
[2011-02-03 18:58:24 | 000,000,791 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2011-02-03 18:58:24 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2011-02-03 12:51:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011-02-03 12:48:40 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2011-02-03 08:14:18 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Gadu-Gadu 10.lnk
[2011-02-03 07:49:48 | 000,427,193 | ---- | C] () -- C:\Documents and Settings\Kiciński\Pulpit\AnalysisLog.sr0
[2011-02-02 12:52:47 | 000,000,842 | ---- | C] () -- C:\Documents and Settings\Kiciński\Pulpit\Mortyr 2.lnk
[2011-02-02 10:23:48 | 000,012,328 | ---- | C] () -- C:\Documents and Settings\Kiciński\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2011-02-02 10:16:29 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2011-02-02 10:16:29 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2011-02-02 09:35:58 | 000,019,495 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2011-02-02 09:33:11 | 000,031,272 | ---- | C] () -- C:\WINDOWS\System32\AppleChargerSrv.exe
[2011-02-02 09:33:11 | 000,019,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\AppleCharger.sys
[2011-02-02 09:31:13 | 005,324,708 | -H-- | C] () -- C:\Documents and Settings\Kiciński\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2011-02-02 09:30:34 | 000,001,164 | ---- | C] () -- C:\Documents and Settings\Kiciński\Menu Start\Programy\Social Games.lnk
[2011-02-02 09:29:37 | 000,207,400 | R--- | C] () -- C:\WINDOWS\GSetup.exe
[2011-02-02 09:29:37 | 000,000,010 | ---- | C] () -- C:\WINDOWS\GSetup.ini
[2011-02-02 09:29:05 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\Kiciński\Pulpit\UltraISO.lnk
[2011-02-02 09:28:10 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Kiciński\Menu Start\Programy\Outlook Express.lnk
[2011-02-02 09:28:09 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Kiciński\Menu Start\Programy\Internet Explorer.lnk
[2011-02-02 09:28:06 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\Kiciński\ntuser.ini
[2011-02-02 09:28:05 | 001,310,720 | -H-- | C] () -- C:\Documents and Settings\Kiciński\NTUSER.DAT
[2011-02-02 09:28:05 | 000,200,704 | -H-- | C] () -- C:\Documents and Settings\Kiciński\ntuser.dat.LOG
[2011-02-02 09:28:05 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Kiciński\Menu Start\Programy\Pomoc zdalna.lnk
[2011-02-02 09:28:05 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Kiciński\Menu Start\Programy\Windows Media Player.lnk
[2011-02-02 09:28:05 | 000,000,354 | -HS- | C] () -- C:\Documents and Settings\Kiciński\Menu Start\Programy\desktop.ini
[2011-02-02 09:28:05 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\Kiciński\Dane aplikacji\desktop.ini
[2011-02-02 09:27:31 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT
[2011-02-02 09:27:21 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2011-02-02 09:26:34 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011-02-02 09:26:30 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2011-02-02 09:26:13 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2011-02-02 09:26:13 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2011-02-02 09:26:12 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2011-02-02 09:26:11 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011-02-02 09:26:09 | 000,763,990 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2011-02-02 09:26:08 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011-02-02 09:26:07 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2011-02-02 09:26:07 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2011-02-02 09:26:06 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2011-02-02 09:26:06 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2011-02-02 09:26:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2011-02-02 09:26:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2011-02-02 09:26:02 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2011-02-02 09:26:02 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2011-02-02 09:26:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2011-02-02 09:26:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2011-02-02 09:26:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2011-02-02 09:26:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2011-02-02 09:26:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2011-02-02 09:26:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2011-02-02 09:26:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2011-02-02 09:26:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2011-02-02 09:26:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2011-02-02 09:26:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2011-02-02 09:25:59 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2011-02-02 09:25:59 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2011-02-02 09:25:59 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2011-02-02 09:25:59 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2011-02-02 09:25:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2011-02-02 09:25:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2011-02-02 09:25:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2011-02-02 09:25:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2011-02-02 09:25:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2011-02-02 09:25:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2011-02-02 09:25:59 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2011-02-02 09:25:58 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011-02-02 09:25:58 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2011-02-02 09:25:58 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2011-02-02 09:25:58 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2011-02-02 09:25:58 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2011-02-02 09:25:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2011-02-02 09:25:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2011-02-02 09:25:57 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2011-02-02 09:25:57 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2011-02-02 09:25:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2011-02-02 09:25:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2011-02-02 09:25:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2011-02-02 09:25:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2011-02-02 09:25:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2011-02-02 09:25:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2011-02-02 09:25:54 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2011-02-02 09:25:53 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2011-02-02 09:25:52 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011-02-02 09:25:52 | 000,001,734 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2011-02-02 09:25:45 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2011-02-02 09:25:44 | 000,808,524 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011-02-02 09:25:44 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011-02-02 09:25:44 | 000,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2011-02-02 09:25:44 | 000,102,826 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2011-02-02 09:25:44 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2011-02-02 09:25:44 | 000,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2011-02-02 09:25:44 | 000,030,983 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2011-02-02 09:25:44 | 000,014,043 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2011-02-02 09:25:44 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011-02-02 09:25:44 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2011-02-02 09:25:44 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011-02-02 09:25:44 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011-02-02 09:25:44 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2011-02-02 09:25:44 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2011-02-02 09:25:44 | 000,000,150 | -HS- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\desktop.ini
[2011-02-02 09:25:44 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
[2011-02-02 09:25:43 | 001,896,400 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2011-02-02 09:25:43 | 001,086,058 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NTPRINT.CAT
[2011-02-02 09:25:43 | 001,014,483 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2011-02-02 09:25:43 | 000,620,500 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2011-02-02 09:25:41 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011-02-02 09:25:38 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2011-02-02 09:25:32 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2011-02-02 09:25:30 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2011-02-02 09:25:30 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2011-02-02 09:25:30 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2011-02-02 09:25:30 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2011-02-02 09:25:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2011-02-02 09:25:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2011-02-02 09:25:29 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2011-02-02 09:25:29 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2011-02-02 09:25:29 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2011-02-02 09:25:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2011-02-02 09:25:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2011-02-02 09:25:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2011-02-02 09:25:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2011-02-02 09:25:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2011-02-02 09:25:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2011-02-02 09:25:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2011-02-02 09:25:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2011-02-02 09:25:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2011-02-02 09:25:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2011-02-02 09:25:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2011-02-02 09:25:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2011-02-02 09:25:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2011-02-02 09:25:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2011-02-02 09:25:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2011-02-02 09:25:28 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2011-02-02 09:25:28 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2011-02-02 09:25:28 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2011-02-02 09:25:28 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2011-02-02 09:25:28 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2011-02-02 09:25:28 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2011-02-02 09:25:28 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2011-02-02 09:25:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2011-02-02 09:25:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2011-02-02 09:25:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2011-02-02 09:25:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2011-02-02 09:25:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2011-02-02 09:25:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2011-02-02 09:25:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2011-02-02 09:25:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2011-02-02 09:25:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2011-02-02 09:25:27 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2011-02-02 09:25:27 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2011-02-02 09:25:27 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2011-02-02 09:25:27 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2011-02-02 09:25:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2011-02-02 09:25:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2011-02-02 09:25:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2011-02-02 09:25:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2011-02-02 09:25:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2011-02-02 09:25:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2011-02-02 09:25:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2011-02-02 09:25:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2011-02-02 09:25:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2011-02-02 09:25:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2011-02-02 09:25:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2011-02-02 09:25:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2011-02-02 09:25:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2011-02-02 09:25:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2011-02-02 09:25:26 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2011-02-02 09:25:26 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2011-02-02 09:25:10 | 000,266,208 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-02-02 09:24:57 | 000,002,596 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2011-02-02 09:24:57 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011-02-02 09:24:57 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011-02-02 09:24:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2011-02-02 09:24:57 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2011-02-02 09:24:57 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2011-02-02 09:24:55 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2011-02-02 09:24:55 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2011-02-02 09:24:54 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2011-02-02 09:24:20 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2011-02-02 09:24:18 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2011-02-02 09:24:10 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2011-02-02 09:24:10 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2011-02-02 09:24:05 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2011-02-02 09:24:05 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2011-02-02 09:24:05 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2011-02-02 09:24:05 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2011-02-02 09:24:05 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2011-02-02 09:24:05 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2011-02-02 09:24:02 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Movie Maker.lnk
[2011-02-02 09:23:53 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2011-02-02 09:23:30 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2011-02-02 09:23:30 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2011-02-02 09:23:25 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2011-02-02 09:23:15 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2011-02-02 09:23:04 | 000,379,904 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2011-02-02 09:22:32 | 000,000,643 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Messenger.lnk
[2011-02-02 09:22:31 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011-02-02 09:22:21 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2011-02-02 09:22:21 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2011-02-02 09:21:54 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Pod mikroskopem.bmp
[2011-02-02 09:21:54 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Stiuk z Santa Fe.bmp
[2011-02-02 09:21:54 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Wachlarze.bmp
[2011-02-02 09:21:54 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp
[2011-02-02 09:21:54 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Indiański pled.bmp
[2011-02-02 09:21:53 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2011-02-02 09:21:53 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Bąbelki.bmp
[2011-02-02 09:21:53 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2011-02-02 09:21:53 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Nefryt.bmp
[2011-02-02 09:21:53 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Na rybkach.bmp
[2011-02-02 09:21:53 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kawa.bmp
[2011-02-02 09:21:53 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2011-02-02 09:21:53 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Puch.bmp
[2011-02-02 09:21:53 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2011-02-02 09:21:53 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2011-02-02 09:21:53 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2011-02-02 09:21:53 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Niebieska koronka 16.bmp
[2011-02-02 09:21:52 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2011-02-02 09:21:52 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2011-02-02 09:21:51 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2011-02-02 09:21:51 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2011-02-02 09:21:51 | 000,001,225 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2011-02-02 09:21:50 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2011-02-02 09:21:50 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2011-02-02 09:21:45 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2008-08-18 13:27:42 | 000,034,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\epfwtdir.sys
[2004-08-03 23:44:10 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2004-08-03 23:44:04 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2004-08-03 23:44:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004-08-03 23:43:58 | 000,186,368 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2004-08-03 23:43:56 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll
[2004-08-03 23:43:54 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2004-08-03 23:43:16 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2004-08-03 21:46:56 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2004-08-03 21:45:34 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2004-08-03 21:45:16 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2004-08-03 21:45:16 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2004-08-03 21:45:14 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2004-08-03 21:45:12 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2004-07-17 10:46:14 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2004-07-17 10:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2001-10-26 18:29:42 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll
[2001-10-26 18:29:40 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll
[2001-10-26 18:29:32 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2001-10-26 18:28:34 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2001-10-26 18:27:02 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2001-10-26 17:15:04 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2001-10-26 17:14:52 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2001-10-26 17:14:32 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2001-10-26 17:12:52 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2001-10-26 16:45:26 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2001-10-26 16:45:26 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2001-10-26 16:45:24 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2001-10-26 16:42:08 | 000,020,629 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini
[2001-10-26 16:42:08 | 000,002,992 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini
[2001-10-26 16:42:08 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini
[2001-10-26 16:42:08 | 000,001,295 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini
[2001-08-17 22:31:56 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2001-08-17 22:31:56 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2001-08-17 22:31:50 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2001-08-17 22:31:46 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2001-08-17 22:31:46 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2001-08-17 22:31:44 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2001-08-17 22:13:24 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv
[2001-08-17 20:55:06 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2001-07-22 03:25:18 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2001-07-21 23:16:20 | 000,000,552 | ---- | C] () -- C:\WINDOWS\win.ini
[2001-07-21 23:15:52 | 000,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2001-07-21 23:15:50 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll

[color=#E56717]========== LOP Check ==========[/color]

[2011-02-02 10:20:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2011-02-03 18:58:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2011-02-03 19:49:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2011-02-04 08:05:19 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\~0
[2011-02-03 20:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kiciński\Dane aplikacji\Gadu-Gadu 10
[2011-02-03 19:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kiciński\Dane aplikacji\OpenFM
[2011-02-04 08:01:19 | 000,000,458 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2011-02-02 09:24:57 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011-02-02 09:20:56 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2001-07-21 23:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2011-02-02 09:24:57 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011-02-02 09:33:38 | 000,000,180 | ---- | M] () -- C:\csb.log
[2011-02-02 09:24:57 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011-02-02 09:24:57 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-03 21:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004-08-03 21:59:54 | 000,250,624 | RHS- | M] () -- C:\ntldr
[2011-02-02 09:33:38 | 000,002,106 | ---- | M] () -- C:\RHDSetup.log
[2011-02-04 08:12:25 | 000,000,200 | ---- | M] () -- C:\service.log


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe

< End of report >
[/log]

info.txt
[log] info.txt logfile of random's system information tool 1.08 2011-02-04 08:12:25

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver-->"C:\Program Files\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\SETUP.EXE" -runfromtemp -l0x0015 -removeonly
Browser Configuration Utility-->MsiExec.exe /X{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}
EasySaver B9.0610.1 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{07300F01-89CA-4CF8-92BD-2A605EB83C95}\setup.exe" -l0x9 -removeonly
ESET NOD32 Antivirus-->MsiExec.exe /I{20E26A4C-07BA-4BED-9FB3-145CF0304383}
EVEREST Ultimate Edition v5.30-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
Gadu-Gadu 10-->C:\Program Files\Gadu-Gadu 10\Uninstall.exe
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Office Access MUI (Polish) 2007-->MsiExec.exe /X{90120000-0015-0415-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Polish) 2007-->MsiExec.exe /X{90120000-0016-0415-0000-0000000FF1CE}
Microsoft Office Groove MUI (Polish) 2007-->MsiExec.exe /X{90120000-00BA-0415-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Polish) 2007-->MsiExec.exe /X{90120000-0044-0415-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Polish) 2007-->MsiExec.exe /X{90120000-00A1-0415-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Polish) 2007-->MsiExec.exe /X{90120000-001A-0415-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Polish) 2007-->MsiExec.exe /X{90120000-0018-0415-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE}
Microsoft Office Proofing (Polish) 2007-->MsiExec.exe /X{90120000-002C-0415-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Polish) 2007-->MsiExec.exe /X{90120000-0019-0415-0000-0000000FF1CE}
Microsoft Office Shared MUI (Polish) 2007-->MsiExec.exe /X{90120000-006E-0415-0000-0000000FF1CE}
Microsoft Office Word MUI (Polish) 2007-->MsiExec.exe /X{90120000-001B-0415-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Mortyr 2 v1.352-->"C:\Program Files\Mirage Interactive\Mortyr 2\unins000.exe"
Mozilla Firefox (3.6.13)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA nView Desktop Manager-->C:\Program Files\NVIDIA Corporation\nView\nViewSetup.exe -uninstall
ON_OFF Charge B10.0422.2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DECD372-76A1-4483-BF10-B547790A3261}\setup.exe" -l0x9 -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -l0x15 -removeonly
Symulator Farmy 2011-->"C:\Program Files\Symulator Farmy 2011\unins000.exe"
UltraISO Premium V9.12-->"C:\Program Files\UltraISO\unins000.exe"
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

======System event log======

Computer Name: KICINSKI-D36BDF
Event Code: 15007
Message: Pomyślnie dodano rezerwację przestrzeni nazw, identyfikowaną przez prefiks adresu URL http://*:2869/.

Record Number: 5
Source Name: HTTP
Time Written: 20110202092401.000000+060
Event Type: informacje
User:

Computer Name: KICINSKI-D36BDF
Event Code: 6011
Message: Nazwa NetBIOS i nazwa hosta DNS tego komputera uległy zmianie z MACHINENAME na KICINSKI-D36BDF.

Record Number: 4
Source Name: EventLog
Time Written: 20110202092058.000000+060
Event Type: informacje
User:

Computer Name: MACHINENAME
Event Code: 2
Message: Podczas sprawdzania, czy \Device\Serial0 jest rzeczywiście portem szeregowym, wykryto kolejkę typu fifo. Zostanie ona użyta.

Record Number: 3
Source Name: Serial
Time Written: 20110202092537.000000+060
Event Type: informacje
User:

Computer Name: MACHINENAME
Event Code: 6005
Message: Uruchomiono usługę Dziennik zdarzeń.

Record Number: 2
Source Name: EventLog
Time Written: 20110202092516.000000+060
Event Type: informacje
User:

Computer Name: MACHINENAME
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Dodatek Service Pack 2 Multiprocessor Free.

Record Number: 1
Source Name: EventLog
Time Written: 20110202092516.000000+060
Event Type: informacje
User:

=====Application event log=====

Computer Name: KICINSKI-D36BDF
Event Code: 1000
Message: Liczniki wydajności dla usługi MSDTC (MSDTC) zostały pomyślnie załadowane.
Dane rekordu zawierają nowe wartości indeksu przypisane
do tej usługi.

Record Number: 5
Source Name: LoadPerf
Time Written: 20110202092214.000000+060
Event Type: informacje
User:

Computer Name: KICINSKI-D36BDF
Event Code: 1000
Message: Liczniki wydajności dla usługi TermService (Usługi terminalowe) zostały pomyślnie załadowane.
Dane rekordu zawierają nowe wartości indeksu przypisane
do tej usługi.

Record Number: 4
Source Name: LoadPerf
Time Written: 20110202092212.000000+060
Event Type: informacje
User:

Computer Name: KICINSKI-D36BDF
Event Code: 1000
Message: Liczniki wydajności dla usługi RemoteAccess (Routing i dostęp zdalny) zostały pomyślnie załadowane.
Dane rekordu zawierają nowe wartości indeksu przypisane
do tej usługi.

Record Number: 3
Source Name: LoadPerf
Time Written: 20110202092128.000000+060
Event Type: informacje
User:

Computer Name: KICINSKI-D36BDF
Event Code: 1000
Message: Liczniki wydajności dla usługi PSched (PSched) zostały pomyślnie załadowane.
Dane rekordu zawierają nowe wartości indeksu przypisane
do tej usługi.

Record Number: 2
Source Name: LoadPerf
Time Written: 20110202092106.000000+060
Event Type: informacje
User:

Computer Name: KICINSKI-D36BDF
Event Code: 1000
Message: Liczniki wydajności dla usługi RSVP (QoS RSVP) zostały pomyślnie załadowane.
Dane rekordu zawierają nowe wartości indeksu przypisane
do tej usługi.

Record Number: 1
Source Name: LoadPerf
Time Written: 20110202092106.000000+060
Event Type: informacje
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=0605
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------
[/log]

log.txt
[log] Logfile of random's system information tool 1.08 (written by random/random)
Run by Kiciński at 2011-02-04 08:12:15
Microsoft Windows XP Professional Dodatek Service Pack 2
System drive C: has 393 GB (98%) free of 400 GB
Total RAM: 2558 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 08:12:24, on 2011-02-04
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
C:\WINDOWS\system32\WISPTIS.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Kiciński\Moje dokumenty\Pobieranie\OTL.exe
C:\Documents and Settings\Kiciński\Moje dokumenty\Pobieranie\RSIT.exe
C:\Program Files\trend micro\Kiciński.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O4 - HKLM\..\Run: [BCU] "C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadu-Gadu 10] "C:\Program Files\Gadu-Gadu 10\gg.exe"
O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "C:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MSI" TRANSFORMS="C:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MST" WISE_SETUP_EXE_PATH="f:\driver\2k_xp\190.38\PhysX_9.09.0428_SystemSoftware.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AppleChargerSrv - Unknown owner - C:\WINDOWS\system32\AppleChargerSrv.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5524 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCU"=C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe [2009-10-15 375000]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-03-26 19522592]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-07-09 1657376]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-07-14 13877248]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-07-14 86016]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-09-16 1447168]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-17 221184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-02-17 81920]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-12-20 443728]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360]
"Gadu-Gadu 10"=C:\Program Files\Gadu-Gadu 10\gg.exe [2010-12-16 12984928]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WiseStubReboot"=MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I C:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MSI TRANSFORMS=C:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MST WISE_SETUP_EXE_PATH=f:\driver\2k_xp\190.38\PhysX_9.09.0428_SystemSoftware.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-03 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Disabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Disabled:Microsoft Office OneNote"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Disabled:Microsoft Office Outlook"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Gadu-Gadu 10\gg.exe"="C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10"
"C:\Program Files\Symulator Farmy 2011\game.exe"="C:\Program Files\Symulator Farmy 2011\game.exe:*:Disabled:Symulator Farmy 2011"
"C:\Program Files\Symulator Farmy 2011\FarmingSimulator2011.exe"="C:\Program Files\Symulator Farmy 2011\FarmingSimulator2011.exe:*:Disabled:Symulator Farmy 2011"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2011-02-04 08:12:15 ----D---- C:\rsit
2011-02-04 08:12:15 ----D---- C:\Program Files\trend micro
2011-02-04 08:05:44 ----D---- C:\Documents and Settings\Kiciński\Dane aplikacji\Malwarebytes
2011-02-04 08:05:31 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-02-04 08:05:30 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
2011-02-04 08:05:27 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-02-04 08:05:27 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-02-04 08:05:17 ----SHD---- C:\Config.Msi
2011-02-04 07:59:59 ----A---- C:\WINDOWS\system32\drivers\SBREDrv.sys
2011-02-04 07:53:29 ----HDC---- C:\Documents and Settings\All Users\Dane aplikacji\~0
2011-02-04 07:53:20 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft
2011-02-04 06:35:28 ----D---- C:\Program Files\Lavalys
2011-02-03 19:45:02 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
2011-02-03 19:45:01 ----D---- C:\Documents and Settings\Kiciński\Dane aplikacji\OpenFM
2011-02-03 18:58:41 ----D---- C:\Documents and Settings\Kiciński\Dane aplikacji\Gadu-Gadu 10
2011-02-03 18:58:24 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
2011-02-03 13:44:35 ----D---- C:\Program Files\WinRAR
2011-02-03 12:53:58 ----D---- C:\Documents and Settings\Kiciński\Dane aplikacji\Macromedia
2011-02-03 12:53:57 ----D---- C:\Documents and Settings\Kiciński\Dane aplikacji\Adobe
2011-02-03 12:51:35 ----D---- C:\Documents and Settings\Kiciński\Dane aplikacji\Mozilla
2011-02-03 12:48:38 ----D---- C:\Program Files\Mozilla Firefox
2011-02-03 11:39:45 ----A---- C:\WINDOWS\system32\msonpmon.dll
2011-02-03 11:39:19 ----D---- C:\Program Files\Microsoft Works
2011-02-03 11:39:15 ----D---- C:\Program Files\MSBuild
2011-02-03 11:39:04 ----D---- C:\Program Files\Microsoft Visual Studio
2011-02-03 11:39:04 ----D---- C:\Program Files\Common Files\DESIGNER
2011-02-03 11:37:02 ----D---- C:\WINDOWS\SHELLNEW
2011-02-03 11:36:44 ----D---- C:\Program Files\Microsoft Office
2011-02-03 11:36:43 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
2011-02-03 11:36:22 ----RHD---- C:\MSOCache
2011-02-03 11:34:43 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2011-02-03 08:14:14 ----D---- C:\Program Files\Gadu-Gadu 10
2011-02-03 07:52:16 ----D---- C:\WINDOWS\system32\appmgmt
2011-02-03 07:49:27 ----RHD---- C:\Documents and Settings\Kiciński\Dane aplikacji\SecuROM
2011-02-03 07:46:00 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2011-02-03 07:46:00 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2011-02-03 07:45:59 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2011-02-03 07:45:59 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2011-02-03 07:45:58 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2011-02-03 07:45:58 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2011-02-03 07:45:58 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2011-02-03 07:45:57 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2011-02-03 07:45:57 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2011-02-03 07:45:56 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2011-02-03 07:45:56 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2011-02-03 07:45:55 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2011-02-03 07:45:55 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2011-02-03 07:45:54 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2011-02-03 07:45:54 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2011-02-03 07:45:54 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2011-02-03 07:45:53 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2011-02-03 07:45:53 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2011-02-03 07:45:52 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2011-02-03 07:45:52 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2011-02-02 12:51:30 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\nView_Profiles
2011-02-02 12:47:53 ----D---- C:\Program Files\Mirage Interactive
2011-02-02 10:59:56 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2011-02-02 10:59:39 ----D---- C:\WINDOWS\Logs
2011-02-02 10:58:32 ----D---- C:\Program Files\Symulator Farmy 2011
2011-02-02 10:20:51 ----A---- C:\WINDOWS\system32\h323log.txt
2011-02-02 10:20:47 ----D---- C:\Program Files\ESET
2011-02-02 10:20:47 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\ESET
2011-02-02 10:16:28 ----D---- C:\WINDOWS\system32\Lang
2011-02-02 10:16:24 ----A---- C:\WINDOWS\gdrv.sys
2011-02-02 09:53:19 ----A---- C:\WINDOWS\system32\hidserv.dll
2011-02-02 09:53:18 ----A---- C:\WINDOWS\system32\drivers\mouhid.sys
2011-02-02 09:53:16 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys
2011-02-02 09:45:55 ----D---- C:\Documents and Settings\Kiciński\Dane aplikacji\WinRAR
2011-02-02 09:36:55 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-02-02 09:36:43 ----N---- C:\WINDOWS\system32\spmsg.dll
2011-02-02 09:36:36 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2011-02-02 09:36:10 ----D---- C:\Program Files\NVIDIA Corporation
2011-02-02 09:36:08 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA Corporation
2011-02-02 09:35:58 ----A---- C:\WINDOWS\system32\nvudisp.exe
2011-02-02 09:35:31 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2011-02-02 09:33:36 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2011-02-02 09:33:35 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2011-02-02 09:33:35 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys
2011-02-02 09:33:34 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2011-02-02 09:33:34 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2011-02-02 09:33:33 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2011-02-02 09:33:33 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2011-02-02 09:33:32 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2011-02-02 09:33:31 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011-02-02 09:33:30 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys
2011-02-02 09:33:27 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011-02-02 09:33:21 ----D---- C:\WINDOWS\system32\RTCOM
2011-02-02 09:33:19 ----A---- C:\WINDOWS\system32\ksuser.dll
2011-02-02 09:33:19 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2011-02-02 09:33:15 ----RA---- C:\WINDOWS\system32\drivers\l1c51x86.sys
2011-02-02 09:33:14 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\InstallShield
2011-02-02 09:33:13 ----A---- C:\WINDOWS\vncutil.exe
2011-02-02 09:33:13 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2011-02-02 09:33:13 ----A---- C:\WINDOWS\SkyTel.exe
2011-02-02 09:33:12 ----A---- C:\WINDOWS\system32\RtkCoInstXP.dll
2011-02-02 09:33:12 ----A---- C:\WINDOWS\RtlUpd.exe
2011-02-02 09:33:12 ----A---- C:\WINDOWS\RtkAudioService.exe
2011-02-02 09:33:11 ----A---- C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011-02-02 09:33:11 ----A---- C:\WINDOWS\system32\drivers\AppleCharger.sys
2011-02-02 09:33:11 ----A---- C:\WINDOWS\system32\AppleChargerSrv.exe
2011-02-02 09:33:11 ----A---- C:\WINDOWS\RTLCPL.EXE
2011-02-02 09:33:08 ----D---- C:\WINDOWS\system32\Atheros_L1e
2011-02-02 09:33:07 ----A---- C:\WINDOWS\RTHDCPL.EXE
2011-02-02 09:33:06 ----A---- C:\WINDOWS\system32\drivers\Monfilt.sys
2011-02-02 09:33:06 ----A---- C:\WINDOWS\MicCal.exe
2011-02-02 09:33:04 ----A---- C:\WINDOWS\ALCMTR.EXE
2011-02-02 09:33:03 ----A---- C:\WINDOWS\ALCWZRD.EXE
2011-02-02 09:33:02 ----D---- C:\Program Files\Realtek
2011-02-02 09:33:02 ----A---- C:\WINDOWS\system32\drivers\Ambfilt.sys
2011-02-02 09:32:58 ----R---- C:\WINDOWS\RtlExUpd.dll
2011-02-02 09:32:45 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2011-02-02 09:32:44 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2011-02-02 09:32:31 ----SHD---- C:\RECYCLER
2011-02-02 09:30:48 ----A---- C:\WINDOWS\system32\SETBE.tmp
2011-02-02 09:30:48 ----A---- C:\WINDOWS\system32\SETBC.tmp
2011-02-02 09:30:42 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-02-02 09:30:41 ----RA---- C:\WINDOWS\system32\CSVer.dll
2011-02-02 09:30:41 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-02-02 09:30:41 ----D---- C:\Program Files\Intel
2011-02-02 09:30:37 ----D---- C:\Intel
2011-02-02 09:30:28 ----HD---- C:\Program Files\DeviceVM
2011-02-02 09:30:14 ----HD---- C:\Program Files\InstallShield Installation Information
2011-02-02 09:30:14 ----D---- C:\Program Files\Gigabyte
2011-02-02 09:30:12 ----D---- C:\Program Files\Common Files\InstallShield
2011-02-02 09:29:37 ----RA---- C:\WINDOWS\GSetup.exe
2011-02-02 09:29:37 ----A---- C:\WINDOWS\GSetup.ini
2011-02-02 09:29:04 ----D---- C:\Program Files\UltraISO
2011-02-02 09:29:04 ----D---- C:\Program Files\Common Files\EZB Systems
2011-02-02 09:28:10 ----D---- C:\Documents and Settings\Kiciński\Dane aplikacji\Identities
2011-02-02 09:28:09 ----HD---- C:\Program Files\Uninstall Information
2011-02-02 09:28:06 ----A---- C:\WINDOWS\system32\drivers\audstub.sys
2011-02-02 09:28:05 ----SD---- C:\Documents and Settings\Kiciński\Dane aplikacji\Microsoft
2011-02-02 09:28:05 ----ASH---- C:\Documents and Settings\Kiciński\Dane aplikacji\desktop.ini
2011-02-02 09:27:39 ----A---- C:\WINDOWS\system32\drivers\redbook.sys
2011-02-02 09:27:32 ----D---- C:\WINDOWS\SoftwareDistribution
2011-02-02 09:27:31 ----SD---- C:\WINDOWS\system32\Microsoft
2011-02-02 09:27:31 ----D---- C:\WINDOWS\Prefetch
2011-02-02 09:27:31 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-02-02 09:27:05 ----A---- C:\WINDOWS\system32\usbui.dll
2011-02-02 09:26:11 ----A---- C:\WINDOWS\imsins.BAK
2011-02-02 09:26:09 ----SHD---- C:\WINDOWS\Installer
2011-02-02 09:26:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-02-02 09:26:08 ----D---- C:\Program Files\Common Files\ODBC
2011-02-02 09:26:08 ----A---- C:\WINDOWS\ODBCINST.INI
2011-02-02 09:26:06 ----D---- C:\Program Files\Common Files\SpeechEngines
2011-02-02 09:26:05 ----RD---- C:\Program Files
2011-02-02 09:26:05 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-02-02 09:26:05 ----D---- C:\Program Files\Common Files
2011-02-02 09:26:02 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2011-02-02 09:26:02 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2011-02-02 09:26:02 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2011-02-02 09:26:01 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2011-02-02 09:26:01 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2011-02-02 09:26:01 ----RA---- C:\WINDOWS\system32\kbdur.dll
2011-02-02 09:26:01 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2011-02-02 09:26:01 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2011-02-02 09:26:01 ----RA---- C:\WINDOWS\system32\kbdru.dll
2011-02-02 09:26:01 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2011-02-02 09:26:01 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2011-02-02 09:26:01 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2011-02-02 09:26:01 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2011-02-02 09:26:01 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2011-02-02 09:26:01 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2011-02-02 09:25:59 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2011-02-02 09:25:59 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2011-02-02 09:25:59 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2011-02-02 09:25:59 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2011-02-02 09:25:59 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2011-02-02 09:25:59 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2011-02-02 09:25:59 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2011-02-02 09:25:58 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2011-02-02 09:25:58 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2011-02-02 09:25:58 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2011-02-02 09:25:58 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2011-02-02 09:25:58 ----RA---- C:\WINDOWS\system32\kbdest.dll
2011-02-02 09:25:55 ----A---- C:\WINDOWS\system32\kbdycl.dll
2011-02-02 09:25:55 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2011-02-02 09:25:55 ----A---- C:\WINDOWS\system32\kbdsl.dll
2011-02-02 09:25:55 ----A---- C:\WINDOWS\system32\kbdro.dll
2011-02-02 09:25:55 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2011-02-02 09:25:55 ----A---- C:\WINDOWS\system32\kbdhu.dll
2011-02-02 09:25:55 ----A---- C:\WINDOWS\system32\kbdcz2.dll
2011-02-02 09:25:55 ----A---- C:\WINDOWS\system32\kbdcz1.dll
2011-02-02 09:25:55 ----A---- C:\WINDOWS\system32\kbdcz.dll
2011-02-02 09:25:55 ----A---- C:\WINDOWS\system32\kbdcr.dll
2011-02-02 09:25:55 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2011-02-02 09:25:54 ----A---- C:\WINDOWS\system32\spxcoins.dll
2011-02-02 09:25:54 ----A---- C:\WINDOWS\system32\irclass.dll
2011-02-02 09:25:54 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2011-02-02 09:25:54 ----A---- C:\WINDOWS\system32\dgsetup.dll
2011-02-02 09:25:54 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2011-02-02 09:25:52 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2011-02-02 09:25:52 ----A---- C:\WINDOWS\TASKMAN.EXE
2011-02-02 09:25:52 ----A---- C:\WINDOWS\system32\drivers\irenum.sys
2011-02-02 09:25:52 ----A---- C:\WINDOWS\system32\batt.dll
2011-02-02 09:25:51 ----A---- C:\WINDOWS\NOTEPAD.EXE
2011-02-02 09:25:50 ----A---- C:\WINDOWS\system32\storprop.dll
2011-02-02 09:25:44 ----ASH---- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
2011-02-02 09:25:42 ----RA---- C:\WINDOWS\SET8.tmp
2011-02-02 09:25:40 ----RA---- C:\WINDOWS\SET4.tmp
2011-02-02 09:25:38 ----RA---- C:\WINDOWS\SET3.tmp
2011-02-02 09:25:34 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-02 09:25:34 ----D---- C:\WINDOWS\system32\CatRoot
2011-02-02 09:25:29 ----SD---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
2011-02-02 09:25:13 ----D---- C:\WINDOWS\system32\xircom
2011-02-02 09:25:13 ----D---- C:\Program Files\xerox
2011-02-02 09:25:13 ----D---- C:\Program Files\microsoft frontpage
2011-02-02 09:25:13 ----A---- C:\WINDOWS\setuplog.txt
2011-02-02 09:25:11 ----D---- C:\Documents and Settings
2011-02-02 09:25:10 ----SHD---- C:\System Volume Information
2011-02-02 09:24:57 ----RASH---- C:\MSDOS.SYS
2011-02-02 09:24:57 ----RASH---- C:\IO.SYS
2011-02-02 09:24:57 ----A---- C:\WINDOWS\control.ini
2011-02-02 09:24:57 ----A---- C:\CONFIG.SYS
2011-02-02 09:24:57 ----A---- C:\AUTOEXEC.BAT
2011-02-02 09:24:50 ----A---- C:\WINDOWS\OEWABLog.txt
2011-02-02 09:24:47 ----A---- C:\WINDOWS\system32\mapi32.dll
2011-02-02 09:24:20 ----SH---- C:\boot.ini
2011-02-02 09:24:10 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-02-02 09:24:10 ----RD---- C:\WINDOWS\Offline Web Pages
2011-02-02 09:24:10 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2011-02-02 09:24:05 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2011-02-02 09:24:02 ----HD---- C:\Program Files\WindowsUpdate
2011-02-02 09:23:59 ----D---- C:\Program Files\Usługi online
2011-02-02 09:23:48 ----D---- C:\WINDOWS\system32\DirectX
2011-02-02 09:23:32 ----A---- C:\WINDOWS\system32\atrace.dll
2011-02-02 09:23:30 ----A---- C:\WINDOWS\system32\desktop.ini
2011-02-02 09:23:30 ----A---- C:\WINDOWS\desktop.ini
2011-02-02 09:23:25 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2011-02-02 09:23:24 ----A---- C:\WINDOWS\system32\acctres.dll
2011-02-02 09:23:23 ----D---- C:\Program Files\Common Files\Services
2011-02-02 09:23:21 ----SD---- C:\WINDOWS\Tasks
2011-02-02 09:23:21 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2011-02-02 09:23:20 ----D---- C:\Program Files\Common Files\MSSoap
2011-02-02 09:23:17 ----D---- C:\WINDOWS\system32\Macromed
2011-02-02 09:23:17 ----D---- C:\WINDOWS\srchasst
2011-02-02 09:23:14 ----A---- C:\WINDOWS\system32\wuweb.dll
2011-02-02 09:23:14 ----A---- C:\WINDOWS\system32\wucltui.dll
2011-02-02 09:23:14 ----A---- C:\WINDOWS\system32\wuauserv.dll
2011-02-02 09:23:14 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2011-02-02 09:23:14 ----A---- C:\WINDOWS\system32\wuaueng.dll
2011-02-02 09:23:13 ----A---- C:\WINDOWS\system32\wups.dll
2011-02-02 09:23:13 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2011-02-02 09:23:13 ----A---- C:\WINDOWS\system32\wuauclt.exe
2011-02-02 09:23:13 ----A---- C:\WINDOWS\system32\wuapi.dll
2011-02-02 09:23:13 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2011-02-02 09:23:13 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2011-02-02 09:23:13 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2011-02-02 09:23:12 ----A---- C:\WINDOWS\system32\qmgr.dll
2011-02-02 09:23:10 ----D---- C:\Program Files\Movie Maker
2011-02-02 09:23:06 ----A---- C:\WINDOWS\system32\safrslv.dll
2011-02-02 09:23:06 ----A---- C:\WINDOWS\system32\safrdm.dll
2011-02-02 09:23:06 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2011-02-02 09:23:06 ----A---- C:\WINDOWS\system32\racpldlg.dll
2011-02-02 09:23:02 ----A---- C:\WINDOWS\system32\fltMc.exe
2011-02-02 09:23:02 ----A---- C:\WINDOWS\system32\fltlib.dll
2011-02-02 09:23:02 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2011-02-02 09:23:01 ----D---- C:\WINDOWS\system32\Restore
2011-02-02 09:23:01 ----A---- C:\WINDOWS\system32\srsvc.dll
2011-02-02 09:23:01 ----A---- C:\WINDOWS\system32\srrstr.dll
2011-02-02 09:23:01 ----A---- C:\WINDOWS\system32\srclient.dll
2011-02-02 09:23:01 ----A---- C:\WINDOWS\system32\drivers\sr.sys
2011-02-02 09:23:00 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2011-02-02 09:23:00 ----A---- C:\WINDOWS\system32\msconf.dll
2011-02-02 09:23:00 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2011-02-02 09:23:00 ----A---- C:\WINDOWS\system32\mnmdd.dll
2011-02-02 09:23:00 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2011-02-02 09:23:00 ----A---- C:\WINDOWS\system32\ils.dll
2011-02-02 09:22:58 ----D---- C:\Program Files\NetMeeting
2011-02-02 09:22:58 ----A---- C:\WINDOWS\system32\msoert2.dll
2011-02-02 09:22:58 ----A---- C:\WINDOWS\system32\msoeacct.dll
2011-02-02 09:22:57 ----A---- C:\WINDOWS\system32\inetres.dll
2011-02-02 09:22:57 ----A---- C:\WINDOWS\system32\inetcomm.dll
2011-02-02 09:22:55 ----D---- C:\Program Files\Outlook Express
2011-02-02 09:22:55 ----A---- C:\WINDOWS\system32\schedsvc.dll
2011-02-02 09:22:55 ----A---- C:\WINDOWS\system32\mstinit.exe
2011-02-02 09:22:55 ----A---- C:\WINDOWS\system32\mstask.dll
2011-02-02 09:22:54 ----A---- C:\WINDOWS\system32\isign32.dll
2011-02-02 09:22:54 ----A---- C:\WINDOWS\system32\inetcfg.dll
2011-02-02 09:22:54 ----A---- C:\WINDOWS\system32\icwphbk.dll
2011-02-02 09:22:54 ----A---- C:\WINDOWS\system32\icwdial.dll
2011-02-02 09:22:50 ----D---- C:\Program Files\Common Files\System
2011-02-02 09:22:49 ----D---- C:\Program Files\Internet Explorer
2011-02-02 09:22:23 ----D---- C:\Program Files\ComPlus Applications
2011-02-02 09:22:21 ----A---- C:\WINDOWS\vbaddin.ini
2011-02-02 09:22:21 ----A---- C:\WINDOWS\vb.ini
2011-02-02 09:22:17 ----D---- C:\WINDOWS\Registration
2011-02-02 09:22:12 ----D---- C:\Program Files\Windows Media Player
2011-02-02 09:22:07 ----D---- C:\Program Files\Messenger
2011-02-02 09:22:05 ----D---- C:\Program Files\MSN Gaming Zone
2011-02-02 09:22:05 ----A---- C:\WINDOWS\system32\write.exe
2011-02-02 09:21:58 ----A---- C:\WINDOWS\system32\sndvol32.exe
2011-02-02 09:21:58 ----A---- C:\WINDOWS\system32\hticons.dll
2011-02-02 09:21:58 ----A---- C:\WINDOWS\system32\avwav.dll
2011-02-02 09:21:58 ----A---- C:\WINDOWS\system32\avtapi.dll
2011-02-02 09:21:58 ----A---- C:\WINDOWS\system32\avmeter.dll
2011-02-02 09:21:57 ----A---- C:\WINDOWS\system32\winchat.exe
2011-02-02 09:21:52 ----A---- C:\WINDOWS\system32\winmine.exe
2011-02-02 09:21:52 ----A---- C:\WINDOWS\system32\sol.exe
2011-02-02 09:21:52 ----A---- C:\WINDOWS\system32\getuname.dll
2011-02-02 09:21:52 ----A---- C:\WINDOWS\system32\charmap.exe
2011-02-02 09:21:52 ----A---- C:\WINDOWS\system32\calc.exe
2011-02-02 09:21:51 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2011-02-02 09:21:51 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2011-02-02 09:21:51 ----A---- C:\WINDOWS\system32\tslabels.ini
2011-02-02 09:21:51 ----A---- C:\WINDOWS\system32\tskill.exe
2011-02-02 09:21:51 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2011-02-02 09:21:51 ----A---- C:\WINDOWS\system32\tscon.exe
2011-02-02 09:21:51 ----A---- C:\WINDOWS\system32\shadow.exe
2011-02-02 09:21:51 ----A---- C:\WINDOWS\system32\rwinsta.exe
2011-02-02 09:21:51 ----A---- C:\WINDOWS\system32\reset.exe
2011-02-02 09:21:51 ----A---- C:\WINDOWS\system32\regini.exe
2011-02-02 09:21:51 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2011-02-02 09:21:51 ----A---- C:\WINDOWS\system32\qwinsta.exe
2011-02-02 09:21:51 ----A---- C:\WINDOWS\system32\qappsrv.exe
2011-02-02 09:21:51 ----A---- C:\WINDOWS\system32\mshearts.exe
2011-02-02 09:21:51 ----A---- C:\WINDOWS\system32\freecell.exe
2011-02-02 09:21:50 ----A---- C:\WINDOWS\system32\msg.exe
2011-02-02 09:21:50 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2011-02-02 09:21:50 ----A---- C:\WINDOWS\system32\logoff.exe
2011-02-02 09:21:50 ----A---- C:\WINDOWS\system32\cdmodem.dll
2011-02-02 09:21:49 ----A---- C:\WINDOWS\system32\stclient.dll
2011-02-02 09:21:49 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2011-02-02 09:21:49 ----A---- C:\WINDOWS\system32\mtxex.dll
2011-02-02 09:21:49 ----A---- C:\WINDOWS\system32\mtxdm.dll
2011-02-02 09:21:49 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2011-02-02 09:21:49 ----A---- C:\WINDOWS\system32\comsnap.dll
2011-02-02 09:21:49 ----A---- C:\WINDOWS\system32\comrepl.dll
2011-02-02 09:21:49 ----A---- C:\WINDOWS\system32\comaddin.dll
2011-02-02 09:21:45 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2011-02-02 09:21:44 ----D---- C:\Program Files\Windows NT
2011-02-02 09:21:44 ----A---- C:\WINDOWS\system32\sndrec32.exe
2011-02-02 09:21:44 ----A---- C:\WINDOWS\system32\mspaint.exe
2011-02-02 09:21:44 ----A---- C:\WINDOWS\system32\mplay32.exe
2011-02-02 09:21:44 ----A---- C:\WINDOWS\system32\hypertrm.dll
2011-02-02 09:21:44 ----A---- C:\WINDOWS\system32\accwiz.exe
2011-02-02 09:21:43 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2011-02-02 09:21:43 ----A---- C:\WINDOWS\system32\spider.exe
2011-02-02 09:21:43 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys
2011-02-02 09:21:43 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys
2011-02-02 09:21:43 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys
2011-02-02 09:21:43 ----A---- C:\WINDOWS\system32\clipbrd.exe
2011-02-02 09:21:42 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2011-02-02 09:21:42 ----A---- C:\WINDOWS\system32\termsrv.dll
2011-02-02 09:21:42 ----A---- C:\WINDOWS\system32\sessmgr.exe
2011-02-02 09:21:42 ----A---- C:\WINDOWS\system32\remotepg.dll
2011-02-02 09:21:42 ----A---- C:\WINDOWS\system32\rdshost.exe
2011-02-02 09:21:42 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2011-02-02 09:21:42 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2011-02-02 09:21:42 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2011-02-02 09:21:42 ----A---- C:\WINDOWS\system32\rdpclip.exe
2011-02-02 09:21:42 ----A---- C:\WINDOWS\system32\rdchost.dll
2011-02-02 09:21:42 ----A---- C:\WINDOWS\system32\qprocess.exe
2011-02-02 09:21:42 ----A---- C:\WINDOWS\system32\mstscax.dll
2011-02-02 09:21:42 ----A---- C:\WINDOWS\system32\mstsc.exe
2011-02-02 09:21:41 ----D---- C:\WINDOWS\system32\MsDtc
2011-02-02 09:21:41 ----A---- C:\WINDOWS\system32\xolehlp.dll
2011-02-02 09:21:41 ----A---- C:\WINDOWS\system32\mtxoci.dll
2011-02-02 09:21:41 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2011-02-02 09:21:41 ----A---- C:\WINDOWS\system32\msdtctm.dll
2011-02-02 09:21:41 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2011-02-02 09:21:41 ----A---- C:\WINDOWS\system32\icaapi.dll
2011-02-02 09:21:41 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2011-02-02 09:21:40 ----D---- C:\WINDOWS\system32\Com
2011-02-02 09:21:40 ----A---- C:\WINDOWS\system32\msdtclog.dll
2011-02-02 09:21:40 ----A---- C:\WINDOWS\system32\msdtc.exe
2011-02-02 09:21:40 ----A---- C:\WINDOWS\system32\colbact.dll
2011-02-02 09:21:40 ----A---- C:\WINDOWS\system32\clbcatex.dll
2011-02-02 09:21:40 ----A---- C:\WINDOWS\system32\catsrvut.dll
2011-02-02 09:21:40 ----A---- C:\WINDOWS\system32\catsrvps.dll
2011-02-02 09:21:39 ----A---- C:\WINDOWS\system32\comuid.dll
2011-02-02 09:21:39 ----A---- C:\WINDOWS\system32\comsvcs.dll
2011-02-02 09:21:39 ----A---- C:\WINDOWS\system32\clbcatq.dll
2011-02-02 09:21:39 ----A---- C:\WINDOWS\system32\catsrv.dll
2011-02-02 09:21:34 ----A---- C:\WINDOWS\system32\servdeps.dll
2011-02-02 09:21:34 ----A---- C:\WINDOWS\system32\mmfutil.dll
2011-02-02 09:21:34 ----A---- C:\WINDOWS\system32\licwmi.dll
2011-02-02 09:21:34 ----A---- C:\WINDOWS\system32\cmprops.dll
2011-02-02 09:21:31 ----A---- C:\WINDOWS\system32\drivers\termdd.sys
2011-02-02 09:21:31 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2011-02-02 09:20:45 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-02-02 09:20:45 ----RSD---- C:\WINDOWS\Fonts
2011-02-02 09:20:45 ----RD---- C:\WINDOWS\Web
2011-02-02 09:20:45 ----HD---- C:\WINDOWS\inf
2011-02-02 09:20:45 ----D---- C:\WINDOWS\WinSxS
2011-02-02 09:20:45 ----D---- C:\WINDOWS\twain_32
2011-02-02 09:20:45 ----D---- C:\WINDOWS\Temp
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\wins
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\wbem
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\usmt
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\spool
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\ShellExt
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\Setup
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\ras
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\oobe
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\npp
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\mui
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\inetsrv
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\IME
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\icsxml
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\ias
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\export
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\drivers\etc
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\drivers\disdn
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\drivers
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\dhcp
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\config
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\3com_dmi
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\3076
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\2052
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\1054
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\1045
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\1042
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\1041
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\1037
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\1033
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\1031
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\1028
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32\1025
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system32
2011-02-02 09:20:45 ----D---- C:\WINDOWS\system
2011-02-02 09:20:45 ----D---- C:\WINDOWS\security
2011-02-02 09:20:45 ----D---- C:\WINDOWS\Resources
2011-02-02 09:20:45 ----D---- C:\WINDOWS\repair
2011-02-02 09:20:45 ----D---- C:\WINDOWS\Provisioning
2011-02-02 09:20:45 ----D---- C:\WINDOWS\PeerNet
2011-02-02 09:20:45 ----D---- C:\WINDOWS\pchealth
2011-02-02 09:20:45 ----D---- C:\WINDOWS\mui
2011-02-02 09:20:45 ----D---- C:\WINDOWS\msapps
2011-02-02 09:20:45 ----D---- C:\WINDOWS\msagent
2011-02-02 09:20:45 ----D---- C:\WINDOWS\Media
2011-02-02 09:20:45 ----D---- C:\WINDOWS\java
2011-02-02 09:20:45 ----D---- C:\WINDOWS\ime
2011-02-02 09:20:45 ----D---- C:\WINDOWS\Help
2011-02-02 09:20:45 ----D---- C:\WINDOWS\ehome
2011-02-02 09:20:45 ----D---- C:\WINDOWS\Driver Cache
2011-02-02 09:20:45 ----D---- C:\WINDOWS\Debug
2011-02-02 09:20:45 ----D---- C:\WINDOWS\Cursors
2011-02-02 09:20:45 ----D---- C:\WINDOWS\Connection Wizard
2011-02-02 09:20:45 ----D---- C:\WINDOWS\Config
2011-02-02 09:20:45 ----D---- C:\WINDOWS\AppPatch
2011-02-02 09:20:45 ----D---- C:\WINDOWS\addins
2011-02-02 09:20:45 ----D---- C:\WINDOWS

======List of files/folders modified in the last 1 months======

2011-02-03 11:37:14 ----A---- C:\WINDOWS\win.ini
2011-02-02 09:26:04 ----A---- C:\WINDOWS\system.ini
2011-02-02 09:24:38 ----ASH---- C:\WINDOWS\fonts\desktop.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AppleCharger;AppleCharger; C:\WINDOWS\system32\DRIVERS\AppleCharger.sys [2010-04-22 19496]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-08-18 53256]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-08-18 34312]
R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-03 40320]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys []
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-08-18 39944]
R3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-03-26 5883936]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2009-07-27 44032]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-07-14 7741664]
R3 sermouse;Sterownik myszy szeregowej; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-10-26 17920]
R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BCUService;Browser Configuration Utility Service; C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-15 223464]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2007-12-21 468224]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [2009-03-02 68136]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-07-14 168004]
S3 AppleChargerSrv;AppleChargerSrv; C:\WINDOWS\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-08-18 19200]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------
[/log]

Bardzo dziękuje za pomoc

Tomek01
komentarz
komentarz

Nic tu specjalnego nie widać.
Pokaż jeszcze log Gmer oraz Reglooks.

Wyłącz a następnie włącz przywracanie systemu na wszystkich partycjach.
Użyj ATF Cleaner, zaznacz trzy pierwsze fajki i empty selected.

Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url].

icam87
komentarz
komentarz (edytowane)

log z reglooks
[log] REGLOOKS logfile - version 0.988
Scan started: 2011-02-04 9:44:53,85

--- INFORMATION ---

Manufacturer: Gigabyte Technology Co., Ltd. - Model: G31M-ES2L
Operating System: Microsoft Windows XP Professional -- 5.1.2600 -- Dodatek Service Pack 2 --
Install Date: 2011-02-02 09:26:31
Last Boot: 2011-02-04 08:01:01
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz

Work Station
Bootmode: Normal boot
Total RAM: 2558 MB (free 1847 MB - 72%)

Computername: KICINSKI-D36BDF
Domain: GRUPA_ROBOCZA
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz

Work Station
Bootmode: Normal boot
Total RAM: 2558 MB (free 1847 MB - 72%)

Computername: KICINSKI-D36BDF
Domain: GRUPA_ROBOCZA
User: Kiciński (Administrator account)

Local Disk: C:\ - NTFS - 390 GB (free 384 GB)
Local Disk: D:\ - NTFS - 149 GB (free 100 GB)
Local Disk: E:\ - NTFS - 391 GB (free 380 GB)
CD \ DVD Drive: F:\
CD \ DVD Drive: G:\
CD \ DVD Drive: H:\

Bootdevice: \Device\HarddiskVolume1
Systemdrive: C:
Windowsdirectory: C:\WINDOWS
Systemdirectory: C:\WINDOWS\system32


Internet Explorer Version: 6.0.2900.2180

Windows update:

Antivirus Program: ESET NOD32 Antivirus 3.0 3.0 [Enabled - Updated]


DEP: ONN - DEP is enabled for a limited number of binaries, the kernel, and all Windows-based services


--- System Restore Points ---

Restorepoint 1: 2011-02-02 09:28:19 - First run - Punkt kontrolny systemu
Restorepoint 2: 2011-02-02 09:30:14 - Application installation - Installed EasySaver B9.0610.1
Restorepoint 3: 2011-02-02 09:32:47 - Application installation - Installed Windows XP KB888111WXPSP2.
Restorepoint 4: 2011-02-02 09:33:01 - Application installation - Zainstalowane Realtek High Definition Audio Driver
Restorepoint 5: 2011-02-02 09:33:04 - Application installation - Zainstalowane Atheros Communications Inc.(R) AR81Family Gigabit/
Restorepoint 6: 2011-02-02 09:33:10 - Application installation - Installed ON_OFF Charge B10.0422.2
Restorepoint 7: 2011-02-02 09:36:43 - Application installation - Zainstalowano Windows Installer KB893803v2.
Restorepoint 8: 2011-02-02 10:20:46 - Application installation - Zainstalowano ESET NOD32 Antivirus
Restorepoint 9: 2011-02-02 10:37:44 - Application installation - Hitman 2 Silent Assassin
Restorepoint 10: 2011-02-02 10:59:41 - Application installation - Zainstalowany program DirectX
Restorepoint 11: 2011-02-03 07:45:16 - Application installation - Installed Pro Evolution Soccer 2011.
Restorepoint 12: 2011-02-03 07:50:56 - Application installation - Uninstall Hitman 2 Silent Assassin
Restorepoint 13: 2011-02-03 07:52:13 - Application uninstall - Removed Pro Evolution Soccer 2011.
Restorepoint 14: 2011-02-03 11:36:21 - Application installation - Installed Microsoft Office Enterprise 2007
Restorepoint 15: 2011-02-03 11:39:44 - Device drive installation - Zainstalowane sterowniki drukarek: Send To Microsoft OneNote Dr
Restorepoint 16: 2011-02-03 22:20:50 - Application installation - Zainstalowany program DirectX


--- SIGCHECK ---

C:\WINDOWS\explorer.exe -- [1033728] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\appmgmts.dll -- [172032] -- [2004-08-03 23:43] -- sigcheck OK
C:\WINDOWS\system32\browser.dll -- [77312] -- [2004-08-03 23:43] -- sigcheck OK
C:\WINDOWS\system32\comres.dll -- [822272] -- [2004-08-03 23:43] -- sigcheck OK
C:\WINDOWS\system32\comctl32.dll -- [611328] -- [2004-08-03 23:43] -- sigcheck OK
C:\WINDOWS\system32\cryptsvc.dll -- [60416] -- [2004-08-03 23:43] -- sigcheck OK
C:\WINDOWS\system32\ctfmon.exe -- [15360] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\es.dll -- [243200] -- [2004-08-03 23:43] -- sigcheck OK
C:\WINDOWS\system32\eventlog.dll -- [55808] -- [2004-08-03 23:43] -- sigcheck OK
C:\WINDOWS\system32\ias.dll NOT found
C:\WINDOWS\system32\imm32.dll -- [110080] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\kernel32.dll -- [1012224] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\linkinfo.dll -- [18944] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\lpk.dll -- [22016] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\lsass.exe -- [13312] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\mfc40u.dll -- [924432] -- [2001-10-26 18:29] -- sigcheck OK
C:\WINDOWS\system32\msgsvc.dll -- [33792] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\mshtml.dll -- [3003392] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\mspmsnsv.dll -- [52736] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\mswsock.dll -- [246784] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\netlogon.dll -- [407040] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\netman.dll -- [198144] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\ntkrnlpa.exe -- [2016768] -- [2004-08-03 23:54] -- sigcheck OK
C:\WINDOWS\system32\ntmssvc.dll -- [435712] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\ntoskrnl.exe -- [2149888] -- [2004-08-03 23:38] -- sigcheck OK
C:\WINDOWS\system32\pchsvc.dll NOT found
C:\WINDOWS\system32\powrprof.dll -- [17408] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\qmgr.dll -- [382464] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\rasauto.dll -- [89088] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\regsvc.dll -- [59904] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\rpcss.dll -- [395776] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\scecli.dll -- [185344] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\schedsvc.dll -- [192000] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\services.exe -- [108544] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\sfc.dll -- [5120] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\sfcfiles.dll -- [1548288] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\spoolsv.exe -- [57856] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\srsvc.dll -- [171008] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\ssdpsrv.dll -- [71680] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\svchost.exe -- [14336] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\tapisrv.dll -- [246272] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\termsrv.dll -- [296448] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\upnphost.dll -- [185856] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\user32.dll -- [578560] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\userinit.exe -- [25088] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\wininet.dll -- [658944] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\winlogon.exe -- [504832] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\ws2_32.dll -- [82944] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\wscntfy.exe -- [13824] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\wuauclt.exe -- [112128] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\xmlprov.dll -- [129536] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\drivers\acpiec.sys -- [12032] -- [2001-10-26 17:46] -- sigcheck OK
C:\WINDOWS\system32\drivers\aec.sys -- [142464] -- [2004-08-03 22:39] -- sigcheck OK
C:\WINDOWS\system32\drivers\asyncmac.sys -- [14336] -- [2004-08-03 22:05] -- sigcheck OK
C:\WINDOWS\system32\drivers\atapi.sys -- [95360] -- [2004-08-03 22:59] -- sigcheck OK
C:\WINDOWS\system32\drivers\beep.sys -- [4224] -- [2001-08-17 22:47] -- sigcheck OK
C:\WINDOWS\system32\drivers\classpnp.sys -- [49664] -- [2004-08-03 22:14] -- sigcheck OK
C:\WINDOWS\system32\drivers\disk.sys -- [36352] -- [2004-08-03 21:59] -- sigcheck OK
C:\WINDOWS\system32\drivers\iaStor.sys NOT found
C:\WINDOWS\system32\drivers\ip6fw.sys -- [29056] -- [2004-08-03 22:00] -- sigcheck OK
C:\WINDOWS\system32\drivers\kbdclass.sys -- [24960] -- [2004-08-03 23:38] -- sigcheck OK
C:\WINDOWS\system32\drivers\ndis.sys -- [182912] -- [2004-08-03 22:14] -- sigcheck OK
C:\WINDOWS\system32\drivers\ntfs.sys -- [574592] -- [2004-08-03 22:15] -- sigcheck OK
C:\WINDOWS\system32\drivers\tcpip.sys -- [359040] -- [2004-08-03 22:14] -- sigcheck OK


--- SSODL regkeys ---

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" -- File: %SystemRoot%\system32\SHELL32.dll -- [?]
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" -- File: %SystemRoot%\system32\SHELL32.dll -- [?]
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" -- File: %SystemRoot%\system32\webcheck.dll -- [?]
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" -- File: C:\WINDOWS\system32\stobject.dll -- [122368] -- [2004-08-03 23:44]
"UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}" -- File: C:\WINDOWS\system32\upnpui.dll -- [239616] -- [2004-08-03 23:44]


--- STS regkeys ---

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Moduł wstępnego ładowania interfejsu Browseui" -- File: %SystemRoot%\system32\browseui.dll -- [?]
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Demon buforu kategorii składników" -- File: %SystemRoot%\system32\browseui.dll -- [?]


--- USERINIT regkey ---

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
File: C:\WINDOWS\system32\userinit.exe -- [25088] -- [2004-08-03 23:44]


--- SHELL regkey ---

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"="Explorer.exe"
File: C:\WINDOWS\Explorer.exe -- [1033728] -- [2004-08-03 23:44]


--- SYSTEM regkey ---

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


--- APPINIT_DLLS regkey ---

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


--- NOTIFY regkey ---

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
-- File: C:\WINDOWS\system32\crypt32.dll -- [601088] -- [2004-08-03 23:43]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
-- File: C:\WINDOWS\system32\cryptnet.dll -- [63488] -- [2004-08-03 23:43]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
-- File: C:\WINDOWS\system32\cscdll.dll -- [102400] -- [2004-08-03 23:43]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
-- File: C:\WINDOWS\system32\wlnotify.dll -- [93184] -- [2004-08-03 23:44]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
-- File: C:\WINDOWS\system32\wlnotify.dll -- [93184] -- [2004-08-03 23:44]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
-- File: C:\WINDOWS\system32\sclgntfy.dll -- [22016] -- [2004-08-03 23:44]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
-- File: C:\WINDOWS\system32\WlNotify.dll -- [93184] -- [2004-08-03 23:44]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
-- File: C:\WINDOWS\system32\wlnotify.dll -- [93184] -- [2004-08-03 23:44]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
-- File: C:\WINDOWS\system32\wlnotify.dll -- [93184] -- [2004-08-03 23:44]


--- RUN / LOAD regkeys ---

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"load"=""


--- SHELLEXECUTEHOOKS regkey ---

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" -- File: shell32.dll -- [?]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="Groove GFS Stub Execution Hook" -- File: C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL -- [2210608] -- [2006-10-27 00:48]


--- HKLM AUTORUN regkeys ---

[HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor]
"AutoRun"=""


--- HKCU AUTORUN regkeys ---

[HKEY_CURRENT_USER\Software\Microsoft\Command Processor]
no AutoRun regkey found


--- HKLM\RUN regkey ---

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCU" -- File "C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe" -- [375000] -- [2009-10-15 14:06]
"RTHDCPL" -- File: RTHDCPL.EXE -- [?]
"nwiz" -- File: C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install -- [?]
"NvCplDaemon" -- File: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup -- [?]
"NvMediaCenter" -- File: RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit -- [?]
"egui" -- File: "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice -- [?]
"ISUSPM Startup" -- File: C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup -- [?]
"ISUSScheduler" -- File: "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start -- [?]
"GrooveMonitor" -- File "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" -- [31016] -- [2006-10-27 00:47]


--- HKLM\RUNONCE regkey ---

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware" -- File: C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent -- [?]


--- HKLM\RUNONCEEX regkey ---

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]
no runonceex values found


--- HKLM\RUNSERVICES regkey ---

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
key not found


--- HKLM\RUNSERVICESONCE regkey ---

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]
key not found


--- HKCU\RUN regkey ---

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe" -- File C:\WINDOWS\system32\ctfmon.exe -- [15360] -- [2004-08-03 23:44]
"Gadu-Gadu 10" -- File: "C:\Program Files\Gadu-Gadu 10\gg.exe" -- [?]


--- HKCU\RUNONCE regkey ---

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WiseStubReboot" -- File: MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "C:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MSI" TRANSFORMS="C:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MST" WISE_SETUP_EXE_PATH="f:\driver\2k_xp\190.38\PhysX_9.09.0428_SystemSoftware.exe" -- [?]


--- HKCU\RUNONCEEX regkey ---

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]
key not found


--- HKCU\RUNSERVICES regkey ---

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
key not found


--- HKCU\RUNSERVICESONCE regkey ---

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]
key not found


--- HKU\.DEFAULT\Run regkeys - Default user ---

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE" -- File C:\WINDOWS\system32\CTFMON.EXE -- [15360] -- [2004-08-03 23:44]


--- HKU\S-1-5-18\Run regkeys - user SYSTEM ---

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE" -- File C:\WINDOWS\system32\CTFMON.EXE -- [15360] -- [2004-08-03 23:44]


--- HKU\S-1-5-19\Run regkeys - User Lokale service ---

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE" -- File C:\WINDOWS\system32\CTFMON.EXE -- [15360] -- [2004-08-03 23:44]


--- HKU\S-1-5-20\Run regkeys - User Lokale service ---

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE" -- File C:\WINDOWS\system32\CTFMON.EXE -- [15360] -- [2004-08-03 23:44]


--- HKLM\Explorer\Run regkeys ---

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
key not found


--- HKCU\Explorer\Run regkeys ---

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
key not found


--- Image File Execution regkeys ---

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
no debuggers found


--- BROWSER HELPER OBJECTS regkeys ---

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
-- File: C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL -- [2210608] -- [2006-10-27 00:48]


--- TOOLBAR regkeys ---

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
no toolbars found


--- HKLM\URLSEARCHHOOKS regkeys ---

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\URLSearchHooks]
key not found


--- HKCU\URLSEARCHHOOKS regkeys ---

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} -- File: C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll -- [133368] -- [2009-10-15 14:06]
{CFBFAE00-17A6-11D0-99CB-00C04FD64497} -- File: %SystemRoot%\system32\shdocvw.dll -- [?]


--- SRCEENSAVER regkey ---

[HKEY_CURRENT_USER\Control Panel\Desktop]
"SCRNSAVE.EXE" -- File C:\WINDOWS\System32\logon.scr -- [220672] -- [2004-08-03 23:44]


--- ALTERNATESHELL regkey ---

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]
File: C:\WINDOWS\system32\cmd.exe -- [395776] -- [2004-08-03 23:44]


--- SECURITYPROVIDERS regkey ---

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
File: C:\WINDOWS\system32\msapsspc.dll -- [86016] -- [2004-08-03 23:44]
File: C:\WINDOWS\system32\schannel.dll -- [144896] -- [2004-08-03 23:44]
File: C:\WINDOWS\system32\digest.dll -- [68608] -- [2004-08-03 23:43]
File: C:\WINDOWS\system32\msnsspc.dll -- [290816] -- [2004-08-03 23:44]


--- Active Setup\Installed Components regkey ---

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
-- File: %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE -- [?]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
-- File: RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP -- [?]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
-- File: %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE -- [?]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
-- File: %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll -- [?]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
-- File: "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install -- [?]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
-- File: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT -- [?]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
-- File: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser -- [?]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
-- File: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub -- [?]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{73fa19d0-2d75-11d2-995d-00c04f98bbc9}]
-- filepath not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
-- File: regsvr32.exe /s /n /i:U shell32.dll -- [?]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
-- File: %SystemRoot%\system32\ie4uinit.exe -- [?]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
-- File: %SystemRoot%\system32\ie4uinit.exe -- [?]


--- Services regkey ---

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Ambfilt]
-- File: system32\drivers\Ambfilt.sys -- [?]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AppleCharger]
-- File: system32\DRIVERS\AppleCharger.sys -- [?]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BCUService]
-- File: C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe -- [223464] -- [2009-10-15 14:06]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ES lite Service]
-- File: "C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE" -- [68136] -- [2009-03-02 14:06]


--- SAFEBOOT MINIMAL SERVICES ---

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal
no unknown services found


--- SAFEBOOT Network SERVICES ---

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network
DnsCache


--- BOOTEXECUTE regkey ---

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager]
"BootExecute"= autocheck autochk *\0\0


--- PENDINGFILERENAMEOPERATIONS regkey ---

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager]
"PendingFileRenameOperations"= \??\C:\Config.Msi\3dc2a.rbf\0\0\??\C:\Documents and Settings\All Users\Dane aplikacji\~0\Ad-Aware90Install.exe\0\0\??\C:\Documents and Settings\All Users\Dane aplikacji\~0\mia.lib\0\0\??\C:\Documents and Settings\All Users\Dane aplikacji\~0\\0\0\0


--- WOW-CMDLINE regkeys ---

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WOW]
"cmdline" = %SystemRoot%\system32\ntvdm.exe
"cmdline" = %SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386


--- NETSVCS regkey ---

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] -- NETSVCS
0WmdmPmSN


--- DNS SERVER regkeys ---

no "NameServer" values found


--- HKCU SEARCHSCOPE ---

DefaultScope= {3E3A4F20-7FCE-4532-9700-67196290B47A}

HKEY_CURRENT_USER\software\microsoft\internet explorer\searchscopes\{3e3a4f20-7fce-4532-9700-67196290b47a}
URL REG_SZ http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD

HKEY_CURRENT_USER\software\microsoft\internet explorer\searchscopes\{6eded0ec-cbf5-48f7-adf8-3d8270229f1d}
URL REG_SZ http://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=pl&q={searchTerms}



--- HKLM SEARCHSCOPE ---



--- File associations ---

.BAT files: ("%1" %*)
.COM files: ("%1" %*)
.EXE files: ("%1" %*)
.HLP files: (%SystemRoot%\System32\winhlp32.exe %1)
.INF files: (%SystemRoot%\System32\NOTEPAD.EXE %1)
.INI files: (%SystemRoot%\System32\NOTEPAD.EXE %1)
.JS files: (%SystemRoot%\System32\WScript.exe "%1" %*)
.PIF files: ("%1" %*)
.REG files: (regedit.exe "%1")
.SCR files: ("%1" /S)
.TXT files: (%SystemRoot%\system32\NOTEPAD.EXE %1)
.VBS files: (%SystemRoot%\System32\WScript.exe "%1" %*)


--- STARTUP FOLDERS ---

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\desktop.ini -- [84] -- [2011-02-02 09:25]
C:\WINDOWS\system32\config\systemprofile\Menu Start\Programy\Autostart\desktop.ini -- [84] -- [2011-02-02 09:25]
C:\WINDOWS\system32\config\systemprofile\Menu Start\Programy\Autostart\desktop.ini -- [84] -- [2011-02-02 09:25]


--- TASK SCHEDULER JOBS ---

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job -- [458] -- [2011-02-04 08:01]


Scan completed: 2011-02-04 9:45:43,85
FINISHED

[/log]

skanowanie GMER nadal trwa ..


Otrzymałem komunikat ze Gmer odnalazł modyfikacje systemu wskazująca na obecność rokita
[log] GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-02-04 10:15:11
Windows 5.1.2600 Dodatek Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST31000528AS rev.CC3D
Running: s1i6jq4q.exe; Driver: C:\DOCUME~1\KICISK~1\USTAWI~1\Temp\ffwirfow.sys


---- System - GMER 1.0.15 ----

SSDT Lbd.sys ZwCreateKey [0xB80F887E]
SSDT Lbd.sys ZwSetValueKey [0xB80F8BFE]

---- Kernel code sections - GMER 1.0.15 ----

? Lbd.sys Nie można odnaleźć określonego pliku. !
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB7642380, 0x3DEB95, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[1840] kernel32.dll!SetUnhandledExceptionFilter 7C810386 4 Bytes [C2, 04, 00, 00]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3028] USER32.dll!TrackPopupMenu 77D84F16 5 Bytes JMP 10402342 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3864] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 004013F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdir.sys
AttachedDevice \Driver\Tcpip \Device\Tcp Lbd.sys
---- Processes - GMER 1.0.15 ----

Library C:\Program (*** hidden *** ) @ C:\WINDOWS\Explorer.EXE [1372] 0x03F10000

---- EOF - GMER 1.0.15 ----
[/log]

oraz

[log]
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-02-04 10:18:27
Windows 5.1.2600 Dodatek Service Pack 2
Running: s1i6jq4q.exe; Driver: C:\DOCUME~1\KICISK~1\USTAWI~1\Temp\ffwirfow.sys


---- Services - GMER 1.0.15 ----

Service [DISABLED] Abiosdsk
Service [DISABLED] abp480n5
Service C:\WINDOWS\system32\DRIVERS\ACPI.sys (Sterownik ACPI dla systemu NT/Microsoft Corporation) [BOOT] ACPI
Service (Sterownik kontrolera osadzonego interfejsu ACPI/Microsoft Corporation) [DISABLED] ACPIEC
Service [DISABLED] adpu160m
Service C:\WINDOWS\system32\drivers\aec.sys (Microsoft Acoustic Echo Canceller/Microsoft Corporation) [MANUAL] aec
Service C:\WINDOWS\System32\drivers\afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation) [SYSTEM] AFD
Service [DISABLED] Aha154x
Service [DISABLED] aic78u2
Service [DISABLED] aic78xx
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Alerter
Service C:\WINDOWS\System32\alg.exe (Application Layer Gateway Service/Microsoft Corporation) [MANUAL] ALG
Service [DISABLED] AliIde
Service C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative WDM 3D Audio Driver/Creative) [MANUAL] Ambfilt
Service [DISABLED] amsint
Service C:\WINDOWS\system32\DRIVERS\AppleCharger.sys [SYSTEM] AppleCharger
Service C:\WINDOWS\system32\AppleChargerSrv.exe [MANUAL] AppleChargerSrv
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] AppMgmt
Service [DISABLED] asc
Service [DISABLED] asc3350p
Service [DISABLED] asc3550
Service C:\WINDOWS\system32\DRIVERS\asyncmac.sys (MS Remote Access serial network driver/Microsoft Corporation) [MANUAL] AsyncMac
Service C:\WINDOWS\system32\DRIVERS\atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation) [BOOT] atapi
Service [DISABLED] Atdisk
Service C:\WINDOWS\system32\DRIVERS\atmarpc.sys (IP/ATM Arp Client/Microsoft Corporation) [MANUAL] Atmarpc
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] AudioSrv
Service C:\WINDOWS\system32\DRIVERS\audstub.sys (AudStub Driver/Microsoft Corporation) [MANUAL] audstub
Service BattC
Service C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe (Browser Configuration Utility Auto-recovery Service/DeviceVM, Inc.) [AUTO] BCUService
Service (BEEP Driver/Microsoft Corporation) [SYSTEM] Beep
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] BITS
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Browser
Service (CardBus/PCMCIA IDE Miniport Driver/Microsoft Corporation) [DISABLED] cbidf2k
Service [DISABLED] cd20xrnt
Service (CD-ROM Audio Filter Driver/Microsoft Corporation) [SYSTEM] Cdaudio
Service (CD-ROM File System Driver/Microsoft Corporation) [DISABLED] Cdfs
Service C:\WINDOWS\system32\DRIVERS\cdrom.sys (SCSI CD-ROM Driver/Microsoft Corporation) [SYSTEM] Cdrom
Service [SYSTEM] Changer
Service C:\WINDOWS\system32\cisvc.exe (Content Index service/Microsoft Corporation) [MANUAL] CiSvc
Service C:\WINDOWS\system32\clipsrv.exe (Windows NT DDE Server/Microsoft Corporation) [DISABLED] ClipSrv
Service [DISABLED] CmdIde
Service C:\WINDOWS\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] COMSysApp
Service ContentFilter
Service ContentIndex
Service [DISABLED] Cpqarray
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] CryptSvc
Service [DISABLED] dac2w2k
Service [DISABLED] dac960nt
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] DcomLaunch
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Dhcp
Service C:\WINDOWS\system32\DRIVERS\disk.sys (PnP Disk Driver/Microsoft Corporation) [BOOT] Disk
Service C:\WINDOWS\System32\dmadmin.exe (Proces usługi Menedżera dysków logicznych/Microsoft Corp., Veritas Software) [MANUAL] dmadmin
Service C:\WINDOWS\System32\drivers\dmboot.sys (Sterownik uruchamiania Menedżera dysków NT/Microsoft Corp., Veritas Software) [DISABLED] dmboot
Service C:\WINDOWS\System32\drivers\dmio.sys (Sterownik We/Wy menedżera dysków NT/Microsoft Corp., Veritas Software) [BOOT] dmio
Service C:\WINDOWS\System32\drivers\dmload.sys (NT Disk Manager Startup Driver/Microsoft Corp., Veritas Software.) [BOOT] dmload
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] dmserver
Service C:\WINDOWS\system32\drivers\DMusic.sys (Microsoft Kernel DLS Synthesizer/Microsoft Corporation) [MANUAL] DMusic
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Dnscache
Service [DISABLED] dpti2o
Service C:\WINDOWS\system32\drivers\drmkaud.sys (Microsoft Kernel DRM Audio Descrambler Filter/Microsoft Corporation) [MANUAL] drmkaud
Service C:\WINDOWS\system32\DRIVERS\eamon.sys (Amon monitor/ESET) [AUTO] eamon
Service C:\WINDOWS\system32\DRIVERS\easdrv.sys (Eset AntiStealth driver/ESET) [SYSTEM] easdrv
Service C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (Eset HTTP Server Service/ESET) [MANUAL] EhttpSrv
Service C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (Eset Service/ESET) [AUTO] ekrn
Service C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [SYSTEM] epfwtdir
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] ERSvc
Service C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [AUTO] ES lite Service
Service C:\WINDOWS\system32\services.exe (Usługi i aplikacja Kontroler/Microsoft Corporation) [AUTO] Eventlog
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] EventSystem
Service (Fast FAT File System Driver/Microsoft Corporation) [DISABLED] Fastfat
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] FastUserSwitchingCompatibility
Service (Floppy Disk Controller Driver/Microsoft Corporation) [SYSTEM] Fdc
Service (Sterownik kryptografii FIPS/Microsoft Corporation) [SYSTEM] Fips
Service (Floppy Driver/Microsoft Corporation) [SYSTEM] Flpydisk
Service C:\WINDOWS\system32\DRIVERS\fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) [BOOT] FltMgr
Service (File System Recognizer Driver/Microsoft Corporation) [SYSTEM] Fs_Rec
Service C:\WINDOWS\system32\DRIVERS\ftdisk.sys (Sterownik dysku FT/Microsoft Corporation) [BOOT] Ftdisk
Service C:\WINDOWS\gdrv.sys (GIGABYTE Tools/Windows (R) 2000 DDK provider) [MANUAL] gdrv
Service C:\WINDOWS\system32\DRIVERS\msgpc.sys (MS General Packet Classifier/Microsoft Corporation) [MANUAL] Gpc
Service C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver v1.0a/Windows (R) Server 2003 DDK provider) [MANUAL] HDAudBus
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] helpsvc
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] HidServ
Service C:\WINDOWS\system32\DRIVERS\hidusb.sys (USB Miniport Driver for Input Devices/Microsoft Corporation) [MANUAL] HidUsb
Service [DISABLED] hpn
Service C:\WINDOWS\System32\Drivers\HTTP.sys (HTTP Protocol Stack/Microsoft Corporation) [MANUAL] HTTP
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] HTTPFilter
Service [SYSTEM] i2omgmt
Service [DISABLED] i2omp
Service C:\WINDOWS\system32\DRIVERS\i8042prt.sys (Sterownik portu i8042/Microsoft Corporation) [SYSTEM] i8042prt
Service C:\WINDOWS\system32\DRIVERS\imapi.sys (IMAPI Kernel Driver/Microsoft Corporation) [SYSTEM] Imapi
Service C:\WINDOWS\system32\imapi.exe (Image Mastering API/Microsoft Corporation) [MANUAL] ImapiService
Service inetaccs
Service [DISABLED] ini910u
Service Inport
Service C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek(r) High Definition Audio Function Driver/Realtek Semiconductor Corp.) [MANUAL] IntcAzAudAddService
Service [DISABLED] IntelIde
Service C:\WINDOWS\system32\DRIVERS\intelppm.sys (Sterownik urządzenia procesora/Microsoft Corporation) [SYSTEM] intelppm
Service C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys (IPv6 Windows Firewall Driver/Microsoft Corporation) [MANUAL] Ip6Fw
Service C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys (IP FILTER DRIVER/Microsoft Corporation) [MANUAL] IpFilterDriver
Service C:\WINDOWS\system32\DRIVERS\ipinip.sys (IP in IP Encapsulation Driver/Microsoft Corporation) [MANUAL] IpInIp
Service C:\WINDOWS\system32\DRIVERS\ipnat.sys (IP Network Address Translator/Microsoft Corporation) [MANUAL] IpNat
Service C:\WINDOWS\system32\DRIVERS\ipsec.sys (IPSec Driver/Microsoft Corporation) [SYSTEM] IPSec
Service C:\WINDOWS\system32\DRIVERS\irenum.sys (Infra-Red Bus Enumerator/Microsoft Corporation) [MANUAL] IRENUM
Service ISAPISearch
Service C:\WINDOWS\system32\DRIVERS\isapnp.sys (Sterownik magistrali ISA PNP/Microsoft Corporation) [BOOT] isapnp
Service C:\Program Files\UltraISO\drivers\ISODrive.sys (ISO DVD/CD-ROM Device Driver/EZB Systems, Inc.) [SYSTEM] ISODrive
Service C:\WINDOWS\system32\DRIVERS\kbdclass.sys (Sterownik klasy klawiatury/Microsoft Corporation) [SYSTEM] Kbdclass
Service C:\WINDOWS\system32\drivers\kmixer.sys (Kernel Mode Audio Mixer/Microsoft Corporation) [MANUAL] kmixer
Service (Kernel Security Support Provider Interface/Microsoft Corporation) [BOOT] KSecDD
Service C:\WINDOWS\system32\DRIVERS\l1c51x86.sys (Atheros AR813x/AR815x PCI-E Ethernet Controller ndis miniport driver/Atheros Communications, Inc.) [MANUAL] L1c
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] lanmanserver
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] lanmanworkstation
Service [SYSTEM] lbrtfdc
Service ldap
Service LicenseService
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] LmHosts
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Messenger
Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (Groove Audit Service/Microsoft Corporation) [MANUAL] Microsoft Office Groove Audit Service
Service (Frame buffer simulator/Microsoft Corporation) [SYSTEM] mnmdd
Service C:\WINDOWS\system32\mnmsrvc.exe (Zdalne udostępnianie pulpitu NetMeeting/Microsoft Corporation) [MANUAL] mnmsrvc
Service (Sterownik modemu/Microsoft Corporation) [MANUAL] Modem
Service C:\WINDOWS\system32\drivers\Monfilt.sys (Creative WDM Audio Driver (32-bit)/Creative Technology Ltd.) [MANUAL] Monfilt
Service C:\WINDOWS\system32\DRIVERS\mouclass.sys (Sterownik klasy myszy/Microsoft Corporation) [SYSTEM] Mouclass
Service C:\WINDOWS\system32\DRIVERS\mouhid.sys (Sterownik filtru myszy HID/Microsoft Corporation) [MANUAL] mouhid
Service (Mount Manager/Microsoft Corporation) [BOOT] MountMgr
Service [DISABLED] mraid35x
Service C:\WINDOWS\system32\DRIVERS\mrxdav.sys (Windows NT WebDav Minirdr/Microsoft Corporation) [MANUAL] MRxDAV
Service C:\WINDOWS\system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation) [SYSTEM] MRxSmb
Service C:\WINDOWS\system32\msdtc.exe (MS DTC console program/Microsoft Corporation) [MANUAL] MSDTC
Service (Mailslot driver/Microsoft Corporation) [SYSTEM] Msfs
Service C:\WINDOWS\system32\msiexec.exe (Windows® installer/Microsoft Corporation) [MANUAL] MSIServer
Service C:\WINDOWS\system32\drivers\MSKSSRV.sys (MS KS Server/Microsoft Corporation) [MANUAL] MSKSSRV
Service C:\WINDOWS\system32\drivers\MSPCLOCK.sys (MS Proxy Clock/Microsoft Corporation) [MANUAL] MSPCLOCK
Service C:\WINDOWS\system32\drivers\MSPQM.sys (MS Proxy Quality Manager/Microsoft Corporation) [MANUAL] MSPQM
Service C:\WINDOWS\system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) [MANUAL] mssmbios
Service (Multiple UNC Provider driver/Microsoft Corporation) [BOOT] Mup
Service (NDIS 5.1 wrapper driver/Microsoft Corporation) [BOOT] NDIS
Service C:\WINDOWS\system32\DRIVERS\ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation) [MANUAL] NdisTapi
Service C:\WINDOWS\system32\DRIVERS\ndisuio.sys (NDIS User mode I/O Driver/Microsoft Corporation) [MANUAL] Ndisuio
Service C:\WINDOWS\system32\DRIVERS\ndiswan.sys (MS PPP Framing Driver (Strong Encryption)/Microsoft Corporation) [MANUAL] NdisWan
Service (NDIS Proxy/Microsoft Corporation) [MANUAL] NDProxy
Service C:\WINDOWS\system32\DRIVERS\netbios.sys (NetBIOS interface driver/Microsoft Corporation) [SYSTEM] NetBIOS
Service C:\WINDOWS\system32\DRIVERS\netbt.sys (MBT Transport driver/Microsoft Corporation) [SYSTEM] NetBT
Service C:\WINDOWS\system32\netdde.exe (DDE sieci - komunikacja DDE/Microsoft Corporation) [DISABLED] NetDDE
Service C:\WINDOWS\system32\netdde.exe (DDE sieci - komunikacja DDE/Microsoft Corporation) [DISABLED] NetDDEdsdm
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [MANUAL] Netlogon
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Netman
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Nla
Service (NPFS Driver/Microsoft Corporation) [SYSTEM] Npfs
Service (NT File System Driver/Microsoft Corporation) [DISABLED] Ntfs
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [MANUAL] NtLmSsp
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] NtmsSvc
Service (NULL Driver/Microsoft Corporation) [SYSTEM] Null
Service C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Compatible Windows 2000 Miniport Driver, Version 190.38 /NVIDIA Corporation) [MANUAL] nv
Service C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Driver Helper Service, Version 190.38/NVIDIA Corporation) [AUTO] nvsvc
Service C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys (NWLINK2 Traffic Filter Driver/Microsoft Corporation) [MANUAL] NwlnkFlt
Service C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys (NWLINK2 Forwarder Driver/Microsoft Corporation) [MANUAL] NwlnkFwd
Service C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Office Diagnostics/Microsoft Corporation) [MANUAL] odserv
Service C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Office Source Engine/Microsoft Corporation) [MANUAL] ose
Service Outlook
Service C:\WINDOWS\system32\DRIVERS\parport.sys (Sterownik portu równoległego/Microsoft Corporation) [MANUAL] Parport
Service (Partition Manager/Microsoft Corporation) [BOOT] PartMgr
Service (VDM Parallel Driver/Microsoft Corporation) [AUTO] ParVdm
Service C:\WINDOWS\system32\DRIVERS\pci.sys (Licznik NT Plug and Play PCI/Microsoft Corporation) [BOOT] PCI
Service [SYSTEM] PCIDump
Service C:\WINDOWS\system32\DRIVERS\pciide.sys (Rodzajowy sterownik magistrali PCI IDE/Microsoft Corporation) [BOOT] PCIIde
Service (Sterownik magistrali PCMCIA/Microsoft Corporation) [DISABLED] Pcmcia
Service [MANUAL] PDCOMP
Service [MANUAL] PDFRAME
Service [MANUAL] PDRELI
Service [MANUAL] PDRFRAME
Service [DISABLED] perc2
Service [DISABLED] perc2hib
Service PerfDisk
Service PerfNet
Service PerfOS
Service PerfProc
Service C:\WINDOWS\system32\services.exe (Usługi i aplikacja Kontroler/Microsoft Corporation) [AUTO] PlugPlay
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] PolicyAgent
Service C:\WINDOWS\system32\DRIVERS\raspptp.sys (Peer-to-Peer Tunneling Protocol/Microsoft Corporation) [MANUAL] PptpMiniport
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] ProtectedStorage
Service C:\WINDOWS\system32\DRIVERS\psched.sys (MS QoS Packet Scheduler/Microsoft Corporation) [MANUAL] PSched
Service C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) [MANUAL] Ptilink
Service [DISABLED] ql1080
Service [DISABLED] Ql10wnt
Service [DISABLED] ql12160
Service [DISABLED] ql1240
Service [DISABLED] ql1280
Service C:\WINDOWS\system32\DRIVERS\rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation) [SYSTEM] RasAcd
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] RasAuto
Service C:\WINDOWS\system32\DRIVERS\rasl2tp.sys (RAS L2TP mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Rasl2tp
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] RasMan
Service C:\WINDOWS\system32\DRIVERS\raspppoe.sys (RAS PPPoE mini-port/call-manager driver/Microsoft Corporation) [MANUAL] RasPppoe
Service C:\WINDOWS\system32\DRIVERS\raspti.sys (PTI DirectParallel(R) mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Raspti
Service C:\WINDOWS\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation) [SYSTEM] Rdbss
Service C:\WINDOWS\System32\DRIVERS\RDPCDD.sys (RDP Miniport/Microsoft Corporation) [SYSTEM] RDPCDD
Service RDPDD
Service C:\WINDOWS\system32\DRIVERS\rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation) [MANUAL] rdpdr
Service RDPNP
Service (RDP Terminal Stack Driver (US/Canada Only, Not for Export)/Microsoft Corporation) [MANUAL] RDPWD
Service C:\WINDOWS\system32\sessmgr.exe (Menedżer sesji pomocy pulpitu zdalnego Microsoft®/Microsoft Corporation) [MANUAL] RDSessMgr
Service C:\WINDOWS\system32\DRIVERS\redbook.sys (Sterownik filtru audio Redbook/Microsoft Corporation) [SYSTEM] redbook
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] RemoteAccess
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] RemoteRegistry
Service C:\WINDOWS\system32\locator.exe (Rpc Locator/Microsoft Corporation) [MANUAL] RpcLocator
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] RpcSs
Service C:\WINDOWS\system32\rsvp.exe (Microsoft RSVP/Microsoft Corporation) [MANUAL] RSVP
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] SamSs
Service C:\WINDOWS\System32\SCardSvr.exe (Smart Card Resource Management Server/Microsoft Corporation) [MANUAL] SCardSvr
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Schedule
Service C:\WINDOWS\system32\DRIVERS\secdrv.sys [MANUAL] Secdrv
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] seclogon
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] SENS
Service C:\WINDOWS\system32\DRIVERS\serenum.sys (Serial Port Enumerator/Microsoft Corporation) [MANUAL] serenum
Service C:\WINDOWS\system32\DRIVERS\serial.sys (Sterownik urządzenia szeregowego/Microsoft Corporation) [SYSTEM] Serial
Service C:\WINDOWS\system32\DRIVERS\sermouse.sys (Sterownik filtru myszy szeregowej/Microsoft Corporation) [MANUAL] sermouse
Service (SCSI Floppy Driver/Microsoft Corporation) [SYSTEM] Sfloppy
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] SharedAccess
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] ShellHWDetection
Service [DISABLED] Simbad
Service [DISABLED] Sparrow
Service C:\WINDOWS\system32\drivers\splitter.sys (Microsoft Kernel Audio Splitter/Microsoft Corporation) [MANUAL] splitter
Service C:\WINDOWS\system32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) [AUTO] Spooler
Service C:\WINDOWS\system32\DRIVERS\sr.sys (Sterownik filtru systemu plików Przywracania systemu/Microsoft Corporation) [BOOT] sr
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] srservice
Service C:\WINDOWS\system32\DRIVERS\srv.sys (Server driver/Microsoft Corporation) [MANUAL] Srv
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] SSDPSRV
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] stisvc
Service C:\WINDOWS\system32\DRIVERS\swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation) [MANUAL] swenum
Service C:\WINDOWS\system32\drivers\swmidi.sys (Microsoft GS Wavetable Synthesizer/Microsoft Corporation) [MANUAL] swmidi
Service C:\WINDOWS\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] SwPrv
Service [DISABLED] symc810
Service [DISABLED] symc8xx
Service [DISABLED] sym_hi
Service [DISABLED] sym_u3
Service C:\WINDOWS\system32\drivers\sysaudio.sys (System Audio WDM Filter/Microsoft Corporation) [MANUAL] sysaudio
Service C:\WINDOWS\system32\smlogsvc.exe (Usługa dzienników wydajności i alertów/Microsoft Corporation) [MANUAL] SysmonLog
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] TapiSrv
Service C:\WINDOWS\system32\DRIVERS\tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation) [SYSTEM] Tcpip
Service (Named Pipe Transport Driver/Microsoft Corporation) [MANUAL] TDPIPE
Service (TCP Transport Driver/Microsoft Corporation) [MANUAL] TDTCP
Service C:\WINDOWS\system32\DRIVERS\termdd.sys (Terminal Server Driver/Microsoft Corporation) [SYSTEM] TermDD
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] TermService
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Themes
Service C:\WINDOWS\system32\tlntsvr.exe (Usługa Telnet/Microsoft Corporation) [DISABLED] TlntSvr
Service [DISABLED] TosIde
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] TrkWks
Service TSDDD
Service (UDF File System Driver/Microsoft Corporation) [DISABLED] Udfs
Service [DISABLED] ultra
Service C:\WINDOWS\system32\DRIVERS\update.sys (Update Driver/Microsoft Corporation) [MANUAL] Update
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] upnphost
Service C:\WINDOWS\System32\ups.exe (UPS Service/Microsoft Corporation) [MANUAL] UPS
Service usb
Service C:\WINDOWS\system32\DRIVERS\usbehci.sys (EHCI eUSB Miniport Driver/Microsoft Corporation) [MANUAL] usbehci
Service C:\WINDOWS\system32\DRIVERS\usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) [MANUAL] usbhub
Service C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation) [MANUAL] USBSTOR
Service C:\WINDOWS\system32\DRIVERS\usbuhci.sys (UHCI USB Miniport Driver/Microsoft Corporation) [MANUAL] usbuhci
Service C:\WINDOWS\System32\drivers\vga.sys (VGA/Super VGA Video Driver/Microsoft Corporation) [SYSTEM] VgaSave
Service [DISABLED] ViaIde
Service (Sterownik kopiowania woluminów w tle/Microsoft Corporation) [BOOT] VolSnap
Service C:\WINDOWS\System32\vssvc.exe (Usługa kopiowania woluminów w tle Microsoft®/Microsoft Corporation) [MANUAL] VSS
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] W32Time
Service W3SVC
Service C:\WINDOWS\system32\DRIVERS\wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation) [MANUAL] Wanarp
Service [MANUAL] WDICA
Service C:\WINDOWS\system32\drivers\wdmaud.sys (MMSYSTEM Wave/Midi API mapper/Microsoft Corporation) [MANUAL] wdmaud
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] WebClient
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] winmgmt
Service [MANUAL] Winsock
Service WinSock2
Service WinTrust
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] WmdmPmSN
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Wmi
Service WmiApRpl
Service C:\WINDOWS\system32\wbem\wmiapsrv.exe (Usługa karty wydajności WMI/Microsoft Corporation) [MANUAL] WmiApSrv
Service (Winsock2 IFS Layer/Microsoft Corporation) [SYSTEM] WS2IFSL
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] wscsvc
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] wuauserv
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] WZCSVC
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] xmlprov
Service {5167DEDA-5199-4F23-A6F1-0E7C34B1B234}

---- EOF - GMER 1.0.15 ----
[/log]

Tomek01
komentarz
komentarz

Do notatnika systemowego wklej taki tekst:
[code]Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WiseStubReboot"=-[/code]

Plik zapisz jako/zmień rozszerzenie na wszystkie pliki/zapisz jako fix.reg/dwuklikiem dodajesz do rejestru.



Do [url=http://images.malwareremoval.com/jpshortstuff/SystemLook.exe][b]System Look[/b][/url] wklej:
[code]:file
C:\WINDOWS\Explorer.EXE

:dir
Explorer.EXE[/code]

Wciśnij look, pokaż co wyskoczyło.

icam87
komentarz
komentarz

oto log z system look
[log] SystemLook 04.09.10 by jpshortstuff
Log created at 12:04 on 04/02/2011 by Kiciński
Administrator - Elevation successful

========== file ==========

C:\WINDOWS\Explorer.EXE - File found and opened.
MD5: 379098A96E6C165B659DE7E4328010EA
Created at 22:44 on 03/08/2004
Modified at 22:44 on 03/08/2004
Size: 1033728 bytes
Attributes: --a----
FileDescription: Eksplorator Windows
FileVersion: 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion: 6.00.2900.2180
OriginalFilename: EXPLORER.EXE
InternalName: explorer
ProductName: System operacyjny Microsoft® Windows®
CompanyName: Microsoft Corporation
LegalCopyright: © Microsoft Corporation. Wszelkie prawa zastrzeżone.

========== dir ==========

Explorer.EXE - Unable to find folder.

-= EOF =-
[/log]

chciałbym dodać ze doctor-Web odnalazł 2 trojany "siggen2.16874" jeden znajdował sie w ściągniętym OTL.exe
i nasuwa się teraz pytanie.. dlaczego mój NOD 32 tego nie wykrył

Tomek01
komentarz
komentarz

Co do OTL, to fałszywy alarm. A ten drugi zależnie w jakiej lokalizacji.
Twój system jest czysty.

icam87
komentarz
komentarz

Ten drugi znajdował sie w "C:\Documents and Settings\Kiciński\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\2uxym67z.default\Cache " nazwa to " DA761E44d01 " (Trojan.Siggen2.16874) Niewyleczalny.Przeniesiony.

Dał bym loga z doctor-web ale nie wiem czy ma to sens ponieważ wykrył tylko te 2 trojany.

Tomek01
komentarz
komentarz

To są po prostu ciasteczka, nic groźnego.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.