EXPOLORER.exe - jak się pozbyć ?

[Soul_bullock]

Chodzi mi o EXPOLORER.exe ( a nie explorer ) szukałem i znalazłem jakies tematy ale nie do końca rozumiem o co w nich chodzi :/ czy jest w stanie mi ktoś wytłumaczyć jak mam sie tego pozbyc ? Najlpeiej bez potrzeby formatowania. Ważne by było to dla mnie zrozumiałe ;D

[Natsuki Kuga]

Zapoznaj się z przyklejonymi w dziale Bezpieczeństwo i pokaż odpowiednie logi.

[Soul_bullock]

Przy OTL byla opcja "pomiń znane dobre pliki" czy to źle że ją zaznaczyłem ?
[b]OTL.txt[/b]
[log]OTL logfile created on: 2013-01-01 18:05:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Moje dokumenty\Downloads
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1015,48 Mb Total Physical Memory | 660,21 Mb Available Physical Memory | 65,01% Memory free
2,39 Gb Paging File | 2,08 Gb Available in Paging File | 87,16% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 54,08 Gb Free Space | 92,29% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 47,47 Gb Free Space | 97,23% Space Free | Partition Type: NTFS
Drive E: | 41,62 Gb Total Space | 38,54 Gb Free Space | 92,61% Space Free | Partition Type: NTFS

Computer Name: PIOTREK | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2013-01-01 17:56:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Moje dokumenty\Downloads\OTL.exe
PRC - [2012-12-31 11:42:51 | 000,170,408 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012-12-30 22:20:32 | 000,323,584 | ---- | M] (Asprate) -- C:\Program Files\Asprate\Tibia Multi IP Changer\Tibia MULTI-ip changer.exe
PRC - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2006-08-02 22:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2004-08-03 23:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2004-08-03 23:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2004-08-03 23:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2004-08-03 23:44:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004-08-03 23:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2004-08-03 23:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2004-08-03 23:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2004-07-01 05:02:52 | 000,155,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxtray.exe
PRC - [2004-07-01 04:58:46 | 000,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2013-01-01 17:56:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Moje dokumenty\Downloads\OTL.exe
MOD - [2012-12-31 11:42:51 | 000,768,848 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Java\jre7\bin\msvcr100.dll
MOD - [2012-12-31 11:42:51 | 000,170,408 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
MOD - [2012-12-30 22:20:32 | 000,323,584 | ---- | M] (Asprate) -- C:\Program Files\Asprate\Tibia Multi IP Changer\Tibia MULTI-ip changer.exe
MOD - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
MOD - [2012-12-05 02:15:15 | 012,456,040 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
MOD - [2012-12-05 02:15:15 | 000,460,904 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppgooglenaclpluginchrome.dll
MOD - [2012-12-05 02:15:14 | 004,008,040 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
MOD - [2012-12-05 02:14:27 | 009,963,112 | ---- | M] (The ICU Project) -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\icudt.dll
MOD - [2012-12-05 02:14:23 | 041,743,976 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\chrome.dll
MOD - [2012-12-05 02:14:21 | 000,157,304 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avutil-51.dll
MOD - [2012-12-05 02:14:20 | 000,275,576 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avformat-54.dll
MOD - [2012-12-05 02:14:19 | 002,168,952 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll
MOD - [2012-10-13 11:38:14 | 000,856,064 | ---- | M] (GG Network S.A.) -- C:\Documents and Settings\Administrator\Dane aplikacji\GG\ggdrive\ggdrive-menu.dll
MOD - [2012-06-05 10:41:30 | 001,232,896 | ---- | M] (GG Network S.A.) -- C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll
MOD - [2011-01-17 16:19:10 | 000,420,864 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
MOD - [2009-07-12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009-07-12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
MOD - [2006-08-02 22:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
MOD - [2006-06-02 12:01:34 | 000,151,552 | R--- | M] (STMicroelectronics ) -- C:\WINDOWS\system32\stmctrl.dll
MOD - [2004-08-03 23:54:52 | 000,359,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll
MOD - [2004-08-03 23:54:52 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll
MOD - [2004-08-03 23:54:52 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll
MOD - [2004-08-03 23:54:52 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv
MOD - [2004-08-03 23:54:52 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2004-08-03 23:54:52 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll
MOD - [2004-08-03 23:44:32 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\h323.tsp
MOD - [2004-08-03 23:44:32 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp
MOD - [2004-08-03 23:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2004-08-03 23:44:32 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ndptsp.tsp
MOD - [2004-08-03 23:44:32 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp
MOD - [2004-08-03 23:44:32 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp
MOD - [2004-08-03 23:44:32 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipconf.tsp
MOD - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
MOD - [2004-08-03 23:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
MOD - [2004-08-03 23:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
MOD - [2004-08-03 23:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
MOD - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
MOD - [2004-08-03 23:44:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
MOD - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
MOD - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
MOD - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
MOD - [2004-08-03 23:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
MOD - [2004-08-03 23:44:16 | 000,658,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2004-08-03 23:44:16 | 000,437,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll
MOD - [2004-08-03 23:44:16 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll
MOD - [2004-08-03 23:44:16 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2004-08-03 23:44:16 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll
MOD - [2004-08-03 23:44:16 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2004-08-03 23:44:16 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll
MOD - [2004-08-03 23:44:16 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprov.dll
MOD - [2004-08-03 23:44:16 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll
MOD - [2004-08-03 23:44:16 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll
MOD - [2004-08-03 23:44:16 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll
MOD - [2004-08-03 23:44:16 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll
MOD - [2004-08-03 23:44:16 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll
MOD - [2004-08-03 23:44:16 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiaprpl.dll
MOD - [2004-08-03 23:44:16 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2004-08-03 23:44:16 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2004-08-03 23:44:16 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll
MOD - [2004-08-03 23:44:16 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2004-08-03 23:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll
MOD - [2004-08-03 23:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2004-08-03 23:44:16 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2004-08-03 23:44:16 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll
MOD - [2004-08-03 23:44:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2004-08-03 23:44:14 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll
MOD - [2004-08-03 23:44:14 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2004-08-03 23:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2004-08-03 23:44:14 | 000,530,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll
MOD - [2004-08-03 23:44:14 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll
MOD - [2004-08-03 23:44:14 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll
MOD - [2004-08-03 23:44:14 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll
MOD - [2004-08-03 23:44:14 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll
MOD - [2004-08-03 23:44:14 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll
MOD - [2004-08-03 23:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll
MOD - [2004-08-03 23:44:14 | 000,246,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapisrv.dll
MOD - [2004-08-03 23:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2004-08-03 23:44:14 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll
MOD - [2004-08-03 23:44:14 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll
MOD - [2004-08-03 23:44:14 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll
MOD - [2004-08-03 23:44:14 | 000,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll
MOD - [2004-08-03 23:44:14 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll
MOD - [2004-08-03 23:44:14 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll
MOD - [2004-08-03 23:44:14 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll
MOD - [2004-08-03 23:44:14 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll
MOD - [2004-08-03 23:44:14 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemsvc.dll
MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemprox.dll
MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2004-08-03 23:44:14 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll
MOD - [2004-08-03 23:44:14 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uniplat.dll
MOD - [2004-08-03 23:44:12 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2004-08-03 23:44:12 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll
MOD - [2004-08-03 23:44:12 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll
MOD - [2004-08-03 23:44:12 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll
MOD - [2004-08-03 23:44:12 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll
MOD - [2004-08-03 23:44:12 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll
MOD - [2004-08-03 23:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2004-08-03 23:44:12 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2004-08-03 23:44:12 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll
MOD - [2004-08-03 23:44:10 | 008,412,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2004-08-03 23:44:10 | 001,483,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll
MOD - [2004-08-03 23:44:10 | 001,439,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\query.dll
MOD - [2004-08-03 23:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2004-08-03 23:44:10 | 000,675,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll
MOD - [2004-08-03 23:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2004-08-03 23:44:10 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll
MOD - [2004-08-03 23:44:10 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll
MOD - [2004-08-03 23:44:10 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll
MOD - [2004-08-03 23:44:10 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll
MOD - [2004-08-03 23:44:10 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasppp.dll
MOD - [2004-08-03 23:44:10 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll
MOD - [2004-08-03 23:44:10 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
MOD - [2004-08-03 23:44:10 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll
MOD - [2004-08-03 23:44:10 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasmans.dll
MOD - [2004-08-03 23:44:10 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll
MOD - [2004-08-03 23:44:10 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll
MOD - [2004-08-03 23:44:10 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll
MOD - [2004-08-03 23:44:10 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll
MOD - [2004-08-03 23:44:10 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll
MOD - [2004-08-03 23:44:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2004-08-03 23:44:10 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll
MOD - [2004-08-03 23:44:10 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll
MOD - [2004-08-03 23:44:10 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastapi.dll
MOD - [2004-08-03 23:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2004-08-03 23:44:10 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll
MOD - [2004-08-03 23:44:10 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2004-08-03 23:44:10 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll
MOD - [2004-08-03 23:44:10 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll
MOD - [2004-08-03 23:44:10 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll
MOD - [2004-08-03 23:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2004-08-03 23:44:10 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll
MOD - [2004-08-03 23:44:10 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll
MOD - [2004-08-03 23:44:10 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll
MOD - [2004-08-03 23:44:10 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll
MOD - [2004-08-03 23:44:10 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll
MOD - [2004-08-03 23:44:08 | 001,714,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll
MOD - [2004-08-03 23:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2004-08-03 23:44:08 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netcfgx.dll
MOD - [2004-08-03 23:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2004-08-03 23:44:08 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll
MOD - [2004-08-03 23:44:08 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2004-08-03 23:44:08 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pdh.dll
MOD - [2004-08-03 23:44:08 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll
MOD - [2004-08-03 23:44:08 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2004-08-03 23:44:08 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2004-08-03 23:44:08 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll
MOD - [2004-08-03 23:44:08 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll
MOD - [2004-08-03 23:44:08 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2004-08-03 23:44:08 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mydocs.dll
MOD - [2004-08-03 23:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2004-08-03 23:44:08 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2004-08-03 23:44:08 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll
MOD - [2004-08-03 23:44:08 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll
MOD - [2004-08-03 23:44:08 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2004-08-03 23:44:08 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfctrs.dll
MOD - [2004-08-03 23:44:08 | 000,038,912 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
MOD - [2004-08-03 23:44:08 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll
MOD - [2004-08-03 23:44:08 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfproc.dll
MOD - [2004-08-03 23:44:08 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfdisk.dll
MOD - [2004-08-03 23:44:08 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfos.dll
MOD - [2004-08-03 23:44:08 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcbcp.dll
MOD - [2004-08-03 23:44:08 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll
MOD - [2004-08-03 23:44:08 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2004-08-03 23:44:08 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlsapi.dll
MOD - [2004-08-03 23:44:06 | 002,804,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll
MOD - [2004-08-03 23:44:06 | 001,392,671 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvbvm60.dll
MOD - [2004-08-03 23:44:06 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2004-08-03 23:44:06 | 000,537,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msftedit.dll
MOD - [2004-08-03 23:44:06 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2004-08-03 23:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2004-08-03 23:44:06 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll
MOD - [2004-08-03 23:44:06 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll
MOD - [2004-08-03 23:44:06 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll
MOD - [2004-08-03 23:44:06 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll
MOD - [2004-08-03 23:44:06 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll
MOD - [2004-08-03 23:44:06 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msidle.dll
MOD - [2004-08-03 23:44:06 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll
MOD - [2004-08-03 23:44:04 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll
MOD - [2004-08-03 23:44:04 | 000,425,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcprx.dll
MOD - [2004-08-03 23:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2004-08-03 23:44:04 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcuiu.dll
MOD - [2004-08-03 23:44:04 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll
MOD - [2004-08-03 23:44:04 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll
MOD - [2004-08-03 23:44:04 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2004-08-03 23:44:04 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2004-08-03 23:44:04 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2004-08-03 23:44:04 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2004-08-03 23:44:02 | 001,024,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42u.dll
MOD - [2004-08-03 23:44:02 | 001,012,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2004-08-03 23:44:02 | 000,723,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll
MOD - [2004-08-03 23:44:02 | 000,343,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll
MOD - [2004-08-03 23:44:02 | 000,331,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipnathlp.dll
MOD - [2004-08-03 23:44:02 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll
MOD - [2004-08-03 23:44:02 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll
MOD - [2004-08-03 23:44:02 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\loadperf.dll
MOD - [2004-08-03 23:44:02 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2004-08-03 23:44:02 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll
MOD - [2004-08-03 23:44:02 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfcsubs.dll
MOD - [2004-08-03 23:44:02 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lpk.dll
MOD - [2004-08-03 23:44:02 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll
MOD - [2004-08-03 23:44:02 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2004-08-03 23:44:00 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll
MOD - [2004-08-03 23:44:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2004-08-03 23:44:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2004-08-03 23:44:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2004-08-03 23:44:00 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll
MOD - [2004-08-03 23:43:58 | 001,092,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll
MOD - [2004-08-03 23:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll
MOD - [2004-08-03 23:43:58 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\duser.dll
MOD - [2004-08-03 23:43:58 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll
MOD - [2004-08-03 23:43:58 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll
MOD - [2004-08-03 23:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
MOD - [2004-08-03 23:43:56 | 001,251,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comsvcs.dll
MOD - [2004-08-03 23:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2004-08-03 23:43:56 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dbghelp.dll
MOD - [2004-08-03 23:43:56 | 000,611,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll
MOD - [2004-08-03 23:43:56 | 000,601,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2004-08-03 23:43:56 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll
MOD - [2004-08-03 23:43:56 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dsound.dll
MOD - [2004-08-03 23:43:56 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll
MOD - [2004-08-03 23:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2004-08-03 23:43:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll
MOD - [2004-08-03 23:43:56 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll
MOD - [2004-08-03 23:43:56 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll
MOD - [2004-08-03 23:43:56 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll
MOD - [2004-08-03 23:43:56 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptnet.dll
MOD - [2004-08-03 23:43:56 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\colbact.dll
MOD - [2004-08-03 23:43:56 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll
MOD - [2004-08-03 23:43:56 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\devenum.dll
MOD - [2004-08-03 23:43:56 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll
MOD - [2004-08-03 23:43:56 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2004-08-03 23:43:56 | 000,024,064 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\system32\dmserver.dll
MOD - [2004-08-03 23:43:56 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2004-08-03 23:43:54 | 001,017,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll
MOD - [2004-08-03 23:43:54 | 000,628,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\catsrvut.dll
MOD - [2004-08-03 23:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2004-08-03 23:43:54 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\catsrv.dll
MOD - [2004-08-03 23:43:54 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll
MOD - [2004-08-03 23:43:54 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2004-08-03 23:43:54 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll
MOD - [2004-08-03 23:43:54 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\asycfilt.dll
MOD - [2004-08-03 23:43:54 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll
MOD - [2004-08-03 23:43:54 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll
MOD - [2004-08-03 23:43:54 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll
MOD - [2004-08-03 23:43:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll
MOD - [2004-08-03 23:43:54 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll
MOD - [2004-08-03 23:43:54 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll
MOD - [2004-08-03 23:43:52 | 001,852,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcGenral.dll
MOD - [2004-08-03 23:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2004-08-03 23:43:52 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll
MOD - [2004-08-03 23:43:52 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll
MOD - [2004-08-03 23:43:52 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll
MOD - [2004-08-03 23:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2004-08-03 23:43:42 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapres.dll
MOD - [2004-08-03 23:43:42 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll
MOD - [2004-08-03 23:43:30 | 002,953,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2004-08-03 23:43:20 | 000,563,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdoclc.dll
MOD - [2004-08-03 23:43:14 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2004-08-03 23:43:08 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll
MOD - [2004-08-03 23:42:40 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browselc.dll
MOD - [2004-08-03 23:42:34 | 001,712,128 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\GdiPlus.dll
MOD - [2004-08-03 23:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004-08-03 22:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2004-08-03 21:31:44 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2004-08-03 21:31:44 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll
MOD - [2004-07-01 05:03:56 | 000,167,936 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxres.dll
MOD - [2004-07-01 05:02:52 | 000,155,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxtray.exe
MOD - [2004-07-01 05:02:28 | 000,225,280 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpph.dll
MOD - [2004-07-01 04:58:46 | 000,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
MOD - [2004-07-01 04:58:34 | 000,126,976 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxhk.dll
MOD - [2004-07-01 04:58:26 | 000,344,064 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.dll
MOD - [2004-07-01 04:58:02 | 001,097,728 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxress.dll
MOD - [2004-07-01 04:57:50 | 000,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hccutils.dll
MOD - [2004-07-01 04:57:42 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxdev.dll
MOD - [2001-10-26 18:30:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv
MOD - [2001-10-26 18:29:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\traffic.dll
MOD - [2001-10-26 18:29:44 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\utildll.dll
MOD - [2001-10-26 18:29:44 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapiperf.dll
MOD - [2001-10-26 18:29:40 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll
MOD - [2001-10-26 18:29:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfnet.dll
MOD - [2001-10-26 18:29:40 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasctrs.dll
MOD - [2001-10-26 18:29:40 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfts.dll
MOD - [2001-10-26 18:29:40 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pschdprf.dll
MOD - [2001-10-26 18:29:40 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvpperf.dll
MOD - [2001-10-26 18:28:30 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012-12-31 11:42:51 | 000,170,408 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012-12-31 00:28:18 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2004-08-03 23:44:02 | 000,174,326 | RHS- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\omepcb.dll -- (ojumdcjt)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCAMPR5.SYS -- (PCAMPR5)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2006-08-18 06:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM)
DRV - [2006-05-25 16:28:44 | 000,684,265 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb)
DRV - [2004-08-04 00:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2003-08-12 15:51:00 | 000,060,255 | R--- | M] (STMicroelectronics ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm)
DRV - [2003-08-04 13:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)
DRV - [2001-08-17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001-08-17 21:12:40 | 000,019,017 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8029.sys -- (rtl8029)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-436374069-2049760794-1417001333-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.neostrada.pl"]http://www.neostrada.pl[/url]
IE - HKU\S-1-5-21-436374069-2049760794-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)


[2012-12-31 10:04:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - Extension: Dysk Google = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AdslTaskBar] C:\WINDOWS\System32\stmctrl.dll (STMicroelectronics )
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-436374069-2049760794-1417001333-500..\Run: [AQQ] C:\Program Files\WapSter\WapSter AQQ\AQQ.exe ()
O4 - HKU\S-1-5-21-436374069-2049760794-1417001333-500..\Run: [EXPLORER.EXE] C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-436374069-2049760794-1417001333-500..\Run: [wsctf.exe] wsctf.exe File not found
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-436374069-2049760794-1417001333-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-436374069-2049760794-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKU\S-1-5-21-436374069-2049760794-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab"]http://java.sun.com/..._4_0_03-win.cab[/url] (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} [url="http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab"]http://java.sun.com/..._4_0_03-win.cab[/url] (Java Plug-in 1.4.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C623AF4C-8D95-491C-9A29-24DCEC5B7DCF}: NameServer = 194.204.159.1 194.204.152.34
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (EXPLORER.EXE) - C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012-12-30 21:35:19 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012-12-30 21:35:20 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012-12-30 21:35:20 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: ojumdcjt - C:\WINDOWS\system32\omepcb.dll ()


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-12-31 20:54:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Total Video Player
[2012-12-31 20:54:23 | 000,000,000 | ---D | C] -- C:\Program Files\Total Video Player
[2012-12-31 11:43:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2012-12-31 11:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012-12-31 11:38:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Sun
[2012-12-31 11:36:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenOffice.org
[2012-12-31 11:03:04 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\OpenOffice.org 3.3
[2012-12-31 11:02:06 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2012-12-31 11:00:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\OpenOffice.org 3.3 (pl) Installation Files
[2012-12-31 10:05:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe
[2012-12-31 10:05:14 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\GG dysk
[2012-12-31 10:04:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla
[2012-12-31 10:04:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\GG
[2012-12-31 10:03:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\GG
[2012-12-31 10:03:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GG
[2012-12-31 00:13:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
[2012-12-30 22:40:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Tibia
[2012-12-30 22:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Tibia
[2012-12-30 22:27:55 | 000,000,000 | ---D | C] -- C:\Program Files\Tibia
[2012-12-30 22:20:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Asprate
[2012-12-30 22:20:07 | 000,000,000 | ---D | C] -- C:\Program Files\Asprate
[2012-12-30 22:19:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\WinRAR
[2012-12-30 22:19:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\WinRAR
[2012-12-30 22:19:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\WinRAR
[2012-12-30 22:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012-12-30 22:18:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\Piotrek
[2012-12-30 21:35:19 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2012-12-30 21:33:56 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012-12-30 21:24:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\WapSter
[2012-12-30 21:24:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\WapSter
[2012-12-30 21:12:15 | 000,000,000 | ---D | C] -- C:\Program Files\WapSter
[2012-12-30 20:51:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Opera
[2012-12-30 20:51:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera
[2012-12-30 20:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2012-12-30 20:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start
[2012-12-30 20:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty
[2012-12-30 20:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
[2012-12-30 20:47:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Szablony
[2012-12-30 20:47:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Ulubione
[2012-12-30 20:47:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Pulpit
[2012-12-30 20:46:27 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
[2012-12-30 20:46:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji
[2012-12-30 20:41:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Downloads
[2012-12-30 20:38:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome
[2012-12-30 20:33:47 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012-12-30 20:33:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google
[2012-12-30 20:28:11 | 000,032,768 | ---- | C] (France Télécom R&D) -- C:\WINDOWS\System32\WooDial2000.dll
[2012-12-30 20:28:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\neostrada tp
[2012-12-30 20:27:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\InsFiles
[2012-12-30 20:27:43 | 000,102,400 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\stmtrace.exe
[2012-12-30 20:27:43 | 000,065,536 | R--- | C] (STMicroelectronics) -- C:\WINDOWS\DSLTest.exe
[2012-12-30 20:27:42 | 000,446,464 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmadsl.cpl
[2012-12-30 20:27:42 | 000,060,255 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\drivers\stmatm.sys
[2012-12-30 20:26:18 | 000,425,984 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmcfg32.dll
[2012-12-30 20:26:18 | 000,151,552 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmctrl.dll
[2012-12-30 20:26:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ZXDSL 852
[2012-12-30 20:26:12 | 000,000,000 | ---D | C] -- C:\Program Files\ZTE ZXDSL 852
[2012-12-30 20:26:02 | 000,094,208 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\W32n50.dll
[2012-12-30 20:26:02 | 000,016,128 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCANDIS5.SYS
[2012-12-30 20:25:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Java 2 Runtime Environment
[2012-12-30 20:25:33 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012-12-30 20:24:13 | 000,000,000 | ---D | C] -- C:\Program Files\neostrada tp
[2012-12-30 20:21:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Macromedia
[2012-12-30 20:21:00 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2012-12-30 20:20:55 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2012-12-30 20:20:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2012-12-30 20:20:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2012-12-30 20:20:50 | 000,000,000 | R--D | C] -- C:\Program Files
[2012-12-30 20:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2012-12-30 20:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2012-12-30 20:20:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2012-12-30 20:20:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2012-12-30 20:19:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2012-12-30 20:19:40 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012-12-30 20:16:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2012-12-30 20:13:50 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2012-12-30 20:13:50 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2012-12-30 20:13:50 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2012-12-30 20:13:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1045
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2012-12-30 20:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek Sound Manager
[2012-12-30 20:13:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Realtek Sound Manager
[2012-12-30 20:13:25 | 000,000,000 | ---D | C] -- C:\Program Files\AvRack
[2012-12-30 20:13:11 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek AC97
[2012-12-30 20:10:56 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012-12-30 20:10:05 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012-12-30 20:09:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012-12-30 20:09:10 | 000,000,000 | ---D | C] -- C:\Intel
[2012-12-30 20:08:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2012-12-30 20:05:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Identities
[2012-12-30 20:05:04 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2012-12-30 20:04:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moje obrazy
[2012-12-30 20:04:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moja muzyka
[2012-12-30 20:04:51 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft
[2012-12-30 20:04:51 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Cookies
[2012-12-30 20:04:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\SendTo
[2012-12-30 20:04:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2012-12-30 20:04:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji
[2012-12-30 20:04:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Ulubione
[2012-12-30 20:04:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty
[2012-12-30 20:04:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start
[2012-12-30 20:04:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart
[2012-12-30 20:04:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Akcesoria
[2012-12-30 20:04:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne
[2012-12-30 20:04:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Szablony
[2012-12-30 20:04:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\PrintHood
[2012-12-30 20:04:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\NetHood
[2012-12-30 20:04:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit
[2012-12-30 20:04:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft
[2012-12-30 20:04:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2012-12-30 20:03:31 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2012-12-30 20:03:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012-12-30 20:03:30 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2012-12-30 20:03:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2012-12-30 20:03:21 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2012-12-30 20:03:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2012-12-30 20:01:30 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012-12-30 20:01:30 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012-12-30 20:01:30 | 000,026,624 | ---- | C] (RICOH Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2012-12-30 20:00:00 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012-12-30 19:59:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2012-12-30 19:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2012-12-30 19:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2012-12-30 19:57:32 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2012-12-30 19:57:17 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2012-12-30 19:57:16 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2012-12-30 19:57:01 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2012-12-30 19:56:57 | 000,000,000 | ---D | C] -- C:\Program Files\Usługi online
[2012-12-30 19:56:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2012-12-30 19:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2012-12-30 19:56:04 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2012-12-30 19:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2012-12-30 19:55:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2012-12-30 19:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2012-12-30 19:55:51 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2012-12-30 19:55:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2012-12-30 19:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2012-12-30 19:55:37 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2012-12-30 19:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2012-12-30 19:55:29 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2012-12-30 19:55:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy
[2012-12-30 19:54:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Gry
[2012-12-30 19:54:38 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2012-12-30 19:54:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Narzędzia administracyjne
[2012-12-30 19:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2012-12-30 19:54:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka
[2012-12-30 19:54:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2012-12-30 19:54:17 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2012-12-30 19:54:13 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2012-12-30 19:53:44 | 000,283,136 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2012-12-30 19:53:43 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2012-12-30 19:53:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2012-12-30 19:53:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2012-12-30 19:53:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo
[2012-12-30 19:52:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2013-01-01 17:38:22 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013-01-01 17:24:06 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013-01-01 11:15:48 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013-01-01 11:15:40 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013-01-01 11:15:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-01-01 11:15:35 | 000,121,336 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-12-31 20:55:22 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-12-31 20:54:28 | 000,000,649 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Total Video Player.lnk
[2012-12-31 11:36:54 | 000,000,864 | ---- | M] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\OpenOffice.org 3.3.lnk
[2012-12-31 11:03:05 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.3.lnk
[2012-12-31 10:05:14 | 000,001,691 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\GG dysk.lnk
[2012-12-31 10:04:09 | 000,001,180 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\GG.lnk
[2012-12-30 20:51:52 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2012-12-30 20:28:06 | 000,001,414 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\ZTE ZXDSL 852.lnk
[2012-12-30 20:26:22 | 000,002,849 | ---- | M] () -- C:\WINDOWS\stsetup.htm
[2012-12-30 20:21:04 | 000,001,362 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012-12-30 20:18:04 | 000,000,353 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Moje dokumenty.lnk
[2012-12-30 20:17:55 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Mój komputer.lnk
[2012-12-30 20:13:26 | 000,001,519 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AvRack.lnk
[2012-12-30 20:06:23 | 000,355,830 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-12-30 20:06:23 | 000,311,740 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-12-30 20:06:23 | 000,049,712 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-12-30 20:06:23 | 000,040,128 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-12-30 20:03:24 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2012-12-30 20:02:20 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012-12-30 19:58:55 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012-12-30 19:58:55 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012-12-30 19:58:55 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012-12-30 19:58:45 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012-12-30 19:58:44 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012-12-30 19:58:44 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012-12-30 19:58:32 | 000,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012-12-30 19:54:47 | 000,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012-12-30 19:52:14 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-12-31 20:55:22 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-12-31 20:54:28 | 000,000,649 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Total Video Player.lnk
[2012-12-31 11:36:54 | 000,000,864 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\OpenOffice.org 3.3.lnk
[2012-12-31 11:03:05 | 000,000,923 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.3.lnk
[2012-12-31 10:05:14 | 000,001,691 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\GG dysk.lnk
[2012-12-31 10:04:09 | 000,001,180 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\GG.lnk
[2012-12-31 10:03:49 | 000,001,186 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\GG.lnk
[2012-12-31 00:28:19 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-12-30 20:51:52 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk
[2012-12-30 20:51:52 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2012-12-30 20:33:50 | 000,001,050 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-12-30 20:33:49 | 000,001,046 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-12-30 20:31:54 | 000,000,643 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Messenger.lnk
[2012-12-30 20:28:06 | 000,001,414 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\ZTE ZXDSL 852.lnk
[2012-12-30 20:27:43 | 000,000,902 | R--- | C] () -- C:\WINDOWS\System32\setup.ini
[2012-12-30 20:27:43 | 000,000,161 | R--- | C] () -- C:\WINDOWS\DSLSetup.ini
[2012-12-30 20:27:42 | 000,684,265 | R--- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys
[2012-12-30 20:27:42 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\stmclean.exe
[2012-12-30 20:27:42 | 000,018,498 | R--- | C] () -- C:\WINDOWS\System32\CSALogo.bmp
[2012-12-30 20:26:11 | 000,002,849 | ---- | C] () -- C:\WINDOWS\stsetup.htm
[2012-12-30 20:25:34 | 000,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2012-12-30 20:20:59 | 000,001,362 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012-12-30 20:20:54 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012-12-30 20:20:51 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2012-12-30 20:20:51 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2012-12-30 20:20:51 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2012-12-30 20:20:51 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2012-12-30 20:20:33 | 000,001,734 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2012-12-30 20:20:21 | 000,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2012-12-30 20:20:21 | 000,102,826 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2012-12-30 20:20:21 | 000,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2012-12-30 20:20:21 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012-12-30 20:20:21 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2012-12-30 20:20:20 | 000,808,524 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012-12-30 20:20:20 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012-12-30 20:20:20 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2012-12-30 20:20:20 | 000,030,983 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2012-12-30 20:20:20 | 000,014,043 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2012-12-30 20:20:20 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012-12-30 20:20:20 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2012-12-30 20:20:20 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012-12-30 20:20:20 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2012-12-30 20:20:19 | 001,896,400 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2012-12-30 20:20:19 | 001,014,483 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2012-12-30 20:20:19 | 000,620,500 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2012-12-30 20:19:40 | 000,121,336 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-12-30 20:18:25 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2012-12-30 20:18:21 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2012-12-30 20:18:04 | 000,000,353 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Moje dokumenty.lnk
[2012-12-30 20:17:55 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Mój komputer.lnk
[2012-12-30 20:13:48 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012-12-30 20:13:26 | 000,001,519 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AvRack.lnk
[2012-12-30 20:13:25 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2012-12-30 20:13:06 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\alsndmgr.wav
[2012-12-30 20:13:02 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2012-12-30 20:07:02 | 000,067,380 | ---- | C] () -- C:\WINDOWS\System32\igfxhhun.lhp
[2012-12-30 20:07:02 | 000,065,087 | ---- | C] () -- C:\WINDOWS\System32\igfxhkor.lhp
[2012-12-30 20:07:02 | 000,063,938 | ---- | C] () -- C:\WINDOWS\System32\igfxhtrk.lhp
[2012-12-30 20:07:02 | 000,062,815 | ---- | C] () -- C:\WINDOWS\System32\igfxhplk.lhp
[2012-12-30 20:07:02 | 000,062,509 | ---- | C] () -- C:\WINDOWS\System32\igfxhdeu.lhp
[2012-12-30 20:07:02 | 000,061,984 | ---- | C] () -- C:\WINDOWS\System32\igfxhsve.lhp
[2012-12-30 20:07:02 | 000,061,950 | ---- | C] () -- C:\WINDOWS\System32\igfxhfrc.lhp
[2012-12-30 20:07:02 | 000,061,869 | ---- | C] () -- C:\WINDOWS\System32\igfxhtha.lhp
[2012-12-30 20:07:02 | 000,061,799 | ---- | C] () -- C:\WINDOWS\System32\igfxhfin.lhp
[2012-12-30 20:07:02 | 000,061,511 | ---- | C] () -- C:\WINDOWS\System32\igfxhfra.lhp
[2012-12-30 20:07:02 | 000,061,388 | ---- | C] () -- C:\WINDOWS\System32\igfxhptg.lhp
[2012-12-30 20:07:02 | 000,060,848 | ---- | C] () -- C:\WINDOWS\System32\igfxhesp.lhp
[2012-12-30 20:07:02 | 000,060,758 | ---- | C] () -- C:\WINDOWS\System32\igfxhjpn.lhp
[2012-12-30 20:07:02 | 000,060,547 | ---- | C] () -- C:\WINDOWS\System32\igfxhell.lhp
[2012-12-30 20:07:02 | 000,060,476 | ---- | C] () -- C:\WINDOWS\System32\igfxhdan.lhp
[2012-12-30 20:07:02 | 000,060,436 | ---- | C] () -- C:\WINDOWS\System32\igfxhptb.lhp
[2012-12-30 20:07:02 | 000,060,216 | ---- | C] () -- C:\WINDOWS\System32\igfxhrus.lhp
[2012-12-30 20:07:02 | 000,059,861 | ---- | C] () -- C:\WINDOWS\System32\igfxharb.lhp
[2012-12-30 20:07:02 | 000,059,760 | ---- | C] () -- C:\WINDOWS\System32\igfxhcsy.lhp
[2012-12-30 20:07:02 | 000,059,753 | ---- | C] () -- C:\WINDOWS\System32\igfxhara.lhp
[2012-12-30 20:07:02 | 000,059,448 | ---- | C] () -- C:\WINDOWS\System32\igfxhnld.lhp
[2012-12-30 20:07:02 | 000,059,350 | ---- | C] () -- C:\WINDOWS\System32\igfxhnor.lhp
[2012-12-30 20:07:02 | 000,059,095 | ---- | C] () -- C:\WINDOWS\System32\igfxhita.lhp
[2012-12-30 20:07:02 | 000,059,064 | ---- | C] () -- C:\WINDOWS\System32\igfxhheb.lhp
[2012-12-30 20:07:02 | 000,058,394 | ---- | C] () -- C:\WINDOWS\System32\igfxhcht.lhp
[2012-12-30 20:07:02 | 000,057,559 | ---- | C] () -- C:\WINDOWS\System32\igfxheng.lhp
[2012-12-30 20:07:02 | 000,057,430 | ---- | C] () -- C:\WINDOWS\System32\igfxhchs.lhp
[2012-12-30 20:07:02 | 000,056,937 | ---- | C] () -- C:\WINDOWS\System32\igfxhenu.lhp
[2012-12-30 20:05:09 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Outlook Express.lnk
[2012-12-30 20:05:04 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Internet Explorer.lnk
[2012-12-30 20:04:52 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Pomoc zdalna.lnk
[2012-12-30 20:04:52 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Windows Media Player.lnk
[2012-12-30 20:03:24 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2012-12-30 20:02:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012-12-30 20:01:21 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012-12-30 20:00:55 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012-12-30 20:00:44 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2012-12-30 20:00:43 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2012-12-30 20:00:41 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012-12-30 20:00:29 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2012-12-30 20:00:23 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012-12-30 20:00:18 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2012-12-30 20:00:03 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2012-12-30 19:58:55 | 000,002,596 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2012-12-30 19:58:55 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012-12-30 19:58:55 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012-12-30 19:58:55 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2012-12-30 19:58:55 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2012-12-30 19:58:44 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2012-12-30 19:58:44 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2012-12-30 19:58:42 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2012-12-30 19:57:00 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Movie Maker.lnk
[2012-12-30 19:56:46 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2012-12-30 19:56:14 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2012-12-30 19:56:14 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2012-12-30 19:56:09 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2012-12-30 19:55:56 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2012-12-30 19:55:45 | 000,379,904 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2012-12-30 19:54:47 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012-12-30 19:53:57 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Indiański pled.bmp
[2012-12-30 19:53:56 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Bąbelki.bmp
[2012-12-30 19:53:56 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Pod mikroskopem.bmp
[2012-12-30 19:53:56 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Stiuk z Santa Fe.bmp
[2012-12-30 19:53:56 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Wachlarze.bmp
[2012-12-30 19:53:56 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Nefryt.bmp
[2012-12-30 19:53:56 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp
[2012-12-30 19:53:56 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Na rybkach.bmp
[2012-12-30 19:53:56 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kawa.bmp
[2012-12-30 19:53:56 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Puch.bmp
[2012-12-30 19:53:56 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Niebieska koronka 16.bmp
[2012-12-30 19:53:53 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2012-12-30 19:53:53 | 000,001,225 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2012-12-30 19:53:52 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2012-12-30 19:53:45 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc

[color=#E56717]========== ZeroAccess Check ==========[/color]


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2004-08-03 23:44:10 | 001,483,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2004-08-03 23:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004-08-03 23:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2012-12-31 11:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\GG
[2012-12-31 11:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenOffice.org
[2012-12-30 20:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera
[2012-12-30 22:41:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Tibia
[2012-12-31 10:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\GG

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012-12-30 19:52:14 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2001-07-21 23:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2012-12-30 19:58:55 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012-12-30 19:58:55 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-03 21:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004-08-03 21:59:54 | 000,250,624 | RHS- | M] () -- C:\ntldr
[2013-01-01 11:15:34 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe

< End of report >
[/log]
[b]Extras.Txt[/b]
[log]OTL Extras logfile created on: 2013-01-01 18:05:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Moje dokumenty\Downloads
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1015,48 Mb Total Physical Memory | 660,21 Mb Available Physical Memory | 65,01% Memory free
2,39 Gb Paging File | 2,08 Gb Available in Paging File | 87,16% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 54,08 Gb Free Space | 92,29% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 47,47 Gb Free Space | 97,23% Space Free | Partition Type: NTFS
Drive E: | 41,62 Gb Total Space | 38,54 Gb Free Space | 92,61% Space Free | Partition Type: NTFS

Computer Name: PIOTREK | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-436374069-2049760794-1417001333-500\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2729:TCP" = 2729:TCP:*:Enabled:kffmn

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\WapSter\WapSter AQQ\AQQ.exe" = C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ -- ()


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0141D498-16DA-4221-A529-1D7A64BE8B05}" = OpenOffice.org 3.3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driver
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC1E4C93-C1E7-11D6-9D10-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.0_03
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AQQ" = WapSter AQQ
"E.M. Total Video Player 1.31_is1" = E.M. Total Video Player 1.31
"Google Chrome" = Google Chrome
"Opera 12.12.1707" = Opera 12.12
"StmAdsl" = ADSL Modem
"Tibia_is1" = Tibia
"TMIPC" = Tibia MULTI-ip changer
"WinRAR archiver" = WinRAR 4.20 (32-bitowy)

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-436374069-2049760794-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GG" = GG

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-12-30 19:20:09 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077
Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej
firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt>,
wystąpił błąd: Nie można określić nazwy serwera lub adresu

Error - 2012-12-30 19:27:33 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077
Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej
firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt>,
wystąpił błąd: Nie można określić nazwy serwera lub adresu

Error - 2012-12-30 19:28:04 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077
Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej
firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt>,
wystąpił błąd: Nie można określić nazwy serwera lub adresu

Error - 2012-12-30 19:28:04 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077
Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej
firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt>,
wystąpił błąd: To połączenie sieciowe nie istnieje.

Error - 2012-12-31 05:18:06 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077
Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej
firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt>,
wystąpił błąd: Nie można określić nazwy serwera lub adresu

Error - 2012-12-31 07:37:12 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077
Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej
firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt>,
wystąpił błąd: Nie można określić nazwy serwera lub adresu

Error - 2012-12-31 09:22:39 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077
Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej
firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt>,
wystąpił błąd: Nie można określić nazwy serwera lub adresu

Error - 2012-12-31 09:48:32 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077
Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej
firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/2796BAE63F1801E277261BA0D77770028F20EEE4.crt>,
wystąpił błąd: Nie można określić nazwy serwera lub adresu

Error - 2013-01-01 06:16:51 | Computer Name = PIOTREK | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

Error - 2013-01-01 06:26:25 | Computer Name = PIOTREK | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd intro.exe, wersja 9.0.0.383, moduł powodujący
błąd sound control.x32, wersja 8.5.1.102, adres błędu 0x00005786.

[ System Events ]
Error - 2012-12-30 15:18:51 | Computer Name = PIOTREK | Source = W32Time | ID = 39452701
Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas
z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego
czasu.

Error - 2012-12-30 15:26:03 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi PCAMPR5 NDIS Protocol Driver z powodu następującego
błędu: %%2

Error - 2012-12-30 15:30:43 | Computer Name = PIOTREK | Source = W32Time | ID = 39452689
Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera
DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi
próbę wyszukania serwera DNS za 15 min. Wystąpił błąd: Próba przeprowadzenia operacji,
wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751)

Error - 2012-12-30 15:30:43 | Computer Name = PIOTREK | Source = W32Time | ID = 39452701
Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas
z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego
czasu.

Error - 2012-12-30 15:30:46 | Computer Name = PIOTREK | Source = W32Time | ID = 39452689
Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera
DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi
próbę wyszukania serwera DNS za 15 min. Wystąpił błąd: Próba przeprowadzenia operacji,
wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751)

Error - 2012-12-30 15:30:46 | Computer Name = PIOTREK | Source = W32Time | ID = 39452701
Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas
z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego
czasu.

Error - 2012-12-30 16:45:34 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023
Description = Usługa Helper Installer zakończyła działanie; wystąpił następujący
błąd: %%1114

Error - 2012-12-30 17:08:42 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023
Description = Usługa Helper Installer zakończyła działanie; wystąpił następujący
błąd: %%1114

Error - 2012-12-31 04:41:55 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023
Description = Usługa Helper Installer zakończyła działanie; wystąpił następujący
błąd: %%1114

Error - 2013-01-01 06:17:17 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023
Description = Usługa Helper Installer zakończyła działanie; wystąpił następujący
błąd: %%1114


< End of report >

[/log]

Co do RSIT niestety nie moge go pobrac, wszędzie przekierowywuje mnie do strony której nie moge otworzyć.

Edytowane 1 stycznia 2013 przez Soul_bullock

[Natsuki Kuga]

[quote name='Soul_bullock' timestamp='1357061321' post='1661155']
Przy OTL byla opcja "pomiń znane dobre pliki" czy to źle że ją zaznaczyłem ?
Co do RSIT niestety nie moge go pobrac, wszędzie przekierowywuje mnie do strony której nie moge otworzyć.
[/quote]
Nie, nic się nie dzieje. Poradzimy sobie bez RSITa za pomocą innych narzędzi.

Do OTL wklej:
[code]
:OTL
O4 - HKU\S-1-5-21-436374069-2049760794-1417001333-500..\Run: [EXPLORER.EXE] C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-436374069-2049760794-1417001333-500..\Run: [wsctf.exe] wsctf.exe File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (EXPLORER.EXE) - C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation)

:Files
C:\WINDOWS\system32\omepcb.dll

:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2729:TCP"=-

:Services
ojumdcjt

:Commands
[emptytemp]
[emptyflash]
[/code]
[b]Wykonaj skrypt,[/b] pokaż raport.

Uruchom OTL ponownie i wklej:
[code]
/md5start
explorer.exe
/md5stop
[/code]
[b]Skanuj,[/b] pokaż log.

Po wykonaniu pokaż logi z [url="http://users.telenet.be/marcvn/tools/reglooks.exe"][b]Reglooks[/b][/url] i [url="http://www.gmer.net/"][b]Gmer.[/b][/url]

[Soul_bullock]

[b]Raport[/b]
[log]All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-436374069-2049760794-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Run\\EXPLORER.EXE deleted successfully.
C:\WINDOWS\system32\EXPLORER.EXE moved successfully.
Registry value HKEY_USERS\S-1-5-21-436374069-2049760794-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Run\\wsctf.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:Explorer.exe deleted successfully.
File C:\WINDOWS\System32\EXPLORER.EXE not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:EXPLORER.EXE deleted successfully.
File C:\WINDOWS\System32\EXPLORER.EXE not found.
========== FILES ==========
File move failed. C:\WINDOWS\system32\omepcb.dll scheduled to be moved on reboot.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\2729:TCP deleted successfully.
========== SERVICES/DRIVERS ==========
Service ojumdcjt stopped successfully!
Service ojumdcjt deleted successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 5415687 bytes
->Temporary Internet Files folder emptied: 34257500 bytes
->Google Chrome cache emptied: 18074293 bytes
->Opera cache emptied: 53814072 bytes
->Flash cache emptied: 9010 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 4229168 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 37087720 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 146,00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 01022013_153353

Files\Folders moved on Reboot...
C:\WINDOWS\system32\omepcb.dll moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[/log]

[b]OTL.Txt[/b]
[log]OTL logfile created on: 2013-01-02 15:50:17 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Moje dokumenty\Downloads
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1015,48 Mb Total Physical Memory | 677,19 Mb Available Physical Memory | 66,69% Memory free
2,39 Gb Paging File | 2,14 Gb Available in Paging File | 89,48% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 54,20 Gb Free Space | 92,51% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 47,47 Gb Free Space | 97,23% Space Free | Partition Type: NTFS
Drive E: | 41,62 Gb Total Space | 38,54 Gb Free Space | 92,61% Space Free | Partition Type: NTFS

Computer Name: PIOTREK | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2013-01-01 17:56:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Moje dokumenty\Downloads\OTL.exe
PRC - [2012-12-31 11:42:51 | 000,170,408 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2006-08-02 22:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2004-08-03 23:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2004-08-03 23:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2004-08-03 23:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2004-08-03 23:44:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004-08-03 23:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2004-08-03 23:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2004-08-03 23:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2004-07-01 05:02:52 | 000,155,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxtray.exe
PRC - [2004-07-01 04:58:46 | 000,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2013-01-01 17:56:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Moje dokumenty\Downloads\OTL.exe
MOD - [2012-12-31 11:42:51 | 000,768,848 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Java\jre7\bin\msvcr100.dll
MOD - [2012-12-31 11:42:51 | 000,170,408 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
MOD - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
MOD - [2012-12-05 02:15:15 | 012,456,040 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
MOD - [2012-12-05 02:15:15 | 000,460,904 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppgooglenaclpluginchrome.dll
MOD - [2012-12-05 02:15:14 | 004,008,040 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
MOD - [2012-12-05 02:14:27 | 009,963,112 | ---- | M] (The ICU Project) -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\icudt.dll
MOD - [2012-12-05 02:14:23 | 041,743,976 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\chrome.dll
MOD - [2012-12-05 02:14:21 | 000,157,304 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avutil-51.dll
MOD - [2012-12-05 02:14:20 | 000,275,576 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avformat-54.dll
MOD - [2012-12-05 02:14:19 | 002,168,952 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll
MOD - [2012-06-05 10:41:30 | 001,232,896 | ---- | M] (GG Network S.A.) -- C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll
MOD - [2011-01-17 16:19:10 | 000,420,864 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
MOD - [2009-07-12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009-07-12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
MOD - [2006-08-02 22:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
MOD - [2006-06-02 12:01:34 | 000,151,552 | R--- | M] (STMicroelectronics ) -- C:\WINDOWS\system32\stmctrl.dll
MOD - [2004-08-03 23:54:52 | 000,359,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll
MOD - [2004-08-03 23:54:52 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll
MOD - [2004-08-03 23:54:52 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll
MOD - [2004-08-03 23:54:52 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv
MOD - [2004-08-03 23:54:52 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2004-08-03 23:54:52 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll
MOD - [2004-08-03 23:44:32 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\h323.tsp
MOD - [2004-08-03 23:44:32 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp
MOD - [2004-08-03 23:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2004-08-03 23:44:32 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ndptsp.tsp
MOD - [2004-08-03 23:44:32 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp
MOD - [2004-08-03 23:44:32 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp
MOD - [2004-08-03 23:44:32 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipconf.tsp
MOD - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
MOD - [2004-08-03 23:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
MOD - [2004-08-03 23:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
MOD - [2004-08-03 23:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
MOD - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
MOD - [2004-08-03 23:44:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
MOD - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
MOD - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
MOD - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
MOD - [2004-08-03 23:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
MOD - [2004-08-03 23:44:16 | 000,658,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2004-08-03 23:44:16 | 000,437,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll
MOD - [2004-08-03 23:44:16 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll
MOD - [2004-08-03 23:44:16 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2004-08-03 23:44:16 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll
MOD - [2004-08-03 23:44:16 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2004-08-03 23:44:16 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll
MOD - [2004-08-03 23:44:16 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprov.dll
MOD - [2004-08-03 23:44:16 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll
MOD - [2004-08-03 23:44:16 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll
MOD - [2004-08-03 23:44:16 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll
MOD - [2004-08-03 23:44:16 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll
MOD - [2004-08-03 23:44:16 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll
MOD - [2004-08-03 23:44:16 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiaprpl.dll
MOD - [2004-08-03 23:44:16 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2004-08-03 23:44:16 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2004-08-03 23:44:16 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll
MOD - [2004-08-03 23:44:16 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2004-08-03 23:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll
MOD - [2004-08-03 23:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2004-08-03 23:44:16 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2004-08-03 23:44:16 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll
MOD - [2004-08-03 23:44:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2004-08-03 23:44:14 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll
MOD - [2004-08-03 23:44:14 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2004-08-03 23:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2004-08-03 23:44:14 | 000,530,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll
MOD - [2004-08-03 23:44:14 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll
MOD - [2004-08-03 23:44:14 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll
MOD - [2004-08-03 23:44:14 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll
MOD - [2004-08-03 23:44:14 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll
MOD - [2004-08-03 23:44:14 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll
MOD - [2004-08-03 23:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll
MOD - [2004-08-03 23:44:14 | 000,246,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapisrv.dll
MOD - [2004-08-03 23:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2004-08-03 23:44:14 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll
MOD - [2004-08-03 23:44:14 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll
MOD - [2004-08-03 23:44:14 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll
MOD - [2004-08-03 23:44:14 | 000,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll
MOD - [2004-08-03 23:44:14 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll
MOD - [2004-08-03 23:44:14 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll
MOD - [2004-08-03 23:44:14 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll
MOD - [2004-08-03 23:44:14 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll
MOD - [2004-08-03 23:44:14 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemsvc.dll
MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemprox.dll
MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2004-08-03 23:44:14 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll
MOD - [2004-08-03 23:44:14 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uniplat.dll
MOD - [2004-08-03 23:44:12 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2004-08-03 23:44:12 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll
MOD - [2004-08-03 23:44:12 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll
MOD - [2004-08-03 23:44:12 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll
MOD - [2004-08-03 23:44:12 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll
MOD - [2004-08-03 23:44:12 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll
MOD - [2004-08-03 23:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2004-08-03 23:44:12 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2004-08-03 23:44:12 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll
MOD - [2004-08-03 23:44:10 | 008,412,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2004-08-03 23:44:10 | 001,483,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll
MOD - [2004-08-03 23:44:10 | 001,439,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\query.dll
MOD - [2004-08-03 23:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2004-08-03 23:44:10 | 000,675,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll
MOD - [2004-08-03 23:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2004-08-03 23:44:10 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll
MOD - [2004-08-03 23:44:10 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll
MOD - [2004-08-03 23:44:10 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll
MOD - [2004-08-03 23:44:10 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll
MOD - [2004-08-03 23:44:10 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasppp.dll
MOD - [2004-08-03 23:44:10 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll
MOD - [2004-08-03 23:44:10 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
MOD - [2004-08-03 23:44:10 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll
MOD - [2004-08-03 23:44:10 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasmans.dll
MOD - [2004-08-03 23:44:10 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll
MOD - [2004-08-03 23:44:10 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll
MOD - [2004-08-03 23:44:10 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll
MOD - [2004-08-03 23:44:10 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll
MOD - [2004-08-03 23:44:10 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll
MOD - [2004-08-03 23:44:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2004-08-03 23:44:10 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll
MOD - [2004-08-03 23:44:10 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll
MOD - [2004-08-03 23:44:10 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastapi.dll
MOD - [2004-08-03 23:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2004-08-03 23:44:10 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll
MOD - [2004-08-03 23:44:10 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2004-08-03 23:44:10 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll
MOD - [2004-08-03 23:44:10 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll
MOD - [2004-08-03 23:44:10 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll
MOD - [2004-08-03 23:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2004-08-03 23:44:10 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll
MOD - [2004-08-03 23:44:10 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll
MOD - [2004-08-03 23:44:10 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll
MOD - [2004-08-03 23:44:10 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll
MOD - [2004-08-03 23:44:10 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll
MOD - [2004-08-03 23:44:08 | 001,714,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll
MOD - [2004-08-03 23:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2004-08-03 23:44:08 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netcfgx.dll
MOD - [2004-08-03 23:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2004-08-03 23:44:08 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll
MOD - [2004-08-03 23:44:08 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2004-08-03 23:44:08 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pdh.dll
MOD - [2004-08-03 23:44:08 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll
MOD - [2004-08-03 23:44:08 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2004-08-03 23:44:08 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2004-08-03 23:44:08 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll
MOD - [2004-08-03 23:44:08 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll
MOD - [2004-08-03 23:44:08 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2004-08-03 23:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2004-08-03 23:44:08 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2004-08-03 23:44:08 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll
MOD - [2004-08-03 23:44:08 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll
MOD - [2004-08-03 23:44:08 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2004-08-03 23:44:08 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfctrs.dll
MOD - [2004-08-03 23:44:08 | 000,038,912 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
MOD - [2004-08-03 23:44:08 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll
MOD - [2004-08-03 23:44:08 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfproc.dll
MOD - [2004-08-03 23:44:08 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfdisk.dll
MOD - [2004-08-03 23:44:08 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfos.dll
MOD - [2004-08-03 23:44:08 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcbcp.dll
MOD - [2004-08-03 23:44:08 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll
MOD - [2004-08-03 23:44:08 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2004-08-03 23:44:08 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlsapi.dll
MOD - [2004-08-03 23:44:06 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2004-08-03 23:44:06 | 000,537,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msftedit.dll
MOD - [2004-08-03 23:44:06 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2004-08-03 23:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2004-08-03 23:44:06 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll
MOD - [2004-08-03 23:44:06 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll
MOD - [2004-08-03 23:44:06 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll
MOD - [2004-08-03 23:44:06 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll
MOD - [2004-08-03 23:44:06 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll
MOD - [2004-08-03 23:44:06 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msidle.dll
MOD - [2004-08-03 23:44:06 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll
MOD - [2004-08-03 23:44:04 | 000,425,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcprx.dll
MOD - [2004-08-03 23:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2004-08-03 23:44:04 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcuiu.dll
MOD - [2004-08-03 23:44:04 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll
MOD - [2004-08-03 23:44:04 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll
MOD - [2004-08-03 23:44:04 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2004-08-03 23:44:04 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2004-08-03 23:44:04 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2004-08-03 23:44:04 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2004-08-03 23:44:02 | 001,024,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42u.dll
MOD - [2004-08-03 23:44:02 | 001,012,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2004-08-03 23:44:02 | 000,723,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll
MOD - [2004-08-03 23:44:02 | 000,343,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll
MOD - [2004-08-03 23:44:02 | 000,331,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipnathlp.dll
MOD - [2004-08-03 23:44:02 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll
MOD - [2004-08-03 23:44:02 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll
MOD - [2004-08-03 23:44:02 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\loadperf.dll
MOD - [2004-08-03 23:44:02 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2004-08-03 23:44:02 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll
MOD - [2004-08-03 23:44:02 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lpk.dll
MOD - [2004-08-03 23:44:02 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll
MOD - [2004-08-03 23:44:02 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2004-08-03 23:44:00 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll
MOD - [2004-08-03 23:44:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2004-08-03 23:44:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2004-08-03 23:44:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2004-08-03 23:44:00 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll
MOD - [2004-08-03 23:43:58 | 001,092,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll
MOD - [2004-08-03 23:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll
MOD - [2004-08-03 23:43:58 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\duser.dll
MOD - [2004-08-03 23:43:58 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll
MOD - [2004-08-03 23:43:58 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll
MOD - [2004-08-03 23:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
MOD - [2004-08-03 23:43:56 | 001,251,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comsvcs.dll
MOD - [2004-08-03 23:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2004-08-03 23:43:56 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dbghelp.dll
MOD - [2004-08-03 23:43:56 | 000,611,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll
MOD - [2004-08-03 23:43:56 | 000,601,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2004-08-03 23:43:56 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll
MOD - [2004-08-03 23:43:56 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll
MOD - [2004-08-03 23:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2004-08-03 23:43:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll
MOD - [2004-08-03 23:43:56 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll
MOD - [2004-08-03 23:43:56 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll
MOD - [2004-08-03 23:43:56 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll
MOD - [2004-08-03 23:43:56 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptnet.dll
MOD - [2004-08-03 23:43:56 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\colbact.dll
MOD - [2004-08-03 23:43:56 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll
MOD - [2004-08-03 23:43:56 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\devenum.dll
MOD - [2004-08-03 23:43:56 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll
MOD - [2004-08-03 23:43:56 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2004-08-03 23:43:56 | 000,024,064 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\system32\dmserver.dll
MOD - [2004-08-03 23:43:56 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2004-08-03 23:43:54 | 001,017,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll
MOD - [2004-08-03 23:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2004-08-03 23:43:54 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll
MOD - [2004-08-03 23:43:54 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2004-08-03 23:43:54 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll
MOD - [2004-08-03 23:43:54 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll
MOD - [2004-08-03 23:43:54 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll
MOD - [2004-08-03 23:43:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll
MOD - [2004-08-03 23:43:54 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll
MOD - [2004-08-03 23:43:54 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll
MOD - [2004-08-03 23:43:52 | 001,852,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcGenral.dll
MOD - [2004-08-03 23:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2004-08-03 23:43:52 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll
MOD - [2004-08-03 23:43:52 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll
MOD - [2004-08-03 23:43:52 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll
MOD - [2004-08-03 23:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2004-08-03 23:43:42 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapres.dll
MOD - [2004-08-03 23:43:42 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll
MOD - [2004-08-03 23:43:30 | 002,953,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2004-08-03 23:43:20 | 000,563,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdoclc.dll
MOD - [2004-08-03 23:43:14 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2004-08-03 23:43:08 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll
MOD - [2004-08-03 23:42:40 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browselc.dll
MOD - [2004-08-03 23:42:34 | 001,712,128 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\GdiPlus.dll
MOD - [2004-08-03 23:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004-08-03 22:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2004-08-03 21:31:44 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2004-08-03 21:31:44 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll
MOD - [2004-07-01 05:03:56 | 000,167,936 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxres.dll
MOD - [2004-07-01 05:02:52 | 000,155,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxtray.exe
MOD - [2004-07-01 04:58:46 | 000,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
MOD - [2004-07-01 04:58:34 | 000,126,976 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxhk.dll
MOD - [2004-07-01 04:58:26 | 000,344,064 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.dll
MOD - [2004-07-01 04:58:02 | 001,097,728 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxress.dll
MOD - [2004-07-01 04:57:50 | 000,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hccutils.dll
MOD - [2004-07-01 04:57:42 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxdev.dll
MOD - [2001-10-26 18:30:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv
MOD - [2001-10-26 18:29:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\traffic.dll
MOD - [2001-10-26 18:29:44 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\utildll.dll
MOD - [2001-10-26 18:29:44 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapiperf.dll
MOD - [2001-10-26 18:29:40 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll
MOD - [2001-10-26 18:29:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfnet.dll
MOD - [2001-10-26 18:29:40 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasctrs.dll
MOD - [2001-10-26 18:29:40 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfts.dll
MOD - [2001-10-26 18:29:40 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pschdprf.dll
MOD - [2001-10-26 18:29:40 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvpperf.dll
MOD - [2001-10-26 18:28:30 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012-12-31 11:42:51 | 000,170,408 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012-12-31 00:28:18 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCAMPR5.SYS -- (PCAMPR5)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2006-08-18 06:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM)
DRV - [2006-05-25 16:28:44 | 000,684,265 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb)
DRV - [2004-08-04 00:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2003-08-12 15:51:00 | 000,060,255 | R--- | M] (STMicroelectronics ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm)
DRV - [2003-08-04 13:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)
DRV - [2001-08-17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001-08-17 21:12:40 | 000,019,017 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8029.sys -- (rtl8029)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-436374069-2049760794-1417001333-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
IE - HKU\S-1-5-21-436374069-2049760794-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)


[2012-12-31 10:04:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - Extension: Dysk Google = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AdslTaskBar] C:\WINDOWS\System32\stmctrl.dll (STMicroelectronics )
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-436374069-2049760794-1417001333-500..\Run: [AQQ] C:\Program Files\WapSter\WapSter AQQ\AQQ.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-436374069-2049760794-1417001333-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-436374069-2049760794-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKU\S-1-5-21-436374069-2049760794-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C623AF4C-8D95-491C-9A29-24DCEC5B7DCF}: NameServer = 194.204.159.1 194.204.152.34
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012-12-30 21:35:19 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012-12-30 21:35:20 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012-12-30 21:35:20 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013-01-02 15:33:53 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-12-31 20:54:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Total Video Player
[2012-12-31 20:54:23 | 000,000,000 | ---D | C] -- C:\Program Files\Total Video Player
[2012-12-31 11:43:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2012-12-31 11:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012-12-31 11:38:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Sun
[2012-12-31 11:36:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenOffice.org
[2012-12-31 11:03:04 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\OpenOffice.org 3.3
[2012-12-31 11:02:06 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2012-12-31 11:00:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\OpenOffice.org 3.3 (pl) Installation Files
[2012-12-31 10:05:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe
[2012-12-31 10:05:14 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\GG dysk
[2012-12-31 10:04:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla
[2012-12-31 10:04:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\GG
[2012-12-31 10:03:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\GG
[2012-12-31 10:03:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GG
[2012-12-31 00:13:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
[2012-12-30 22:40:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Tibia
[2012-12-30 22:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Tibia
[2012-12-30 22:27:55 | 000,000,000 | ---D | C] -- C:\Program Files\Tibia
[2012-12-30 22:20:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Asprate
[2012-12-30 22:20:07 | 000,000,000 | ---D | C] -- C:\Program Files\Asprate
[2012-12-30 22:19:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\WinRAR
[2012-12-30 22:19:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\WinRAR
[2012-12-30 22:19:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\WinRAR
[2012-12-30 22:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012-12-30 22:18:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\Piotrek
[2012-12-30 21:35:19 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2012-12-30 21:33:56 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012-12-30 21:24:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\WapSter
[2012-12-30 21:24:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\WapSter
[2012-12-30 21:12:15 | 000,000,000 | ---D | C] -- C:\Program Files\WapSter
[2012-12-30 20:51:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Opera
[2012-12-30 20:51:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera
[2012-12-30 20:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2012-12-30 20:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start
[2012-12-30 20:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty
[2012-12-30 20:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
[2012-12-30 20:47:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Szablony
[2012-12-30 20:47:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Ulubione
[2012-12-30 20:47:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Pulpit
[2012-12-30 20:46:27 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
[2012-12-30 20:46:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji
[2012-12-30 20:41:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Downloads
[2012-12-30 20:38:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome
[2012-12-30 20:33:47 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012-12-30 20:33:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google
[2012-12-30 20:28:11 | 000,032,768 | ---- | C] (France Télécom R&D) -- C:\WINDOWS\System32\WooDial2000.dll
[2012-12-30 20:28:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\neostrada tp
[2012-12-30 20:27:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\InsFiles
[2012-12-30 20:27:43 | 000,102,400 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\stmtrace.exe
[2012-12-30 20:27:43 | 000,065,536 | R--- | C] (STMicroelectronics) -- C:\WINDOWS\DSLTest.exe
[2012-12-30 20:27:42 | 000,446,464 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmadsl.cpl
[2012-12-30 20:27:42 | 000,060,255 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\drivers\stmatm.sys
[2012-12-30 20:26:18 | 000,425,984 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmcfg32.dll
[2012-12-30 20:26:18 | 000,151,552 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmctrl.dll
[2012-12-30 20:26:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ZXDSL 852
[2012-12-30 20:26:12 | 000,000,000 | ---D | C] -- C:\Program Files\ZTE ZXDSL 852
[2012-12-30 20:26:02 | 000,094,208 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\W32n50.dll
[2012-12-30 20:26:02 | 000,016,128 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCANDIS5.SYS
[2012-12-30 20:25:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Java 2 Runtime Environment
[2012-12-30 20:25:33 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012-12-30 20:24:13 | 000,000,000 | ---D | C] -- C:\Program Files\neostrada tp
[2012-12-30 20:21:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Macromedia
[2012-12-30 20:21:00 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2012-12-30 20:20:55 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2012-12-30 20:20:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2012-12-30 20:20:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2012-12-30 20:20:50 | 000,000,000 | R--D | C] -- C:\Program Files
[2012-12-30 20:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2012-12-30 20:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2012-12-30 20:20:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2012-12-30 20:20:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2012-12-30 20:19:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2012-12-30 20:19:40 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012-12-30 20:16:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2012-12-30 20:13:50 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2012-12-30 20:13:50 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2012-12-30 20:13:50 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2012-12-30 20:13:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1045
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2012-12-30 20:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek Sound Manager
[2012-12-30 20:13:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Realtek Sound Manager
[2012-12-30 20:13:25 | 000,000,000 | ---D | C] -- C:\Program Files\AvRack
[2012-12-30 20:13:11 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek AC97
[2012-12-30 20:10:56 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012-12-30 20:10:05 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012-12-30 20:09:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012-12-30 20:09:10 | 000,000,000 | ---D | C] -- C:\Intel
[2012-12-30 20:08:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2012-12-30 20:05:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Identities
[2012-12-30 20:05:04 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2012-12-30 20:04:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moje obrazy
[2012-12-30 20:04:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moja muzyka
[2012-12-30 20:04:51 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft
[2012-12-30 20:04:51 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Cookies
[2012-12-30 20:04:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\SendTo
[2012-12-30 20:04:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2012-12-30 20:04:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji
[2012-12-30 20:04:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Ulubione
[2012-12-30 20:04:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty
[2012-12-30 20:04:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start
[2012-12-30 20:04:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart
[2012-12-30 20:04:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Akcesoria
[2012-12-30 20:04:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne
[2012-12-30 20:04:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Szablony
[2012-12-30 20:04:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\PrintHood
[2012-12-30 20:04:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\NetHood
[2012-12-30 20:04:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit
[2012-12-30 20:04:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft
[2012-12-30 20:04:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2012-12-30 20:03:31 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2012-12-30 20:03:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012-12-30 20:03:30 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2012-12-30 20:03:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2012-12-30 20:03:21 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2012-12-30 20:03:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2012-12-30 20:01:30 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012-12-30 20:01:30 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012-12-30 20:01:30 | 000,026,624 | ---- | C] (RICOH Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2012-12-30 20:00:00 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012-12-30 19:59:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2012-12-30 19:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2012-12-30 19:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2012-12-30 19:57:32 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2012-12-30 19:57:17 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2012-12-30 19:57:16 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2012-12-30 19:57:01 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2012-12-30 19:56:57 | 000,000,000 | ---D | C] -- C:\Program Files\Usługi online
[2012-12-30 19:56:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2012-12-30 19:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2012-12-30 19:56:04 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2012-12-30 19:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2012-12-30 19:55:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2012-12-30 19:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2012-12-30 19:55:51 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2012-12-30 19:55:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2012-12-30 19:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2012-12-30 19:55:37 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2012-12-30 19:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2012-12-30 19:55:29 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2012-12-30 19:55:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy
[2012-12-30 19:54:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Gry
[2012-12-30 19:54:38 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2012-12-30 19:54:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Narzędzia administracyjne
[2012-12-30 19:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2012-12-30 19:54:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka
[2012-12-30 19:54:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2012-12-30 19:54:17 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2012-12-30 19:54:13 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2012-12-30 19:53:44 | 000,283,136 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2012-12-30 19:53:43 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2012-12-30 19:53:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2012-12-30 19:53:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2012-12-30 19:53:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo
[2012-12-30 19:52:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013-01-02 15:38:01 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013-01-02 15:35:53 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013-01-02 15:35:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-01-02 15:24:28 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013-01-01 21:24:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013-01-01 11:15:35 | 000,121,336 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-12-31 20:55:22 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-12-31 20:54:28 | 000,000,649 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Total Video Player.lnk
[2012-12-31 11:36:54 | 000,000,864 | ---- | M] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\OpenOffice.org 3.3.lnk
[2012-12-31 11:03:05 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.3.lnk
[2012-12-31 10:05:14 | 000,001,691 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\GG dysk.lnk
[2012-12-31 10:04:09 | 000,001,180 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\GG.lnk
[2012-12-30 20:51:52 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2012-12-30 20:28:06 | 000,001,414 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\ZTE ZXDSL 852.lnk
[2012-12-30 20:26:22 | 000,002,849 | ---- | M] () -- C:\WINDOWS\stsetup.htm
[2012-12-30 20:21:04 | 000,001,362 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012-12-30 20:18:04 | 000,000,353 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Moje dokumenty.lnk
[2012-12-30 20:17:55 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Mój komputer.lnk
[2012-12-30 20:13:26 | 000,001,519 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AvRack.lnk
[2012-12-30 20:06:23 | 000,355,830 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-12-30 20:06:23 | 000,311,740 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-12-30 20:06:23 | 000,049,712 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-12-30 20:06:23 | 000,040,128 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-12-30 20:03:24 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2012-12-30 20:02:20 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012-12-30 19:58:55 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012-12-30 19:58:55 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012-12-30 19:58:55 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012-12-30 19:58:45 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012-12-30 19:58:44 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012-12-30 19:58:44 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012-12-30 19:58:32 | 000,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012-12-30 19:54:47 | 000,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012-12-30 19:52:14 | 000,000,211 | -HS- | M] () -- C:\boot.ini

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-12-31 20:55:22 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-12-31 20:54:28 | 000,000,649 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Total Video Player.lnk
[2012-12-31 11:36:54 | 000,000,864 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\OpenOffice.org 3.3.lnk
[2012-12-31 11:03:05 | 000,000,923 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.3.lnk
[2012-12-31 10:05:14 | 000,001,691 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\GG dysk.lnk
[2012-12-31 10:04:09 | 000,001,180 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\GG.lnk
[2012-12-31 10:03:49 | 000,001,186 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\GG.lnk
[2012-12-31 00:28:19 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-12-30 20:51:52 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk
[2012-12-30 20:51:52 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2012-12-30 20:33:50 | 000,001,050 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-12-30 20:33:49 | 000,001,046 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-12-30 20:31:54 | 000,000,643 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Messenger.lnk
[2012-12-30 20:28:06 | 000,001,414 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\ZTE ZXDSL 852.lnk
[2012-12-30 20:27:43 | 000,000,902 | R--- | C] () -- C:\WINDOWS\System32\setup.ini
[2012-12-30 20:27:43 | 000,000,161 | R--- | C] () -- C:\WINDOWS\DSLSetup.ini
[2012-12-30 20:27:42 | 000,684,265 | R--- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys
[2012-12-30 20:27:42 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\stmclean.exe
[2012-12-30 20:27:42 | 000,018,498 | R--- | C] () -- C:\WINDOWS\System32\CSALogo.bmp
[2012-12-30 20:26:11 | 000,002,849 | ---- | C] () -- C:\WINDOWS\stsetup.htm
[2012-12-30 20:25:34 | 000,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2012-12-30 20:20:59 | 000,001,362 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012-12-30 20:20:54 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012-12-30 20:20:51 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2012-12-30 20:20:51 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2012-12-30 20:20:51 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2012-12-30 20:20:51 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2012-12-30 20:20:33 | 000,001,734 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2012-12-30 20:20:21 | 000,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2012-12-30 20:20:21 | 000,102,826 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2012-12-30 20:20:21 | 000,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2012-12-30 20:20:21 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012-12-30 20:20:21 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2012-12-30 20:20:20 | 000,808,524 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012-12-30 20:20:20 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012-12-30 20:20:20 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2012-12-30 20:20:20 | 000,030,983 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2012-12-30 20:20:20 | 000,014,043 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2012-12-30 20:20:20 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012-12-30 20:20:20 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2012-12-30 20:20:20 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012-12-30 20:20:20 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2012-12-30 20:20:19 | 001,896,400 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2012-12-30 20:20:19 | 001,014,483 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2012-12-30 20:20:19 | 000,620,500 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2012-12-30 20:19:40 | 000,121,336 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-12-30 20:18:25 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2012-12-30 20:18:21 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2012-12-30 20:18:04 | 000,000,353 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Moje dokumenty.lnk
[2012-12-30 20:17:55 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Mój komputer.lnk
[2012-12-30 20:13:48 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012-12-30 20:13:26 | 000,001,519 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AvRack.lnk
[2012-12-30 20:13:25 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2012-12-30 20:13:06 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\alsndmgr.wav
[2012-12-30 20:13:02 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2012-12-30 20:07:02 | 000,067,380 | ---- | C] () -- C:\WINDOWS\System32\igfxhhun.lhp
[2012-12-30 20:07:02 | 000,065,087 | ---- | C] () -- C:\WINDOWS\System32\igfxhkor.lhp
[2012-12-30 20:07:02 | 000,063,938 | ---- | C] () -- C:\WINDOWS\System32\igfxhtrk.lhp
[2012-12-30 20:07:02 | 000,062,815 | ---- | C] () -- C:\WINDOWS\System32\igfxhplk.lhp
[2012-12-30 20:07:02 | 000,062,509 | ---- | C] () -- C:\WINDOWS\System32\igfxhdeu.lhp
[2012-12-30 20:07:02 | 000,061,984 | ---- | C] () -- C:\WINDOWS\System32\igfxhsve.lhp
[2012-12-30 20:07:02 | 000,061,950 | ---- | C] () -- C:\WINDOWS\System32\igfxhfrc.lhp
[2012-12-30 20:07:02 | 000,061,869 | ---- | C] () -- C:\WINDOWS\System32\igfxhtha.lhp
[2012-12-30 20:07:02 | 000,061,799 | ---- | C] () -- C:\WINDOWS\System32\igfxhfin.lhp
[2012-12-30 20:07:02 | 000,061,511 | ---- | C] () -- C:\WINDOWS\System32\igfxhfra.lhp
[2012-12-30 20:07:02 | 000,061,388 | ---- | C] () -- C:\WINDOWS\System32\igfxhptg.lhp
[2012-12-30 20:07:02 | 000,060,848 | ---- | C] () -- C:\WINDOWS\System32\igfxhesp.lhp
[2012-12-30 20:07:02 | 000,060,758 | ---- | C] () -- C:\WINDOWS\System32\igfxhjpn.lhp
[2012-12-30 20:07:02 | 000,060,547 | ---- | C] () -- C:\WINDOWS\System32\igfxhell.lhp
[2012-12-30 20:07:02 | 000,060,476 | ---- | C] () -- C:\WINDOWS\System32\igfxhdan.lhp
[2012-12-30 20:07:02 | 000,060,436 | ---- | C] () -- C:\WINDOWS\System32\igfxhptb.lhp
[2012-12-30 20:07:02 | 000,060,216 | ---- | C] () -- C:\WINDOWS\System32\igfxhrus.lhp
[2012-12-30 20:07:02 | 000,059,861 | ---- | C] () -- C:\WINDOWS\System32\igfxharb.lhp
[2012-12-30 20:07:02 | 000,059,760 | ---- | C] () -- C:\WINDOWS\System32\igfxhcsy.lhp
[2012-12-30 20:07:02 | 000,059,753 | ---- | C] () -- C:\WINDOWS\System32\igfxhara.lhp
[2012-12-30 20:07:02 | 000,059,448 | ---- | C] () -- C:\WINDOWS\System32\igfxhnld.lhp
[2012-12-30 20:07:02 | 000,059,350 | ---- | C] () -- C:\WINDOWS\System32\igfxhnor.lhp
[2012-12-30 20:07:02 | 000,059,095 | ---- | C] () -- C:\WINDOWS\System32\igfxhita.lhp
[2012-12-30 20:07:02 | 000,059,064 | ---- | C] () -- C:\WINDOWS\System32\igfxhheb.lhp
[2012-12-30 20:07:02 | 000,058,394 | ---- | C] () -- C:\WINDOWS\System32\igfxhcht.lhp
[2012-12-30 20:07:02 | 000,057,559 | ---- | C] () -- C:\WINDOWS\System32\igfxheng.lhp
[2012-12-30 20:07:02 | 000,057,430 | ---- | C] () -- C:\WINDOWS\System32\igfxhchs.lhp
[2012-12-30 20:07:02 | 000,056,937 | ---- | C] () -- C:\WINDOWS\System32\igfxhenu.lhp
[2012-12-30 20:05:09 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Outlook Express.lnk
[2012-12-30 20:05:04 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Internet Explorer.lnk
[2012-12-30 20:04:52 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Pomoc zdalna.lnk
[2012-12-30 20:04:52 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Windows Media Player.lnk
[2012-12-30 20:03:24 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2012-12-30 20:02:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012-12-30 20:01:21 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012-12-30 20:00:55 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012-12-30 20:00:44 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2012-12-30 20:00:43 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2012-12-30 20:00:41 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012-12-30 20:00:29 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2012-12-30 20:00:23 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012-12-30 20:00:18 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2012-12-30 20:00:03 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2012-12-30 19:58:55 | 000,002,596 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2012-12-30 19:58:55 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012-12-30 19:58:55 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012-12-30 19:58:55 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2012-12-30 19:58:55 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2012-12-30 19:58:44 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2012-12-30 19:58:44 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2012-12-30 19:58:42 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2012-12-30 19:57:00 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Movie Maker.lnk
[2012-12-30 19:56:46 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2012-12-30 19:56:14 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2012-12-30 19:56:14 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2012-12-30 19:56:09 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2012-12-30 19:55:56 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2012-12-30 19:55:45 | 000,379,904 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2012-12-30 19:54:47 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012-12-30 19:53:57 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Indiański pled.bmp
[2012-12-30 19:53:56 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Bąbelki.bmp
[2012-12-30 19:53:56 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Pod mikroskopem.bmp
[2012-12-30 19:53:56 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Stiuk z Santa Fe.bmp
[2012-12-30 19:53:56 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Wachlarze.bmp
[2012-12-30 19:53:56 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Nefryt.bmp
[2012-12-30 19:53:56 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp
[2012-12-30 19:53:56 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Na rybkach.bmp
[2012-12-30 19:53:56 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kawa.bmp
[2012-12-30 19:53:56 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Puch.bmp
[2012-12-30 19:53:56 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Niebieska koronka 16.bmp
[2012-12-30 19:53:53 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2012-12-30 19:53:53 | 000,001,225 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2012-12-30 19:53:52 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2012-12-30 19:53:45 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc

[color=#E56717]========== ZeroAccess Check ==========[/color]


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2004-08-03 23:44:10 | 001,483,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2004-08-03 23:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004-08-03 23:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2012-12-31 11:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\GG
[2012-12-31 11:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenOffice.org
[2012-12-30 20:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera
[2012-12-30 22:41:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Tibia
[2012-12-31 10:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\GG

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2006-10-25 17:32:36 | 000,036,864 | RHS- | M] (Microsoft Corporation) MD5=136C4F09BC335313E1F3B5784040F255 -- C:\_OTL\MovedFiles\01022013_153353\C_WINDOWS\system32\EXPLORER.EXE
[2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=379098A96E6C165B659DE7E4328010EA -- C:\WINDOWS\explorer.exe
[2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=379098A96E6C165B659DE7E4328010EA -- C:\WINDOWS\system32\dllcache\explorer.exe

< End of report >
[/log]
[b]EXTRAS[/b]
[log]OTL Extras logfile created on: 2013-01-02 15:50:17 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Moje dokumenty\Downloads
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1015,48 Mb Total Physical Memory | 677,19 Mb Available Physical Memory | 66,69% Memory free
2,39 Gb Paging File | 2,14 Gb Available in Paging File | 89,48% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 54,20 Gb Free Space | 92,51% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 47,47 Gb Free Space | 97,23% Space Free | Partition Type: NTFS
Drive E: | 41,62 Gb Total Space | 38,54 Gb Free Space | 92,61% Space Free | Partition Type: NTFS

Computer Name: PIOTREK | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-436374069-2049760794-1417001333-500\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\WapSter\WapSter AQQ\AQQ.exe" = C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ -- ()


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0141D498-16DA-4221-A529-1D7A64BE8B05}" = OpenOffice.org 3.3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC1E4C93-C1E7-11D6-9D10-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.0_03
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AQQ" = WapSter AQQ
"E.M. Total Video Player 1.31_is1" = E.M. Total Video Player 1.31
"Google Chrome" = Google Chrome
"Opera 12.12.1707" = Opera 12.12
"StmAdsl" = ADSL Modem
"Tibia_is1" = Tibia
"TMIPC" = Tibia MULTI-ip changer
"WinRAR archiver" = WinRAR 4.20 (32-bitowy)

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-436374069-2049760794-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GG" = GG

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-12-30 19:27:33 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077
Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej
firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt>,
wystąpił błąd: Nie można określić nazwy serwera lub adresu

Error - 2012-12-30 19:28:04 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077
Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej
firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt>,
wystąpił błąd: Nie można określić nazwy serwera lub adresu

Error - 2012-12-30 19:28:04 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077
Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej
firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt>,
wystąpił błąd: To połączenie sieciowe nie istnieje.

Error - 2012-12-31 05:18:06 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077
Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej
firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt>,
wystąpił błąd: Nie można określić nazwy serwera lub adresu

Error - 2012-12-31 07:37:12 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077
Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej
firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt>,
wystąpił błąd: Nie można określić nazwy serwera lub adresu

Error - 2012-12-31 09:22:39 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077
Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej
firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt>,
wystąpił błąd: Nie można określić nazwy serwera lub adresu

Error - 2012-12-31 09:48:32 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077
Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej
firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/2796BAE63F1801E277261BA0D77770028F20EEE4.crt>,
wystąpił błąd: Nie można określić nazwy serwera lub adresu

Error - 2013-01-01 06:16:51 | Computer Name = PIOTREK | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

Error - 2013-01-01 06:26:25 | Computer Name = PIOTREK | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd intro.exe, wersja 9.0.0.383, moduł powodujący
błąd sound control.x32, wersja 8.5.1.102, adres błędu 0x00005786.

Error - 2013-01-02 10:25:40 | Computer Name = PIOTREK | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

[ System Events ]
Error - 2012-12-30 15:30:43 | Computer Name = PIOTREK | Source = W32Time | ID = 39452689
Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera
DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi
próbę wyszukania serwera DNS za 15 min. Wystąpił błąd: Próba przeprowadzenia operacji,
wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751)

Error - 2012-12-30 15:30:43 | Computer Name = PIOTREK | Source = W32Time | ID = 39452701
Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas
z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego
czasu.

Error - 2012-12-30 15:30:46 | Computer Name = PIOTREK | Source = W32Time | ID = 39452689
Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera
DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi
próbę wyszukania serwera DNS za 15 min. Wystąpił błąd: Próba przeprowadzenia operacji,
wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751)

Error - 2012-12-30 15:30:46 | Computer Name = PIOTREK | Source = W32Time | ID = 39452701
Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas
z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego
czasu.

Error - 2012-12-30 16:45:34 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023
Description = Usługa Helper Installer zakończyła działanie; wystąpił następujący
błąd: %%1114

Error - 2012-12-30 17:08:42 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023
Description = Usługa Helper Installer zakończyła działanie; wystąpił następujący
błąd: %%1114

Error - 2012-12-31 04:41:55 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023
Description = Usługa Helper Installer zakończyła działanie; wystąpił następujący
błąd: %%1114

Error - 2013-01-01 06:17:17 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023
Description = Usługa Helper Installer zakończyła działanie; wystąpił następujący
błąd: %%1114

Error - 2013-01-02 10:26:06 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023
Description = Usługa Helper Installer zakończyła działanie; wystąpił następujący
błąd: %%1114

Error - 2013-01-02 10:33:55 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7034
Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.


< End of report >


[/log]
[b]REGLOOKS[/b]
[log]REGLOOKS logfile - version 0.994
Scan started: 2013-01-02 16:04:45,76

--- INFORMATION ---

Manufacturer: GBT___ - Model: AWRDACPI
Operating System: Microsoft Windows XP Professional -- 5.1.2600 -- Dodatek Service Pack 2 --
Install Date: 2012-12-30 20:02:12
Last Boot: 2013-01-02 15:35:25
Processor: Intel(R) Celeron(R) CPU 2.00GHz

Work Station
Bootmode: Normal boot
Total RAM: 1015 MB (free 631 MB - 62%)

Computername: PIOTREK
Domain: GRUPA_ROBOCZA
User: Administrator (Administrator account)

Disk Name: Dysk #0, partycja #0
Primary Partition: Prawda
Bootable: Prawda
Boot Partition: Prawda
Hidden Sectors:
Size: 58 GB -- 60000 MB -- 61440561 kb
Type: Installable File System

Disk Name: Dysk #0, partycja #1
Primary Partition: Fałsz
Bootable:
Boot Partition: Fałsz
Hidden Sectors:
Size: 90 GB -- 92616 MB -- 94839727 kb
Type: Extended w/Extended Int 13

Removable Disk: A:\ - - GB (free GB)
Local Disk: C:\ - NTFS - 58 GB (free 54 GB)
Local Disk: D:\ - NTFS - 48 GB (free 47 GB)
Local Disk: E:\ - NTFS - 41 GB (free 38 GB)
CD \ DVD Drive: F:\

Bootdevice: \Device\HarddiskVolume1
Systemdrive: C:
Windowsdirectory: C:\WINDOWS
Systemdirectory: C:\WINDOWS\system32


Internet Explorer Version: 6.0.2900.2180

Windows update:






DEP: ONN - DEP is enabled for a limited number of binaries, the kernel, and all Windows-based services


--- System Restore Points ---

Restorepoint 1: 2012-12-30 21:45:16 - First run - Punkt kontrolny systemu
Restorepoint 2: 2012-12-31 11:00:47 - Application installation - Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Restorepoint 3: 2012-12-31 11:01:55 - Application installation - Zainstalowano: OpenOffice.org 3.3
Restorepoint 4: 2012-12-31 11:42:41 - Application installation - Installed Java 7 Update 10
Restorepoint 5: 2013-01-01 11:46:49 - Checkpoint - Punkt kontrolny systemu


--- RUNNING PROCESSES ---

C:\WINDOWS\System32\smss.exe
csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
alg.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Moje dokumenty\Downloads\OTL.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\cscript.exe
wmiprvse.exe


--- SIGCHECK ---

C:\WINDOWS\explorer.exe -- [1033728] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\appmgmts.dll -- [172032] -- [2004-08-03 23:43] -- sigcheck OK
C:\WINDOWS\system32\browser.dll -- [77312] -- [2004-08-03 23:43] -- sigcheck OK
C:\WINDOWS\system32\comres.dll -- [822272] -- [2004-08-03 23:43] -- sigcheck OK
C:\WINDOWS\system32\comctl32.dll -- [611328] -- [2004-08-03 23:43] -- sigcheck OK
C:\WINDOWS\system32\cryptsvc.dll -- [60416] -- [2004-08-03 23:43] -- sigcheck OK
C:\WINDOWS\system32\ctfmon.exe -- [15360] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\es.dll -- [243200] -- [2004-08-03 23:43] -- sigcheck OK
C:\WINDOWS\system32\eventlog.dll -- [55808] -- [2004-08-03 23:43] -- sigcheck OK
C:\WINDOWS\system32\ias.dll NOT found
C:\WINDOWS\system32\imm32.dll -- [110080] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\kernel32.dll -- [1012224] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\linkinfo.dll -- [18944] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\lpk.dll -- [22016] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\lsass.exe -- [13312] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\mfc40u.dll -- [924432] -- [2001-10-26 18:29] -- sigcheck OK
C:\WINDOWS\system32\msgsvc.dll -- [33792] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\mshtml.dll -- [3003392] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\mspmsnsv.dll -- [52736] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\mswsock.dll -- [246784] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\netlogon.dll -- [407040] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\netman.dll -- [198144] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\ntkrnlpa.exe -- [2058112] -- [2004-08-03 23:54] -- sigcheck OK
C:\WINDOWS\system32\ntmssvc.dll -- [435712] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\ntoskrnl.exe -- [2182272] -- [2004-08-03 23:39] -- sigcheck OK
C:\WINDOWS\system32\pchsvc.dll NOT found
C:\WINDOWS\system32\powrprof.dll -- [17408] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\qmgr.dll -- [382464] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\rasauto.dll -- [89088] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\regsvc.dll -- [59904] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\rpcss.dll -- [395776] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\scecli.dll -- [185344] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\schedsvc.dll -- [192000] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\services.exe -- [108544] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\sfc.dll -- [5120] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\sfcfiles.dll -- [1548288] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\spoolsv.exe -- [57856] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\srsvc.dll -- [171008] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\ssdpsrv.dll -- [71680] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\svchost.exe -- [14336] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\tapisrv.dll -- [246272] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\termsrv.dll -- [296448] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\upnphost.dll -- [185856] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\user32.dll -- [578560] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\userinit.exe -- [25088] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\wininet.dll -- [658944] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\winlogon.exe -- [504832] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\ws2_32.dll -- [82944] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\wscntfy.exe -- [13824] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\wuauclt.exe -- [112128] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\xmlprov.dll -- [129536] -- [2004-08-03 23:44] -- sigcheck OK
C:\WINDOWS\system32\drivers\acpiec.sys -- [12032] -- [2001-10-26 17:46] -- sigcheck OK
C:\WINDOWS\system32\drivers\aec.sys -- [142464] -- [2004-08-03 23:39] -- sigcheck OK
C:\WINDOWS\system32\drivers\afd.sys -- [138496] -- [2004-08-03 22:14] -- sigcheck OK
C:\WINDOWS\system32\drivers\asyncmac.sys -- [14336] -- [2004-08-03 22:05] -- sigcheck OK
C:\WINDOWS\system32\drivers\atapi.sys -- [95360] -- [2004-08-03 22:59] -- sigcheck OK
C:\WINDOWS\system32\drivers\beep.sys -- [4224] -- [2001-08-17 22:47] -- sigcheck OK
C:\WINDOWS\system32\drivers\classpnp.sys -- [49664] -- [2004-08-03 22:14] -- sigcheck OK
C:\WINDOWS\system32\drivers\disk.sys -- [36352] -- [2004-08-03 21:59] -- sigcheck OK
C:\WINDOWS\system32\drivers\iaStor.sys NOT found
C:\WINDOWS\system32\drivers\ip6fw.sys -- [29056] -- [2004-08-03 22:00] -- sigcheck OK
C:\WINDOWS\system32\drivers\IPSec.sys -- [74752] -- [2004-08-03 22:14] -- sigcheck OK
C:\WINDOWS\system32\drivers\kbdclass.sys -- [24960] -- [2004-08-03 23:38] -- sigcheck OK
C:\WINDOWS\system32\drivers\ndis.sys -- [182912] -- [2004-08-03 22:14] -- sigcheck OK
C:\WINDOWS\system32\drivers\ntfs.sys -- [574592] -- [2004-08-03 22:15] -- sigcheck OK
C:\WINDOWS\system32\drivers\tcpip.sys -- [359040] -- [2004-08-03 22:14] -- sigcheck OK
C:\WINDOWS\system32\drivers\tdx.sys NOT found


--- SSODL regkeys ---

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" -- File: %SystemRoot%\system32\SHELL32.dll -- [?]
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" -- File: %SystemRoot%\system32\SHELL32.dll -- [?]
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" -- File: %SystemRoot%\system32\webcheck.dll -- [?]
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" -- File: C:\WINDOWS\system32\stobject.dll -- [122368] -- [2004-08-03 23:44]


--- STS regkeys ---

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Moduł wstępnego ładowania interfejsu Browseui" -- File: %SystemRoot%\system32\browseui.dll -- [?]
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Demon buforu kategorii składników" -- File: %SystemRoot%\system32\browseui.dll -- [?]


--- USERINIT regkey ---

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="userinit.exe,"
File: C:\WINDOWS\system32\userinit.exe -- [25088] -- [2004-08-03 23:44]


--- SHELL regkey ---

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"="Explorer.exe,"
File: C:\WINDOWS\Explorer.exe -- [1033728] -- [2004-08-03 23:44]


--- SYSTEM regkey ---

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


--- APPINIT_DLLS regkey ---

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


--- NOTIFY regkey ---

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
-- File: C:\WINDOWS\system32\crypt32.dll -- [601088] -- [2004-08-03 23:43]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
-- File: C:\WINDOWS\system32\cryptnet.dll -- [63488] -- [2004-08-03 23:43]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
-- File: C:\WINDOWS\system32\cscdll.dll -- [102400] -- [2004-08-03 23:43]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
-- File: C:\WINDOWS\system32\igfxsrvc.dll -- [344064] -- [2004-07-01 04:58]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
-- File: C:\WINDOWS\system32\wlnotify.dll -- [93184] -- [2004-08-03 23:44]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
-- File: C:\WINDOWS\system32\wlnotify.dll -- [93184] -- [2004-08-03 23:44]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
-- File: C:\WINDOWS\system32\sclgntfy.dll -- [22016] -- [2004-08-03 23:44]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
-- File: C:\WINDOWS\system32\WlNotify.dll -- [93184] -- [2004-08-03 23:44]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
-- File: C:\WINDOWS\system32\wlnotify.dll -- [93184] -- [2004-08-03 23:44]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
-- File: C:\WINDOWS\system32\wlnotify.dll -- [93184] -- [2004-08-03 23:44]


--- RUN / LOAD regkeys ---

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"load"=""


--- SHELLEXECUTEHOOKS regkey ---

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" -- File: shell32.dll -- [?]


--- HKLM AUTORUN regkeys ---

[HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor]
"AutoRun"=""


--- HKCU AUTORUN regkeys ---

[HKEY_CURRENT_USER\Software\Microsoft\Command Processor]
no AutoRun regkey found


--- HKLM\RUN regkey ---

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray" -- File C:\WINDOWS\system32\igfxtray.exe -- [155648] -- [2004-07-01 05:02]
"HotKeysCmds" -- File C:\WINDOWS\system32\hkcmd.exe -- [118784] -- [2004-07-01 04:58]
"SoundMan" -- File: SOUNDMAN.EXE -- [?]
"AdslTaskBar" -- File: rundll32.exe stmctrl.dll,TaskBar -- [?]
"SunJavaUpdateSched" -- File "C:\Program Files\Common Files\Java\Java Update\jusched.exe" -- [252848] -- [2012-07-03 09:04]


--- HKLM\RUNONCE regkey ---

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
no runonce values found


--- HKLM\RUNONCEEX regkey ---

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]
no runonceex values found


--- HKLM\RUNSERVICES regkey ---

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
key not found


--- HKLM\RUNSERVICESONCE regkey ---

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]
key not found


--- HKCU\RUN regkey ---

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE" -- File C:\WINDOWS\system32\ctfmon.exe -- [15360] -- [2004-08-03 23:44]
"AQQ" -- File C:\PROGRA~1\WapSter\WAPSTE~1\AQQ.exe -- [9784832] -- [2012-12-17 11:08]


--- HKCU\RUNONCE regkey ---

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
no runonce values found


--- HKCU\RUNONCEEX regkey ---

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]
key not found


--- HKCU\RUNSERVICES regkey ---

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
key not found


--- HKCU\RUNSERVICESONCE regkey ---

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]
key not found


--- HKU\.DEFAULT\Run regkeys - Default user ---

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE" -- File C:\WINDOWS\system32\CTFMON.EXE -- [15360] -- [2004-08-03 23:44]


--- HKU\S-1-5-18\Run regkeys - user SYSTEM ---

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE" -- File C:\WINDOWS\system32\CTFMON.EXE -- [15360] -- [2004-08-03 23:44]


--- HKU\S-1-5-19\Run regkeys - User Lokale service ---

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE" -- File C:\WINDOWS\system32\CTFMON.EXE -- [15360] -- [2004-08-03 23:44]


--- HKU\S-1-5-20\Run regkeys - User Lokale service ---

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE" -- File C:\WINDOWS\system32\CTFMON.EXE -- [15360] -- [2004-08-03 23:44]


--- HKLM\Explorer\Run regkeys ---

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
no run values found


--- HKCU\Explorer\Run regkeys ---

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
no run values found


--- Image File Execution regkeys ---

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
no debuggers found


--- BROWSER HELPER OBJECTS regkeys ---

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
-- File: C:\Program Files\Java\jre7\bin\ssv.dll -- [460712] -- [2012-12-31 11:42]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
-- File: C:\Program Files\Java\jre7\bin\jp2ssv.dll -- [170416] -- [2012-12-31 11:42]


--- TOOLBAR regkeys ---

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
no toolbars found


--- HKLM\URLSEARCHHOOKS regkeys ---

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\URLSearchHooks]
key not found


--- HKCU\URLSEARCHHOOKS regkeys ---

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
{CFBFAE00-17A6-11D0-99CB-00C04FD64497} -- File: %SystemRoot%\system32\shdocvw.dll -- [?]


--- SRCEENSAVER regkey ---

[HKEY_CURRENT_USER\Control Panel\Desktop]
"SCRNSAVE.EXE" -- File C:\WINDOWS\system32\logon.scr -- [220672] -- [2004-08-03 23:44]


--- ALTERNATESHELL regkey ---

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]
File: C:\WINDOWS\system32\cmd.exe -- [395776] -- [2004-08-03 23:44]


--- SECURITYPROVIDERS regkey ---

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
File: C:\WINDOWS\system32\msapsspc.dll -- [86016] -- [2004-08-03 23:44]
File: C:\WINDOWS\system32\schannel.dll -- [144896] -- [2004-08-03 23:44]
File: C:\WINDOWS\system32\digest.dll -- [68608] -- [2004-08-03 23:43]
File: C:\WINDOWS\system32\msnsspc.dll -- [290816] -- [2004-08-03 23:44]


--- Active Setup\Installed Components regkey ---

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
-- File: %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE -- [?]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
-- File: RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP -- [?]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
-- File: %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE -- [?]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
-- File: %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll -- [?]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
-- File: "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install -- [?]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
-- File: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT -- [?]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
-- File: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser -- [?]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
-- File: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub -- [?]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
-- File: regsvr32.exe /s /n /i:U shell32.dll -- [?]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
-- File: %SystemRoot%\system32\ie4uinit.exe -- [?]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
-- File: %SystemRoot%\system32\ie4uinit.exe -- [?]


-- DRIVERS --

S4 - Abiosdsk - Abiosdsk -
S4 - abp480n5 - abp480n5 -
R0 - ACPI - Sterownik Microsoft ACPI - C:\WINDOWS\system32\DRIVERS\ACPI.sys
S4 - ACPIEC - ACPIEC - C:\WINDOWS\system32\drivers\ACPIEC.sys
S4 - adpu160m - adpu160m -
S3 - aec - Microsoft Kernel Acoustic Echo Canceller - C:\WINDOWS\system32\drivers\aec.sys
R1 - AFD - AFD - C:\WINDOWS\system32\drivers\afd.sys
S4 - Aha154x - Aha154x -
S4 - aic78u2 - aic78u2 -
S4 - aic78xx - aic78xx -
R3 - ALCXWDM - Service for Realtek AC97 Audio (WDM) - C:\WINDOWS\system32\drivers\ALCXWDM.SYS
S4 - AliIde - AliIde -
S4 - amsint - amsint -
S4 - asc - asc -
S4 - asc3350p - asc3350p -
S4 - asc3550 - asc3550 -
S3 - AsyncMac - Sterownik multimediów asynchronicznych RAS - C:\WINDOWS\system32\DRIVERS\asyncmac.sys
R0 - atapi - Standardowy kontroler dysku twardego IDE/ESDI - C:\WINDOWS\system32\DRIVERS\atapi.sys
S4 - Atdisk - Atdisk -
S3 - Atmarpc - Protokół klienta ARP ATM - C:\WINDOWS\system32\DRIVERS\atmarpc.sys
R3 - audstub - Sterownik Audio Stub - C:\WINDOWS\system32\DRIVERS\audstub.sys
R1 - Beep - Beep - C:\WINDOWS\system32\drivers\Beep.sys
S4 - cbidf2k - cbidf2k - C:\WINDOWS\system32\drivers\cbidf2k.sys
S4 - cd20xrnt - cd20xrnt -
S1 - Cdaudio - Cdaudio - C:\WINDOWS\system32\drivers\Cdaudio.sys
R4 - Cdfs - Cdfs - C:\WINDOWS\system32\drivers\Cdfs.sys
R1 - Cdrom - Sterownik stacji dysków CD-ROM - C:\WINDOWS\system32\DRIVERS\cdrom.sys
S1 - Changer - Changer -
S4 - CmdIde - CmdIde -
S4 - Cpqarray - Cpqarray -
S4 - dac960nt - dac960nt -
R0 - Disk - Sterownik dysku - C:\WINDOWS\system32\DRIVERS\disk.sys
S4 - dmboot - dmboot - C:\WINDOWS\system32\drivers\dmboot.sys
R0 - dmio - Sterownik Menedżera dysków logicznych - C:\WINDOWS\system32\drivers\dmio.sys
R0 - dmload - dmload - C:\WINDOWS\system32\drivers\dmload.sys
S3 - DMusic - Syntezator Microsoft Kernel DLS - C:\WINDOWS\system32\drivers\DMusic.sys
S4 - dpti2o - dpti2o -
S3 - drmkaud - Microsoft Kernel DRM Audio Descrambler - C:\WINDOWS\system32\drivers\drmkaud.sys
S4 - Fastfat - Fastfat - C:\WINDOWS\system32\drivers\Fastfat.sys
R3 - Fdc - Sterownik kontrolera stacji dyskietek - C:\WINDOWS\system32\DRIVERS\fdc.sys
R1 - Fips - Fips - C:\WINDOWS\system32\drivers\Fips.sys
R3 - Flpydisk - Sterownik stacji dyskietek - C:\WINDOWS\system32\DRIVERS\flpydisk.sys
R0 - FltMgr - FltMgr - C:\WINDOWS\system32\DRIVERS\fltMgr.sys
R0 - Ftdisk - Sterownik Menedżera woluminów - C:\WINDOWS\system32\DRIVERS\ftdisk.sys
R3 - gameenum - Licznik portów gier - C:\WINDOWS\system32\DRIVERS\gameenum.sys
R3 - Gpc - Rodzajowy klasyfikator pakietu - C:\WINDOWS\system32\DRIVERS\msgpc.sys
S4 - hpn - hpn -
R3 - HTTP - HTTP - C:\WINDOWS\system32\Drivers\HTTP.sys
S1 - i2omgmt - i2omgmt -
S4 - i2omp - i2omp -
R1 - i8042prt - Sterownik portu klawiatury i8042 i myszy PS/2 - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
R3 - ialm - ialm - C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
S1 - Imapi - Sterownik filtru nagrywania dysków CD - C:\WINDOWS\system32\DRIVERS\imapi.sys
S4 - ini910u - ini910u -
R0 - IntelIde - IntelIde - C:\WINDOWS\system32\DRIVERS\intelide.sys
R1 - intelppm - Sterownik procesora Intel - C:\WINDOWS\system32\DRIVERS\intelppm.sys
S3 - Ip6Fw - Sterownik Zapory systemu Windows IPv6 - C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
S3 - IpFilterDriver - Sterownik filtru ruchu IP - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
S3 - IpInIp - Sterownik IP w tunelu IP - C:\WINDOWS\system32\DRIVERS\ipinip.sys
R3 - IpNat - Translator adresów sieciowych IP - C:\WINDOWS\system32\DRIVERS\ipnat.sys
R1 - IPSec - Sterownik IPSEC - C:\WINDOWS\system32\DRIVERS\ipsec.sys
S3 - IRENUM - Usługa wyliczania IR - C:\WINDOWS\system32\DRIVERS\irenum.sys
R0 - isapnp - Sterownik PnP magistrali ISA/EISA - C:\WINDOWS\system32\DRIVERS\isapnp.sys
R1 - Kbdclass - Sterownik klasy klawiatury - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
R3 - kmixer - Microsoft Kernel Wave Audio Mixer - C:\WINDOWS\system32\drivers\kmixer.sys
R0 - KSecDD - KSecDD - C:\WINDOWS\system32\drivers\KSecDD.sys
S1 - lbrtfdc - lbrtfdc -
R1 - mnmdd - mnmdd - C:\WINDOWS\system32\drivers\mnmdd.sys
S3 - Modem - Modem - C:\WINDOWS\system32\drivers\Modem.sys
R1 - Mouclass - Sterownik klasy myszy - C:\WINDOWS\system32\DRIVERS\mouclass.sys
R0 - MountMgr - MountMgr - C:\WINDOWS\system32\drivers\MountMgr.sys
S4 - mraid35x - mraid35x -
R3 - MRxDAV - Readresator klienta WebDav - C:\WINDOWS\system32\DRIVERS\mrxdav.sys
R1 - MRxSmb - MRXSMB - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
R1 - Msfs - Msfs - C:\WINDOWS\system32\drivers\Msfs.sys
S3 - MSKSSRV - Serwer proxy usługi Microsoft Streaming - C:\WINDOWS\system32\drivers\MSKSSRV.sys
S3 - MSPCLOCK - Serwer proxy zegara Microsoft Streaming - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
S3 - MSPQM - Serwer proxy menedżera jakości Microsoft Streaming - C:\WINDOWS\system32\drivers\MSPQM.sys
R3 - mssmbios - Sterownik BIOS zarządzania systemem firmy Microsoft - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
R3 - ms_mpu401 - Sterownik portu MIDI UART Microsoft MPU-401 - C:\WINDOWS\system32\drivers\msmpu401.sys
R0 - Mup - Mup - C:\WINDOWS\system32\drivers\Mup.sys
R0 - NDIS - Sterownik systemu NDIS - C:\WINDOWS\system32\drivers\NDIS.sys
R3 - NdisTapi - Sterownik usługi Dostęp zdalny NDIS TAPI - C:\WINDOWS\system32\DRIVERS\ndistapi.sys
R3 - Ndisuio - Protokół We/Wy trybu użytkownika NDIS - C:\WINDOWS\system32\DRIVERS\ndisuio.sys
R3 - NdisWan - Sterownik usługi Dostęp zdalny NDIS WAN - C:\WINDOWS\system32\DRIVERS\ndiswan.sys
R3 - NDProxy - Serwer proxy NDIS - C:\WINDOWS\system32\drivers\NDProxy.sys
R1 - NetBIOS - Interfejs NetBIOS - C:\WINDOWS\system32\DRIVERS\netbios.sys
R1 - NetBT - NetBios przez TCP/IP - C:\WINDOWS\system32\DRIVERS\netbt.sys
R1 - Npfs - Npfs - C:\WINDOWS\system32\drivers\Npfs.sys
R4 - Ntfs - Ntfs - C:\WINDOWS\system32\drivers\Ntfs.sys
R1 - Null - Null - C:\WINDOWS\system32\drivers\Null.sys
S3 - NwlnkFlt - Sterownik filtru ruchu IPX - C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
S3 - NwlnkFwd - Sterownik usług przesyłania dalej ruchu IPX - C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
R3 - Parport - Sterownik portu równoległego - C:\WINDOWS\system32\DRIVERS\parport.sys
R0 - PartMgr - PartMgr - C:\WINDOWS\system32\drivers\PartMgr.sys
R2 - ParVdm - ParVdm - C:\WINDOWS\system32\drivers\ParVdm.sys
S3 - PCAMPR5 - PCAMPR5 NDIS Protocol Driver - \??\C:\WINDOWS\system32\PCAMPR5.SYS
S3 - PCANDIS5 - PCANDIS5 NDIS Protocol Driver - \??\C:\WINDOWS\system32\PCANDIS5.SYS
R0 - PCI - Sterownik magistrali PCI - C:\WINDOWS\system32\DRIVERS\pci.sys
S1 - PCIDump - PCIDump -
R0 - PCIIde - PCIIde - C:\WINDOWS\system32\DRIVERS\pciide.sys
S4 - Pcmcia - Pcmcia - C:\WINDOWS\system32\drivers\Pcmcia.sys
S3 - PDCOMP - PDCOMP -
S3 - PDFRAME - PDFRAME -
S3 - PDRELI - PDRELI -
S3 - PDRFRAME - PDRFRAME -
S4 - perc2 - perc2 -
S4 - perc2hib - perc2hib -
R3 - PptpMiniport - WAN Miniport (PPTP) - C:\WINDOWS\system32\DRIVERS\raspptp.sys
R3 - PSched - Harmonogram pakietów QoS - C:\WINDOWS\system32\DRIVERS\psched.sys
R3 - Ptilink - Sterownik bezpośredniego połączenia kablowego - C:\WINDOWS\system32\DRIVERS\ptilink.sys
S4 - ql1080 - ql1080 -
S4 - Ql10wnt - Ql10wnt -
S4 - ql12160 - ql12160 -
S4 - ql1240 - ql1240 -
S4 - ql1280 - ql1280 -
R1 - RasAcd - Sterownik automatycznego połączenia dostępu zdalnego - C:\WINDOWS\system32\DRIVERS\rasacd.sys
R3 - Rasl2tp - WAN Miniport (L2TP) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
R3 - RasPppoe - Sterownik usługi Dostęp zdalny PPPOE - C:\WINDOWS\system32\DRIVERS\raspppoe.sys
R3 - Raspti - Bezpośrednie połączenie kablowe - C:\WINDOWS\system32\DRIVERS\raspti.sys
R1 - Rdbss - Rdbss - C:\WINDOWS\system32\DRIVERS\rdbss.sys
R1 - RDPCDD - RDPCDD - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
R3 - rdpdr - Sterownik przekierowania urządzenia serwera terminali - C:\WINDOWS\system32\DRIVERS\rdpdr.sys
S3 - RDPWD - RDPWD - C:\WINDOWS\system32\drivers\RDPWD.sys
R1 - redbook - Sterownik filtru odtwarzania audio cyfrowych dysków CD - C:\WINDOWS\system32\DRIVERS\redbook.sys
R3 - rtl8029 - Sterownik NT karty Realtek RTL8029(AS)-based PCI Ethernet - C:\WINDOWS\system32\DRIVERS\RTL8029.SYS
S3 - Secdrv - Secdrv - C:\WINDOWS\system32\DRIVERS\secdrv.sys
R3 - serenum - Sterownik filtru Serenum - C:\WINDOWS\system32\DRIVERS\serenum.sys
R1 - Serial - Sterownik portu szeregowego - C:\WINDOWS\system32\DRIVERS\serial.sys
S1 - Sfloppy - Sfloppy - C:\WINDOWS\system32\drivers\Sfloppy.sys
S4 - Simbad - Simbad -
S4 - Sparrow - Sparrow -
S3 - splitter - Microsoft Kernel Audio Splitter - C:\WINDOWS\system32\drivers\splitter.sys
R0 - sr - Sterownik filtru Przywracania systemu - C:\WINDOWS\system32\DRIVERS\sr.sys
R3 - Srv - Srv - C:\WINDOWS\system32\DRIVERS\srv.sys
R3 - Stmatm - ATM/ADSL miniport - C:\WINDOWS\system32\DRIVERS\stmatm.sys
R3 - swenum - Sterownik magistrali programowej - C:\WINDOWS\system32\DRIVERS\swenum.sys
S3 - swmidi - Syntezator tablicy dźwięków WAVE Microsoft Kernel GS - C:\WINDOWS\system32\drivers\swmidi.sys
S4 - symc810 - symc810 -
S4 - symc8xx - symc8xx -
S4 - sym_hi - sym_hi -
S4 - sym_u3 - sym_u3 -
R3 - sysaudio - Urządzenie audio Microsoft Kernel System - C:\WINDOWS\system32\drivers\sysaudio.sys
R3 - TaurusUsb - ADSL Modem USB Service - C:\WINDOWS\system32\DRIVERS\torususb.sys
R1 - Tcpip - Sterownik protokołu TCP/IP - C:\WINDOWS\system32\DRIVERS\tcpip.sys
S3 - TDPIPE - TDPIPE - C:\WINDOWS\system32\drivers\TDPIPE.sys
S3 - TDTCP - TDTCP - C:\WINDOWS\system32\drivers\TDTCP.sys
R1 - TermDD - Sterownik urządzenia terminalu - C:\WINDOWS\system32\DRIVERS\termdd.sys
S4 - TosIde - TosIde -
S4 - Udfs - Udfs - C:\WINDOWS\system32\drivers\Udfs.sys
S4 - ultra - ultra -
R3 - Update - Sterownik Microcode Update - C:\WINDOWS\system32\DRIVERS\update.sys
R3 - usbehci - Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft - C:\WINDOWS\system32\DRIVERS\usbehci.sys
R3 - usbhub - Koncentrator z obsługą USB2 - C:\WINDOWS\system32\DRIVERS\usbhub.sys
S3 - USBSTOR - Sterownik magazynu masowego USB - C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
R3 - usbuhci - Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft - C:\WINDOWS\system32\DRIVERS\usbuhci.sys
R1 - VgaSave - VgaSave - C:\WINDOWS\system32\drivers\vga.sys
S4 - ViaIde - ViaIde -
R0 - VolSnap - VolSnap - C:\WINDOWS\system32\drivers\VolSnap.sys
R3 - Wanarp - Sterownik usługi Dostęp zdalny IP ARP - C:\WINDOWS\system32\DRIVERS\wanarp.sys
S3 - WDICA - WDICA -
R3 - wdmaud - Sterownik zgodności audio Microsoft WINMM WDM - C:\WINDOWS\system32\drivers\wdmaud.sys

-- SERVICES --

S3 - AdobeFlashPlayerUpdateSvc - Adobe Flash Player Update Service - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
R3 - ALG - Usługa bramy warstwy aplikacji - C:\WINDOWS\System32\alg.exe
S3 - CiSvc - Usługa indeksowania - C:\WINDOWS\system32\cisvc.exe
S4 - ClipSrv - ClipBook - C:\WINDOWS\system32\clipsrv.exe
S3 - COMSysApp - Aplikacja systemowa modelu COM+ - C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
S3 - dmadmin - Usługa administracyjna Menedżera dysków logicznych - C:\WINDOWS\System32\dmadmin.exe /com
R2 - Eventlog - Dziennik zdarzeń - C:\WINDOWS\system32\services.exe
S2 - gupdate - Usługa Google Update (gupdate) - "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc
S3 - gupdatem - Usługa Google Update (gupdatem) - "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc
S3 - ImapiService - Usługa COM nagrywania dysków CD IMAPI - C:\WINDOWS\system32\imapi.exe
R2 - JavaQuickStarterService - Java Quick Starter - "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"
S3 - mnmsrvc - NetMeeting Remote Desktop Sharing - C:\WINDOWS\system32\mnmsrvc.exe
S3 - MSDTC - Distributed Transaction Coordinator - C:\WINDOWS\system32\msdtc.exe
S3 - MSIServer - Instalator Windows - C:\WINDOWS\system32\msiexec.exe /V
S4 - NetDDE - DDE sieci - C:\WINDOWS\system32\netdde.exe
S4 - NetDDEdsdm - DSDM DDE sieci - C:\WINDOWS\system32\netdde.exe
S3 - Netlogon - Logowanie do sieci - C:\WINDOWS\system32\lsass.exe
S3 - NtLmSsp - Usługa NT LM Security Support Provider - C:\WINDOWS\system32\lsass.exe
R2 - PlugPlay - Plug and Play - C:\WINDOWS\system32\services.exe
R2 - PolicyAgent - Usługi IPSEC - C:\WINDOWS\system32\lsass.exe
R2 - ProtectedStorage - Magazyn chroniony - C:\WINDOWS\system32\lsass.exe
S3 - RDSessMgr - Menedżer sesji pomocy pulpitu zdalnego - C:\WINDOWS\system32\sessmgr.exe
S3 - RpcLocator - Lokalizator usługi zdalnego wywołania procedury (RPC) - C:\WINDOWS\system32\locator.exe
S3 - RSVP - QoS RSVP - C:\WINDOWS\system32\rsvp.exe
R2 - SamSs - Menedżer kont zabezpieczeń - C:\WINDOWS\system32\lsass.exe
S3 - SCardSvr - Karta inteligentna - C:\WINDOWS\System32\SCardSvr.exe
R2 - Spooler - Bufor wydruku - C:\WINDOWS\system32\spoolsv.exe
S3 - SwPrv - MS Software Shadow Copy Provider - C:\WINDOWS\system32\dllhost.exe /Processid:{260354A5-793F-408C-BDE8-F880F55659F7}
S3 - SysmonLog - Dzienniki wydajności i alerty - C:\WINDOWS\system32\smlogsvc.exe
S4 - TlntSvr - Telnet - C:\WINDOWS\system32\tlntsvr.exe
S3 - UPS - Zasilacz awaryjny (UPS) - C:\WINDOWS\System32\ups.exe
S3 - VSS - Kopiowanie woluminów w tle - C:\WINDOWS\System32\vssvc.exe
R3 - WmiApSrv - Karta wydajności WMI - C:\WINDOWS\system32\wbem\wmiapsrv.exe


--- SAFEBOOT MINIMAL SERVICES ---

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal
no unknown services found


--- SAFEBOOT Network SERVICES ---

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network
DnsCache


--- BOOTEXECUTE regkey ---

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager]
"BootExecute"= autocheck autochk *\0\0


--- PENDINGFILERENAMEOPERATIONS regkey ---

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager]
PendingFileRenameOperations key not found


--- WOW-CMDLINE regkeys ---

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WOW]
"cmdline" = %SystemRoot%\system32\ntvdm.exe
"cmdline" = %SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386


--- SVCHOST HTTPFilter regkey ---

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] -- HTTPFilter
HTTPFilter -- %SystemRoot%\System32\w3ssl.dll


--- SVCHOST LocalService regkey ---

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] -- LocalService
only standard values found


--- SVCHOST NetworkService regkey ---

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] -- NetworkService
only standard values found


--- SVCHOST netsvcs regkey ---

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] -- netsvcs
WmdmPmSN -- C:\WINDOWS\system32\mspmsnsv.dll
ojumdcjt loading point not found


--- SVCHOST DcomLaunch regkey ---

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] -- DcomLaunch
only standard values found


--- SVCHOST rpcss regkey ---

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] -- rpcss
only standard values found


--- SVCHOST imgsvc regkey ---

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] -- imgsvc
only standard values found


--- SVCHOST termsvcs regkey ---

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] -- termsvcs
only standard values found


--- DNS SERVER regkeys ---

no "NameServer" values found


--- HKCU SEARCHSCOPE ---




--- HKLM SEARCHSCOPE ---



--- File associations ---

.BAT files: ("%1" %*)
.COM files: ("%1" %*)
.EXE files: ("%1" %*)
.HLP files: (%SystemRoot%\System32\winhlp32.exe %1)
.INF files: (%SystemRoot%\System32\NOTEPAD.EXE %1)
.INI files: (%SystemRoot%\System32\NOTEPAD.EXE %1)
.JS files: (%SystemRoot%\System32\WScript.exe "%1" %*)
.PIF files: ("%1" %*)
.REG files: (regedit.exe "%1")
.SCR files: ("%1" /S)
.TXT files: (%SystemRoot%\system32\NOTEPAD.EXE %1)
.VBS files: (%SystemRoot%\System32\WScript.exe "%1" %*)


--- STARTUP FOLDERS ---

C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\desktop.ini -- [84] -- [2012-12-30 19:59]
C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\OpenOffice.org 3.3.lnk -- [864] -- [2012-12-31 11:36]
C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\desktop.ini -- [84] -- [2012-12-30 19:59]
C:\WINDOWS\system32\config\systemprofile\Menu Start\Programy\Autostart\desktop.ini -- [84] -- [2012-12-30 19:59]
C:\WINDOWS\system32\config\systemprofile\Menu Start\Programy\Autostart\desktop.ini -- [84] -- [2012-12-30 19:59]


--- TASK SCHEDULER JOBS ---

C:\WINDOWS\tasks\Adobe Flash Player Updater.job -- [930] -- [2013-01-01 21:24]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job -- [1046] -- [2013-01-02 15:35]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job -- [1050] -- [2013-01-02 15:38]


--- Created files ---

2013-01-02 15:04:44 -------- d-----w- [---] C:\WINDOWS\RegLooks
2013-01-02 14:33:53 -------- d-----w- [---] C:\_OTL
2013-01-02 14:33:53 -------- d-----w- [---] \_OTL
2012-12-31 19:54:23 -------- d-----w- [---] C:\Program Files\Total Video Player
2012-12-31 10:43:32 -------- d-----w- [---] C:\Program Files\Common Files\Java
2012-12-31 10:43:25 859072 ----a-w- [7--] C:\WINDOWS\system32\npDeployJava1.dll
2012-12-31 10:43:25 779704 ----a-w- [7--] C:\WINDOWS\system32\deployJava1.dll
2012-12-31 10:43:25 260528 ----a-w- [7--] C:\WINDOWS\system32\javaws.exe
2012-12-31 10:43:25 143872 ----a-w- [---] C:\WINDOWS\system32\javacpl.cpl
2012-12-31 10:43:10 93640 ----a-w- [7--] C:\WINDOWS\system32\WindowsAccessBridge.dll
2012-12-31 10:43:10 174000 ----a-w- [7--] C:\WINDOWS\system32\javaw.exe
2012-12-31 10:43:10 173992 ----a-w- [7--] C:\WINDOWS\system32\java.exe
2012-12-31 10:38:34 -------- d-----w- [---] C:\Documents and Settings\Administrator\Dane aplikacji\Sun
2012-12-31 10:36:22 -------- d-----w- [---] C:\Documents and Settings\Administrator\Dane aplikacji\OpenOffice.org
2012-12-31 10:02:06 -------- d-----w- [---] C:\Program Files\OpenOffice.org 3
2012-12-31 09:05:28 -------- d-----w- [---] C:\Documents and Settings\Administrator\Dane aplikacji\Adobe
2012-12-31 09:05:14 -------- d-s---w- [---] C:\Documents and Settings\Administrator\GG dysk
2012-12-31 09:04:19 -------- d-----w- [---] C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla
2012-12-31 09:03:50 -------- d-----w- [---] C:\Documents and Settings\Administrator\Dane aplikacji\GG
2012-12-30 23:28:19 930 ----a-w- [---] C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2012-12-30 23:28:18 73656 ----a-w- [7--] C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2012-12-30 23:28:18 697272 ----a-w- [7--] C:\WINDOWS\system32\FlashPlayerApp.exe
2012-12-30 21:40:47 -------- d-----w- [---] C:\Documents and Settings\Administrator\Dane aplikacji\Tibia
2012-12-30 21:27:55 -------- d-----w- [---] C:\Program Files\Tibia
2012-12-30 21:20:07 -------- d-----w- [---] C:\Program Files\Asprate
2012-12-30 21:19:41 -------- d-----w- [---] C:\Documents and Settings\Administrator\Dane aplikacji\WinRAR
2012-12-30 21:19:30 -------- d-----w- [---] C:\Program Files\WinRAR
2012-12-30 20:35:19 -------- d-sha-r- [---] C:\autorun.inf
2012-12-30 20:35:19 -------- d-sha-r- [---] \autorun.inf
2012-12-30 20:33:56 -------- d-sh--w- [---] C:\RECYCLER
2012-12-30 20:33:56 -------- d-sh--w- [---] \RECYCLER
2012-12-30 20:24:46 -------- d-----w- [---] C:\Documents and Settings\Administrator\WapSter
2012-12-30 20:21:21 26496 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\usbstor.sys
2012-12-30 20:21:21 26496 ----a-w- [7-8] C:\WINDOWS\system32\drivers\USBSTOR.SYS
2012-12-30 20:12:15 -------- d-----w- [---] C:\Program Files\WapSter
2012-12-30 19:51:56 -------- d-----w- [---] C:\Documents and Settings\Administrator\Dane aplikacji\Opera
2012-12-30 19:51:51 0 ----a-w- [---] C:\WINDOWS\system32\h323log.txt
2012-12-30 19:51:46 -------- d-----w- [---] C:\Program Files\Opera
2012-12-30 19:47:07 -------- d--h--w- [---] C:\Documents and Settings\All Users\Szablony
2012-12-30 19:47:07 -------- d-----w- [---] C:\Documents and Settings\All Users\Ulubione
2012-12-30 19:47:07 -------- d-----w- [---] C:\Documents and Settings\All Users\Pulpit
2012-12-30 19:47:07 -------- d-----r- [---] C:\Documents and Settings\All Users\Menu Start
2012-12-30 19:47:07 -------- d-----r- [---] C:\Documents and Settings\All Users\Dokumenty
2012-12-30 19:46:27 -------- d--h--r- [---] C:\Documents and Settings\All Users\Dane aplikacji
2012-12-30 19:33:50 1050 ----a-w- [---] C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2012-12-30 19:33:49 1046 ----a-w- [---] C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2012-12-30 19:33:47 -------- d-----w- [---] C:\Program Files\Google
2012-12-30 19:31:53 39 ----a-w- [---] C:\Documents and Settings\Administrator\custom.log
2012-12-30 19:28:11 32768 ----a-w- [---] C:\WINDOWS\system32\WooDial2000.dll
2012-12-30 19:27:46 -------- d-----w- [---] C:\WINDOWS\system32\InsFiles
2012-12-30 19:27:44 1434 ----a-w- [---] C:\WINDOWS\coinst.log
2012-12-30 19:27:43 902 ----a-r- [---] C:\WINDOWS\system32\setup.ini
2012-12-30 19:27:43 766 ----a-r- [---] C:\WINDOWS\system32\icStop.ico
2012-12-30 19:27:43 766 ----a-r- [---] C:\WINDOWS\system32\icShTx.ico
2012-12-30 19:27:43 766 ----a-r- [---] C:\WINDOWS\system32\icShTR.ico
2012-12-30 19:27:43 766 ----a-r- [---] C:\WINDOWS\system32\icShRx.ico
2012-12-30 19:27:43 766 ----a-r- [---] C:\WINDOWS\system32\icShow.ico
2012-12-30 19:27:43 766 ----a-r- [---] C:\WINDOWS\system32\icInit.ico
2012-12-30 19:27:43 65536 ----a-r- [---] C:\WINDOWS\DSLTest.exe
2012-12-30 19:27:43 161 ----a-r- [---] C:\WINDOWS\DSLSetup.ini
2012-12-30 19:27:43 102400 ----a-r- [---] C:\WINDOWS\stmtrace.exe
2012-12-30 19:27:42 766 ----a-r- [---] C:\WINDOWS\system32\icNoMo.ico
2012-12-30 19:27:42 684265 ----a-r- [---] C:\WINDOWS\system32\drivers\torususb.sys
2012-12-30 19:27:42 60255 ----a-r- [---] C:\WINDOWS\system32\drivers\stmatm.sys
2012-12-30 19:27:42 446464 ----a-r- [---] C:\WINDOWS\system32\stmadsl.cpl
2012-12-30 19:27:42 36864 ----a-r- [---] C:\WINDOWS\system32\stmclean.exe
2012-12-30 19:27:42 18498 ----a-r- [---] C:\WINDOWS\system32\CSALogo.bmp
2012-12-30 19:26:18 425984 ----a-r- [---] C:\WINDOWS\system32\stmcfg32.dll
2012-12-30 19:26:18 151552 ----a-r- [---] C:\WINDOWS\system32\stmctrl.dll
2012-12-30 19:26:12 -------- d-----w- [---] C:\Program Files\ZTE ZXDSL 852
2012-12-30 19:26:11 2849 ----a-w- [---] C:\WINDOWS\stsetup.htm
2012-12-30 19:26:02 94208 ----a-w- [---] C:\WINDOWS\system32\W32n50.dll
2012-12-30 19:26:02 16128 ------w- [---] C:\WINDOWS\system32\PCANDIS5.SYS
2012-12-30 19:25:40 45175 ------w- [---] C:\WINDOWS\system32\plugincpl140_03.cpl
2012-12-30 19:25:34 41068 ------w- [---] C:\WINDOWS\system32\ActPanel.dll
2012-12-30 19:25:33 -------- d-----w- [---] C:\Program Files\Java
2012-12-30 19:24:29 6400 ----a-w- [7-8] C:\WINDOWS\system32\drivers\splitter.sys
2012-12-30 19:24:28 2944 ----a-w- [7-8] C:\WINDOWS\system32\drivers\drmkaud.sys
2012-12-30 19:24:27 4992 ----a-w- [7-8] C:\WINDOWS\system32\drivers\MSPQM.sys
2012-12-30 19:24:25 142464 ----a-w- [7-8] C:\WINDOWS\system32\drivers\aec.sys
2012-12-30 19:24:23 54272 ----a-w- [7-8] C:\WINDOWS\system32\drivers\swmidi.sys
2012-12-30 19:24:22 82944 ----a-w- [7-8] C:\WINDOWS\system32\drivers\wdmaud.sys
2012-12-30 19:24:20 171776 ----a-w- [7-8] C:\WINDOWS\system32\drivers\kmixer.sys
2012-12-30 19:24:18 52864 ----a-w- [7-8] C:\WINDOWS\system32\drivers\DMusic.sys
2012-12-30 19:24:16 7552 ----a-w- [7-8] C:\WINDOWS\system32\drivers\MSKSSRV.sys
2012-12-30 19:24:15 60800 ----a-w- [7-8] C:\WINDOWS\system32\drivers\sysaudio.sys
2012-12-30 19:24:13 -------- d-----w- [---] C:\Program Files\neostrada tp
2012-12-30 19:24:12 5376 ----a-w- [7-8] C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2012-12-30 19:24:08 3072 ----a-w- [7-8] C:\WINDOWS\system32\drivers\audstub.sys
2012-12-30 19:24:02 530 ----a-w- [---] C:\WINDOWS\wiadebug.log
2012-12-30 19:24:01 50 ----a-w- [---] C:\WINDOWS\wiaservc.log
2012-12-30 19:24:00 0 ----a-w- [---] C:\WINDOWS\Sti_Trace.log
2012-12-30 19:23:08 58624 ----a-w- [7-8] C:\WINDOWS\system32\drivers\redbook.sys
2012-12-30 19:22:44 19017 ----a-w- [7-8] C:\WINDOWS\system32\drivers\RTL8029.sys
2012-12-30 19:22:40 60288 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\drmk.sys
2012-12-30 19:22:40 60288 ----a-w- [7-8] C:\WINDOWS\system32\drivers\drmk.sys
2012-12-30 19:22:40 4096 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\ksuser.dll
2012-12-30 19:22:40 4096 ----a-w- [7-8] C:\WINDOWS\system32\ksuser.dll
2012-12-30 19:22:40 2944 ----a-w- [7-8] C:\WINDOWS\system32\drivers\msmpu401.sys
2012-12-30 19:22:40 145792 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\portcls.sys
2012-12-30 19:22:40 145792 ----a-w- [7-8] C:\WINDOWS\system32\drivers\portcls.sys
2012-12-30 19:22:40 130048 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\ksproxy.ax
2012-12-30 19:22:40 130048 ----a-w- [7-8] C:\WINDOWS\system32\ksproxy.ax
2012-12-30 19:22:38 10624 ----a-w- [7-8] C:\WINDOWS\system32\drivers\gameenum.sys
2012-12-30 19:22:21 5504 ----a-w- [7-8] C:\WINDOWS\system32\drivers\intelide.sys
2012-12-30 19:22:19 77312 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\usbui.dll
2012-12-30 19:22:19 77312 ----a-w- [7-8] C:\WINDOWS\system32\usbui.dll
2012-12-30 19:21:02 -------- d-----w- [---] C:\Documents and Settings\Administrator\Dane aplikacji\Macromedia
2012-12-30 19:21:00 3886 ----a-w- [---] C:\WINDOWS\netfxocm.log
2012-12-30 19:21:00 1919 ----a-w- [---] C:\WINDOWS\MedCtrOC.log
2012-12-30 19:21:00 1802 ----a-w- [---] C:\WINDOWS\tabletoc.log
2012-12-30 19:21:00 1189 ----a-w- [---] C:\WINDOWS\ocmsn.log
2012-12-30 19:21:00 -------- d-sh--w- [---] C:\WINDOWS\ftpcache
2012-12-30 19:20:59 4438 ----a-w- [---] C:\WINDOWS\imsins.log
2012-12-30 19:20:59 1362 ----a-w- [---] C:\WINDOWS\imsins.BAK
2012-12-30 19:20:59 1181 ----a-w- [---] C:\WINDOWS\msgsocm.log
2012-12-30 19:20:58 57690 ----a-w- [---] C:\WINDOWS\iis6.log
2012-12-30 19:20:58 20608 ----a-w- [---] C:\WINDOWS\comsetup.log
2012-12-30 19:20:58 14263 ----a-w- [---] C:\WINDOWS\tsoc.log
2012-12-30 19:20:58 13264 ----a-w- [---] C:\WINDOWS\msmqinst.log
2012-12-30 19:20:58 12305 ----a-w- [---] C:\WINDOWS\ntdtcsetup.log
2012-12-30 19:20:57 17739 ----a-w- [---] C:\WINDOWS\ocgen.log
2012-12-30 19:20:57 16773 ----a-w- [---] C:\WINDOWS\FaxSetup.log
2012-12-30 19:20:55 763990 ----a-w- [---] C:\WINDOWS\system32\PerfStringBackup.INI
2012-12-30 19:20:55 -------- d-sh--w- [---] C:\WINDOWS\Installer
2012-12-30 19:20:54 4293 ----a-w- [---] C:\WINDOWS\ODBCINST.INI
2012-12-30 19:20:54 -------- d-----w- [---] C:\Program Files\Common Files\ODBC
2012-12-30 19:20:52 77824 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\spcommon.dll
2012-12-30 19:20:52 61440 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\spcplui.dll
2012-12-30 19:20:51 888 -c--a-w-[---] C:\WINDOWS\system32\dllcache\sam.sdf
2012-12-30 19:20:51 774144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\spttseng.dll
2012-12-30 19:20:51 643717 -c--a-w-[---] C:\WINDOWS\system32\dllcache\ltts1033.lxa
2012-12-30 19:20:51 605050 -c--a-w-[---] C:\WINDOWS\system32\dllcache\r1033tts.lxa
2012-12-30 19:20:51 36864 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sapisvr.exe
2012-12-30 19:20:51 1685606 -c--a-w-[---] C:\WINDOWS\system32\dllcache\sam.spd
2012-12-30 19:20:51 155648 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sapi.cpl
2012-12-30 19:20:51 -------- d-----w- [---] C:\Program Files\Common Files\SpeechEngines
2012-12-30 19:20:50 741376 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sapi.dll
2012-12-30 19:20:50 -------- d-----w- [---] C:\Program Files\Common Files\Microsoft Shared
2012-12-30 19:20:50 -------- d-----w- [---] C:\Program Files\Common Files
2012-12-30 19:20:50 -------- d-----r- [---] C:\Program Files
2012-12-30 19:20:50 -------- d-----r- [---] \Program Files
2012-12-30 19:20:47 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_28603.nls
2012-12-30 19:20:47 66082 ----a-w- [--8] C:\WINDOWS\system32\c_28603.nls
2012-12-30 19:20:47 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\agt041f.dll
2012-12-30 19:20:46 66594 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_857.nls
2012-12-30 19:20:46 66594 ----a-w- [--8] C:\WINDOWS\system32\c_857.nls
2012-12-30 19:20:46 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_28599.nls
2012-12-30 19:20:46 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10081.nls
2012-12-30 19:20:46 66082 ----a-w- [--8] C:\WINDOWS\system32\c_28599.nls
2012-12-30 19:20:46 66082 ----a-w- [--8] C:\WINDOWS\system32\c_10081.nls
2012-12-30 19:20:46 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdtuq.dll
2012-12-30 19:20:46 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdtuf.dll
2012-12-30 19:20:46 6144 ----a-r- [7-8] C:\WINDOWS\system32\kbdtuq.dll
2012-12-30 19:20:46 6144 ----a-r- [7-8] C:\WINDOWS\system32\kbdtuf.dll
2012-12-30 19:20:46 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdazel.dll
2012-12-30 19:20:46 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdazel.dll
2012-12-30 19:20:46 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\agt0419.dll
2012-12-30 19:20:44 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_28595.nls
2012-12-30 19:20:44 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10017.nls
2012-12-30 19:20:44 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10007.nls
2012-12-30 19:20:44 66082 ----a-w- [--8] C:\WINDOWS\system32\C_28595.NLS
2012-12-30 19:20:44 66082 ----a-w- [--8] C:\WINDOWS\system32\c_10017.nls
2012-12-30 19:20:44 66082 ----a-w- [--8] C:\WINDOWS\system32\c_10007.nls
2012-12-30 19:20:44 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdycc.dll
2012-12-30 19:20:44 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbduzb.dll
2012-12-30 19:20:44 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdur.dll
2012-12-30 19:20:44 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdtat.dll
2012-12-30 19:20:44 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdru1.dll
2012-12-30 19:20:44 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdru.dll
2012-12-30 19:20:44 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdmon.dll
2012-12-30 19:20:44 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdkyr.dll
2012-12-30 19:20:44 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdkaz.dll
2012-12-30 19:20:44 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdbu.dll
2012-12-30 19:20:44 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdblr.dll
2012-12-30 19:20:44 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdaze.dll
2012-12-30 19:20:44 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdycc.dll
2012-12-30 19:20:44 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbduzb.dll
2012-12-30 19:20:44 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdur.dll
2012-12-30 19:20:44 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdtat.dll
2012-12-30 19:20:44 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdru1.dll
2012-12-30 19:20:44 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdru.dll
2012-12-30 19:20:44 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdmon.dll
2012-12-30 19:20:44 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdkyr.dll
2012-12-30 19:20:44 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdkaz.dll
2012-12-30 19:20:44 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdbu.dll
2012-12-30 19:20:44 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdblr.dll
2012-12-30 19:20:44 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdaze.dll
2012-12-30 19:20:44 22016 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\agt0408.dll
2012-12-30 19:20:42 8192 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdhept.dll
2012-12-30 19:20:42 8192 ----a-r- [7-8] C:\WINDOWS\system32\kbdhept.dll
2012-12-30 19:20:42 66594 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_869.nls
2012-12-30 19:20:42 66594 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_737.nls
2012-12-30 19:20:42 66594 ----a-w- [--8] C:\WINDOWS\system32\c_869.nls
2012-12-30 19:20:42 66594 ----a-w- [--8] C:\WINDOWS\system32\c_737.nls
2012-12-30 19:20:42 6656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdhela3.dll
2012-12-30 19:20:42 6656 ----a-r- [7-8] C:\WINDOWS\system32\kbdhela3.dll
2012-12-30 19:20:42 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_875.nls
2012-12-30 19:20:42 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_28597.nls
2012-12-30 19:20:42 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10006.nls
2012-12-30 19:20:42 66082 ----a-w- [--8] C:\WINDOWS\system32\c_875.nls
2012-12-30 19:20:42 66082 ----a-w- [--8] C:\WINDOWS\system32\C_28597.NLS
2012-12-30 19:20:42 66082 ----a-w- [--8] C:\WINDOWS\system32\c_10006.nls
2012-12-30 19:20:42 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdhela2.dll
2012-12-30 19:20:42 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdgkl.dll
2012-12-30 19:20:42 6144 ----a-r- [7-8] C:\WINDOWS\system32\kbdhela2.dll
2012-12-30 19:20:42 6144 ----a-r- [7-8] C:\WINDOWS\system32\kbdgkl.dll
2012-12-30 19:20:42 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdhe319.dll
2012-12-30 19:20:42 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdhe220.dll
2012-12-30 19:20:42 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdhe.dll
2012-12-30 19:20:42 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdhe319.dll
2012-12-30 19:20:42 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdhe220.dll
2012-12-30 19:20:42 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdhe.dll
2012-12-30 19:20:41 66594 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_866.nls
2012-12-30 19:20:41 66594 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_855.nls
2012-12-30 19:20:41 66594 ----a-w- [--8] C:\WINDOWS\system32\c_866.nls
2012-12-30 19:20:41 66594 ----a-w- [--8] C:\WINDOWS\system32\c_855.nls
2012-12-30 19:20:41 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_28594.nls
2012-12-30 19:20:41 66082 ----a-w- [--8] C:\WINDOWS\system32\C_28594.NLS
2012-12-30 19:20:41 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdlv1.dll
2012-12-30 19:20:41 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdlv.dll
2012-12-30 19:20:41 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdest.dll
2012-12-30 19:20:41 6144 ----a-r- [7-8] C:\WINDOWS\system32\kbdlv1.dll
2012-12-30 19:20:41 6144 ----a-r- [7-8] C:\WINDOWS\system32\kbdlv.dll
2012-12-30 19:20:41 6144 ----a-r- [7-8] C:\WINDOWS\system32\kbdest.dll
2012-12-30 19:20:41 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdlt1.dll
2012-12-30 19:20:41 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdlt.dll
2012-12-30 19:20:41 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdlt1.dll
2012-12-30 19:20:41 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdlt.dll
2012-12-30 19:20:40 3094 ----a-w- [---] C:\WINDOWS\regopt.log
2012-12-30 19:20:39 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20127.nls
2012-12-30 19:20:39 66082 ----a-w- [--8] C:\WINDOWS\system32\c_20127.nls
2012-12-30 19:20:38 19968 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\agt040e.dll
2012-12-30 19:20:38 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\agt0415.dll
2012-12-30 19:20:38 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\agt0405.dll
2012-12-30 19:20:37 7168 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdcz.dll
2012-12-30 19:20:37 7168 ----a-w- [7-8] C:\WINDOWS\system32\kbdcz.dll
2012-12-30 19:20:37 6656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdycl.dll
2012-12-30 19:20:37 6656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdsl1.dll
2012-12-30 19:20:37 6656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdsl.dll
2012-12-30 19:20:37 6656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdhu.dll
2012-12-30 19:20:37 6656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdcz2.dll
2012-12-30 19:20:37 6656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdcz1.dll
2012-12-30 19:20:37 6656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdcr.dll
2012-12-30 19:20:37 6656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdal.dll
2012-12-30 19:20:37 6656 ----a-w- [7-8] C:\WINDOWS\system32\kbdycl.dll
2012-12-30 19:20:37 6656 ----a-w- [7-8] C:\WINDOWS\system32\kbdsl1.dll
2012-12-30 19:20:37 6656 ----a-w- [7-8] C:\WINDOWS\system32\kbdsl.dll
2012-12-30 19:20:37 6656 ----a-w- [7-8] C:\WINDOWS\system32\kbdhu.dll
2012-12-30 19:20:37 6656 ----a-w- [7-8] C:\WINDOWS\system32\kbdcz2.dll
2012-12-30 19:20:37 6656 ----a-w- [7-8] C:\WINDOWS\system32\kbdcz1.dll
2012-12-30 19:20:37 6656 ----a-w- [7-8] C:\WINDOWS\system32\kbdcr.dll
2012-12-30 19:20:37 6656 ----a-w- [7-8] C:\WINDOWS\system32\KBDAL.DLL
2012-12-30 19:20:37 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdro.dll
2012-12-30 19:20:37 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdhu1.dll
2012-12-30 19:20:37 5632 ----a-w- [7-8] C:\WINDOWS\system32\kbdro.dll
2012-12-30 19:20:37 5632 ----a-w- [7-8] C:\WINDOWS\system32\kbdhu1.dll
2012-12-30 19:20:36 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10082.nls
2012-12-30 19:20:36 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10029.nls
2012-12-30 19:20:36 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10010.nls
2012-12-30 19:20:36 66082 ----a-w- [--8] C:\WINDOWS\system32\c_10082.nls
2012-12-30 19:20:36 66082 ----a-w- [--8] C:\WINDOWS\system32\c_10029.nls
2012-12-30 19:20:36 66082 ----a-w- [--8] C:\WINDOWS\system32\c_10010.nls
2012-12-30 19:20:36 13312 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\irclass.dll
2012-12-30 19:20:36 13312 ----a-w- [7-8] C:\WINDOWS\system32\irclass.dll
2012-12-30 19:20:35 9168 ----a-w- [7-8] C:\WINDOWS\system\VER.DLL
2012-12-30 19:20:35 85532 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\dgsetup.dll
2012-12-30 19:20:35 85532 ----a-w- [7-8] C:\WINDOWS\system32\dgsetup.dll
2012-12-30 19:20:35 4096 ----a-w- [7-8] C:\WINDOWS\system\TIMER.DRV
2012-12-30 19:20:35 3360 ----a-w- [7-8] C:\WINDOWS\system\SYSTEM.DRV
2012-12-30 19:20:35 24661 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\spxcoins.dll
2012-12-30 19:20:35 24661 ----a-w- [7-8] C:\WINDOWS\system32\spxcoins.dll
2012-12-30 19:20:35 2176 ----a-w- [7-8] C:\WINDOWS\system\VGA.DRV
2012-12-30 19:20:35 19200 ----a-w- [7-8] C:\WINDOWS\system\TAPI.DLL
2012-12-30 19:20:35 176157 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\dgrpsetu.dll
2012-12-30 19:20:35 176157 ----a-w- [7-8] C:\WINDOWS\system32\dgrpsetu.dll
2012-12-30 19:20:35 1744 ----a-w- [7-8] C:\WINDOWS\system\SOUND.DRV
2012-12-30 19:20:35 13600 ----a-w- [7-8] C:\WINDOWS\system\WFWNET.DRV
2012-12-30 19:20:35 103424 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\eqnclass.dll
2012-12-30 19:20:35 103424 ----a-w- [7-8] C:\WINDOWS\system32\EqnClass.Dll
2012-12-30 19:20:34 9936 ----a-w- [7-8] C:\WINDOWS\system\LZEXPAND.DLL
2012-12-30 19:20:34 83456 ----a-w- [7-8] C:\WINDOWS\system\OLECLI.DLL
2012-12-30 19:20:34 73616 ----a-w- [7-8] C:\WINDOWS\system\MCIAVI.DRV
2012-12-30 19:20:34 5120 ----a-w- [7-8] C:\WINDOWS\system\SHELL.DLL
2012-12-30 19:20:34 33376 ----a-w- [7-8] C:\WINDOWS\system\COMMDLG.DLL
2012-12-30 19:20:34 28160 ----a-w- [7-8] C:\WINDOWS\system\MCIWAVE.DRV
2012-12-30 19:20:34 25296 ----a-w- [7-8] C:\WINDOWS\system\MCISEQ.DRV
2012-12-30 19:20:34 24064 ----a-w- [7-8] C:\WINDOWS\system\OLESVR.DLL
2012-12-30 19:20:34 2032 ----a-w- [7-8] C:\WINDOWS\system\MOUSE.DRV
2012-12-30 19:20:34 2000 ----a-w- [7-8] C:\WINDOWS\system\KEYBOARD.DRV
2012-12-30 19:20:34 127008 ----a-w- [7-8] C:\WINDOWS\system\MSVIDEO.DLL
2012-12-30 19:20:34 1152 ----a-w- [7-8] C:\WINDOWS\system\MMTASK.TSK
2012-12-30 19:20:33 8704 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\batt.dll
2012-12-30 19:20:33 8704 ----a-w- [7-8] C:\WINDOWS\system32\batt.dll
2012-12-30 19:20:33 70096 ----a-w- [7-8] C:\WINDOWS\system\AVICAP.DLL
2012-12-30 19:20:33 1734 ----a-w- [---] C:\WINDOWS\system32\AUTOEXEC.NT
2012-12-30 19:20:33 15360 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\taskman.exe
2012-12-30 19:20:33 15360 ----a-w- [7-8] C:\WINDOWS\TASKMAN.EXE
2012-12-30 19:20:33 11264 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\irenum.sys
2012-12-30 19:20:33 11264 ----a-w- [7-8] C:\WINDOWS\system32\drivers\irenum.sys
2012-12-30 19:20:33 109488 ----a-w- [7-8] C:\WINDOWS\system\AVIFILE.DLL
2012-12-30 19:20:32 70144 ----a-w- [7-8] C:\WINDOWS\NOTEPAD.EXE
2012-12-30 19:20:32 69552 ----a-w- [7-8] C:\WINDOWS\system\MMSYSTEM.DLL
2012-12-30 19:20:32 146432 ----a-w- [7-8] C:\WINDOWS\system\WINSPOOL.DRV
2012-12-30 19:20:31 75776 ----a-w- [7-8] C:\WINDOWS\system32\storprop.dll
2012-12-30 19:20:21 7382 -c--a-w-[---] C:\WINDOWS\system32\dllcache\OEMBIOS.CAT
2012-12-30 19:20:21 7245 -c--a-w-[---] C:\WINDOWS\system32\dllcache\MSTSWEB.CAT
2012-12-30 19:20:21 31965 -c--a-w-[---] C:\WINDOWS\system32\dllcache\mediactr.cat
2012-12-30 19:20:21 141702 -c--a-w-[---] C:\WINDOWS\system32\dllcache\netfx.cat
2012-12-30 19:20:21 102826 -c--a-w-[---] C:\WINDOWS\system32\dllcache\tabletpc.cat
2012-12-30 19:20:20 9581 -c--a-w-[---] C:\WINDOWS\system32\dllcache\MSMSGS.CAT
2012-12-30 19:20:20 8599 -c--a-w-[---] C:\WINDOWS\system32\dllcache\IASNT4.CAT
2012-12-30 19:20:20 808524 -c--a-w-[---] C:\WINDOWS\system32\dllcache\NT5IIS.CAT
2012-12-30 19:20:20 7334 -c--a-w-[---] C:\WINDOWS\system32\dllcache\wmerrenu.cat
2012-12-30 19:20:20 399670 -c--a-w-[---] C:\WINDOWS\system32\dllcache\MAPIMIG.CAT
2012-12-30 19:20:20 37509 -c--a-w-[---] C:\WINDOWS\system32\dllcache\MW770.CAT
2012-12-30 19:20:20 30983 -c--a-w-[---] C:\WINDOWS\system32\dllcache\FP4.CAT
2012-12-30 19:20:20 14043 -c--a-w-[---] C:\WINDOWS\system32\dllcache\IMS.CAT
2012-12-30 19:20:20 13497 -c--a-w-[---] C:\WINDOWS\system32\dllcache\HPCRDP.CAT
2012-12-30 19:20:20 1086058 -c--a-w-[---] C:\WINDOWS\system32\dllcache\NTPRINT.CAT
2012-12-30 19:20:19 620500 -c--a-w-[---] C:\WINDOWS\system32\dllcache\NT5INF.CAT
2012-12-30 19:20:19 1896400 -c--a-w-[---] C:\WINDOWS\system32\dllcache\NT5.CAT
2012-12-30 19:20:19 1014483 -c--a-w-[---] C:\WINDOWS\system32\dllcache\SP2.CAT
2012-12-30 19:20:06 -------- d-----w- [---] C:\WINDOWS\system32\CatRoot2
2012-12-30 19:20:06 -------- d-----w- [---] C:\WINDOWS\system32\CatRoot
2012-12-30 19:20:00 442351 ----a-w- [---] C:\WINDOWS\setupapi.log
2012-12-30 19:19:48 195462 ----a-w- [---] C:\WINDOWS\setupact.log
2012-12-30 19:19:48 0 ----a-w- [---] C:\WINDOWS\setuperr.log
2012-12-30 19:19:45 711820 ----a-w- [---] C:\WINDOWS\setuplog.txt
2012-12-30 19:19:41 -------- d-----w- [---] C:\Documents and Settings
2012-12-30 19:19:41 -------- d-----w- [---] \Documents and Settings
2012-12-30 19:19:40 121336 ----a-w- [---] C:\WINDOWS\system32\FNTCACHE.DAT
2012-12-30 19:19:40 -------- d-sh--w- [---] C:\System Volume Information
2012-12-30 19:19:40 -------- d-sh--w- [---] \System Volume Information
2012-12-30 19:18:25 211 --sh--w- [---] C:\boot.ini
2012-12-30 19:18:25 211 --sh--w- [---] \boot.ini
2012-12-30 19:18:21 261 ----a-w- [---] C:\WINDOWS\system32\$winnt$.inf
2012-12-30 19:16:15 -------- d-----w- [---] C:\WINDOWS\OPTIONS
2012-12-30 19:13:50 -------- dcsh--r- [---] C:\WINDOWS\system32\dllcache
2012-12-30 19:13:50 -------- d-s---r- [---] C:\WINDOWS\Fonts
2012-12-30 19:13:50 -------- d--h--w- [---] C:\WINDOWS\inf
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\WinSxS
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\twain_32
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\Temp
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\wins
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\wbem\xml
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\wbem\Repository
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\wbem\mof
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\wbem\Logs
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\wbem
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\usmt
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\spool
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\ShellExt
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\Setup
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\ras
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\oobe
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\npp
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\mui
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\inetsrv
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\IME
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\icsxml
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\ias
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\export
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\drivers\etc
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\drivers\disdn
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\drivers
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\dhcp
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\config
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\3com_dmi
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\3076
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\2052
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\1054
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\1045
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\1042
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\1041
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\1037
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\1033
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\1031
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\1028
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\1025
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\security
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\Resources
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\repair
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\Provisioning
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\PeerNet
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\pchealth
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\mui
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\msapps
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\msagent
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\Media
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\java
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\ime
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\Help
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\ehome
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\Driver Cache
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\Debug
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\Cursors
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\Connection Wizard
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\Config
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\AppPatch
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\addins
2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS
2012-12-30 19:13:50 -------- d-----w- [---] \WINDOWS
2012-12-30 19:13:50 -------- d-----r- [---] C:\WINDOWS\Web
2012-12-30 19:13:48 49152 ----a-w- [---] C:\WINDOWS\system32\ChCfg.exe
2012-12-30 19:13:35 4017536 ----a-r- [7--] C:\WINDOWS\system32\drivers\alcxwdm.sys
2012-12-30 19:13:26 -------- d-----w- [---] C:\Program Files\Realtek Sound Manager
2012-12-30 19:13:25 164 ----a-w- [---] C:\WINDOWS\avrack.ini
2012-12-30 19:13:25 104 ----a-w- [---] C:\WINDOWS\APSetup.log
2012-12-30 19:13:25 -------- d-----w- [---] C:\Program Files\AvRack
2012-12-30 19:13:11 -------- d-----w- [---] C:\Program Files\Realtek AC97
2012-12-30 19:13:06 141016 ----a-w- [---] C:\WINDOWS\system32\alsndmgr.wav
2012-12-30 19:13:06 10528768 ----a-w- [7--] C:\WINDOWS\system32\RTLCPL.exe
2012-12-30 19:13:02 577536 ----a-w- [7--] C:\WINDOWS\soundman.exe
2012-12-30 19:13:02 18804736 ----a-w- [7--] C:\WINDOWS\system32\alsndmgr.cpl
2012-12-30 19:13:02 143360 ----a-w- [7--] C:\WINDOWS\system32\RtlCPAPI.dll
2012-12-30 19:12:59 315392 ----a-w- [---] C:\WINDOWS\alcupd.exe
2012-12-30 19:12:59 217088 ----a-w- [7--] C:\WINDOWS\Alcrmv.exe
2012-12-30 19:10:56 -------- d-----w- [---] C:\Program Files\Intel
2012-12-30 19:10:05 537 ----a-w- [---] C:\WINDOWS\chipset.log
2012-12-30 19:10:05 -------- d--h--w- [---] C:\Program Files\InstallShield Installation Information
2012-12-30 19:09:28 -------- d-----w- [---] C:\Program Files\Common Files\InstallShield
2012-12-30 19:09:10 167936 ----a-w- [7--] C:\WINDOWS\system32\igfxres.dll
2012-12-30 19:09:10 -------- d-----w- [---] C:\Intel
2012-12-30 19:09:10 -------- d-----w- [---] \Intel
2012-12-30 19:08:03 -------- d-----w- [---] C:\WINDOWS\system32\ReinstallBackups
2012-12-30 19:07:04 724221 ----a-w- [7--] C:\WINDOWS\system32\drivers\ialmnt5.sys
2012-12-30 19:07:04 114688 ----a-w- [7--] C:\WINDOWS\system32\igfxzoom.exe
2012-12-30 19:07:03 99388 ----a-w- [7--] C:\WINDOWS\system32\ialmdnt5.dll
2012-12-30 19:07:03 86016 ----a-w- [7--] C:\WINDOWS\system32\igfxdo.dll
2012-12-30 19:07:03 748091 ----a-w- [7--] C:\WINDOWS\system32\ialmdd5.dll
2012-12-30 19:07:03 61440 ----a-w- [7--] C:\WINDOWS\system32\iAlmCoIn_v3865.dll
2012-12-30 19:07:03 495616 ----a-w- [7--] C:\WINDOWS\system32\ialmgdev.dll
2012-12-30 19:07:03 49152 ----a-w- [7--] C:\WINDOWS\system32\ialmrem.dll
2012-12-30 19:07:03 487424 ----a-w- [7--] C:\WINDOWS\system32\igfxcfg.exe
2012-12-30 19:07:03 45056 ----a-w- [7--] C:\WINDOWS\system32\igfxdgps.dll
2012-12-30 19:07:03 37951 ----a-w- [7--] C:\WINDOWS\system32\ialmrnt5.dll
2012-12-30 19:07:03 36864 ----a-w- [7--] C:\WINDOWS\system32\igfxexps.dll
2012-12-30 19:07:03 344064 ----a-w- [7--] C:\WINDOWS\system32\igfxsrvc.dll
2012-12-30 19:07:03 2285568 ----a-w- [7--] C:\WINDOWS\system32\ialmgicd.dll
2012-12-30 19:07:03 225280 ----a-w- [7--] C:\WINDOWS\system32\igfxpph.dll
2012-12-30 19:07:03 221184 ----a-w- [7--] C:\WINDOWS\system32\igfxeud.dll
2012-12-30 19:07:03 155648 ----a-w- [7--] C:\WINDOWS\system32\igfxtray.exe
2012-12-30 19:07:03 151552 ----a-w- [7--] C:\WINDOWS\system32\igfxdiag.exe
2012-12-30 19:07:03 151259 ----a-w- [7--] C:\WINDOWS\system32\ialmdev5.dll
2012-12-30 19:07:03 139264 ----a-w- [7--] C:\WINDOWS\system32\igfxdev.dll
2012-12-30 19:07:03 126976 ----a-w- [7--] C:\WINDOWS\system32\igfxhk.dll
2012-12-30 19:07:03 118784 ----a-w- [7--] C:\WINDOWS\system32\hkcmd.exe
2012-12-30 19:07:03 118784 ----a-w- [7--] C:\WINDOWS\system32\hccutils.dll
2012-12-30 19:07:03 1097728 ----a-w- [7--] C:\WINDOWS\system32\igfxress.dll
2012-12-30 19:07:03 106496 ----a-w- [7--] C:\WINDOWS\system32\igfxext.exe
2012-12-30 19:07:02 94208 ----a-w- [7--] C:\WINDOWS\system32\igfxcpl.cpl
2012-12-30 19:07:02 67380 ----a-w- [---] C:\WINDOWS\system32\igfxhhun.lhp
2012-12-30 19:07:02 65087 ----a-w- [---] C:\WINDOWS\system32\igfxhkor.lhp
2012-12-30 19:07:02 63938 ----a-w- [---] C:\WINDOWS\system32\igfxhtrk.lhp
2012-12-30 19:07:02 62815 ----a-w- [---] C:\WINDOWS\system32\igfxhplk.lhp
2012-12-30 19:07:02 62509 ----a-w- [---] C:\WINDOWS\system32\igfxhdeu.lhp
2012-12-30 19:07:02 61984 ----a-w- [---] C:\WINDOWS\system32\igfxhsve.lhp
2012-12-30 19:07:02 61950 ----a-w- [---] C:\WINDOWS\system32\igfxhfrc.lhp
2012-12-30 19:07:02 61869 ----a-w- [---] C:\WINDOWS\system32\igfxhtha.lhp
2012-12-30 19:07:02 61799 ----a-w- [---] C:\WINDOWS\system32\igfxhfin.lhp
2012-12-30 19:07:02 61511 ----a-w- [---] C:\WINDOWS\system32\igfxhfra.lhp
2012-12-30 19:07:02 61388 ----a-w- [---] C:\WINDOWS\system32\igfxhptg.lhp
2012-12-30 19:07:02 60848 ----a-w- [---] C:\WINDOWS\system32\igfxhesp.lhp
2012-12-30 19:07:02 60758 ----a-w- [---] C:\WINDOWS\system32\igfxhjpn.lhp
2012-12-30 19:07:02 60547 ----a-w- [---] C:\WINDOWS\system32\igfxhell.lhp
2012-12-30 19:07:02 60476 ----a-w- [---] C:\WINDOWS\system32\igfxhdan.lhp
2012-12-30 19:07:02 60436 ----a-w- [---] C:\WINDOWS\system32\igfxhptb.lhp
2012-12-30 19:07:02 60216 ----a-w- [---] C:\WINDOWS\system32\igfxhrus.lhp
2012-12-30 19:07:02 59861 ----a-w- [---] C:\WINDOWS\system32\igfxharb.lhp
2012-12-30 19:07:02 59760 ----a-w- [---] C:\WINDOWS\system32\igfxhcsy.lhp
2012-12-30 19:07:02 59753 ----a-w- [---] C:\WINDOWS\system32\igfxhara.lhp
2012-12-30 19:07:02 59448 ----a-w- [---] C:\WINDOWS\system32\igfxhnld.lhp
2012-12-30 19:07:02 59350 ----a-w- [---] C:\WINDOWS\system32\igfxhnor.lhp
2012-12-30 19:07:02 59095 ----a-w- [---] C:\WINDOWS\system32\igfxhita.lhp
2012-12-30 19:07:02 59064 ----a-w- [---] C:\WINDOWS\system32\igfxhheb.lhp
2012-12-30 19:07:02 58394 ----a-w- [---] C:\WINDOWS\system32\igfxhcht.lhp
2012-12-30 19:07:02 57559 ----a-w- [---] C:\WINDOWS\system32\igfxheng.lhp
2012-12-30 19:07:02 57430 ----a-w- [---] C:\WINDOWS\system32\igfxhchs.lhp
2012-12-30 19:07:02 56937 ----a-w- [---] C:\WINDOWS\system32\igfxhenu.lhp
2012-12-30 19:07:02 172032 ----a-w- [7--] C:\WINDOWS\system32\igfxresp.lrc
2012-12-30 19:07:02 172032 ----a-w- [7--] C:\WINDOWS\system32\igfxrell.lrc
2012-12-30 19:07:02 167936 ----a-w- [7--] C:\WINDOWS\system32\igfxrrus.lrc
2012-12-30 19:07:02 167936 ----a-w- [7--] C:\WINDOWS\system32\igfxrptg.lrc
2012-12-30 19:07:02 167936 ----a-w- [7--] C:\WINDOWS\system32\igfxrptb.lrc
2012-12-30 19:07:02 167936 ----a-w- [7--] C:\WINDOWS\system32\igfxrplk.lrc
2012-12-30 19:07:02 167936 ----a-w- [7--] C:\WINDOWS\system32\igfxrnld.lrc
2012-12-30 19:07:02 167936 ----a-w- [7--] C:\WINDOWS\system32\igfxrita.lrc
2012-12-30 19:07:02 167936 ----a-w- [7--] C:\WINDOWS\system32\igfxrhun.lrc
2012-12-30 19:07:02 167936 ----a-w- [7--] C:\WINDOWS\system32\igfxrfrc.lrc
2012-12-30 19:07:02 167936 ----a-w- [7--] C:\WINDOWS\system32\igfxrfra.lrc
2012-12-30 19:07:02 163840 ----a-w- [7--] C:\WINDOWS\system32\igfxrtrk.lrc
2012-12-30 19:07:02 163840 ----a-w- [7--] C:\WINDOWS\system32\igfxrtha.lrc
2012-12-30 19:07:02 163840 ----a-w- [7--] C:\WINDOWS\system32\igfxrsve.lrc
2012-12-30 19:07:02 163840 ----a-w- [7--] C:\WINDOWS\system32\igfxrnor.lrc
2012-12-30 19:07:02 163840 ----a-w- [7--] C:\WINDOWS\system32\igfxrfin.lrc
2012-12-30 19:07:02 163840 ----a-w- [7--] C:\WINDOWS\system32\igfxrdeu.lrc
2012-12-30 19:07:02 163840 ----a-w- [7--] C:\WINDOWS\system32\igfxrdan.lrc
2012-12-30 19:07:02 163840 ----a-w- [7--] C:\WINDOWS\system32\igfxrcsy.lrc
2012-12-30 19:07:02 159744 ----a-w- [7--] C:\WINDOWS\system32\igfxrkor.lrc
2012-12-30 19:07:02 159744 ----a-w- [7--] C:\WINDOWS\system32\igfxrjpn.lrc
2012-12-30 19:07:02 159744 ----a-w- [7--] C:\WINDOWS\system32\igfxrheb.lrc
2012-12-30 19:07:02 159744 ----a-w- [7--] C:\WINDOWS\system32\igfxrenu.lrc
2012-12-30 19:07:02 159744 ----a-w- [7--] C:\WINDOWS\system32\igfxreng.lrc
2012-12-30 19:07:02 159744 ----a-w- [7--] C:\WINDOWS\system32\igfxrcht.lrc
2012-12-30 19:07:02 159744 ----a-w- [7--] C:\WINDOWS\system32\igfxrchs.lrc
2012-12-30 19:07:02 159744 ----a-w- [7--] C:\WINDOWS\system32\igfxrarb.lrc
2012-12-30 19:07:02 159744 ----a-w- [7--] C:\WINDOWS\system32\igfxrara.lrc
2012-12-30 19:05:08 -------- d-----w- [---] C:\Documents and Settings\Administrator\Dane aplikacji\Identities
2012-12-30 19:05:04 -------- d--h--w- [---] C:\Program Files\Uninstall Information
2012-12-30 19:04:54 0 ----a-w- [---] C:\WINDOWS\0.log
2012-12-30 19:04:53 188 --sh--w- [---] C:\Documents and Settings\Administrator\ntuser.ini
2012-12-30 19:04:52 62 --sha-w- [---] C:\Documents and Settings\Administrator\Dane aplikacji\desktop.ini
2012-12-30 19:04:52 1024 ---ha-w- [---] C:\Documents and Settings\Administrator\ntuser.dat.LOG
2012-12-30 19:04:51 1048576 ---ha-w- [---] C:\Documents and Settings\Administrator\NTUSER.DAT
2012-12-30 19:04:51 -------- d-s---w- [---] C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft
2012-12-30 19:04:51 -------- d-s---w- [---] C:\Documents and Settings\Administrator\Cookies
2012-12-30 19:04:51 -------- d--h--w- [---] C:\Documents and Settings\Administrator\Ustawienia lokalne
2012-12-30 19:04:51 -------- d--h--w- [---] C:\Documents and Settings\Administrator\Szablony
2012-12-30 19:04:51 -------- d--h--w- [---] C:\Documents and Settings\Administrator\PrintHood
2012-12-30 19:04:51 -------- d--h--w- [---] C:\Documents and Settings\Administrator\NetHood
2012-12-30 19:04:51 -------- d--h--r- [---] C:\Documents and Settings\Administrator\SendTo
2012-12-30 19:04:51 -------- d--h--r- [---] C:\Documents and Settings\Administrator\Recent
2012-12-30 19:04:51 -------- d--h--r- [---] C:\Documents and Settings\Administrator\Dane aplikacji
2012-12-30 19:04:51 -------- d-----w- [---] C:\Documents and Settings\Administrator\Pulpit
2012-12-30 19:04:51 -------- d-----r- [---] C:\Documents and Settings\Administrator\Ulubione
2012-12-30 19:04:51 -------- d-----r- [---] C:\Documents and Settings\Administrator\Moje dokumenty
2012-12-30 19:04:51 -------- d-----r- [---] C:\Documents and Settings\Administrator\Menu Start
2012-12-30 19:04:42 -------- d-----w- [---] C:\WINDOWS\SoftwareDistribution
2012-12-30 19:03:31 6 ---ha-w- [---] C:\WINDOWS\Tasks\SA.DAT
2012-12-30 19:03:31 32562 ----a-w- [---] C:\WINDOWS\SchedLgU.Txt
2012-12-30 19:03:31 -------- d-s---w- [---] C:\WINDOWS\system32\Microsoft
2012-12-30 19:03:31 -------- d-----w- [---] C:\WINDOWS\Prefetch
2012-12-30 19:03:24 8192 ----a-w- [---] C:\WINDOWS\REGLOCS.OLD
2012-12-30 19:02:20 2048 --s-a-w- [---] C:\WINDOWS\bootstat.dat
2012-12-30 19:02:10 28288 -c--a-w-[---] C:\WINDOWS\system32\dllcache\xjis.nls
2012-12-30 19:02:02 156672 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\winzm.ime
2012-12-30 19:02:02 156672 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\winsp.ime
2012-12-30 19:02:02 156672 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\winpy.ime
2012-12-30 19:02:01 69120 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wingb.ime
2012-12-30 19:02:01 65536 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\winime.ime
2012-12-30 19:02:00 79360 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\winar30.ime
2012-12-30 19:01:59 41600 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\weitekp9.dll
2012-12-30 19:01:59 31360 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\weitekp9.sys
2012-12-30 19:01:58 53248 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wamreg51.dll
2012-12-30 19:01:57 9216 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wamps51.dll
2012-12-30 19:01:57 77312 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wam51.dll
2012-12-30 19:01:57 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\w3svapi.dll
2012-12-30 19:01:57 366080 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\w3svc.dll
2012-12-30 19:01:56 86073 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\voicesub.dll
2012-12-30 19:01:56 74240 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\w3ext.dll
2012-12-30 19:01:56 48256 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\w32.dll
2012-12-30 19:01:56 4608 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\w3ctrs51.dll
2012-12-30 19:01:55 426041 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\voicepad.dll
2012-12-30 19:01:53 76288 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\uniime.dll
2012-12-30 19:01:53 65024 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\unicdime.ime
2012-12-30 19:01:52 14336 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tsprof.exe
2012-12-30 19:01:52 103936 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\uihelper.dll
2012-12-30 19:01:50 455168 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tintsetp.exe
2012-12-30 19:01:50 44032 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tintlphr.exe
2012-12-30 19:01:50 31232 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tools.dll
2012-12-30 19:01:50 10240 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tmigrate.dll
2012-12-30 19:01:49 571392 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tintlgnt.ime
2012-12-30 19:01:49 185344 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\thawbrkr.dll
2012-12-30 19:01:48 21896 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tdipx.sys
2012-12-30 19:01:48 19464 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tdspx.sys
2012-12-30 19:01:48 13192 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tdasync.sys
2012-12-30 19:01:46 47104 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\svcext51.dll
2012-12-30 19:01:45 46592 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sspifilt.dll
2012-12-30 19:01:45 45056 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\ssinc51.dll
2012-12-30 19:01:45 16896 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\status.dll
2012-12-30 19:01:44 101376 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\srusbusd.dll
2012-12-30 19:01:42 8704 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\snmptrap.exe
2012-12-30 19:01:42 7168 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\EXCH_snprfdll.dll
2012-12-30 19:01:42 143422 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\softkey.dll
2012-12-30 19:01:41 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\snmpmib.dll
2012-12-30 19:01:41 40448 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\snmpthrd.dll
2012-12-30 19:01:41 358400 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\snmpincl.dll
2012-12-30 19:01:41 259072 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\snmpcl.dll
2012-12-30 19:01:41 188416 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\snmpsmir.dll
2012-12-30 19:01:41 10240 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\snmpstup.dll
2012-12-30 19:01:40 464384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\smtpsvc.dll
2012-12-30 19:01:40 32256 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\snmp.exe
2012-12-30 19:01:40 12800 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\EXCH_smtpctrs.dll
2012-12-30 19:01:39 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\smimsgif.dll
2012-12-30 19:01:39 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\smierrsy.dll
2012-12-30 19:01:39 31744 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\smb6w.dll
2012-12-30 19:01:39 236544 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\smi2smir.exe
2012-12-30 19:01:39 15872 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\smierrsm.dll
2012-12-30 19:01:39 10752 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\smtpapi.dll
2012-12-30 19:01:38 38912 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sm9aw.dll
2012-12-30 19:01:38 31744 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sma3w.dll
2012-12-30 19:01:38 29184 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sm8cw.dll
2012-12-30 19:01:38 26624 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sm93w.dll
2012-12-30 19:01:38 26624 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sm92w.dll
2012-12-30 19:01:38 26112 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sm90w.dll
2012-12-30 19:01:38 26112 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sm8dw.dll
2012-12-30 19:01:38 26112 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sm8aw.dll
2012-12-30 19:01:37 30208 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sm87w.dll
2012-12-30 19:01:37 30208 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sm81w.dll
2012-12-30 19:01:37 26112 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sm89w.dll
2012-12-30 19:01:37 25088 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sm59w.dll
2012-12-30 19:01:37 18944 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\simptcp.dll
2012-12-30 19:01:33 26112 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\EXCH_seos.dll
2012-12-30 19:01:33 221696 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\seo.dll
2012-12-30 19:01:32 57856 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\EXCH_scripto.dll
2012-12-30 19:01:30 9728 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rwnh.dll
2012-12-30 19:01:30 80384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rwia330.dll
2012-12-30 19:01:30 80384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rwia001.dll
2012-12-30 19:01:30 26624 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rw330ext.dll
2012-12-30 19:01:30 25088 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rw001ext.dll
2012-12-30 19:01:29 4096 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rpcref.dll
2012-12-30 19:01:28 26112 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\romanime.ime
2012-12-30 19:01:28 23040 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\EXCH_regtrace.exe
2012-12-30 19:01:27 14848 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\register.exe
2012-12-30 19:01:26 20736 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\ramdisk.sys
2012-12-30 19:01:25 9728 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\query.exe
2012-12-30 19:01:25 77824 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\quick.ime
2012-12-30 19:01:25 16896 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\quser.exe
2012-12-30 19:01:24 7680 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\pwsdata.dll
2012-12-30 19:01:23 83748 -c--a-w-[---] C:\WINDOWS\system32\dllcache\prcp.nls
2012-12-30 19:01:23 83748 -c--a-w-[---] C:\WINDOWS\system32\dllcache\prc.nls
2012-12-30 19:01:23 131584 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\pmxviceo.dll
2012-12-30 19:01:22 70144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\pintlphr.exe
2012-12-30 19:01:22 67584 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\pmigrate.dll
2012-12-30 19:01:22 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\pmxgl.dll
2012-12-30 19:01:22 482304 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\pintlgnt.ime
2012-12-30 19:01:22 11264 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\pmxmcro.dll
2012-12-30 19:01:21 79360 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\phon.ime
2012-12-30 19:01:21 53760 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\pintlcsd.dll
2012-12-30 19:01:21 20992 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\permchk.dll
2012-12-30 19:01:21 175104 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\pintlcsa.dll
2012-12-30 19:01:20 31744 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\pagecnt.dll
2012-12-30 19:01:20 15360 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\padrs804.dll
2012-12-30 19:01:19 36927 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\padrs411.dll
2012-12-30 19:01:19 15872 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\padrs404.dll
2012-12-30 19:01:19 14336 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\padrs412.dll
2012-12-30 19:01:16 45056 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\nsepm.dll
2012-12-30 19:01:16 38912 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\EXCH_ntfsdrv.dll
2012-12-30 19:01:14 53248 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\nextlink.dll
2012-12-30 19:01:12 229439 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\multibox.dll
2012-12-30 19:01:12 111104 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mtstocom.exe
2012-12-30 19:01:08 40960 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msiregmv.exe
2012-12-30 19:01:07 98304 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msir3jp.dll
2012-12-30 19:01:07 1875968 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msir3jp.lex
2012-12-30 19:01:00 92416 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mga.sys
2012-12-30 19:01:00 92032 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mga.dll
2012-12-30 19:01:00 86016 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\metada51.dll
2012-12-30 19:01:00 7680 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\migregdb.exe
2012-12-30 19:00:59 37888 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\md5filt.dll
2012-12-30 19:00:59 26624 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mdsync.dll
2012-12-30 19:00:58 65536 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\EXCH_mailmsg.dll
2012-12-30 19:00:57 23040 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\lpdsvc.dll
2012-12-30 19:00:57 22016 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\logscrpt.dll
2012-12-30 19:00:57 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\lprmon.dll
2012-12-30 19:00:57 13312 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\lonsint.dll
2012-12-30 19:00:56 33792 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\lmmib2.dll
2012-12-30 19:00:55 70656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\korwbrkr.dll
2012-12-30 19:00:55 47066 -c--a-w-[---] C:\WINDOWS\system32\dllcache\ksc.nls
2012-12-30 19:00:55 1158818 -c--a-w-[---] C:\WINDOWS\system32\dllcache\korwbrkr.lex
2012-12-30 19:00:54 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdvntc.dll
2012-12-30 19:00:54 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdusa.dll
2012-12-30 19:00:54 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdurdu.dll
2012-12-30 19:00:53 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdth3.dll
2012-12-30 19:00:53 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdth2.dll
2012-12-30 19:00:53 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdth1.dll
2012-12-30 19:00:53 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdth0.dll
2012-12-30 19:00:53 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdsyr2.dll
2012-12-30 19:00:53 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdsyr1.dll
2012-12-30 19:00:52 9216 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdnecat.dll
2012-12-30 19:00:52 7680 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdnecnt.dll
2012-12-30 19:00:52 7168 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdnec95.dll
2012-12-30 19:00:52 6656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdlk41a.dll
2012-12-30 19:00:52 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdlk41j.dll
2012-12-30 19:00:51 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdinpun.dll
2012-12-30 19:00:51 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdintel.dll
2012-12-30 19:00:51 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdintam.dll
2012-12-30 19:00:51 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdinmar.dll
2012-12-30 19:00:51 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdinkan.dll
2012-12-30 19:00:51 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdinhin.dll
2012-12-30 19:00:51 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdinguj.dll
2012-12-30 19:00:51 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdindev.dll
2012-12-30 19:00:50 7168 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdibm02.dll
2012-12-30 19:00:50 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdheb.dll
2012-12-30 19:00:50 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdfa.dll
2012-12-30 19:00:50 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbddiv2.dll
2012-12-30 19:00:50 5120 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdgeo.dll
2012-12-30 19:00:49 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdax2.dll
2012-12-30 19:00:49 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbddiv1.dll
2012-12-30 19:00:49 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbda3.dll
2012-12-30 19:00:49 5120 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdarmw.dll
2012-12-30 19:00:49 5120 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdarme.dll
2012-12-30 19:00:48 9216 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iwrps.dll
2012-12-30 19:00:48 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbd106n.dll
2012-12-30 19:00:48 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbd101a.dll
2012-12-30 19:00:48 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbd101.dll
2012-12-30 19:00:48 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbda2.dll
2012-12-30 19:00:48 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbda1.dll
2012-12-30 19:00:48 18432 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\jupiw.dll
2012-12-30 19:00:47 7168 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\isapips.dll
2012-12-30 19:00:47 27136 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iscomlog.dll
2012-12-30 19:00:46 8704 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\infoctrs.dll
2012-12-30 19:00:46 35328 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iprip.dll
2012-12-30 19:00:45 315452 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imskf.dll
2012-12-30 19:00:45 257024 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\infocomm.dll
2012-12-30 19:00:45 15872 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\inetin51.exe
2012-12-30 19:00:44 59904 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imkrinst.exe
2012-12-30 19:00:44 59392 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imscinst.exe
2012-12-30 19:00:44 471102 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imskdic.dll
2012-12-30 19:00:44 45109 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjpuex.exe
2012-12-30 19:00:44 274489 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjputyc.dll
2012-12-30 19:00:44 262200 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjputy.exe
2012-12-30 19:00:44 102456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imlang.dll
2012-12-30 19:00:43 81976 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjpdct.dll
2012-12-30 19:00:43 307257 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjpdct.exe
2012-12-30 19:00:43 233527 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjprw.exe
2012-12-30 19:00:43 208952 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjpmig.exe
2012-12-30 19:00:43 196665 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjpinst.exe
2012-12-30 19:00:43 155705 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjpdsvr.exe
2012-12-30 19:00:42 811064 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjp81k.dll
2012-12-30 19:00:42 716856 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjpcus.dll
2012-12-30 19:00:42 57398 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjpdadm.exe
2012-12-30 19:00:42 368696 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjpcic.dll
2012-12-30 19:00:42 340023 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjp81.ime
2012-12-30 19:00:41 94720 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imekr61.ime
2012-12-30 19:00:41 86016 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imekrmbx.dll
2012-12-30 19:00:41 44032 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imekrmig.exe
2012-12-30 19:00:41 311359 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imepadsv.exe
2012-12-30 19:00:41 134339 -c--a-w-[---] C:\WINDOWS\system32\dllcache\imekr.lex
2012-12-30 19:00:41 106496 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imekrcic.dll
2012-12-30 19:00:41 102463 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imepadsm.dll
2012-12-30 19:00:40 79872 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iislog51.dll
2012-12-30 19:00:40 7168 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iisfecnv.dll
2012-12-30 19:00:40 6656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iissync.exe
2012-12-30 19:00:40 60928 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iisclex4.dll
2012-12-30 19:00:40 3584 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iismui.dll
2012-12-30 19:00:40 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iiscrmap.dll
2012-12-30 19:00:39 25088 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iisadmin.dll
2012-12-30 19:00:39 145408 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iische51.dll
2012-12-30 19:00:34 10129408 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\hwxkor.dll
2012-12-30 19:00:29 13463552 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\hwxjpn.dll
2012-12-30 19:00:25 8192 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\httpmb51.dll
2012-12-30 19:00:25 61440 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\httpod51.dll
2012-12-30 19:00:25 268288 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\httpext.dll
2012-12-30 19:00:25 10096640 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\hwxcht.dll
2012-12-30 19:00:24 39936 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\hostmib.dll
2012-12-30 19:00:23 36864 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\hanjadic.dll
2012-12-30 19:00:23 32256 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\gzip.dll
2012-12-30 19:00:23 108827 -c--a-w-[---] C:\WINDOWS\system32\dllcache\hanja.lex
2012-12-30 19:00:22 400896 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxsxp32.dll
2012-12-30 19:00:22 194560 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxswzrd.dll
2012-12-30 19:00:21 562688 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxsst.dll
2012-12-30 19:00:21 397312 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxstiff.dll
2012-12-30 19:00:21 31744 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxsroute.dll
2012-12-30 19:00:21 268288 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxssvc.exe
2012-12-30 19:00:21 246272 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxst30.dll
2012-12-30 19:00:21 155648 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxsui.dll
2012-12-30 19:00:21 11264 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxssend.exe
2012-12-30 19:00:20 8704 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxsperf.dll
2012-12-30 19:00:20 7168 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxsres.dll
2012-12-30 19:00:20 58880 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxsevent.dll
2012-12-30 19:00:20 285184 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxscomex.dll
2012-12-30 19:00:20 27136 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxsdrv.dll
2012-12-30 19:00:20 23552 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxsmon.dll
2012-12-30 19:00:20 23552 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxsext32.dll
2012-12-30 19:00:20 233472 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxscover.exe
2012-12-30 19:00:19 72192 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxscom.dll
2012-12-30 19:00:19 452096 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxsapi.dll
2012-12-30 19:00:19 143360 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxsclnt.exe
2012-12-30 19:00:19 137728 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxsclntr.dll
2012-12-30 19:00:19 126976 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\ftpsv251.dll
2012-12-30 19:00:19 112128 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxscfgwz.dll
2012-12-30 19:00:18 94208 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fpencode.dll
2012-12-30 19:00:18 7680 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\ftpctrs2.dll
2012-12-30 19:00:18 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\ftpmib.dll
2012-12-30 19:00:18 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\ftlx041e.dll
2012-12-30 19:00:17 618605 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fp4autl.dll
2012-12-30 19:00:17 24632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fpadmcgi.exe
2012-12-30 19:00:17 20541 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fpadmdll.dll
2012-12-30 19:00:17 14848 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\flattemp.exe
2012-12-30 19:00:16 7168 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\f3ahvoas.dll
2012-12-30 19:00:16 43520 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\EXCH_fcachdll.dll
2012-12-30 19:00:15 93184 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\evntwin.exe
2012-12-30 19:00:15 26112 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\evntcmd.exe
2012-12-30 19:00:15 14336 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\exstrace.dll
2012-12-30 19:00:15 105984 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\evntagnt.dll
2012-12-30 19:00:14 57856 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\esuimgd.dll
2012-12-30 19:00:14 45056 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\esunid.dll
2012-12-30 19:00:14 31744 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\esucmd.dll
2012-12-30 19:00:14 25856 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\et4000.sys
2012-12-30 19:00:13 514587 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\edb500.dll
2012-12-30 19:00:08 78848 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\dayi.ime
2012-12-30 19:00:08 42496 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\davcdata.exe
2012-12-30 19:00:06 57399 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cplexe.exe
2012-12-30 19:00:06 56832 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\convlog.exe
2012-12-30 19:00:06 20480 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\counters.dll
2012-12-30 19:00:06 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cprofile.exe
2012-12-30 19:00:05 33792 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\controt.dll
2012-12-30 19:00:05 24064 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\compfilt.dll
2012-12-30 19:00:03 56320 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\chtskdic.dll
2012-12-30 19:00:03 480256 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cintsetp.exe
2012-12-30 19:00:03 21504 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cintlgnt.ime
2012-12-30 19:00:03 198656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cintime.dll
2012-12-30 19:00:03 173568 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\chtskf.dll
2012-12-30 19:00:02 97792 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\chtmbx.dll
2012-12-30 19:00:02 838144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\chtbrkr.dll
2012-12-30 19:00:02 1677824 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\chsbrkr.dll
2012-12-30 19:00:01 9728 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\change.exe
2012-12-30 19:00:01 78336 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\chajei.ime
2012-12-30 19:00:01 15872 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\chgport.exe
2012-12-30 19:00:01 14848 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\chgusr.exe
2012-12-30 19:00:01 13824 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\chglogon.exe
2012-12-30 19:00:00 54528 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cap7146.sys
2012-12-30 18:59:59 66594 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_864.nls
2012-12-30 18:59:59 66594 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_862.nls
2012-12-30 18:59:59 6656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\c_is2022.dll
2012-12-30 18:59:59 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_870.nls
2012-12-30 18:59:59 218112 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\c_g18030.dll
2012-12-30 18:59:59 10752 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\c_iscii.dll
2012-12-30 18:59:58 66594 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_858.nls
2012-12-30 18:59:58 66594 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_720.nls
2012-12-30 18:59:58 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_708.nls
2012-12-30 18:59:58 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_28596.nls
2012-12-30 18:59:58 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_21027.nls
2012-12-30 18:59:57 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_21025.nls
2012-12-30 18:59:57 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20924.nls
2012-12-30 18:59:57 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20880.nls
2012-12-30 18:59:57 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20871.nls
2012-12-30 18:59:57 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20838.nls
2012-12-30 18:59:57 180770 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20932.nls
2012-12-30 18:59:57 177698 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20949.nls
2012-12-30 18:59:57 173602 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20936.nls
2012-12-30 18:59:56 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20833.nls
2012-12-30 18:59:56 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20424.nls
2012-12-30 18:59:56 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20423.nls
2012-12-30 18:59:56 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20420.nls
2012-12-30 18:59:56 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20297.nls
2012-12-30 18:59:56 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20290.nls
2012-12-30 18:59:56 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20285.nls
2012-12-30 18:59:56 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20284.nls
2012-12-30 18:59:56 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20280.nls
2012-12-30 18:59:55 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20278.nls
2012-12-30 18:59:55 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20277.nls
2012-12-30 18:59:55 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20273.nls
2012-12-30 18:59:55 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20269.nls
2012-12-30 18:59:55 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20108.nls
2012-12-30 18:59:55 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20107.nls
2012-12-30 18:59:55 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20106.nls
2012-12-30 18:59:55 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20105.nls
2012-12-30 18:59:54 189986 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_1361.nls
2012-12-30 18:59:54 187938 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20005.nls
2012-12-30 18:59:54 186402 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20001.nls
2012-12-30 18:59:54 185378 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20003.nls
2012-12-30 18:59:54 180258 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20004.nls
2012-12-30 18:59:54 180258 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20000.nls
2012-12-30 18:59:54 173602 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20002.nls
2012-12-30 18:59:53 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_1149.nls
2012-12-30 18:59:53 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_1148.nls
2012-12-30 18:59:53 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_1147.nls
2012-12-30 18:59:53 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_1146.nls
2012-12-30 18:59:53 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_1145.nls
2012-12-30 18:59:53 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_1144.nls
2012-12-30 18:59:53 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_1143.nls
2012-12-30 18:59:52 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_1142.nls
2012-12-30 18:59:52 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_1141.nls
2012-12-30 18:59:52 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_1140.nls
2012-12-30 18:59:52 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_1047.nls
2012-12-30 18:59:52 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10021.nls
2012-12-30 18:59:52 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10005.nls
2012-12-30 18:59:52 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10004.nls
2012-12-30 18:59:52 173602 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10008.nls
2012-12-30 18:59:51 45568 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\browscap.dll
2012-12-30 18:59:51 195618 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10002.nls
2012-12-30 18:59:51 177698 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10003.nls
2012-12-30 18:59:51 162850 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10001.nls
2012-12-30 18:59:50 82172 -c--a-w-[---] C:\WINDOWS\system32\dllcache\bopomofo.nls
2012-12-30 18:59:50 66728 -c--a-w-[---] C:\WINDOWS\system32\dllcache\big5.nls
2012-12-30 18:59:49 9216 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\authfilt.dll
2012-12-30 18:59:48 373248 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\asp51.dll
2012-12-30 18:59:48 29184 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\asptxn.dll
2012-12-30 18:59:48 10240 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\aspperf.dll
2012-12-30 18:59:47 45056 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\EXCH_aqadmin.dll
2012-12-30 18:59:47 333312 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\aqueue.dll
2012-12-30 18:59:47 109568 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\appconf.dll
2012-12-30 18:59:46 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\agt0804.dll
2012-12-30 18:59:46 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\agt0412.dll
2012-12-30 18:59:46 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\agt0411.dll
2012-12-30 18:59:46 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\agt040d.dll
2012-12-30 18:59:46 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\agt0404.dll
2012-12-30 18:59:46 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\agt0401.dll
2012-12-30 18:59:45 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\EXCH_adsiisex.dll
2012-12-30 18:59:44 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\admxprox.dll
2012-12-30 18:59:44 50176 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\adrot.dll
2012-12-30 18:59:44 29696 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\admexs.dll
2012-12-30 18:59:40 7168 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wamregps.dll
2012-12-30 18:59:40 16384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tcptsat.dll
2012-12-30 18:59:39 8192 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\staxmem.dll
2012-12-30 18:59:39 32827 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tcptest.exe
2012-12-30 18:59:39 2134528 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\smtpsnap.dll
2012-12-30 18:59:38 20536 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\shtml.dll
2012-12-30 18:59:38 189440 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\smtpadm.dll
2012-12-30 18:59:38 16437 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\shtml.exe
2012-12-30 18:59:33 77824 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\logui.ocx
2012-12-30 18:59:33 68608 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\isatq.dll
2012-12-30 18:59:33 13312 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\infoadmn.dll
2012-12-30 18:59:32 836096 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\inetmgr.dll
2012-12-30 18:59:32 7680 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\inetmgr.exe
2012-12-30 18:59:32 31232 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iisrstas.exe
2012-12-30 18:59:32 19968 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\inetsloc.dll
2012-12-30 18:59:32 171520 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iisui.dll
2012-12-30 18:59:32 133632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iisrtl.dll
2012-12-30 18:59:31 68608 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iisext51.dll
2012-12-30 18:59:31 64512 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iismap.dll
2012-12-30 18:59:31 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\ftpsapi2.dll
2012-12-30 18:59:31 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iisrstap.dll
2012-12-30 18:59:31 20538 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fpremadm.exe
2012-12-30 18:59:31 15360 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iisreset.exe
2012-12-30 18:59:30 598071 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fpmmc.dll
2012-12-30 18:59:30 212992 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fpmmcsat.dll
2012-12-30 18:59:30 20541 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fpexedll.dll
2012-12-30 18:59:29 876653 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fp4awel.dll
2012-12-30 18:59:29 49212 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fp4awebs.dll
2012-12-30 18:59:29 188494 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fpcount.exe
2012-12-30 18:59:29 14608 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fp98sadm.exe
2012-12-30 18:59:29 109328 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fp98swin.exe
2012-12-30 18:59:28 82035 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fp4anscp.dll
2012-12-30 18:59:28 49210 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fp4areg.dll
2012-12-30 18:59:28 41020 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fp4avnb.dll
2012-12-30 18:59:28 32826 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fp4avss.dll
2012-12-30 18:59:28 147513 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fp4apws.dll
2012-12-30 18:59:28 102509 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fp4atxt.dll
2012-12-30 18:59:27 46592 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\coadmin.dll
2012-12-30 18:59:27 184435 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fp4amsft.dll
2012-12-30 18:59:26 95744 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\certmap.ocx
2012-12-30 18:59:26 76800 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cnfgprts.ocx
2012-12-30 18:59:26 278528 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\certwiz.ocx
2012-12-30 18:59:26 188480 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cfgwiz.exe
2012-12-30 18:59:26 16439 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\author.exe
2012-12-30 18:59:25 43520 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\admwprox.dll
2012-12-30 18:59:25 290816 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\adsiis51.dll
2012-12-30 18:59:25 20540 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\author.dll
2012-12-30 18:59:24 16439 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\admin.exe
2012-12-30 18:59:23 20540 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\admin.dll
2012-12-30 18:59:21 -------- d-----w- [---] C:\WINDOWS\system32\xircom
2012-12-30 18:59:21 -------- d-----w- [---] C:\WINDOWS\system32\wbem\snmp
2012-12-30 18:59:21 -------- d-----w- [---] C:\Program Files\xerox
2012-12-30 18:59:21 -------- d-----w- [---] C:\Program Files\microsoft frontpage
2012-12-30 18:58:55 2596 ----a-w- [---] C:\WINDOWS\system32\CONFIG.NT
2012-12-30 18:58:55 0 --sha-r- [---] C:\MSDOS.SYS
2012-12-30 18:58:55 0 --sha-r- [---] C:\IO.SYS
2012-12-30 18:58:55 0 --sha-r- [---] \MSDOS.SYS
2012-12-30 18:58:55 0 --sha-r- [---] \IO.SYS
2012-12-30 18:58:55 0 ----a-w- [---] C:\WINDOWS\control.ini
2012-12-30 18:58:55 0 ----a-w- [---] C:\CONFIG.SYS
2012-12-30 18:58:55 0 ----a-w- [---] C:\AUTOEXEC.BAT
2012-12-30 18:58:55 0 ----a-w- [---] \CONFIG.SYS
2012-12-30 18:58:55 0 ----a-w- [---] \AUTOEXEC.BAT
2012-12-30 18:58:44 23392 ----a-w- [---] C:\WINDOWS\system32\nscompat.tlb
2012-12-30 18:58:44 16832 ----a-w- [---] C:\WINDOWS\system32\amcompat.tlb
2012-12-30 18:58:42 316640 ----a-w- [---] C:\WINDOWS\WMSysPr9.prx
2012-12-30 18:58:36 833 ----a-w- [---] C:\WINDOWS\OEWABLog.txt
2012-12-30 18:58:32 112128 ----a-w- [7--] C:\WINDOWS\system32\mapi32.dll
2012-12-30 18:57:32 -------- d-sh--w- [---] C:\Documents and Settings\All Users\DRM
2012-12-30 18:57:17 -------- d-----r- [---] C:\WINDOWS\Offline Web Pages
2012-12-30 18:57:16 488 ---ha-r- [---] C:\WINDOWS\system32\WindowsLogon.manifest
2012-12-30 18:57:16 488 ---ha-r- [---] C:\WINDOWS\system32\logonui.exe.manifest
2012-12-30 18:57:16 -------- d-s---w- [---] C:\WINDOWS\Downloaded Program Files
2012-12-30 18:57:07 749 ---ha-r- [---] C:\WINDOWS\WindowsShell.Manifest
2012-12-30 18:57:07 749 ---ha-r- [---] C:\WINDOWS\system32\wuaucpl.cpl.manifest
2012-12-30 18:57:07 749 ---ha-r- [---] C:\WINDOWS\system32\sapi.cpl.manifest
2012-12-30 18:57:07 749 ---ha-r- [---] C:\WINDOWS\system32\nwc.cpl.manifest
2012-12-30 18:57:07 749 ---ha-r- [---] C:\WINDOWS\system32\ncpa.cpl.manifest
2012-12-30 18:57:07 749 ---ha-r- [---] C:\WINDOWS\system32\cdplayer.exe.manifest
2012-12-30 18:57:02 14216 ----a-w- [---] C:\WINDOWS\WindowsUpdate.log
2012-12-30 18:57:01 -------- d--h--w- [---] C:\Program Files\WindowsUpdate
2012-12-30 18:56:57 -------- d-----w- [---] C:\Program Files\Usługi online
2012-12-30 18:56:46 4399505 -c--a-w-[---] C:\WINDOWS\system32\dllcache\nls302en.lex
2012-12-30 18:56:37 -------- d-----w- [---] C:\WINDOWS\system32\DirectX
2012-12-30 18:56:18 28160 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msoobe.exe
2012-12-30 18:56:17 11264 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\atrace.dll
2012-12-30 18:56:17 11264 ----a-w- [7-8] C:\WINDOWS\system32\atrace.dll
2012-12-30 18:56:16 99840 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\helphost.exe
2012-12-30 18:56:16 7680 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\hcappres.dll
2012-12-30 18:56:16 35328 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\notiflag.exe
2012-12-30 18:56:16 21504 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\brpinfo.dll
2012-12-30 18:56:14 48680 --sh--w- [---] C:\WINDOWS\winnt256.bmp
2012-12-30 18:56:14 48680 --sh--w- [---] C:\WINDOWS\winnt.bmp
2012-12-30 18:56:14 2 ----a-w- [---] C:\WINDOWS\system32\desktop.ini
2012-12-30 18:56:14 2 ----a-w- [---] C:\WINDOWS\desktop.ini
2012-12-30 18:56:09 984 -c--a-w-[---] C:\WINDOWS\system32\dllcache\srframe.mmf
2012-12-30 18:56:09 47104 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\srdiag.exe
2012-12-30 18:56:08 12288 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wb32.exe
2012-12-30 18:56:08 12288 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\nmevtmsg.dll
2012-12-30 18:56:08 12288 ----a-w- [7-8] C:\WINDOWS\system32\nmevtmsg.dll
2012-12-30 18:56:08 118784 ----a-w- [7--] C:\WINDOWS\system32\msg723.acm
2012-12-30 18:56:07 67584 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\acctres.dll
2012-12-30 18:56:07 67584 ----a-w- [7-8] C:\WINDOWS\system32\acctres.dll
2012-12-30 18:56:07 40448 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msinfo32.exe
2012-12-30 18:56:07 12288 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cb32.exe
2012-12-30 18:56:06 -------- d-----w- [---] C:\Program Files\Common Files\Services
2012-12-30 18:56:04 65 ---h--r- [---] C:\WINDOWS\Tasks\desktop.ini
2012-12-30 18:56:04 40960 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\trialoc.dll
2012-12-30 18:56:04 16384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\icfgnt5.dll
2012-12-30 18:56:04 16384 ----a-w- [7-8] C:\WINDOWS\system32\icfgnt5.dll
2012-12-30 18:56:04 -------- d-s---w- [---] C:\WINDOWS\Tasks
2012-12-30 18:56:03 73728 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\icwtutor.exe
2012-12-30 18:56:03 65536 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\icwres.dll
2012-12-30 18:56:03 25088 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wisc10.dll
2012-12-30 18:56:03 235520 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mssoap1.dll
2012-12-30 18:56:03 23552 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mssoapr.dll
2012-12-30 18:56:03 16384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\isignup.exe
2012-12-30 18:56:03 -------- d-----w- [---] C:\Program Files\Common Files\MSSoap
2012-12-30 18:56:02 94208 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\ieinfo5.ocx
2012-12-30 18:56:00 726078 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\srchui.dll
2012-12-30 18:56:00 58434 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\srchctls.dll
2012-12-30 18:55:59 848384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\vgx.dll
2012-12-30 18:55:59 3166208 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msgr3en.dll
2012-12-30 18:55:59 -------- d-----w- [---] C:\WINDOWS\srchasst
2012-12-30 18:55:58 98304 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmpband.dll
2012-12-30 18:55:58 774144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\setup_wm.exe
2012-12-30 18:55:58 -------- d-----w- [---] C:\WINDOWS\system32\Macromed
2012-12-30 18:55:57 786432 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\migrate.exe
2012-12-30 18:55:57 73728 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmplayer.exe
2012-12-30 18:55:57 368640 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mpvis.dll
2012-12-30 18:55:57 28672 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\custsat.dll
2012-12-30 18:55:57 226816 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\npdrmv2.dll
2012-12-30 18:55:57 221184 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmpns.dll
2012-12-30 18:55:56 6656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wuauserv.dll
2012-12-30 18:55:56 6656 ----a-w- [7-8] C:\WINDOWS\system32\wuauserv.dll
2012-12-30 18:55:56 4639 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mplayer2.exe
2012-12-30 18:55:56 364544 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\npdsplay.dll
2012-12-30 18:55:56 184320 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wuaueng1.dll
2012-12-30 18:55:56 184320 ----a-w- [7-8] C:\WINDOWS\system32\wuaueng1.dll
2012-12-30 18:55:56 120320 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wuweb.dll
2012-12-30 18:55:56 120320 ----a-w- [7-8] C:\WINDOWS\system32\wuweb.dll
2012-12-30 18:55:56 113664 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wucltui.dll
2012-12-30 18:55:56 113664 ----a-w- [7-8] C:\WINDOWS\system32\wucltui.dll
2012-12-30 18:55:56 10240 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\npwmsdrm.dll
2012-12-30 18:55:55 8192 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\bitsprx2.dll
2012-12-30 18:55:55 8192 ----a-w- [7-8] C:\WINDOWS\system32\bitsprx2.dll
2012-12-30 18:55:55 7168 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\bitsprx3.dll
2012-12-30 18:55:55 7168 ----a-w- [7-8] C:\WINDOWS\system32\bitsprx3.dll
2012-12-30 18:55:55 431616 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wuapi.dll
2012-12-30 18:55:55 431616 ----a-w- [7-8] C:\WINDOWS\system32\wuapi.dll
2012-12-30 18:55:55 36864 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wups.dll
2012-12-30 18:55:55 36864 ----a-w- [7-8] C:\WINDOWS\system32\wups.dll
2012-12-30 18:55:55 168960 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wuauclt1.exe
2012-12-30 18:55:55 168960 ----a-w- [7-8] C:\WINDOWS\system32\wuauclt1.exe
2012-12-30 18:55:55 163328 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wuaucpl.cpl
2012-12-30 18:55:55 163328 ----a-w- [7-8] C:\WINDOWS\system32\wuaucpl.cpl
2012-12-30 18:55:55 1134592 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wuaueng.dll
2012-12-30 18:55:55 1134592 ----a-w- [7-8] C:\WINDOWS\system32\wuaueng.dll
2012-12-30 18:55:55 112128 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wuauclt.exe
2012-12-30 18:55:55 112128 ----a-w- [7-8] C:\WINDOWS\system32\wuauclt.exe
2012-12-30 18:55:54 382464 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\qmgr.dll
2012-12-30 18:55:54 382464 ----a-w- [7-8] C:\WINDOWS\system32\qmgr.dll
2012-12-30 18:55:54 18944 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\qmgrprxy.dll
2012-12-30 18:55:54 18944 ----a-w- [7-8] C:\WINDOWS\system32\qmgrprxy.dll
2012-12-30 18:55:53 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmm2res2.dll
2012-12-30 18:55:53 4096 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmm2eres.dll
2012-12-30 18:55:52 7680 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmm2ext.dll
2012-12-30 18:55:52 502272 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmm2fxa.dll
2012-12-30 18:55:52 4275200 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmm2res.dll
2012-12-30 18:55:52 402432 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmm2filt.dll
2012-12-30 18:55:52 325632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmm2fxb.dll
2012-12-30 18:55:52 167936 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmm2ae.dll
2012-12-30 18:55:51 3555328 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\moviemk.exe
2012-12-30 18:55:51 -------- d-----w- [---] C:\Program Files\Movie Maker
2012-12-30 18:55:49 563200 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msobmain.dll
2012-12-30 18:55:49 51712 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\oobebaln.exe
2012-12-30 18:55:49 30720 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msobshel.dll
2012-12-30 18:55:49 18944 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msobweb.dll
2012-12-30 18:55:49 16384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msobdl.dll
2012-12-30 18:55:49 122368 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msobcomm.dll
2012-12-30 18:55:47 45568 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\safrslv.dll
2012-12-30 18:55:47 45568 ----a-w- [7-8] C:\WINDOWS\system32\safrslv.dll
2012-12-30 18:55:47 43520 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\safrcdlg.dll
2012-12-30 18:55:47 43520 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\racpldlg.dll
2012-12-30 18:55:47 43520 ----a-w- [7-8] C:\WINDOWS\system32\safrcdlg.dll
2012-12-30 18:55:47 43520 ----a-w- [7-8] C:\WINDOWS\system32\racpldlg.dll
2012-12-30 18:55:47 29696 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\safrdm.dll
2012-12-30 18:55:47 29696 ----a-w- [7-8] C:\WINDOWS\system32\safrdm.dll
2012-12-30 18:55:47 151040 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\uploadm.exe
2012-12-30 18:55:46 38912 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\pchsvc.dll
2012-12-30 18:55:46 102400 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\pchshell.dll
2012-12-30 18:55:45 379904 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msinfo.dll
2012-12-30 18:55:45 18944 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\hscupd.exe
2012-12-30 18:55:45 159744 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msconfig.exe
2012-12-30 18:55:44 768512 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\helpctr.exe
2012-12-30 18:55:44 743936 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\helpsvc.exe
2012-12-30 18:55:44 22528 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fltmc.exe
2012-12-30 18:55:44 22528 ----a-w- [7-8] C:\WINDOWS\system32\fltMc.exe
2012-12-30 18:55:44 16896 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fltlib.dll
2012-12-30 18:55:44 16896 ----a-w- [7-8] C:\WINDOWS\system32\fltlib.dll
2012-12-30 18:55:44 124800 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fltmgr.sys
2012-12-30 18:55:44 124800 ----a-w- [7-8] C:\WINDOWS\system32\drivers\fltMgr.sys
2012-12-30 18:55:43 73472 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sr.sys
2012-12-30 18:55:43 73472 ----a-w- [7-8] C:\WINDOWS\system32\drivers\sr.sys
2012-12-30 18:55:43 67584 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\srclient.dll
2012-12-30 18:55:43 67584 ----a-w- [7-8] C:\WINDOWS\system32\srclient.dll
2012-12-30 18:55:43 382976 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rstrui.exe
2012-12-30 18:55:43 240128 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\srrstr.dll
2012-12-30 18:55:43 240128 ----a-w- [7-8] C:\WINDOWS\system32\srrstr.dll
2012-12-30 18:55:43 171008 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\srsvc.dll
2012-12-30 18:55:43 171008 ----a-w- [7-8] C:\WINDOWS\system32\srsvc.dll
2012-12-30 18:55:43 -------- d-----w- [---] C:\WINDOWS\system32\Restore
2012-12-30 18:55:42 81920 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\ils.dll
2012-12-30 18:55:42 81920 ----a-w- [7-8] C:\WINDOWS\system32\ils.dll
2012-12-30 18:55:42 69632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msconf.dll
2012-12-30 18:55:42 69632 ----a-w- [7-8] C:\WINDOWS\system32\msconf.dll
2012-12-30 18:55:42 40960 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\dcap32.dll
2012-12-30 18:55:42 34560 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mnmdd.dll
2012-12-30 18:55:42 34560 ----a-w- [7-8] C:\WINDOWS\system32\mnmdd.dll
2012-12-30 18:55:42 32768 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mnmsrvc.exe
2012-12-30 18:55:42 32768 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\isrdbg32.dll
2012-12-30 18:55:42 32768 ----a-w- [7-8] C:\WINDOWS\system32\mnmsrvc.exe
2012-12-30 18:55:42 32768 ----a-w- [7-8] C:\WINDOWS\system32\isrdbg32.dll
2012-12-30 18:55:42 28672 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\nmmkcert.dll
2012-12-30 18:55:42 28672 ----a-w- [7-8] C:\WINDOWS\system32\nmmkcert.dll
2012-12-30 18:55:42 229376 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\nmas.dll
2012-12-30 18:55:42 188416 ----a-w- [7--] C:\WINDOWS\system32\msh261.drv
2012-12-30 18:55:41 61440 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rrcm.dll
2012-12-30 18:55:41 57344 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\h323cc.dll
2012-12-30 18:55:41 45056 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\confmrsl.dll
2012-12-30 18:55:41 385024 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\callcont.dll
2012-12-30 18:55:41 28672 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\nmasnt.dll
2012-12-30 18:55:41 221184 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\nac.dll
2012-12-30 18:55:40 81920 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\nmchat.dll
2012-12-30 18:55:40 77824 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\nmcom.dll
2012-12-30 18:55:40 57344 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mst123.dll
2012-12-30 18:55:40 274432 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mst120.dll
2012-12-30 18:55:40 188416 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\nmwb.dll
2012-12-30 18:55:40 172032 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\nmoldwb.dll
2012-12-30 18:55:40 151552 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\nmft.dll
2012-12-30 18:55:40 1036288 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\conf.exe
2012-12-30 18:55:39 84992 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wabimp.dll
2012-12-30 18:55:39 81408 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\directdb.dll
2012-12-30 18:55:39 504832 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wab32.dll
2012-12-30 18:55:39 46080 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wab.exe
2012-12-30 18:55:39 32768 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wabfind.dll
2012-12-30 18:55:39 30208 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wabmig.exe
2012-12-30 18:55:39 255488 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wab32res.dll
2012-12-30 18:55:39 252928 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msoeacct.dll
2012-12-30 18:55:39 252928 ----a-w- [7-8] C:\WINDOWS\system32\msoeacct.dll
2012-12-30 18:55:39 105984 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msoert2.dll
2012-12-30 18:55:39 105984 ----a-w- [7-8] C:\WINDOWS\system32\msoert2.dll
2012-12-30 18:55:39 -------- d-----w- [---] C:\Program Files\NetMeeting
2012-12-30 18:55:38 678400 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\inetcomm.dll
2012-12-30 18:55:38 678400 ----a-w- [7-8] C:\WINDOWS\system32\inetcomm.dll
2012-12-30 18:55:38 60928 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msimn.exe
2012-12-30 18:55:38 49664 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\inetres.dll
2012-12-30 18:55:38 49664 ----a-w- [7-8] C:\WINDOWS\system32\inetres.dll
2012-12-30 18:55:38 1311232 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msoe.dll
2012-12-30 18:55:38 104448 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\oeimport.dll
2012-12-30 18:55:37 73728 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\setup50.exe
2012-12-30 18:55:37 60928 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\oemig50.exe
2012-12-30 18:55:37 35840 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\oemiglib.dll
2012-12-30 18:55:37 2512384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msoeres.dll
2012-12-30 18:55:37 192000 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\schedsvc.dll
2012-12-30 18:55:37 192000 ----a-w- [7-8] C:\WINDOWS\system32\schedsvc.dll
2012-12-30 18:55:37 12288 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mstinit.exe
2012-12-30 18:55:37 12288 ----a-w- [7-8] C:\WINDOWS\system32\mstinit.exe
2012-12-30 18:55:37 -------- d-----w- [---] C:\Program Files\Outlook Express
2012-12-30 18:55:36 86016 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\isign32.dll
2012-12-30 18:55:36 86016 ----a-w- [7-8] C:\WINDOWS\system32\isign32.dll
2012-12-30 18:55:36 73728 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\icwdial.dll
2012-12-30 18:55:36 73728 ----a-w- [7-8] C:\WINDOWS\system32\icwdial.dll
2012-12-30 18:55:36 65536 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\icwphbk.dll
2012-12-30 18:55:36 65536 ----a-w- [7-8] C:\WINDOWS\system32\icwphbk.dll
2012-12-30 18:55:36 278528 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mstask.dll
2012-12-30 18:55:36 278528 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\inetcfg.dll
2012-12-30 18:55:36 278528 ----a-w- [7-8] C:\WINDOWS\system32\mstask.dll
2012-12-30 18:55:36 278528 ----a-w- [7-8] C:\WINDOWS\system32\inetcfg.dll
2012-12-30 18:55:35 86016 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\icwconn2.exe
2012-12-30 18:55:35 61440 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\icwconn.dll
2012-12-30 18:55:35 49152 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\icwutil.dll
2012-12-30 18:55:35 32768 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\icwdl.dll
2012-12-30 18:55:35 24576 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\icwrmind.exe
2012-12-30 18:55:35 20480 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\inetwiz.exe
2012-12-30 18:55:35 176128 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\icwhelp.dll
2012-12-30 18:55:34 69632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\oledb32r.dll
2012-12-30 18:55:34 561179 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\dao360.dll
2012-12-30 18:55:34 217088 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sqlxmlx.dll
2012-12-30 18:55:34 216576 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\icwconn1.exe
2012-12-30 18:55:33 94208 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdatl3.dll
2012-12-30 18:55:33 77824 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdaosp.dll
2012-12-30 18:55:33 487424 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\oledb32.dll
2012-12-30 18:55:33 4096 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdaurl.dll
2012-12-30 18:55:33 4096 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdasc.dll
2012-12-30 18:55:33 4096 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdaer.dll
2012-12-30 18:55:33 4096 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdaenum.dll
2012-12-30 18:55:33 4096 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdadc.dll
2012-12-30 18:55:33 315392 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdasql.dll
2012-12-30 18:55:33 24576 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msxactps.dll
2012-12-30 18:55:33 233472 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdaora.dll
2012-12-30 18:55:33 204800 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdaps.dll
2012-12-30 18:55:33 20480 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdatt.dll
2012-12-30 18:55:33 20480 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdaorar.dll
2012-12-30 18:55:33 16384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdasqlr.dll
2012-12-30 18:55:33 102400 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msjro.dll
2012-12-30 18:55:32 81920 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msado27.tlb
2012-12-30 18:55:32 81920 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msado26.tlb
2012-12-30 18:55:32 81920 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msado25.tlb
2012-12-30 18:55:32 61440 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msado21.tlb
2012-12-30 18:55:32 61440 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msado20.tlb
2012-12-30 18:55:32 57344 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msadrh15.dll
2012-12-30 18:55:32 57344 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msador15.dll
2012-12-30 18:55:32 536576 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msado15.dll
2012-12-30 18:55:32 28672 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msader15.dll
2012-12-30 18:55:32 200704 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msadox.dll
2012-12-30 18:55:32 180224 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msadomd.dll
2012-12-30 18:55:31 61440 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msadcf.dll
2012-12-30 18:55:31 53248 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msadcs.dll
2012-12-30 18:55:31 36864 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdfmap.dll
2012-12-30 18:55:31 331776 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msadce.dll
2012-12-30 18:55:31 24576 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msaddsr.dll
2012-12-30 18:55:31 20480 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msadcer.dll
2012-12-30 18:55:31 200704 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdaprst.dll
2012-12-30 18:55:31 16384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdaremr.dll
2012-12-30 18:55:31 16384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdaprsr.dll
2012-12-30 18:55:31 16384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msadcor.dll
2012-12-30 18:55:31 16384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msadcfr.dll
2012-12-30 18:55:31 155648 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msadds.dll
2012-12-30 18:55:31 143360 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msadco.dll
2012-12-30 18:55:31 118784 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdarem.dll
2012-12-30 18:55:30 38912 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\hmmapi.dll
2012-12-30 18:55:30 18432 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iedw.exe
2012-12-30 18:55:30 153088 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\triedit.dll
2012-12-30 18:55:30 128000 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\dhtmled.ocx
2012-12-30 18:55:30 -------- d-----w- [---] C:\Program Files\Common Files\System
2012-12-30 18:55:29 93184 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iexplore.exe
2012-12-30 18:55:29 -------- d-----w- [---] C:\Program Files\Internet Explorer
2012-12-30 18:55:24 1017 ----a-w- [---] C:\WINDOWS\sessmgr.setup.log
2012-12-30 18:54:57 -------- d-----w- [---] C:\WINDOWS\system32\wbem\AutoRecover
2012-12-30 18:54:54 -------- d-----w- [---] C:\WINDOWS\system32\wbem\Performance
2012-12-30 18:54:47 21856 ----a-w- [---] C:\WINDOWS\system32\emptyregdb.dat
2012-12-30 18:54:38 -------- d-----w- [---] C:\Program Files\ComPlus Applications
2012-12-30 18:54:36 37 ----a-w- [---] C:\WINDOWS\vbaddin.ini
2012-12-30 18:54:36 36 ----a-w- [---] C:\WINDOWS\vb.ini
2012-12-30 18:54:31 -------- d-----w- [---] C:\WINDOWS\Registration
2012-12-30 18:54:28 133 ----a-w- [---] C:\WINDOWS\DtcInstall.log
2012-12-30 18:54:23 936 ----a-w- [---] C:\WINDOWS\wmsetup.log
2012-12-30 18:54:23 -------- d-----w- [---] C:\Program Files\Windows Media Player
2012-12-30 18:54:17 -------- d-----w- [---] C:\Program Files\Messenger
2012-12-30 18:54:16 82501 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\bckg.dll
2012-12-30 18:54:16 42577 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\bckgzm.exe
2012-12-30 18:54:16 42574 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rvsezm.exe
2012-12-30 18:54:16 1817687 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\bckgres.dll
2012-12-30 18:54:15 781397 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\chkrres.dll
2012-12-30 18:54:15 753236 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rvseres.dll
2012-12-30 18:54:15 66113 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\shvl.dll
2012-12-30 18:54:15 48706 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rvse.dll
2012-12-30 18:54:15 42575 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\chkrzm.exe
2012-12-30 18:54:15 42573 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\shvlzm.exe
2012-12-30 18:54:15 42573 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\hrtzzm.exe
2012-12-30 18:54:15 40515 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\chkr.dll
2012-12-30 18:54:15 2178131 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\shvlres.dll
2012-12-30 18:54:15 1175635 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\hrtzres.dll
2012-12-30 18:54:14 57409 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\hrtz.dll
2012-12-30 18:54:14 4677 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\zeeverm.dll
2012-12-30 18:54:14 41029 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\zcorem.dll
2012-12-30 18:54:14 32339 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\uniansi.dll
2012-12-30 18:54:14 13894 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\zonelibm.dll
2012-12-30 18:54:14 113222 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\zoneclim.dll
2012-12-30 18:54:14 1041491 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cmnresm.dll
2012-12-30 18:54:13 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\write.exe
2012-12-30 18:54:13 5632 ----a-w- [7-8] C:\WINDOWS\system32\write.exe
2012-12-30 18:54:13 36937 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\zclientm.exe
2012-12-30 18:54:13 29760 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\znetm.dll
2012-12-30 18:54:13 217160 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cmnclim.dll
2012-12-30 18:54:13 -------- d-----w- [---] C:\Program Files\MSN Gaming Zone
2012-12-30 18:54:03 139264 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sndvol32.exe
2012-12-30 18:54:03 139264 ----a-w- [7-8] C:\WINDOWS\system32\sndvol32.exe
2012-12-30 18:54:02 73216 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\avwav.dll
2012-12-30 18:54:02 73216 ----a-w- [7-8] C:\WINDOWS\system32\avwav.dll
2012-12-30 18:54:02 44544 ----a-w- [7--] C:\WINDOWS\system32\hticons.dll
2012-12-30 18:54:02 35328 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\winchat.exe
2012-12-30 18:54:02 35328 ----a-w- [7-8] C:\WINDOWS\system32\winchat.exe
2012-12-30 18:54:02 231424 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\avtapi.dll
2012-12-30 18:54:02 231424 ----a-w- [7-8] C:\WINDOWS\system32\avtapi.dll
2012-12-30 18:54:02 16384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\avmeter.dll
2012-12-30 18:54:02 16384 ----a-w- [7-8] C:\WINDOWS\system32\avmeter.dll
2012-12-30 18:54:02 13312 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\htrn_jis.dll
2012-12-30 18:53:57 9522 ----a-w- [---] C:\WINDOWS\Indiański pled.bmp
2012-12-30 18:53:56 65978 ----a-w- [---] C:\WINDOWS\Bąbelki.bmp
2012-12-30 18:53:56 65954 ----a-w- [---] C:\WINDOWS\Pod mikroskopem.bmp
2012-12-30 18:53:56 65832 ----a-w- [---] C:\WINDOWS\Stiuk z Santa Fe.bmp
2012-12-30 18:53:56 26680 ----a-w- [---] C:\WINDOWS\Wachlarze.bmp
2012-12-30 18:53:56 26582 ----a-w- [---] C:\WINDOWS\Nefryt.bmp
2012-12-30 18:53:56 17362 ----a-w- [---] C:\WINDOWS\Rododendron.bmp
2012-12-30 18:53:56 17336 ----a-w- [---] C:\WINDOWS\Na rybkach.bmp
2012-12-30 18:53:56 17062 ----a-w- [---] C:\WINDOWS\Kawa.bmp
2012-12-30 18:53:56 16730 ----a-w- [---] C:\WINDOWS\Puch.bmp
2012-12-30 18:53:56 1272 ----a-w- [---] C:\WINDOWS\Niebieska koronka 16.bmp
2012-12-30 18:53:55 93702 ----a-w- [---] C:\WINDOWS\system32\subrange.uce
2012-12-30 18:53:55 8484 ----a-w- [---] C:\WINDOWS\system32\kanji_2.uce
2012-12-30 18:53:55 80896 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\charmap.exe
2012-12-30 18:53:55 80896 ----a-w- [7-8] C:\WINDOWS\system32\charmap.exe
2012-12-30 18:53:55 6948 ----a-w- [---] C:\WINDOWS\system32\kanji_1.uce
2012-12-30 18:53:55 605696 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\getuname.dll
2012-12-30 18:53:55 605696 ----a-w- [7-8] C:\WINDOWS\system32\getuname.dll
2012-12-30 18:53:55 60458 ----a-w- [---] C:\WINDOWS\system32\ideograf.uce
2012-12-30 18:53:55 24006 ----a-w- [---] C:\WINDOWS\system32\gb2312.uce
2012-12-30 18:53:55 22984 ----a-w- [---] C:\WINDOWS\system32\bopomofo.uce
2012-12-30 18:53:55 16740 ----a-w- [---] C:\WINDOWS\system32\shiftjis.uce
2012-12-30 18:53:55 12876 ----a-w- [---] C:\WINDOWS\system32\korean.uce
2012-12-30 18:53:55 115200 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\calc.exe
2012-12-30 18:53:55 115200 ----a-w- [7-8] C:\WINDOWS\system32\calc.exe
2012-12-30 18:53:54 57344 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sol.exe
2012-12-30 18:53:54 57344 ----a-w- [7-8] C:\WINDOWS\system32\sol.exe
2012-12-30 18:53:54 128000 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mshearts.exe
2012-12-30 18:53:54 128000 ----a-w- [7-8] C:\WINDOWS\system32\mshearts.exe
2012-12-30 18:53:54 119808 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\winmine.exe
2012-12-30 18:53:54 119808 ----a-w- [7-8] C:\WINDOWS\system32\winmine.exe
2012-12-30 18:53:53 9728 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\reset.exe
2012-12-30 18:53:53 9728 ----a-w- [7-8] C:\WINDOWS\system32\reset.exe
2012-12-30 18:53:53 55808 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\freecell.exe
2012-12-30 18:53:53 55808 ----a-w- [7-8] C:\WINDOWS\system32\freecell.exe
2012-12-30 18:53:53 4608 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rdpcfgex.dll
2012-12-30 18:53:53 4608 ----a-w- [7-8] C:\WINDOWS\system32\rdpcfgex.dll
2012-12-30 18:53:53 33792 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\regini.exe
2012-12-30 18:53:53 33792 ----a-w- [7-8] C:\WINDOWS\system32\regini.exe
2012-12-30 18:53:53 3286 ----a-w- [---] C:\WINDOWS\system32\tslabels.h
2012-12-30 18:53:53 26717 ----a-w- [---] C:\WINDOWS\system32\tslabels.ini
2012-12-30 18:53:53 22528 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\qwinsta.exe
2012-12-30 18:53:53 22528 ----a-w- [7-8] C:\WINDOWS\system32\qwinsta.exe
2012-12-30 18:53:53 17920 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tsshutdn.exe
2012-12-30 18:53:53 17920 ----a-w- [7-8] C:\WINDOWS\system32\tsshutdn.exe
2012-12-30 18:53:53 17408 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\qappsrv.exe
2012-12-30 18:53:53 17408 ----a-w- [7-8] C:\WINDOWS\system32\qappsrv.exe
2012-12-30 18:53:53 16384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tskill.exe
2012-12-30 18:53:53 16384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rwinsta.exe
2012-12-30 18:53:53 16384 ----a-w- [7-8] C:\WINDOWS\system32\tskill.exe
2012-12-30 18:53:53 16384 ----a-w- [7-8] C:\WINDOWS\system32\rwinsta.exe
2012-12-30 18:53:53 15360 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tsdiscon.exe
2012-12-30 18:53:53 15360 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tscon.exe
2012-12-30 18:53:53 15360 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\shadow.exe
2012-12-30 18:53:53 15360 ----a-w- [7-8] C:\WINDOWS\system32\tsdiscon.exe
2012-12-30 18:53:53 15360 ----a-w- [7-8] C:\WINDOWS\system32\tscon.exe
2012-12-30 18:53:53 15360 ----a-w- [7-8] C:\WINDOWS\system32\shadow.exe
2012-12-30 18:53:53 1225 ----a-w- [---] C:\WINDOWS\system32\usrlogon.cmd
2012-12-30 18:53:52 768 ----a-w- [---] C:\WINDOWS\system32\msdtcprf.h
2012-12-30 18:53:52 3813 ----a-w- [---] C:\WINDOWS\system32\msdtcprf.ini
2012-12-30 18:53:52 22528 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msg.exe
2012-12-30 18:53:52 22528 ----a-w- [7-8] C:\WINDOWS\system32\msg.exe
2012-12-30 18:53:52 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mtsadmin.tlb
2012-12-30 18:53:52 15872 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\logoff.exe
2012-12-30 18:53:52 15872 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cdmodem.dll
2012-12-30 18:53:52 15872 ----a-w- [7-8] C:\WINDOWS\system32\logoff.exe
2012-12-30 18:53:52 15872 ----a-w- [7-8] C:\WINDOWS\system32\cdmodem.dll
2012-12-30 18:53:51 82432 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\comrepl.dll
2012-12-30 18:53:51 82432 ----a-w- [7-8] C:\WINDOWS\system32\comrepl.dll
2012-12-30 18:53:51 54272 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\stclient.dll
2012-12-30 18:53:51 54272 ----a-w- [7-8] C:\WINDOWS\system32\stclient.dll
2012-12-30 18:53:51 5120 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\dcomcnfg.exe
2012-12-30 18:53:51 5120 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\comrereg.exe
2012-12-30 18:53:51 5120 ----a-w- [7-8] C:\WINDOWS\system32\dcomcnfg.exe
2012-12-30 18:53:51 4096 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mtxex.dll
2012-12-30 18:53:51 4096 ----a-w- [7-8] C:\WINDOWS\system32\mtxex.dll
2012-12-30 18:53:51 25600 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\comaddin.dll
2012-12-30 18:53:51 25600 ----a-w- [7-8] C:\WINDOWS\system32\comaddin.dll
2012-12-30 18:53:51 25088 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mtxlegih.dll
2012-12-30 18:53:51 25088 ----a-w- [7-8] C:\WINDOWS\system32\mtxlegih.dll
2012-12-30 18:53:51 20480 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mtxdm.dll
2012-12-30 18:53:51 20480 ----a-w- [7-8] C:\WINDOWS\system32\mtxdm.dll
2012-12-30 18:53:51 147456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\comsnap.dll
2012-12-30 18:53:51 147456 ----a-w- [7-8] C:\WINDOWS\system32\comsnap.dll
2012-12-30 18:53:50 9414 ----a-w- [---] C:\WINDOWS\system32\wbem\wmipsess.mfl
2012-12-30 18:53:50 6494 ----a-w- [---] C:\WINDOWS\system32\wbem\wmitimep.mof
2012-12-30 18:53:50 61208 ----a-w- [---] C:\WINDOWS\system32\wbem\wmipjobj.mof
2012-12-30 18:53:50 47992 ----a-w- [---] C:\WINDOWS\system32\wbem\wmipjobj.mfl
2012-12-30 18:53:50 45568 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmi2xml.dll
2012-12-30 18:53:50 3848 ----a-w- [---] C:\WINDOWS\system32\wbem\wmitimep.mfl
2012-12-30 18:53:50 23692 ----a-w- [---] C:\WINDOWS\system32\wbem\wmipiprt.mof
2012-12-30 18:53:50 19356 ----a-w- [---] C:\WINDOWS\system32\wbem\wmipicmp.mof
2012-12-30 18:53:50 17110 ----a-w- [---] C:\WINDOWS\system32\wbem\wmipiprt.mfl
2012-12-30 18:53:50 13880 ----a-w- [---] C:\WINDOWS\system32\wbem\wmipsess.mof
2012-12-30 18:53:49 8938 ----a-w- [---] C:\WINDOWS\system32\wbem\wmipdskq.mfl
2012-12-30 18:53:49 8238 ----a-w- [---] C:\WINDOWS\system32\wbem\tmplprov.mfl
2012-12-30 18:53:49 4998 ----a-w- [---] C:\WINDOWS\system32\wbem\trnsprov.mof
2012-12-30 18:53:49 4546 ----a-w- [---] C:\WINDOWS\system32\wbem\wmi.mfl
2012-12-30 18:53:49 4458 ----a-w- [---] C:\WINDOWS\system32\wbem\subscrpt.mof
2012-12-30 18:53:49 41402 ----a-w- [---] C:\WINDOWS\system32\wbem\wmipcima.mof
2012-12-30 18:53:49 29170 ----a-w- [---] C:\WINDOWS\system32\wbem\wmipcima.mfl
2012-12-30 18:53:49 2114 ----a-w- [---] C:\WINDOWS\system32\wbem\trnsprov.mfl
2012-12-30 18:53:49 20720 ----a-w- [---] C:\WINDOWS\system32\wbem\updprov.mof
2012-12-30 18:53:49 18004 ----a-w- [---] C:\WINDOWS\system32\wbem\wbemcons.mof
2012-12-30 18:53:49 14564 ----a-w- [---] C:\WINDOWS\system32\wbem\wmipicmp.mfl
2012-12-30 18:53:49 14064 ----a-w- [---] C:\WINDOWS\system32\wbem\updprov.mfl
2012-12-30 18:53:49 13382 ----a-w- [---] C:\WINDOWS\system32\wbem\wbemcons.mfl
2012-12-30 18:53:49 13342 ----a-w- [---] C:\WINDOWS\system32\wbem\wmipdskq.mof
2012-12-30 18:53:49 127370 ----a-w- [---] C:\WINDOWS\system32\wbem\system.mof
2012-12-30 18:53:49 12144 ----a-w- [---] C:\WINDOWS\system32\wbem\tmplprov.mof
2012-12-30 18:53:48 626 ----a-w- [---] C:\WINDOWS\system32\wbem\ncprov.mfl
2012-12-30 18:53:48 58746 ----a-w- [---] C:\WINDOWS\system32\wbem\secrcw32.mof
2012-12-30 18:53:48 5728 ----a-w- [---] C:\WINDOWS\system32\wbem\scrcons.mof
2012-12-30 18:53:48 5002 ----a-w- [---] C:\WINDOWS\system32\wbem\policman.mfl
2012-12-30 18:53:48 46372 ----a-w- [---] C:\WINDOWS\system32\wbem\regevent.mof
2012-12-30 18:53:48 4100 ----a-w- [---] C:\WINDOWS\system32\wbem\smtpcons.mof
2012-12-30 18:53:48 40150 ----a-w- [---] C:\WINDOWS\system32\wbem\regevent.mfl
2012-12-30 18:53:48 3606 ----a-w- [---] C:\WINDOWS\system32\wbem\scrcons.mfl
2012-12-30 18:53:48 33840 ----a-w- [---] C:\WINDOWS\system32\wbem\secrcw32.mfl
2012-12-30 18:53:48 32676 ----a-w- [---] C:\WINDOWS\system32\wbem\scm.mof
2012-12-30 18:53:48 29762 ----a-w- [---] C:\WINDOWS\system32\wbem\ntevt.mof
2012-12-30 18:53:48 2880 ----a-w- [---] C:\WINDOWS\system32\wbem\ncprov.mof
2012-12-30 18:53:48 2716 ----a-w- [---] C:\WINDOWS\system32\wbem\smtpcons.mfl
2012-12-30 18:53:48 21940 ----a-w- [---] C:\WINDOWS\system32\wbem\ntevt.mfl
2012-12-30 18:53:48 165430 ----a-w- [---] C:\WINDOWS\system32\wbem\msi.mof
2012-12-30 18:53:48 12150 ----a-w- [---] C:\WINDOWS\system32\wbem\policman.mof
2012-12-30 18:53:48 112618 ----a-w- [---] C:\WINDOWS\system32\wbem\msi.mfl
2012-12-30 18:53:47 9442 ----a-w- [---] C:\WINDOWS\system32\wbem\wmiclimofformat.xsl
2012-12-30 18:53:47 8790 ----a-w- [---] C:\WINDOWS\system32\wbem\fconprov.mof
2012-12-30 18:53:47 8522 ----a-w- [---] C:\WINDOWS\system32\wbem\krnlprov.mfl
2012-12-30 18:53:47 76800 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmipicmp.dll
2012-12-30 18:53:47 76800 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmipicmp.dll
2012-12-30 18:53:47 6586 ----a-w- [---] C:\WINDOWS\system32\wbem\fconprov.mfl
2012-12-30 18:53:47 61440 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmimsg.dll
2012-12-30 18:53:47 61440 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmimsg.dll
2012-12-30 18:53:47 52224 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmitimep.dll
2012-12-30 18:53:47 52224 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmitimep.dll
2012-12-30 18:53:47 485 ----a-w- [---] C:\WINDOWS\system32\wbem\wmiclivalueformat.xsl
2012-12-30 18:53:47 4392 ----a-w- [---] C:\WINDOWS\system32\wbem\fevprov.mof
2012-12-30 18:53:47 3921 ----a-w- [---] C:\WINDOWS\system32\wbem\wmiclitableformatnosys.xsl
2012-12-30 18:53:47 3260 ----a-w- [---] C:\WINDOWS\system32\wbem\fevprov.mfl
2012-12-30 18:53:47 3247 ----a-w- [---] C:\WINDOWS\system32\wbem\wmiclitableformat.xsl
2012-12-30 18:53:47 18398 ----a-w- [---] C:\WINDOWS\system32\wbem\dsprov.mof
2012-12-30 18:53:47 17920 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\winmgmtr.dll
2012-12-30 18:53:47 17920 ----a-w- [7-8] C:\WINDOWS\system32\wbem\winmgmtr.dll
2012-12-30 18:53:47 12712 ----a-w- [---] C:\WINDOWS\system32\wbem\krnlprov.mof
2012-12-30 18:53:47 11556 ----a-w- [---] C:\WINDOWS\system32\wbem\dsprov.mfl
2012-12-30 18:53:46 61952 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tmplprov.dll
2012-12-30 18:53:46 61952 ----a-w- [7-8] C:\WINDOWS\system32\wbem\tmplprov.dll
2012-12-30 18:53:46 59904 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wbemdisp.tlb
2012-12-30 18:53:46 59904 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\trnsprov.dll
2012-12-30 18:53:46 59904 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wbemdisp.tlb
2012-12-30 18:53:46 59904 ----a-w- [7-8] C:\WINDOWS\system32\wbem\trnsprov.dll
2012-12-30 18:53:46 40960 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\smtpcons.dll
2012-12-30 18:53:46 40960 ----a-w- [7-8] C:\WINDOWS\system32\wbem\smtpcons.dll
2012-12-30 18:53:46 3247 ----a-w- [---] C:\WINDOWS\system32\wbem\texttablewsys.xsl
2012-12-30 18:53:46 31232 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wbemads.tlb
2012-12-30 18:53:46 31232 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wbemads.tlb
2012-12-30 18:53:46 273920 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msiprov.dll
2012-12-30 18:53:46 273920 ----a-w- [7-8] C:\WINDOWS\system32\wbem\msiprov.dll
2012-12-30 18:53:46 16896 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\unsecapp.exe
2012-12-30 18:53:46 16896 ----a-w- [7-8] C:\WINDOWS\system32\wbem\unsecapp.exe
2012-12-30 18:53:46 13824 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\winmgmt.exe
2012-12-30 18:53:46 13824 ----a-w- [7-8] C:\WINDOWS\system32\wbem\winmgmt.exe
2012-12-30 18:53:46 12288 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wbemads.dll
2012-12-30 18:53:46 12288 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wbemads.dll
2012-12-30 18:53:46 116224 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\updprov.dll
2012-12-30 18:53:46 116224 ----a-w- [7-8] C:\WINDOWS\system32\wbem\updprov.dll
2012-12-30 18:53:45 63488 ----a-w- [---] C:\WINDOWS\system32\wmimgmt.msc
2012-12-30 18:53:45 53248 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fwdprov.dll
2012-12-30 18:53:45 53248 ----a-w- [7-8] C:\WINDOWS\system32\wbem\fwdprov.dll
2012-12-30 18:53:45 2859 ----a-w- [---] C:\WINDOWS\system32\wbem\htable-sortby.xsl
2012-12-30 18:53:45 217088 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wordpad.exe
2012-12-30 18:53:45 120320 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\dsprov.dll
2012-12-30 18:53:45 120320 ----a-w- [7-8] C:\WINDOWS\system32\wbem\dsprov.dll
2012-12-30 18:53:44 70656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\access.cpl
2012-12-30 18:53:44 70656 ----a-w- [7-8] C:\WINDOWS\system32\access.cpl
2012-12-30 18:53:44 349696 ----a-w- [7--] C:\WINDOWS\system32\hypertrm.dll
2012-12-30 18:53:44 283136 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\pinball.exe
2012-12-30 18:53:44 187904 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\accwiz.exe
2012-12-30 18:53:44 187904 ----a-w- [7-8] C:\WINDOWS\system32\accwiz.exe
2012-12-30 18:53:44 132608 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sndrec32.exe
2012-12-30 18:53:44 132608 ----a-w- [7-8] C:\WINDOWS\system32\sndrec32.exe
2012-12-30 18:53:44 124928 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mplay32.exe
2012-12-30 18:53:44 124928 ----a-w- [7-8] C:\WINDOWS\system32\mplay32.exe
2012-12-30 18:53:43 99750 ----a-w- [---] C:\WINDOWS\system32\wbem\tscfgwmi.mof
2012-12-30 18:53:43 59566 ----a-w- [---] C:\WINDOWS\system32\wbem\tscfgwmi.mfl
2012-12-30 18:53:43 545792 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\dialer.exe
2012-12-30 18:53:43 539136 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\spider.exe
2012-12-30 18:53:43 539136 ----a-w- [7-8] C:\WINDOWS\system32\spider.exe
2012-12-30 18:53:43 345088 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mspaint.exe
2012-12-30 18:53:43 345088 ----a-w- [7-8] C:\WINDOWS\system32\mspaint.exe
2012-12-30 18:53:43 21896 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tdtcp.sys
2012-12-30 18:53:43 21896 ----a-w- [7-8] C:\WINDOWS\system32\drivers\tdtcp.sys
2012-12-30 18:53:43 12040 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tdpipe.sys
2012-12-30 18:53:43 12040 ----a-w- [7-8] C:\WINDOWS\system32\drivers\tdpipe.sys
2012-12-30 18:53:43 103424 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\clipbrd.exe
2012-12-30 18:53:43 103424 ----a-w- [7-8] C:\WINDOWS\system32\clipbrd.exe
2012-12-30 18:53:43 -------- d-----w- [---] C:\Program Files\Windows NT
2012-12-30 18:53:42 94720 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tscfgwmi.dll
2012-12-30 18:53:42 94720 ----a-w- [7-8] C:\WINDOWS\system32\tscfgwmi.dll
2012-12-30 18:53:42 67072 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rdshost.exe
2012-12-30 18:53:42 67072 ----a-w- [7-8] C:\WINDOWS\system32\rdshost.exe
2012-12-30 18:53:42 655360 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mstscax.dll
2012-12-30 18:53:42 655360 ----a-w- [7-8] C:\WINDOWS\system32\mstscax.dll
2012-12-30 18:53:42 60928 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\remotepg.dll
2012-12-30 18:53:42 60928 ----a-w- [7-8] C:\WINDOWS\system32\remotepg.dll
2012-12-30 18:53:42 408576 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mstsc.exe
2012-12-30 18:53:42 408576 ----a-w- [7-8] C:\WINDOWS\system32\mstsc.exe
2012-12-30 18:53:42 141824 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sessmgr.exe
2012-12-30 18:53:42 141824 ----a-w- [7-8] C:\WINDOWS\system32\sessmgr.exe
2012-12-30 18:53:42 139400 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rdpwd.sys
2012-12-30 18:53:42 139400 ----a-w- [7-8] C:\WINDOWS\system32\drivers\rdpwd.sys
2012-12-30 18:53:42 13824 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rdsaddin.exe
2012-12-30 18:53:42 13824 ----a-w- [7-8] C:\WINDOWS\system32\rdsaddin.exe
2012-12-30 18:53:41 87176 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rdpwsx.dll
2012-12-30 18:53:41 87176 ----a-w- [7-8] C:\WINDOWS\system32\rdpwsx.dll
2012-12-30 18:53:41 62464 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rdpclip.exe
2012-12-30 18:53:41 62464 ----a-w- [7-8] C:\WINDOWS\system32\rdpclip.exe
2012-12-30 18:53:41 44544 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tscupgrd.exe
2012-12-30 18:53:41 44544 ----a-w- [7-8] C:\WINDOWS\system32\tscupgrd.exe
2012-12-30 18:53:41 38912 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cfgbkend.dll
2012-12-30 18:53:41 38912 ----a-w- [7-8] C:\WINDOWS\system32\cfgbkend.dll
2012-12-30 18:53:41 296448 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\termsrv.dll
2012-12-30 18:53:41 296448 ----a-w- [7-8] C:\WINDOWS\system32\termsrv.dll
2012-12-30 18:53:41 20992 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\qprocess.exe
2012-12-30 18:53:41 20992 ----a-w- [7-8] C:\WINDOWS\system32\qprocess.exe
2012-12-30 18:53:41 19968 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rdpsnd.dll
2012-12-30 18:53:41 19968 ----a-w- [7-8] C:\WINDOWS\system32\rdpsnd.dll
2012-12-30 18:53:41 161280 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdtcuiu.dll
2012-12-30 18:53:41 161280 ----a-w- [7-8] C:\WINDOWS\system32\msdtcuiu.dll
2012-12-30 18:53:41 147968 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rdchost.dll
2012-12-30 18:53:41 147968 ----a-w- [7-8] C:\WINDOWS\system32\rdchost.dll
2012-12-30 18:53:41 11264 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\icaapi.dll
2012-12-30 18:53:41 11264 ----a-w- [7-8] C:\WINDOWS\system32\icaapi.dll
2012-12-30 18:53:41 -------- d-----w- [---] C:\WINDOWS\system32\MsDtc
2012-12-30 18:53:40 949248 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdtctm.dll
2012-12-30 18:53:40 949248 ----a-w- [7-8] C:\WINDOWS\system32\msdtctm.dll
2012-12-30 18:53:40 90112 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mtxoci.dll
2012-12-30 18:53:40 90112 ----a-w- [7-8] C:\WINDOWS\system32\mtxoci.dll
2012-12-30 18:53:40 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdtc.exe
2012-12-30 18:53:40 6144 ----a-w- [7-8] C:\WINDOWS\system32\msdtc.exe
2012-12-30 18:53:40 58880 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdtclog.dll
2012-12-30 18:53:40 58880 ----a-w- [7-8] C:\WINDOWS\system32\msdtclog.dll
2012-12-30 18:53:40 425472 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdtcprx.dll
2012-12-30 18:53:40 425472 ----a-w- [7-8] C:\WINDOWS\system32\msdtcprx.dll
2012-12-30 18:53:40 11776 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\xolehlp.dll
2012-12-30 18:53:40 11776 ----a-w- [7-8] C:\WINDOWS\system32\xolehlp.dll
2012-12-30 18:53:39 9728 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\comrepl.exe
2012-12-30 18:53:39 85504 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\catsrvps.dll
2012-12-30 18:53:39 85504 ----a-w- [7-8] C:\WINDOWS\system32\catsrvps.dll
2012-12-30 18:53:39 628224 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\catsrvut.dll
2012-12-30 18:53:39 628224 ----a-w- [7-8] C:\WINDOWS\system32\catsrvut.dll
2012-12-30 18:53:39 62464 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\colbact.dll
2012-12-30 18:53:39 62464 ----a-w- [7-8] C:\WINDOWS\system32\colbact.dll
2012-12-30 18:53:39 229888 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\catsrv.dll
2012-12-30 18:53:39 229888 ----a-w- [7-8] C:\WINDOWS\system32\catsrv.dll
2012-12-30 18:53:39 195584 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\comadmin.dll
2012-12-30 18:53:39 110080 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\clbcatex.dll
2012-12-30 18:53:39 110080 ----a-w- [7-8] C:\WINDOWS\system32\clbcatex.dll
2012-12-30 18:53:39 -------- d-----w- [---] C:\WINDOWS\system32\Com
2012-12-30 18:53:38 540160 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\comuid.dll
2012-12-30 18:53:38 540160 ----a-w- [7-8] C:\WINDOWS\system32\comuid.dll
2012-12-30 18:53:38 501248 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\clbcatq.dll
2012-12-30 18:53:38 501248 ----a-w- [7-8] C:\WINDOWS\system32\clbcatq.dll
2012-12-30 18:53:38 1251840 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\comsvcs.dll
2012-12-30 18:53:38 1251840 ----a-w- [7-8] C:\WINDOWS\system32\comsvcs.dll
2012-12-30 18:53:37 33674 ----a-w- [---] C:\WINDOWS\system32\wbem\cliegaliases.mfl
2012-12-30 18:53:37 29290 ----a-w- [---] C:\WINDOWS\system32\wbem\cli.mof
2012-12-30 18:53:37 2774228 ----a-w- [---] C:\WINDOWS\system32\wbem\cimwin32.mof
2012-12-30 18:53:37 2570538 ----a-w- [---] C:\WINDOWS\system32\wbem\cliegaliases.mof
2012-12-30 18:53:37 2092060 ----a-w- [---] C:\WINDOWS\system32\wbem\cimwin32.mfl
2012-12-30 18:53:37 15586 ----a-w- [---] C:\WINDOWS\system32\wbem\licwmi.mof
2012-12-30 18:53:37 10688 ----a-w- [---] C:\WINDOWS\system32\wbem\wmi.mof
2012-12-30 18:53:37 10442 ----a-w- [---] C:\WINDOWS\system32\wbem\licwmi.mfl
2012-12-30 18:53:36 98304 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmiutils.dll
2012-12-30 18:53:36 98304 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmiutils.dll
2012-12-30 18:53:36 62976 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmipjobj.dll
2012-12-30 18:53:36 62976 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmipjobj.dll
2012-12-30 18:53:36 62464 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmipiprt.dll
2012-12-30 18:53:36 62464 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmipiprt.dll
2012-12-30 18:53:36 60928 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmicookr.dll
2012-12-30 18:53:36 60928 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmicookr.dll
2012-12-30 18:53:36 437248 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmiprvsd.dll
2012-12-30 18:53:36 437248 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmiprvsd.dll
2012-12-30 18:53:36 41472 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmipsess.dll
2012-12-30 18:53:36 41472 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmipsess.dll
2012-12-30 18:53:36 2870 ----a-w- [---] C:\WINDOWS\system32\wbem\xsl-mappings.xml
2012-12-30 18:53:36 218112 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmiprvse.exe
2012-12-30 18:53:36 218112 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmiprvse.exe
2012-12-30 18:53:36 1743 ----a-w- [---] C:\WINDOWS\system32\wbem\xml.xsl
2012-12-30 18:53:36 156672 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmipcima.dll
2012-12-30 18:53:36 156672 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmipcima.dll
2012-12-30 18:53:36 145408 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmisvc.dll
2012-12-30 18:53:36 145408 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmisvc.dll
2012-12-30 18:53:36 144896 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmiprov.dll
2012-12-30 18:53:36 144896 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmiprov.dll
2012-12-30 18:53:36 140800 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmidcprv.dll
2012-12-30 18:53:36 140800 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmidcprv.dll
2012-12-30 18:53:36 132096 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmipdskq.dll
2012-12-30 18:53:36 132096 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmipdskq.dll
2012-12-30 18:53:35 89088 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmiaprpl.dll
2012-12-30 18:53:35 89088 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmiaprpl.dll
2012-12-30 18:53:35 71680 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wbemcons.dll
2012-12-30 18:53:35 71680 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wbemcons.dll
2012-12-30 18:53:35 7168 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmiapres.dll
2012-12-30 18:53:35 7168 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmiapres.dll
2012-12-30 18:53:35 530944 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wbemcore.dll
2012-12-30 18:53:35 530944 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wbemcore.dll
2012-12-30 18:53:35 43520 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wbemsvc.dll
2012-12-30 18:53:35 43520 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wbemsvc.dll
2012-12-30 18:53:35 367104 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmic.exe
2012-12-30 18:53:35 367104 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmic.exe
2012-12-30 18:53:35 273920 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wbemess.dll
2012-12-30 18:53:35 273920 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wbemess.dll
2012-12-30 18:53:35 197120 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wbemupgd.dll
2012-12-30 18:53:35 197120 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wbemupgd.dll
2012-12-30 18:53:35 196608 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmiadap.exe
2012-12-30 18:53:35 196608 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmiadap.exe
2012-12-30 18:53:35 18944 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wbemprox.dll
2012-12-30 18:53:35 18944 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wbemprox.dll
2012-12-30 18:53:35 178176 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wbemdisp.dll
2012-12-30 18:53:35 178176 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wbemdisp.dll
2012-12-30 18:53:35 126464 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmiapsrv.exe
2012-12-30 18:53:35 126464 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmiapsrv.exe
2012-12-30 18:53:35 118272 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wbemtest.exe
2012-12-30 18:53:35 118272 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wbemtest.exe
2012-12-30 18:53:34 92672 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\policman.dll
2012-12-30 18:53:34 92672 ----a-w- [7-8] C:\WINDOWS\system32\wbem\policman.dll
2012-12-30 18:53:34 86528 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\stdprov.dll
2012-12-30 18:53:34 86528 ----a-w- [7-8] C:\WINDOWS\system32\wbem\stdprov.dll
2012-12-30 18:53:34 623 ----a-w- [---] C:\WINDOWS\system32\wbem\rawxml.xsl
2012-12-30 18:53:34 6000 ----a-w- [---] C:\WINDOWS\system32\wbem\texttable.xsl
2012-12-30 18:53:34 36864 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\scrcons.exe
2012-12-30 18:53:34 36864 ----a-w- [7-8] C:\WINDOWS\system32\wbem\scrcons.exe
2012-12-30 18:53:34 2766 ----a-w- [---] C:\WINDOWS\system32\wbem\textvaluelist.xsl
2012-12-30 18:53:34 237056 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\provthrd.dll
2012-12-30 18:53:34 237056 ----a-w- [7-8] C:\WINDOWS\system32\wbem\provthrd.dll
2012-12-30 18:53:34 214528 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wbemcomn.dll
2012-12-30 18:53:34 214528 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wbemcomn.dll
2012-12-30 18:53:34 212992 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\ntevt.dll
2012-12-30 18:53:34 212992 ----a-w- [7-8] C:\WINDOWS\system32\wbem\ntevt.dll
2012-12-30 18:53:34 199680 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wbemcntl.dll
2012-12-30 18:53:34 199680 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wbemcntl.dll
2012-12-30 18:53:34 177152 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\repdrvfs.dll
2012-12-30 18:53:34 177152 ----a-w- [7-8] C:\WINDOWS\system32\wbem\repdrvfs.dll
2012-12-30 18:53:34 131584 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\viewprov.dll
2012-12-30 18:53:34 131584 ----a-w- [7-8] C:\WINDOWS\system32\wbem\viewprov.dll
2012-12-30 18:53:33 9261 ----a-w- [---] C:\WINDOWS\system32\wbem\mof.xsl
2012-12-30 18:53:33 4944 ----a-w- [---] C:\WINDOWS\system32\wbem\hform.xsl
2012-12-30 18:53:33 472064 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fastprox.dll
2012-12-30 18:53:33 472064 ----a-w- [7-8] C:\WINDOWS\system32\wbem\fastprox.dll
2012-12-30 18:53:33 47104 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\ncprov.dll
2012-12-30 18:53:33 47104 ----a-w- [7-8] C:\WINDOWS\system32\wbem\ncprov.dll
2012-12-30 18:53:33 4597 ----a-w- [---] C:\WINDOWS\system32\wbem\htable.xsl
2012-12-30 18:53:33 2503 ----a-w- [---] C:\WINDOWS\system32\wbem\csv.xsl
2012-12-30 18:53:33 247808 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\esscli.dll
2012-12-30 18:53:33 247808 ----a-w- [7-8] C:\WINDOWS\system32\wbem\esscli.dll
2012-12-30 18:53:33 24576 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\krnlprov.dll
2012-12-30 18:53:33 24576 ----a-w- [7-8] C:\WINDOWS\system32\wbem\krnlprov.dll
2012-12-30 18:53:33 185856 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\framedyn.dll
2012-12-30 18:53:33 185856 ----a-w- [7-8] C:\WINDOWS\system32\wbem\framedyn.dll
2012-12-30 18:53:33 17408 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mofcomp.exe
2012-12-30 18:53:33 17408 ----a-w- [7-8] C:\WINDOWS\system32\wbem\mofcomp.exe
2012-12-30 18:53:33 124928 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mofd.dll
2012-12-30 18:53:33 124928 ----a-w- [7-8] C:\WINDOWS\system32\wbem\mofd.dll
2012-12-30 18:53:32 58880 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\licwmi.dll
2012-12-30 18:53:32 58880 ----a-w- [7-8] C:\WINDOWS\system32\licwmi.dll
2012-12-30 18:53:32 56320 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\servdeps.dll
2012-12-30 18:53:32 56320 ----a-w- [7-8] C:\WINDOWS\system32\servdeps.dll
2012-12-30 18:53:32 187904 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cmprops.dll
2012-12-30 18:53:32 187904 ----a-w- [7-8] C:\WINDOWS\system32\cmprops.dll
2012-12-30 18:53:32 17920 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mmfutil.dll
2012-12-30 18:53:32 17920 ----a-w- [7-8] C:\WINDOWS\system32\mmfutil.dll
2012-12-30 18:53:32 1352704 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cimwin32.dll
2012-12-30 18:53:32 1352704 ----a-w- [7-8] C:\WINDOWS\system32\wbem\cimwin32.dll
2012-12-30 18:53:30 196864 ----a-w- [7-8] C:\WINDOWS\system32\drivers\rdpdr.sys
2012-12-30 18:53:29 40840 ----a-w- [7-8] C:\WINDOWS\system32\drivers\termdd.sys
2012-12-30 18:52:39 200 ----a-w- [---] C:\WINDOWS\cmsetacl.log


--- Modified files ---

2013-01-02 15:06:05 1024 ---ha-w- [---] C:\Documents and Settings\Administrator\ntuser.dat.LOG
2013-01-02 14:38:01 1050 ----a-w- [---] C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-01-02 14:37:06 0 ----a-w- [---] C:\WINDOWS\0.log
2013-01-02 14:35:53 1046 ----a-w- [---] C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-01-02 14:35:52 6 ---ha-w- [---] C:\WINDOWS\Tasks\SA.DAT
2013-01-02 14:35:48 2048 --s-a-w- [---] C:\WINDOWS\bootstat.dat
2013-01-02 14:35:08 32562 ----a-w- [---] C:\WINDOWS\SchedLgU.Txt
2013-01-02 14:35:08 14216 ----a-w- [---] C:\WINDOWS\WindowsUpdate.log
2013-01-02 14:35:06 188 --sh--w- [---] C:\Documents and Settings\Administrator\ntuser.ini
2013-01-02 14:35:06 1048576 ---ha-w- [---] C:\Documents and Settings\Administrator\NTUSER.DAT
2013-01-02 14:24:28 2206 ----a-w- [---] C:\WINDOWS\system32\wpa.dbl
2013-01-01 20:24:00 930 ----a-w- [---] C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-01-01 10:15:35 121336 ----a-w- [---] C:\WINDOWS\system32\FNTCACHE.DAT
2012-12-31 10:42:51 93640 ----a-w- [7--] C:\WINDOWS\system32\WindowsAccessBridge.dll
2012-12-31 10:42:50 859072 ----a-w- [7--] C:\WINDOWS\system32\npDeployJava1.dll
2012-12-31 10:42:50 779704 ----a-w- [7--] C:\WINDOWS\system32\deployJava1.dll
2012-12-31 10:42:50 260528 ----a-w- [7--] C:\WINDOWS\system32\javaws.exe
2012-12-31 10:42:50 174000 ----a-w- [7--] C:\WINDOWS\system32\javaw.exe
2012-12-31 10:42:50 173992 ----a-w- [7--] C:\WINDOWS\system32\java.exe
2012-12-31 10:42:50 143872 ----a-w- [---] C:\WINDOWS\system32\javacpl.cpl
2012-12-30 23:28:18 73656 ----a-w- [7--] C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2012-12-30 23:28:18 697272 ----a-w- [7--] C:\WINDOWS\system32\FlashPlayerApp.exe
2012-12-30 20:52:19 442351 ----a-w- [---] C:\WINDOWS\setupapi.log
2012-12-30 19:51:51 0 ----a-w- [---] C:\WINDOWS\system32\h323log.txt
2012-12-30 19:49:37 530 ----a-w- [---] C:\WINDOWS\wiadebug.log
2012-12-30 19:49:36 50 ----a-w- [---] C:\WINDOWS\wiaservc.log
2012-12-30 19:47:17 3094 ----a-w- [---] C:\WINDOWS\regopt.log
2012-12-30 19:47:16 231 ----a-w- [---] C:\WINDOWS\system.ini
2012-12-30 19:47:06 62 --sha-w- [---] C:\Documents and Settings\Administrator\Dane aplikacji\desktop.ini
2012-12-30 19:31:54 39 ----a-w- [---] C:\Documents and Settings\Administrator\custom.log
2012-12-30 19:28:07 1434 ----a-w- [---] C:\WINDOWS\coinst.log
2012-12-30 19:26:22 2849 ----a-w- [---] C:\WINDOWS\stsetup.htm
2012-12-30 19:24:00 0 ----a-w- [---] C:\WINDOWS\Sti_Trace.log
2012-12-30 19:21:04 1362 ----a-w- [---] C:\WINDOWS\imsins.BAK
2012-12-30 19:19:48 0 ----a-w- [---] C:\WINDOWS\setuperr.log
2012-12-30 19:13:26 104 ----a-w- [---] C:\WINDOWS\APSetup.log
2012-12-30 19:10:56 537 ----a-w- [---] C:\WINDOWS\chipset.log
2012-12-30 19:06:23 763990 ----a-w- [---] C:\WINDOWS\system32\PerfStringBackup.INI
2012-12-30 19:06:23 49712 ----a-w- [---] C:\WINDOWS\system32\perfc015.dat
2012-12-30 19:06:23 40128 ----a-w- [---] C:\WINDOWS\system32\perfc009.dat
2012-12-30 19:06:23 355830 ----a-w- [---] C:\WINDOWS\system32\perfh015.dat
2012-12-30 19:06:23 311740 ----a-w- [---] C:\WINDOWS\system32\perfh009.dat
2012-12-30 19:05:11 833 ----a-w- [---] C:\WINDOWS\OEWABLog.txt
2012-12-30 19:05:10 936 ----a-w- [---] C:\WINDOWS\wmsetup.log
2012-12-30 19:04:47 711820 ----a-w- [---] C:\WINDOWS\setuplog.txt
2012-12-30 19:03:24 8192 ----a-w- [---] C:\WINDOWS\REGLOCS.OLD
2012-12-30 19:02:26 57690 ----a-w- [---] C:\WINDOWS\iis6.log
2012-12-30 19:02:26 4438 ----a-w- [---] C:\WINDOWS\imsins.log
2012-12-30 19:02:26 20608 ----a-w- [---] C:\WINDOWS\comsetup.log
2012-12-30 19:02:26 195462 ----a-w- [---] C:\WINDOWS\setupact.log
2012-12-30 19:02:26 1802 ----a-w- [---] C:\WINDOWS\tabletoc.log
2012-12-30 19:02:26 14263 ----a-w- [---] C:\WINDOWS\tsoc.log
2012-12-30 19:02:26 12305 ----a-w- [---] C:\WINDOWS\ntdtcsetup.log
2012-12-30 19:02:26 1189 ----a-w- [---] C:\WINDOWS\ocmsn.log
2012-12-30 19:02:20 261 ----a-w- [---] C:\WINDOWS\system32\$winnt$.inf
2012-12-30 18:58:55 477 ----a-w- [---] C:\WINDOWS\win.ini
2012-12-30 18:58:55 2596 ----a-w- [---] C:\WINDOWS\system32\CONFIG.NT
2012-12-30 18:58:55 0 --sha-r- [---] C:\MSDOS.SYS
2012-12-30 18:58:55 0 --sha-r- [---] C:\IO.SYS
2012-12-30 18:58:55 0 ----a-w- [---] C:\WINDOWS\control.ini
2012-12-30 18:58:55 0 ----a-w- [---] C:\CONFIG.SYS
2012-12-30 18:58:55 0 ----a-w- [---] C:\AUTOEXEC.BAT
2012-12-30 18:58:45 316640 ----a-w- [---] C:\WINDOWS\WMSysPr9.prx
2012-12-30 18:58:44 23392 ----a-w- [---] C:\WINDOWS\system32\nscompat.tlb
2012-12-30 18:58:44 16832 ----a-w- [---] C:\WINDOWS\system32\amcompat.tlb
2012-12-30 18:58:32 4293 ----a-w- [---] C:\WINDOWS\ODBCINST.INI
2012-12-30 18:57:16 488 ---ha-r- [---] C:\WINDOWS\system32\WindowsLogon.manifest
2012-12-30 18:57:16 488 ---ha-r- [---] C:\WINDOWS\system32\logonui.exe.manifest
2012-12-30 18:57:07 749 ---ha-r- [---] C:\WINDOWS\WindowsShell.Manifest
2012-12-30 18:57:07 749 ---ha-r- [---] C:\WINDOWS\system32\wuaucpl.cpl.manifest
2012-12-30 18:57:07 749 ---ha-r- [---] C:\WINDOWS\system32\sapi.cpl.manifest
2012-12-30 18:57:07 749 ---ha-r- [---] C:\WINDOWS\system32\nwc.cpl.manifest
2012-12-30 18:57:07 749 ---ha-r- [---] C:\WINDOWS\system32\ncpa.cpl.manifest
2012-12-30 18:57:07 749 ---ha-r- [---] C:\WINDOWS\system32\cdplayer.exe.manifest
2012-12-30 18:55:27 1919 ----a-w- [---] C:\WINDOWS\MedCtrOC.log
2012-12-30 18:55:27 17739 ----a-w- [---] C:\WINDOWS\ocgen.log
2012-12-30 18:55:27 16773 ----a-w- [---] C:\WINDOWS\FaxSetup.log
2012-12-30 18:55:27 1181 ----a-w- [---] C:\WINDOWS\msgsocm.log
2012-12-30 18:55:27 1017 ----a-w- [---] C:\WINDOWS\sessmgr.setup.log
2012-12-30 18:55:23 3886 ----a-w- [---] C:\WINDOWS\netfxocm.log
2012-12-30 18:54:47 21856 ----a-w- [---] C:\WINDOWS\system32\emptyregdb.dat
2012-12-30 18:54:36 37 ----a-w- [---] C:\WINDOWS\vbaddin.ini
2012-12-30 18:54:36 36 ----a-w- [---] C:\WINDOWS\vb.ini
2012-12-30 18:54:28 133 ----a-w- [---] C:\WINDOWS\DtcInstall.log
2012-12-30 18:54:23 13264 ----a-w- [---] C:\WINDOWS\msmqinst.log
2012-12-30 18:52:39 200 ----a-w- [---] C:\WINDOWS\cmsetacl.log
2012-12-30 18:52:14 211 --sh--w- [---] C:\boot.ini

Scan completed: 2013-01-02 16:07:15,00
FINISHED

[/log]

[b]GMER[/b][log]GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2013-01-02 16:41:09
Windows 5.1.2600 Dodatek Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD1600AABB-00PUA0 rev.00.07H00
Running: k35ficdl.exe; Driver: C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\kwldapow.sys


---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtCreateFile + 6 7C90D688 4 Bytes [28, 68, E7, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtCreateFile + B 7C90D68D 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtMapViewOfSection + 6 7C90DC5B 4 Bytes [28, 6B, E7, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtMapViewOfSection + B 7C90DC60 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenFile + 6 7C90DD03 4 Bytes [68, 68, E7, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenFile + B 7C90DD08 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenProcess + 6 7C90DD81 4 Bytes [A8, 69, E7, 00] {TEST AL, 0x69; OUT 0x0, EAX}
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenProcess + B 7C90DD86 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenProcessToken + 6 7C90DD96 4 Bytes CALL 7B91C504
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenProcessToken + B 7C90DD9B 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenProcessTokenEx + 6 7C90DDAB 4 Bytes [A8, 6A, E7, 00] {TEST AL, 0x6a; OUT 0x0, EAX}
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenProcessTokenEx + B 7C90DDB0 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenThread + 6 7C90DDFF 4 Bytes [68, 69, E7, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenThread + B 7C90DE04 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenThreadToken + 6 7C90DE14 4 Bytes [68, 6A, E7, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenThreadToken + B 7C90DE19 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenThreadTokenEx + 6 7C90DE29 4 Bytes CALL 7B91C598
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenThreadTokenEx + B 7C90DE2E 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtQueryAttributesFile + 6 7C90DEE6 4 Bytes [A8, 68, E7, 00] {TEST AL, 0x68; OUT 0x0, EAX}
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtQueryAttributesFile + B 7C90DEEB 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtQueryFullAttributesFile + 6 7C90DFB8 4 Bytes CALL 7B91C725
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtQueryFullAttributesFile + B 7C90DFBD 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtSetInformationFile + 6 7C90E5DF 4 Bytes [28, 69, E7, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtSetInformationFile + B 7C90E5E4 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtSetInformationThread + 6 7C90E648 4 Bytes [28, 6A, E7, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtSetInformationThread + B 7C90E64D 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtUnmapViewOfSection + 6 7C90E966 4 Bytes [68, 6B, E7, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtUnmapViewOfSection + B 7C90E96B 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtCreateFile + 6 7C90D688 4 Bytes [28, 94, 55, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtCreateFile + B 7C90D68D 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtMapViewOfSection + 6 7C90DC5B 4 Bytes [28, 97, 55, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtMapViewOfSection + B 7C90DC60 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenFile + 6 7C90DD03 4 Bytes [68, 94, 55, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenFile + B 7C90DD08 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenProcess + 6 7C90DD81 4 Bytes [A8, 95, 55, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenProcess + B 7C90DD86 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenProcessToken + 6 7C90DD96 4 Bytes CALL 7B913330
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenProcessToken + B 7C90DD9B 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenProcessTokenEx + 6 7C90DDAB 4 Bytes [A8, 96, 55, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenProcessTokenEx + B 7C90DDB0 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenThread + 6 7C90DDFF 4 Bytes [68, 95, 55, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenThread + B 7C90DE04 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenThreadToken + 6 7C90DE14 4 Bytes [68, 96, 55, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenThreadToken + B 7C90DE19 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenThreadTokenEx + 6 7C90DE29 4 Bytes CALL 7B9133C4
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenThreadTokenEx + B 7C90DE2E 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtQueryAttributesFile + 6 7C90DEE6 4 Bytes [A8, 94, 55, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtQueryAttributesFile + B 7C90DEEB 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtQueryFullAttributesFile + 6 7C90DFB8 4 Bytes CALL 7B913551
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtQueryFullAttributesFile + B 7C90DFBD 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtSetInformationFile + 6 7C90E5DF 4 Bytes [28, 95, 55, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtSetInformationFile + B 7C90E5E4 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtSetInformationThread + 6 7C90E648 4 Bytes [28, 96, 55, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtSetInformationThread + B 7C90E64D 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtUnmapViewOfSection + 6 7C90E966 4 Bytes [68, 97, 55, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtUnmapViewOfSection + B 7C90E96B 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtCreateFile + 6 7C90D688 4 Bytes [28, 30, 6F, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtCreateFile + B 7C90D68D 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtMapViewOfSection + 6 7C90DC5B 4 Bytes [28, 33, 6F, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtMapViewOfSection + B 7C90DC60 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenFile + 6 7C90DD03 4 Bytes [68, 30, 6F, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenFile + B 7C90DD08 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenProcess + 6 7C90DD81 4 Bytes [A8, 31, 6F, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenProcess + B 7C90DD86 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenProcessToken + 6 7C90DD96 4 Bytes CALL 7B914CCC
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenProcessToken + B 7C90DD9B 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenProcessTokenEx + 6 7C90DDAB 4 Bytes [A8, 32, 6F, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenProcessTokenEx + B 7C90DDB0 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenThread + 6 7C90DDFF 4 Bytes [68, 31, 6F, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenThread + B 7C90DE04 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenThreadToken + 6 7C90DE14 4 Bytes [68, 32, 6F, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenThreadToken + B 7C90DE19 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenThreadTokenEx + 6 7C90DE29 4 Bytes CALL 7B914D60
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenThreadTokenEx + B 7C90DE2E 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtQueryAttributesFile + 6 7C90DEE6 4 Bytes [A8, 30, 6F, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtQueryAttributesFile + B 7C90DEEB 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtQueryFullAttributesFile + 6 7C90DFB8 4 Bytes CALL 7B914EED
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtQueryFullAttributesFile + B 7C90DFBD 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtSetInformationFile + 6 7C90E5DF 4 Bytes [28, 31, 6F, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtSetInformationFile + B 7C90E5E4 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtSetInformationThread + 6 7C90E648 4 Bytes [28, 32, 6F, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtSetInformationThread + B 7C90E64D 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtUnmapViewOfSection + 6 7C90E966 4 Bytes [68, 33, 6F, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtUnmapViewOfSection + B 7C90E96B 1 Byte [E2]

---- EOF - GMER 1.0.15 ----

[/log]

[Natsuki Kuga]

Czy występują jeszcze jakieś problemy?

[Soul_bullock]

od czasu "usuniecia" tego innego EXPLORER komp wlacza sie duzo dłuzej i czasem sie wiesza.  zuzycie CPU zwykłego procesu explorer.exe dochodzi czasem do 80-90

//EDIT: Mam jeszcze pytanie, syf ten przenislem z pena kolezanki. Teraz mam załatwione 2 peny i karte pamieci telefonu. Da sie tego z nich jakos pozbyc? zwykle zformatowanie nie pomoglo.

Odświeżam. Dlaczego teraz chodzi wolno? Prosze o odp Edytowane 6 stycznia 2013 przez Soul_bullock

[Natsuki Kuga]

//EDIT: Mam jeszcze pytanie, syf ten przenislem z pena kolezanki. Teraz mam załatwione 2 peny i karte pamieci telefonu. Da sie tego z nich jakos pozbyc? zwykle zformatowanie nie pomoglo.

Użyj USBFix z opcji Deletion. Pokaż raport.

 

Po wykonaniu tego pokaż też zestaw nowych logów.

[Soul_bullock]

Z pena i Karty usuniete.

Ale to nie poprawia tego ważnejszego problemu bo komp chodzi jak czołg ;/ a nie chodził tak

[log]

OTL logfile created on: 2013-01-18 15:12:43 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Piootrek\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1015,48 Mb Total Physical Memory | 509,61 Mb Available Physical Memory | 50,18% Memory free
2,39 Gb Paging File | 1,99 Gb Available in Paging File | 83,32% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 49,26 Gb Free Space | 84,07% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 46,79 Gb Free Space | 95,83% Space Free | Partition Type: NTFS
Drive E: | 41,62 Gb Total Space | 38,54 Gb Free Space | 92,61% Space Free | Partition Type: NTFS

Computer Name: PIOTREK | User Name: Piootrek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2013-01-01 17:56:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piootrek\Pulpit\OTL.exe
PRC - [2012-12-31 11:42:51 | 000,170,408 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2011-09-28 11:33:26 | 000,539,216 | ---- | M] () -- C:\Program Files\ArcaBit\ArcaAgent\ArcaRemoteSvc.exe
PRC - [2011-09-27 08:58:00 | 000,117,328 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaUpdate\update.exe
PRC - [2011-09-26 14:10:36 | 000,494,160 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\AVMenu.exe
PRC - [2011-09-21 13:56:04 | 000,137,808 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\ArcaConfSV.exe
PRC - [2011-06-17 15:58:02 | 000,155,112 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\ArcaMainSV.exe
PRC - [2011-01-21 13:42:20 | 000,129,616 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\ArcaTasksService.exe
PRC - [2006-08-02 22:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2004-08-04 00:55:54 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2004-08-03 23:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2004-08-03 23:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2004-08-03 23:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2004-08-03 23:44:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004-08-03 23:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2004-08-03 23:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2004-08-03 23:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2004-07-01 05:02:52 | 000,155,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxtray.exe
PRC - [2004-07-01 04:58:46 | 000,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2013-01-01 17:56:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piootrek\Pulpit\OTL.exe
MOD - [2012-12-31 11:42:51 | 000,768,848 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Java\jre7\bin\msvcr100.dll
MOD - [2012-12-31 11:42:51 | 000,170,408 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
MOD - [2012-06-09 19:20:02 | 000,168,448 | ---- | M] (Alexander Roshal) -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2012-06-05 10:41:30 | 001,232,896 | ---- | M] (GG Network S.A.) -- C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll
MOD - [2011-10-19 18:25:44 | 000,297,552 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanExploit.dll
MOD - [2011-09-28 11:33:46 | 004,729,424 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\abmaster.dll
MOD - [2011-09-28 11:33:26 | 000,539,216 | ---- | M] () -- C:\Program Files\ArcaBit\ArcaAgent\ArcaRemoteSvc.exe
MOD - [2011-09-27 08:58:00 | 000,117,328 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaUpdate\update.exe
MOD - [2011-09-26 14:10:36 | 000,494,160 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\AVMenu.exe
MOD - [2011-09-21 14:00:12 | 000,088,656 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\ArcaLogs.dll
MOD - [2011-09-21 13:56:04 | 000,137,808 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\ArcaConfSV.exe
MOD - [2011-09-21 13:55:56 | 000,125,520 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\AVConfig.dll
MOD - [2011-09-21 13:55:48 | 000,473,680 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\filescan.dll
MOD - [2011-09-09 14:59:40 | 000,203,344 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\facproxy.dll
MOD - [2011-09-09 14:59:34 | 000,121,424 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\HTTPContent.dll
MOD - [2011-08-11 17:19:12 | 000,076,368 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\AVObject.dll
MOD - [2011-07-29 13:20:24 | 000,113,232 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\ABSlave.dll
MOD - [2011-07-28 15:18:30 | 000,739,920 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\AVConvOb.dll
MOD - [2011-07-28 15:18:24 | 000,551,504 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\AVArchOb.dll
MOD - [2011-07-28 15:18:14 | 000,748,112 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\netscan.dll
MOD - [2011-07-14 14:55:36 | 000,044,624 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\AVQuarEx.dll
MOD - [2011-07-06 10:06:20 | 000,024,656 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\DiskCheck.dll
MOD - [2011-06-17 15:58:02 | 000,155,112 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\ArcaMainSV.exe
MOD - [2011-06-17 15:58:00 | 000,445,008 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\avaspam.dll
MOD - [2011-05-14 01:17:40 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
MOD - [2011-05-14 01:12:34 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
MOD - [2011-05-13 20:04:20 | 001,093,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll
MOD - [2011-05-05 13:19:50 | 000,305,744 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\HTTPRegx.dll
MOD - [2011-05-05 13:19:38 | 000,072,272 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanTrojan.dll
MOD - [2011-05-05 13:19:24 | 000,045,648 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanGeneric.dll
MOD - [2011-05-05 13:19:12 | 000,020,048 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanCom.dll
MOD - [2011-04-26 11:56:46 | 000,068,176 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\avengine.dll
MOD - [2011-04-26 11:55:56 | 000,029,264 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanText.dll
MOD - [2011-04-04 12:02:38 | 000,035,920 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanScript.dll
MOD - [2011-04-04 12:02:30 | 000,032,336 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanMlw.dll
MOD - [2011-04-04 12:02:22 | 000,023,632 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanHeurDM.dll
MOD - [2011-04-04 12:02:10 | 000,041,552 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanExe.dll
MOD - [2011-04-04 12:02:00 | 000,016,464 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanEicar.dll
MOD - [2011-04-04 12:01:52 | 000,022,096 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanDialer.dll
MOD - [2011-04-04 12:01:38 | 000,028,752 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanAux.dll
MOD - [2011-04-04 12:01:32 | 000,064,080 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\Heur.dll
MOD - [2011-04-04 12:01:16 | 000,025,168 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\Cure.dll
MOD - [2011-03-17 17:28:32 | 000,088,656 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanOle.dll
MOD - [2011-03-08 14:54:08 | 000,020,048 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanHlp.dll
MOD - [2011-03-07 15:26:52 | 000,036,432 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\AVUtils.dll
MOD - [2011-03-07 15:24:12 | 000,018,512 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\Patterns.dll
MOD - [2011-03-07 15:23:56 | 000,044,112 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\FindMeta.dll
MOD - [2011-03-07 15:23:30 | 000,025,168 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\BaseManager.dll
MOD - [2011-01-21 13:42:20 | 000,129,616 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\ArcaTasksService.exe
MOD - [2011-01-17 16:19:10 | 000,420,864 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
MOD - [2011-01-14 11:38:22 | 000,121,424 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\avcnstat.dll
MOD - [2010-12-23 18:56:26 | 000,030,800 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\AVLang.dll
MOD - [2010-12-23 18:53:40 | 000,043,088 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaUpdate\HTTPServ_dll.dll
MOD - [2010-12-16 17:40:30 | 000,034,896 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\MetaProc.dll
MOD - [2010-11-05 12:58:14 | 000,219,728 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\ArcaBit\ArcaVir\ssleay32.dll
MOD - [2010-11-05 12:58:02 | 001,038,928 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\ArcaBit\ArcaVir\libeay32.dll
MOD - [2010-09-27 18:19:22 | 000,207,440 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\avtransl.dll
MOD - [2010-08-31 23:21:54 | 000,129,616 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Decrypt.dll
MOD - [2010-03-18 16:47:22 | 000,030,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll
MOD - [2010-03-18 16:47:22 | 000,017,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\aspnet_counters.dll
MOD - [2010-03-18 13:16:28 | 000,771,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr100_clr0400.dll
MOD - [2010-03-18 13:16:28 | 000,413,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MOD - [2010-03-18 13:16:28 | 000,129,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
MOD - [2010-03-18 13:16:28 | 000,121,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll
MOD - [2010-03-18 10:09:00 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscoree.dll
MOD - [2010-03-18 10:09:00 | 000,049,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netfxperf.dll
MOD - [2009-07-12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009-07-12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
MOD - [2009-03-08 04:39:48 | 011,063,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieframe.dll
MOD - [2009-03-08 04:34:58 | 000,914,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2009-03-08 04:34:56 | 001,206,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2009-03-08 04:34:48 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll
MOD - [2009-03-08 04:32:22 | 001,985,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iertutil.dll
MOD - [2009-01-07 18:21:32 | 001,497,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll
MOD - [2009-01-07 18:21:32 | 001,022,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll
MOD - [2009-01-07 18:21:32 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-01-07 18:20:36 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\normaliz.dll
MOD - [2006-08-02 22:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
MOD - [2006-06-02 12:01:34 | 000,151,552 | R--- | M] (STMicroelectronics ) -- C:\WINDOWS\system32\stmctrl.dll
MOD - [2005-05-04 14:45:32 | 002,890,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll
MOD - [2004-08-04 00:55:54 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
MOD - [2004-08-03 23:54:52 | 000,359,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll
MOD - [2004-08-03 23:54:52 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll
MOD - [2004-08-03 23:54:52 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll
MOD - [2004-08-03 23:54:52 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv
MOD - [2004-08-03 23:54:52 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2004-08-03 23:54:52 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll
MOD - [2004-08-03 23:44:32 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\h323.tsp
MOD - [2004-08-03 23:44:32 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp
MOD - [2004-08-03 23:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2004-08-03 23:44:32 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ndptsp.tsp
MOD - [2004-08-03 23:44:32 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp
MOD - [2004-08-03 23:44:32 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp
MOD - [2004-08-03 23:44:32 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipconf.tsp
MOD - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
MOD - [2004-08-03 23:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
MOD - [2004-08-03 23:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
MOD - [2004-08-03 23:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
MOD - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
MOD - [2004-08-03 23:44:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
MOD - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
MOD - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
MOD - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
MOD - [2004-08-03 23:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
MOD - [2004-08-03 23:44:18 | 000,338,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\zipfldr.dll
MOD - [2004-08-03 23:44:16 | 000,437,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll
MOD - [2004-08-03 23:44:16 | 000,378,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcdlg.dll
MOD - [2004-08-03 23:44:16 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll
MOD - [2004-08-03 23:44:16 | 000,333,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wiaservc.dll
MOD - [2004-08-03 23:44:16 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2004-08-03 23:44:16 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll
MOD - [2004-08-03 23:44:16 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2004-08-03 23:44:16 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll
MOD - [2004-08-03 23:44:16 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprov.dll
MOD - [2004-08-03 23:44:16 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll
MOD - [2004-08-03 23:44:16 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll
MOD - [2004-08-03 23:44:16 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll
MOD - [2004-08-03 23:44:16 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll
MOD - [2004-08-03 23:44:16 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll
MOD - [2004-08-03 23:44:16 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiaprpl.dll
MOD - [2004-08-03 23:44:16 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2004-08-03 23:44:16 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2004-08-03 23:44:16 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll
MOD - [2004-08-03 23:44:16 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2004-08-03 23:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll
MOD - [2004-08-03 23:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2004-08-03 23:44:16 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2004-08-03 23:44:16 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll
MOD - [2004-08-03 23:44:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2004-08-03 23:44:14 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll
MOD - [2004-08-03 23:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2004-08-03 23:44:14 | 000,530,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll
MOD - [2004-08-03 23:44:14 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll
MOD - [2004-08-03 23:44:14 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll
MOD - [2004-08-03 23:44:14 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll
MOD - [2004-08-03 23:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll
MOD - [2004-08-03 23:44:14 | 000,246,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapisrv.dll
MOD - [2004-08-03 23:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2004-08-03 23:44:14 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll
MOD - [2004-08-03 23:44:14 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll
MOD - [2004-08-03 23:44:14 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll
MOD - [2004-08-03 23:44:14 | 000,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll
MOD - [2004-08-03 23:44:14 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll
MOD - [2004-08-03 23:44:14 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll
MOD - [2004-08-03 23:44:14 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll
MOD - [2004-08-03 23:44:14 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll
MOD - [2004-08-03 23:44:14 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemsvc.dll
MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemprox.dll
MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2004-08-03 23:44:14 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll
MOD - [2004-08-03 23:44:14 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uniplat.dll
MOD - [2004-08-03 23:44:12 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll
MOD - [2004-08-03 23:44:12 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll
MOD - [2004-08-03 23:44:12 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll
MOD - [2004-08-03 23:44:12 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll
MOD - [2004-08-03 23:44:12 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll
MOD - [2004-08-03 23:44:12 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sti.dll
MOD - [2004-08-03 23:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2004-08-03 23:44:12 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2004-08-03 23:44:12 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll
MOD - [2004-08-03 23:44:10 | 008,412,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2004-08-03 23:44:10 | 001,439,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\query.dll
MOD - [2004-08-03 23:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2004-08-03 23:44:10 | 000,675,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll
MOD - [2004-08-03 23:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2004-08-03 23:44:10 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll
MOD - [2004-08-03 23:44:10 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll
MOD - [2004-08-03 23:44:10 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll
MOD - [2004-08-03 23:44:10 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll
MOD - [2004-08-03 23:44:10 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasppp.dll
MOD - [2004-08-03 23:44:10 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll
MOD - [2004-08-03 23:44:10 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
MOD - [2004-08-03 23:44:10 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll
MOD - [2004-08-03 23:44:10 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasmans.dll
MOD - [2004-08-03 23:44:10 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll
MOD - [2004-08-03 23:44:10 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll
MOD - [2004-08-03 23:44:10 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll
MOD - [2004-08-03 23:44:10 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll
MOD - [2004-08-03 23:44:10 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll
MOD - [2004-08-03 23:44:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2004-08-03 23:44:10 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll
MOD - [2004-08-03 23:44:10 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll
MOD - [2004-08-03 23:44:10 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastapi.dll
MOD - [2004-08-03 23:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2004-08-03 23:44:10 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll
MOD - [2004-08-03 23:44:10 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2004-08-03 23:44:10 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll
MOD - [2004-08-03 23:44:10 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll
MOD - [2004-08-03 23:44:10 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll
MOD - [2004-08-03 23:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2004-08-03 23:44:10 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll
MOD - [2004-08-03 23:44:10 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll
MOD - [2004-08-03 23:44:10 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll
MOD - [2004-08-03 23:44:10 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll
MOD - [2004-08-03 23:44:10 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll
MOD - [2004-08-03 23:44:08 | 001,714,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll
MOD - [2004-08-03 23:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2004-08-03 23:44:08 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netcfgx.dll
MOD - [2004-08-03 23:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2004-08-03 23:44:08 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll
MOD - [2004-08-03 23:44:08 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2004-08-03 23:44:08 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pdh.dll
MOD - [2004-08-03 23:44:08 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll
MOD - [2004-08-03 23:44:08 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2004-08-03 23:44:08 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2004-08-03 23:44:08 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll
MOD - [2004-08-03 23:44:08 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll
MOD - [2004-08-03 23:44:08 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2004-08-03 23:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2004-08-03 23:44:08 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2004-08-03 23:44:08 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll
MOD - [2004-08-03 23:44:08 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll
MOD - [2004-08-03 23:44:08 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2004-08-03 23:44:08 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfctrs.dll
MOD - [2004-08-03 23:44:08 | 000,038,912 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
MOD - [2004-08-03 23:44:08 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll
MOD - [2004-08-03 23:44:08 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfproc.dll
MOD - [2004-08-03 23:44:08 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfdisk.dll
MOD - [2004-08-03 23:44:08 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfos.dll
MOD - [2004-08-03 23:44:08 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcbcp.dll
MOD - [2004-08-03 23:44:08 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll
MOD - [2004-08-03 23:44:08 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2004-08-03 23:44:08 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlsapi.dll
MOD - [2004-08-03 23:44:06 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2004-08-03 23:44:06 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2004-08-03 23:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2004-08-03 23:44:06 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll
MOD - [2004-08-03 23:44:06 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll
MOD - [2004-08-03 23:44:06 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll
MOD - [2004-08-03 23:44:06 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll
MOD - [2004-08-03 23:44:06 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll
MOD - [2004-08-03 23:44:06 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msidle.dll
MOD - [2004-08-03 23:44:06 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll
MOD - [2004-08-03 23:44:04 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll
MOD - [2004-08-03 23:44:04 | 000,425,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcprx.dll
MOD - [2004-08-03 23:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2004-08-03 23:44:04 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcuiu.dll
MOD - [2004-08-03 23:44:04 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll
MOD - [2004-08-03 23:44:04 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll
MOD - [2004-08-03 23:44:04 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2004-08-03 23:44:04 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2004-08-03 23:44:04 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2004-08-03 23:44:02 | 001,024,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42u.dll
MOD - [2004-08-03 23:44:02 | 001,012,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2004-08-03 23:44:02 | 000,723,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll
MOD - [2004-08-03 23:44:02 | 000,343,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll
MOD - [2004-08-03 23:44:02 | 000,331,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipnathlp.dll
MOD - [2004-08-03 23:44:02 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll
MOD - [2004-08-03 23:44:02 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll
MOD - [2004-08-03 23:44:02 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\loadperf.dll
MOD - [2004-08-03 23:44:02 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2004-08-03 23:44:02 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll
MOD - [2004-08-03 23:44:02 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfcsubs.dll
MOD - [2004-08-03 23:44:02 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll
MOD - [2004-08-03 23:44:02 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2004-08-03 23:44:00 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll
MOD - [2004-08-03 23:44:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2004-08-03 23:44:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2004-08-03 23:44:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2004-08-03 23:44:00 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll
MOD - [2004-08-03 23:43:58 | 001,092,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll
MOD - [2004-08-03 23:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll
MOD - [2004-08-03 23:43:58 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\duser.dll
MOD - [2004-08-03 23:43:58 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll
MOD - [2004-08-03 23:43:58 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll
MOD - [2004-08-03 23:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
MOD - [2004-08-03 23:43:58 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\fltlib.dll
MOD - [2004-08-03 23:43:56 | 001,251,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comsvcs.dll
MOD - [2004-08-03 23:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2004-08-03 23:43:56 | 000,611,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll
MOD - [2004-08-03 23:43:56 | 000,601,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2004-08-03 23:43:56 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll
MOD - [2004-08-03 23:43:56 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll
MOD - [2004-08-03 23:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2004-08-03 23:43:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll
MOD - [2004-08-03 23:43:56 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll
MOD - [2004-08-03 23:43:56 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll
MOD - [2004-08-03 23:43:56 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll
MOD - [2004-08-03 23:43:56 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptnet.dll
MOD - [2004-08-03 23:43:56 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\colbact.dll
MOD - [2004-08-03 23:43:56 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll
MOD - [2004-08-03 23:43:56 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll
MOD - [2004-08-03 23:43:56 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2004-08-03 23:43:56 | 000,024,064 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\system32\dmserver.dll
MOD - [2004-08-03 23:43:56 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2004-08-03 23:43:54 | 000,628,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\catsrvut.dll
MOD - [2004-08-03 23:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2004-08-03 23:43:54 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\catsrv.dll
MOD - [2004-08-03 23:43:54 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll
MOD - [2004-08-03 23:43:54 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2004-08-03 23:43:54 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll
MOD - [2004-08-03 23:43:54 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll
MOD - [2004-08-03 23:43:54 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll
MOD - [2004-08-03 23:43:54 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll
MOD - [2004-08-03 23:43:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll
MOD - [2004-08-03 23:43:54 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll
MOD - [2004-08-03 23:43:54 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll
MOD - [2004-08-03 23:43:52 | 001,852,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcGenral.dll
MOD - [2004-08-03 23:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2004-08-03 23:43:52 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll
MOD - [2004-08-03 23:43:52 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll
MOD - [2004-08-03 23:43:52 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll
MOD - [2004-08-03 23:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2004-08-03 23:43:42 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapres.dll
MOD - [2004-08-03 23:43:42 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll
MOD - [2004-08-03 23:43:30 | 002,953,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2004-08-03 23:43:20 | 000,563,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdoclc.dll
MOD - [2004-08-03 23:43:14 | 000,427,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpob2res.dll
MOD - [2004-08-03 23:43:14 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2004-08-03 23:43:08 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll
MOD - [2004-08-03 23:42:58 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2004-08-03 23:42:42 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cfgmgr32.dll
MOD - [2004-08-03 23:42:40 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browselc.dll
MOD - [2004-08-03 23:42:34 | 001,712,128 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\GdiPlus.dll
MOD - [2004-08-03 23:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004-08-03 22:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2004-08-03 21:31:44 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2004-08-03 21:31:44 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll
MOD - [2004-07-01 05:03:56 | 000,167,936 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxres.dll
MOD - [2004-07-01 05:02:52 | 000,155,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxtray.exe
MOD - [2004-07-01 05:02:28 | 000,225,280 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpph.dll
MOD - [2004-07-01 04:58:46 | 000,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
MOD - [2004-07-01 04:58:34 | 000,126,976 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxhk.dll
MOD - [2004-07-01 04:58:26 | 000,344,064 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.dll
MOD - [2004-07-01 04:58:02 | 001,097,728 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxress.dll
MOD - [2004-07-01 04:57:50 | 000,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hccutils.dll
MOD - [2004-07-01 04:57:42 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxdev.dll
MOD - [2001-10-26 18:30:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv
MOD - [2001-10-26 18:29:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\traffic.dll
MOD - [2001-10-26 18:29:44 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\utildll.dll
MOD - [2001-10-26 18:29:44 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapiperf.dll
MOD - [2001-10-26 18:29:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfnet.dll
MOD - [2001-10-26 18:29:40 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasctrs.dll
MOD - [2001-10-26 18:29:40 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfts.dll
MOD - [2001-10-26 18:29:40 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pschdprf.dll
MOD - [2001-10-26 18:29:40 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvpperf.dll
MOD - [2001-10-26 18:28:30 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc -- (gupdatem)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /svc -- (gupdate)
SRV - [2013-01-09 17:28:15 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-12-31 11:42:51 | 000,170,408 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011-09-28 11:33:26 | 000,539,216 | ---- | M] () [Auto | Running] -- C:\Program Files\ArcaBit\ArcaAgent\ArcaRemoteSvc.exe -- (ArcaRemoteService)
SRV - [2011-09-27 08:58:00 | 000,117,328 | ---- | M] (ArcaBit) [Auto | Running] -- C:\Program Files\ArcaBit\ArcaUpdate\update.exe -- (AVUpdate)
SRV - [2011-09-21 13:56:04 | 000,137,808 | ---- | M] (ArcaBit) [Auto | Running] -- C:\Program Files\ArcaBit\Common\ArcaConfSV.exe -- (ABConfSV)
SRV - [2011-06-17 15:58:02 | 000,155,112 | ---- | M] (ArcaBit) [Auto | Running] -- C:\Program Files\ArcaBit\ArcaVir\ArcaMainSV.exe -- (ABMainSV)
SRV - [2011-03-29 13:37:42 | 000,186,960 | ---- | M] (ArcaBit) [Auto | Stopped] -- C:\Program Files\ArcaBit\ArcaTools\ArcaBackup\ArcaBackupService.exe -- (AVBackup)
SRV - [2011-01-21 13:42:20 | 000,129,616 | ---- | M] (ArcaBit) [Auto | Running] -- C:\Program Files\ArcaBit\Common\ArcaTasksService.exe -- (AVTasks2)
SRV - [2004-08-03 23:44:02 | 000,174,326 | RHS- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\omepcb.dll -- (nfipqs)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCAMPR5.SYS -- (PCAMPR5)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2011-02-21 15:56:58 | 000,037,968 | ---- | M] (ArcaBit) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\abndis.sys -- (ABndisMP)
DRV - [2011-02-21 15:56:58 | 000,037,968 | ---- | M] (ArcaBit) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\abndis.sys -- (ABndis)
DRV - [2011-02-14 17:16:02 | 000,052,304 | ---- | M] (ArcaBit) [File_System | On_Demand | Running] -- C:\Program Files\ArcaBit\ArcaVir\ABFLT.sys -- (ABFLT)
DRV - [2010-10-26 13:04:30 | 000,051,280 | ---- | M] (ArcaBit) [Kernel | System | Running] -- C:\Program Files\ArcaBit\ArcaVir\ABTDI.sys -- (ABTDI)
DRV - [2006-08-18 06:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM)
DRV - [2006-05-25 16:28:44 | 000,684,265 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb)
DRV - [2004-08-04 00:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2003-08-12 15:51:00 | 000,060,255 | R--- | M] (STMicroelectronics ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm)
DRV - [2003-08-04 13:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)
DRV - [2001-08-17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001-08-17 21:12:40 | 000,019,017 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8029.sys -- (rtl8029)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-436374069-2049760794-1417001333-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-436374069-2049760794-1417001333-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-436374069-2049760794-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll File not found



[color=#E56717]========== Chrome ==========[/color]

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Piootrek\Moje dokumenty\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Piootrek\Moje dokumenty\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Piootrek\Moje dokumenty\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Java(TM) Platform SE 7 U10 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll
CHR - plugin: Java Deployment Toolkit 7.0.100.18 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll

O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [ABREGMON] C:\Program Files\ArcaBit\ArcaVir\abregmon.exe (ArcaBit)
O4 - HKLM..\Run: [AdslTaskBar] C:\WINDOWS\System32\stmctrl.dll (STMicroelectronics )
O4 - HKLM..\Run: [AvMenu] C:\Program Files\ArcaBit\ArcaVir\AVMenu.exe (ArcaBit)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-436374069-2049760794-1417001333-1004..\Run: [EXPLORER.EXE] C:\WINDOWS\System32\EXPLORER.EXE ()
O4 - HKU\S-1-5-21-436374069-2049760794-1417001333-1004..\Run: [wsctf.exe] wsctf.exe File not found
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-436374069-2049760794-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ArcaVir >> - {40525A66-DB98-480D-BCF9-7AF88C1AF438} - C:\Program Files\ArcaBit\WebExtensions\ie\ArcaIEExt.dll (ArcaBit sp. z o.o)
O9 - Extra 'Tools' menuitem : ArcaVir >> - {40525A66-DB98-480D-BCF9-7AF88C1AF438} - C:\Program Files\ArcaBit\WebExtensions\ie\ArcaIEExt.dll (ArcaBit sp. z o.o)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1357469666125 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1357470585531 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C623AF4C-8D95-491C-9A29-24DCEC5B7DCF}: NameServer = 194.204.159.1 194.204.152.34
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\System32\EXPLORER.EXE ()
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (EXPLORER.EXE) - C:\WINDOWS\System32\EXPLORER.EXE ()
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012-12-30 21:35:19 | 000,000,000 | -HSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012-12-30 21:35:20 | 000,000,000 | -HSD | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012-12-30 21:35:20 | 000,000,000 | -HSD | M] - E:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{408a7130-52b7-11e2-be00-00051c1cdbc8}\Shell - "" = AutoRun
O33 - MountPoints2\{408a7130-52b7-11e2-be00-00051c1cdbc8}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{9efb9c80-5e69-11e2-be1e-00051c1cdbc8}\Shell\AutoRun\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhx32.exe
O33 - MountPoints2\{9efb9c80-5e69-11e2-be1e-00051c1cdbc8}\Shell\open\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhx32.exe
O33 - MountPoints2\{cefa68fd-571f-11e2-be0b-00051c1cdbc8}\Shell\AutoRun\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhx32.exe
O33 - MountPoints2\{cefa68fd-571f-11e2-be0b-00051c1cdbc8}\Shell\open\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhx32.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: ojumdcjt - File not found
NetSvcs: nfipqs - C:\WINDOWS\system32\omepcb.dll ()


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2013-01-18 14:59:50 | 000,037,968 | ---- | C] (ArcaBit) -- C:\WINDOWS\System32\drivers\abndis.sys
[2013-01-18 14:59:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ArcaVir
[2013-01-18 14:57:48 | 000,000,000 | ---D | C] -- C:\Program Files\ArcaBit
[2013-01-18 14:57:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ArcaBit
[2013-01-18 14:50:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013-01-17 18:52:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Pulpit\Nowy folder
[2013-01-14 18:34:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Piszę poprawnie 4
[2013-01-14 18:34:40 | 000,000,000 | ---D | C] -- C:\Program Files\Pisze poprawnie 4
[2013-01-14 18:33:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Niezbędnik rowerzysty
[2013-01-14 18:27:38 | 000,000,000 | ---D | C] -- C:\Program Files\Niezbednik rowerzysty
[2013-01-14 18:27:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\YDP
[2013-01-14 18:24:36 | 000,000,000 | ---D | C] -- C:\Program Files\Szkola podstawowa klasa 4 - Wczoraj i dzis
[2013-01-14 18:22:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Szkola podstawowa klasy 4-6
[2013-01-14 18:22:46 | 000,000,000 | ---D | C] -- C:\Program Files\Szkola podstawowa - Muzyka na ekranie
[2013-01-13 19:46:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Szkola podstawowa klasa 4
[2013-01-13 19:46:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\YDP
[2013-01-13 19:46:57 | 000,000,000 | ---D | C] -- C:\Program Files\Szkola podstawowa klasa 4 - Tajemnice przyrody
[2013-01-13 13:35:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2013-01-13 13:34:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ElfBot NG
[2013-01-13 13:34:07 | 000,000,000 | ---D | C] -- C:\Program Files\ElfBot NG
[2013-01-13 13:33:26 | 002,110,837 | ---- | C] (NGSoft, LLC ) -- C:\Documents and Settings\Piootrek\Moje dokumenty\setup-4.5.9.exe
[2013-01-11 22:58:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\Identities
[2013-01-11 18:26:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Altaron
[2013-01-06 16:10:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Remere's Map Editor
[2013-01-06 16:10:26 | 000,000,000 | ---D | C] -- C:\Program Files\Remere's Map Editor
[2013-01-06 16:10:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Remere's Map Editor
[2013-01-06 14:29:16 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2013-01-06 13:36:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\dll-files.com
[2013-01-06 13:35:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Dll-Files Fixer
[2013-01-06 13:35:50 | 000,000,000 | ---D | C] -- C:\Program Files\Dll-Files.com Fixer
[2013-01-06 13:09:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\assembly
[2013-01-06 13:07:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2013-01-06 13:06:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013-01-06 13:06:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2013-01-06 12:48:59 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2013-01-06 11:31:50 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Piootrek\PrivacIE
[2013-01-06 10:53:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\WinRAR
[2013-01-06 10:53:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty\Tibia + inne
[2013-01-05 22:52:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Menu Start\Programy\WapSter
[2013-01-05 22:51:52 | 000,000,000 | ---D | C] -- C:\Program Files\WapSter
[2013-01-05 22:44:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013-01-05 22:20:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\WapSter
[2013-01-05 21:02:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Macromedia
[2013-01-05 21:02:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Adobe
[2013-01-05 19:11:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Tibia
[2013-01-05 18:37:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\Google
[2013-01-05 18:31:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\Opera
[2013-01-05 18:31:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Opera
[2013-01-05 18:30:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Identities
[2013-01-05 18:30:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty\Moje obrazy
[2013-01-05 18:30:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty\Moja muzyka
[2013-01-05 18:29:59 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Piootrek\IETldCache
[2013-01-05 18:29:52 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Microsoft
[2013-01-05 18:29:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Piootrek\SendTo
[2013-01-05 18:29:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Piootrek\Recent
[2013-01-05 18:29:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji
[2013-01-05 18:29:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Ulubione
[2013-01-05 18:29:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty
[2013-01-05 18:29:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Menu Start
[2013-01-05 18:29:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Autostart
[2013-01-05 18:29:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Akcesoria
[2013-01-05 18:29:52 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Piootrek\Cookies
[2013-01-05 18:29:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Piootrek\Szablony
[2013-01-05 18:29:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Piootrek\PrintHood
[2013-01-05 18:29:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Piootrek\NetHood
[2013-01-05 18:29:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Pulpit
[2013-01-05 18:29:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Piootrek\Ustawienia lokalne
[2013-01-05 18:29:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\Microsoft
[2013-01-05 08:44:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2013-01-04 15:33:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2013-01-04 15:31:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-PL
[2013-01-02 15:33:53 | 000,000,000 | ---D | C] -- C:\_OTL
[2013-01-01 17:56:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Piootrek\Pulpit\OTL.exe
[2012-12-31 20:54:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Total Video Player
[2012-12-31 20:54:23 | 000,000,000 | ---D | C] -- C:\Program Files\Total Video Player
[2012-12-31 11:43:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2012-12-31 11:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012-12-31 11:03:04 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\OpenOffice.org 3.3
[2012-12-31 11:02:06 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2012-12-31 10:04:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\GG
[2012-12-31 00:13:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
[2012-12-30 22:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Tibia
[2012-12-30 22:27:55 | 000,000,000 | ---D | C] -- C:\Program Files\Tibia
[2012-12-30 22:20:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Asprate
[2012-12-30 22:20:07 | 000,000,000 | ---D | C] -- C:\Program Files\Asprate
[2012-12-30 22:19:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\WinRAR
[2012-12-30 22:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012-12-30 21:35:19 | 000,000,000 | -HSD | C] -- C:\autorun.inf
[2012-12-30 21:33:56 | 000,000,000 | RHSD | C] -- C:\RECYCLER
[2012-12-30 20:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2012-12-30 20:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start
[2012-12-30 20:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty
[2012-12-30 20:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
[2012-12-30 20:47:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Szablony
[2012-12-30 20:47:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Ulubione
[2012-12-30 20:47:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Pulpit
[2012-12-30 20:46:27 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
[2012-12-30 20:46:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji
[2012-12-30 20:41:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads
[2012-12-30 20:38:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty\Google Chrome
[2012-12-30 20:33:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty\Google
[2012-12-30 20:28:11 | 000,032,768 | ---- | C] (France Télécom R&D) -- C:\WINDOWS\System32\WooDial2000.dll
[2012-12-30 20:28:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\neostrada tp
[2012-12-30 20:27:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\InsFiles
[2012-12-30 20:27:43 | 000,102,400 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\stmtrace.exe
[2012-12-30 20:27:43 | 000,065,536 | R--- | C] (STMicroelectronics) -- C:\WINDOWS\DSLTest.exe
[2012-12-30 20:27:42 | 000,446,464 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmadsl.cpl
[2012-12-30 20:27:42 | 000,060,255 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\drivers\stmatm.sys
[2012-12-30 20:26:18 | 000,425,984 | ---- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmcfg32.dll
[2012-12-30 20:26:18 | 000,151,552 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmctrl.dll
[2012-12-30 20:26:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ZXDSL 852
[2012-12-30 20:26:12 | 000,000,000 | ---D | C] -- C:\Program Files\ZTE ZXDSL 852
[2012-12-30 20:26:02 | 000,094,208 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\W32n50.dll
[2012-12-30 20:26:02 | 000,016,128 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCANDIS5.SYS
[2012-12-30 20:25:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Java 2 Runtime Environment
[2012-12-30 20:25:33 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012-12-30 20:24:13 | 000,000,000 | ---D | C] -- C:\Program Files\neostrada tp
[2012-12-30 20:21:00 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2012-12-30 20:20:55 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2012-12-30 20:20:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2012-12-30 20:20:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2012-12-30 20:20:50 | 000,000,000 | R--D | C] -- C:\Program Files
[2012-12-30 20:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2012-12-30 20:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2012-12-30 20:20:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2012-12-30 20:20:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2012-12-30 20:19:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2012-12-30 20:19:40 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012-12-30 20:16:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2012-12-30 20:13:50 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2012-12-30 20:13:50 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2012-12-30 20:13:50 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2012-12-30 20:13:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1045
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2012-12-30 20:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek Sound Manager
[2012-12-30 20:13:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Realtek Sound Manager
[2012-12-30 20:13:25 | 000,000,000 | ---D | C] -- C:\Program Files\AvRack
[2012-12-30 20:13:11 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek AC97
[2012-12-30 20:10:56 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012-12-30 20:10:05 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012-12-30 20:09:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012-12-30 20:09:10 | 000,000,000 | ---D | C] -- C:\Intel
[2012-12-30 20:08:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2012-12-30 20:05:04 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2012-12-30 20:04:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2012-12-30 20:03:31 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2012-12-30 20:03:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012-12-30 20:03:30 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2012-12-30 20:03:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2012-12-30 20:03:21 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2012-12-30 20:03:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2012-12-30 20:01:30 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012-12-30 20:01:30 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012-12-30 20:01:30 | 000,026,624 | ---- | C] (RICOH Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2012-12-30 20:00:00 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012-12-30 19:59:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2012-12-30 19:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2012-12-30 19:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2012-12-30 19:57:32 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2012-12-30 19:57:17 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2012-12-30 19:57:16 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2012-12-30 19:57:01 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2012-12-30 19:56:57 | 000,000,000 | ---D | C] -- C:\Program Files\Usługi online
[2012-12-30 19:56:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2012-12-30 19:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2012-12-30 19:56:04 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2012-12-30 19:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2012-12-30 19:55:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2012-12-30 19:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2012-12-30 19:55:51 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2012-12-30 19:55:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2012-12-30 19:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2012-12-30 19:55:37 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2012-12-30 19:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2012-12-30 19:55:29 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2012-12-30 19:55:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy
[2012-12-30 19:54:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Gry
[2012-12-30 19:54:38 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2012-12-30 19:54:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Narzędzia administracyjne
[2012-12-30 19:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2012-12-30 19:54:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka
[2012-12-30 19:54:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2012-12-30 19:54:17 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2012-12-30 19:54:13 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2012-12-30 19:53:44 | 000,283,136 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2012-12-30 19:53:43 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2012-12-30 19:53:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2012-12-30 19:53:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2012-12-30 19:53:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo
[2012-12-30 19:52:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2013-01-18 15:38:00 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013-01-18 15:24:17 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013-01-18 14:21:28 | 000,002,377 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\Remere's Map Editor.lnk
[2013-01-18 11:27:30 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013-01-18 11:24:51 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2013-01-18 11:24:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-01-17 23:29:02 | 001,572,864 | -H-- | M] () -- C:\Documents and Settings\Piootrek\NTUSER.DAT
[2013-01-17 23:29:02 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Piootrek\ntuser.ini
[2013-01-17 23:28:53 | 005,362,568 | -H-- | M] () -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2013-01-17 15:37:40 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013-01-14 15:32:59 | 000,126,112 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013-01-13 13:34:12 | 000,000,623 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\ElfBot NG.lnk
[2013-01-13 13:33:40 | 002,110,837 | ---- | M] (NGSoft, LLC ) -- C:\Documents and Settings\Piootrek\Moje dokumenty\setup-4.5.9.exe
[2013-01-13 13:33:23 | 001,859,072 | ---- | M] () -- C:\Documents and Settings\Piootrek\Moje dokumenty\ElfCrack.exe
[2013-01-12 14:09:28 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\DLL-Files.Com Fixer_Updates.job
[2013-01-08 18:24:44 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-01-06 14:07:35 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\DLL-Files.Com Fixer_MONTHLY.job
[2013-01-06 13:35:57 | 000,000,763 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Dll-Files Fixer.lnk
[2013-01-06 13:26:43 | 000,501,498 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2013-01-06 13:26:43 | 000,088,124 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2013-01-06 13:26:42 | 001,068,048 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2013-01-06 13:26:42 | 000,442,636 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013-01-06 13:26:42 | 000,069,670 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013-01-06 12:49:55 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013-01-05 22:53:37 | 000,018,856 | ---- | M] () -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2013-01-05 22:52:08 | 000,000,591 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\AQQ.lnk
[2013-01-05 19:07:08 | 000,006,091 | ---- | M] () -- C:\WINDOWS\stsetup.htm
[2013-01-05 19:07:05 | 000,001,414 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ZTE ZXDSL 852.lnk
[2013-01-05 18:47:43 | 000,001,875 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\Google Chrome.lnk
[2013-01-05 18:31:52 | 000,000,348 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\Moje dokumenty.lnk
[2013-01-05 18:31:37 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\Mój komputer.lnk
[2013-01-01 17:56:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piootrek\Pulpit\OTL.exe
[2012-12-31 20:54:28 | 000,000,661 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\Total Video Player.lnk
[2012-12-31 11:03:05 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.3.lnk
[2012-12-30 22:27:59 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\Tibia.lnk
[2012-12-30 22:20:09 | 000,001,856 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\Tibia MULTI-IP Changer.lnk
[2012-12-30 20:47:16 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2012-12-30 20:13:26 | 000,001,519 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AvRack.lnk
[2012-12-30 20:03:24 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2012-12-30 20:02:20 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012-12-30 19:58:55 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012-12-30 19:58:55 | 000,000,477 | ---- | M] () -- C:\WINDOWS\win.ini
[2012-12-30 19:58:55 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012-12-30 19:58:55 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012-12-30 19:58:45 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012-12-30 19:58:44 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012-12-30 19:58:44 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012-12-30 19:58:32 | 000,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012-12-30 19:57:16 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2012-12-30 19:57:16 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2012-12-30 19:57:07 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2012-12-30 19:57:07 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2012-12-30 19:57:07 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2012-12-30 19:57:07 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2012-12-30 19:57:07 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2012-12-30 19:57:07 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2012-12-30 19:54:47 | 000,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012-12-30 19:54:36 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2012-12-30 19:54:36 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2012-12-30 19:52:14 | 000,000,211 | -HS- | M] () -- C:\boot.ini

[color=#E56717]========== Files Created - No Company Name ==========[/color]

File not found -- C:\WINDOWS\System32\EXPLORER.EXE
[2013-01-13 13:34:12 | 000,000,623 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\ElfBot NG.lnk
[2013-01-13 13:33:13 | 001,859,072 | ---- | C] () -- C:\Documents and Settings\Piootrek\Moje dokumenty\ElfCrack.exe
[2013-01-06 16:10:41 | 000,002,377 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\Remere's Map Editor.lnk
[2013-01-06 15:01:39 | 000,000,661 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\Total Video Player.lnk
[2013-01-06 13:36:44 | 000,000,286 | ---- | C] () -- C:\WINDOWS\tasks\DLL-Files.Com Fixer_Updates.job
[2013-01-06 13:36:43 | 000,000,270 | ---- | C] () -- C:\WINDOWS\tasks\DLL-Files.Com Fixer_MONTHLY.job
[2013-01-06 13:35:57 | 000,000,763 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Dll-Files Fixer.lnk
[2013-01-06 12:40:50 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-01-05 22:53:37 | 000,018,856 | ---- | C] () -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2013-01-05 22:52:08 | 000,000,591 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\AQQ.lnk
[2013-01-05 19:07:05 | 000,001,414 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ZTE ZXDSL 852.lnk
[2013-01-05 18:42:43 | 005,362,568 | -H-- | C] () -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2013-01-05 18:34:17 | 000,001,875 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\Google Chrome.lnk
[2013-01-05 18:34:05 | 000,001,856 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\Tibia MULTI-IP Changer.lnk
[2013-01-05 18:31:52 | 000,000,348 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\Moje dokumenty.lnk
[2013-01-05 18:31:37 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\Mój komputer.lnk
[2013-01-05 18:30:19 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Internet Explorer.lnk
[2013-01-05 18:30:08 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Outlook Express.lnk
[2013-01-05 18:29:54 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\Piootrek\ntuser.ini
[2013-01-05 18:29:52 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Pomoc zdalna.lnk
[2013-01-05 18:29:52 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Windows Media Player.lnk
[2013-01-05 18:29:51 | 001,572,864 | -H-- | C] () -- C:\Documents and Settings\Piootrek\NTUSER.DAT
[2012-12-31 11:03:05 | 000,000,923 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.3.lnk
[2012-12-31 00:28:19 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-12-30 22:27:59 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\Tibia.lnk
[2012-12-30 20:51:52 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk
[2012-12-30 20:33:50 | 000,001,050 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-12-30 20:33:49 | 000,001,046 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-12-30 20:31:54 | 000,000,643 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Messenger.lnk
[2012-12-30 20:27:43 | 000,000,902 | R--- | C] () -- C:\WINDOWS\System32\setup.ini
[2012-12-30 20:27:43 | 000,000,161 | R--- | C] () -- C:\WINDOWS\DSLSetup.ini
[2012-12-30 20:27:42 | 000,684,265 | R--- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys
[2012-12-30 20:27:42 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\stmclean.exe
[2012-12-30 20:27:42 | 000,018,498 | R--- | C] () -- C:\WINDOWS\System32\CSALogo.bmp
[2012-12-30 20:26:11 | 000,006,091 | ---- | C] () -- C:\WINDOWS\stsetup.htm
[2012-12-30 20:25:34 | 000,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2012-12-30 20:20:59 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012-12-30 20:20:55 | 001,068,048 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2012-12-30 20:20:54 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012-12-30 20:20:51 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2012-12-30 20:20:51 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2012-12-30 20:20:51 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2012-12-30 20:20:51 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2012-12-30 20:20:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2012-12-30 20:20:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2012-12-30 20:20:46 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2012-12-30 20:20:46 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2012-12-30 20:20:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2012-12-30 20:20:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2012-12-30 20:20:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2012-12-30 20:20:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2012-12-30 20:20:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2012-12-30 20:20:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2012-12-30 20:20:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2012-12-30 20:20:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2012-12-30 20:20:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2012-12-30 20:20:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2012-12-30 20:20:42 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2012-12-30 20:20:42 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2012-12-30 20:20:42 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2012-12-30 20:20:42 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2012-12-30 20:20:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2012-12-30 20:20:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2012-12-30 20:20:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2012-12-30 20:20:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2012-12-30 20:20:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2012-12-30 20:20:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2012-12-30 20:20:41 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2012-12-30 20:20:41 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2012-12-30 20:20:41 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2012-12-30 20:20:41 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2012-12-30 20:20:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2012-12-30 20:20:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2012-12-30 20:20:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2012-12-30 20:20:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2012-12-30 20:20:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2012-12-30 20:20:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2012-12-30 20:20:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2012-12-30 20:20:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2012-12-30 20:20:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2012-12-30 20:20:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2012-12-30 20:20:33 | 000,001,734 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2012-12-30 20:20:21 | 000,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2012-12-30 20:20:21 | 000,102,826 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2012-12-30 20:20:21 | 000,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2012-12-30 20:20:21 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012-12-30 20:20:21 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2012-12-30 20:20:20 | 001,086,058 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NTPRINT.CAT
[2012-12-30 20:20:20 | 000,808,524 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012-12-30 20:20:20 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012-12-30 20:20:20 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2012-12-30 20:20:20 | 000,030,983 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2012-12-30 20:20:20 | 000,014,043 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2012-12-30 20:20:20 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012-12-30 20:20:20 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2012-12-30 20:20:20 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012-12-30 20:20:20 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2012-12-30 20:20:19 | 001,896,400 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2012-12-30 20:20:19 | 001,014,483 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2012-12-30 20:20:19 | 000,620,500 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2012-12-30 20:19:40 | 000,126,112 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-12-30 20:18:25 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2012-12-30 20:18:21 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2012-12-30 20:13:48 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012-12-30 20:13:26 | 000,001,519 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AvRack.lnk
[2012-12-30 20:13:25 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2012-12-30 20:13:06 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\alsndmgr.wav
[2012-12-30 20:13:02 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2012-12-30 20:07:02 | 000,067,380 | ---- | C] () -- C:\WINDOWS\System32\igfxhhun.lhp
[2012-12-30 20:07:02 | 000,065,087 | ---- | C] () -- C:\WINDOWS\System32\igfxhkor.lhp
[2012-12-30 20:07:02 | 000,063,938 | ---- | C] () -- C:\WINDOWS\System32\igfxhtrk.lhp
[2012-12-30 20:07:02 | 000,062,815 | ---- | C] () -- C:\WINDOWS\System32\igfxhplk.lhp
[2012-12-30 20:07:02 | 000,062,509 | ---- | C] () -- C:\WINDOWS\System32\igfxhdeu.lhp
[2012-12-30 20:07:02 | 000,061,984 | ---- | C] () -- C:\WINDOWS\System32\igfxhsve.lhp
[2012-12-30 20:07:02 | 000,061,950 | ---- | C] () -- C:\WINDOWS\System32\igfxhfrc.lhp
[2012-12-30 20:07:02 | 000,061,869 | ---- | C] () -- C:\WINDOWS\System32\igfxhtha.lhp
[2012-12-30 20:07:02 | 000,061,799 | ---- | C] () -- C:\WINDOWS\System32\igfxhfin.lhp
[2012-12-30 20:07:02 | 000,061,511 | ---- | C] () -- C:\WINDOWS\System32\igfxhfra.lhp
[2012-12-30 20:07:02 | 000,061,388 | ---- | C] () -- C:\WINDOWS\System32\igfxhptg.lhp
[2012-12-30 20:07:02 | 000,060,848 | ---- | C] () -- C:\WINDOWS\System32\igfxhesp.lhp
[2012-12-30 20:07:02 | 000,060,758 | ---- | C] () -- C:\WINDOWS\System32\igfxhjpn.lhp
[2012-12-30 20:07:02 | 000,060,547 | ---- | C] () -- C:\WINDOWS\System32\igfxhell.lhp
[2012-12-30 20:07:02 | 000,060,476 | ---- | C] () -- C:\WINDOWS\System32\igfxhdan.lhp
[2012-12-30 20:07:02 | 000,060,436 | ---- | C] () -- C:\WINDOWS\System32\igfxhptb.lhp
[2012-12-30 20:07:02 | 000,060,216 | ---- | C] () -- C:\WINDOWS\System32\igfxhrus.lhp
[2012-12-30 20:07:02 | 000,059,861 | ---- | C] () -- C:\WINDOWS\System32\igfxharb.lhp
[2012-12-30 20:07:02 | 000,059,760 | ---- | C] () -- C:\WINDOWS\System32\igfxhcsy.lhp
[2012-12-30 20:07:02 | 000,059,753 | ---- | C] () -- C:\WINDOWS\System32\igfxhara.lhp
[2012-12-30 20:07:02 | 000,059,448 | ---- | C] () -- C:\WINDOWS\System32\igfxhnld.lhp
[2012-12-30 20:07:02 | 000,059,350 | ---- | C] () -- C:\WINDOWS\System32\igfxhnor.lhp
[2012-12-30 20:07:02 | 000,059,095 | ---- | C] () -- C:\WINDOWS\System32\igfxhita.lhp
[2012-12-30 20:07:02 | 000,059,064 | ---- | C] () -- C:\WINDOWS\System32\igfxhheb.lhp
[2012-12-30 20:07:02 | 000,058,394 | ---- | C] () -- C:\WINDOWS\System32\igfxhcht.lhp
[2012-12-30 20:07:02 | 000,057,559 | ---- | C] () -- C:\WINDOWS\System32\igfxheng.lhp
[2012-12-30 20:07:02 | 000,057,430 | ---- | C] () -- C:\WINDOWS\System32\igfxhchs.lhp
[2012-12-30 20:07:02 | 000,056,937 | ---- | C] () -- C:\WINDOWS\System32\igfxhenu.lhp
[2012-12-30 20:03:31 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT
[2012-12-30 20:03:24 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2012-12-30 20:02:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012-12-30 20:02:10 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2012-12-30 20:01:23 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2012-12-30 20:01:23 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2012-12-30 20:01:21 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012-12-30 20:00:55 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012-12-30 20:00:55 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2012-12-30 20:00:44 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2012-12-30 20:00:43 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2012-12-30 20:00:41 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012-12-30 20:00:29 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2012-12-30 20:00:23 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012-12-30 20:00:18 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2012-12-30 20:00:03 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2012-12-30 19:59:59 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2012-12-30 19:59:59 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2012-12-30 19:59:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2012-12-30 19:59:58 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2012-12-30 19:59:58 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2012-12-30 19:59:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2012-12-30 19:59:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2012-12-30 19:59:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2012-12-30 19:59:57 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2012-12-30 19:59:57 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2012-12-30 19:59:57 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2012-12-30 19:59:57 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2012-12-30 19:59:57 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2012-12-30 19:59:57 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2012-12-30 19:59:57 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2012-12-30 19:59:57 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2012-12-30 19:59:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2012-12-30 19:59:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2012-12-30 19:59:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2012-12-30 19:59:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2012-12-30 19:59:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2012-12-30 19:59:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2012-12-30 19:59:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2012-12-30 19:59:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2012-12-30 19:59:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2012-12-30 19:59:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2012-12-30 19:59:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2012-12-30 19:59:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2012-12-30 19:59:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2012-12-30 19:59:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2012-12-30 19:59:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2012-12-30 19:59:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2012-12-30 19:59:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2012-12-30 19:59:54 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2012-12-30 19:59:54 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2012-12-30 19:59:54 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2012-12-30 19:59:54 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2012-12-30 19:59:54 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2012-12-30 19:59:54 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2012-12-30 19:59:54 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2012-12-30 19:59:53 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2012-12-30 19:59:53 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2012-12-30 19:59:53 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2012-12-30 19:59:53 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2012-12-30 19:59:53 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2012-12-30 19:59:53 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2012-12-30 19:59:53 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2012-12-30 19:59:52 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2012-12-30 19:59:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2012-12-30 19:59:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2012-12-30 19:59:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2012-12-30 19:59:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2012-12-30 19:59:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2012-12-30 19:59:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2012-12-30 19:59:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2012-12-30 19:59:51 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2012-12-30 19:59:51 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2012-12-30 19:59:51 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2012-12-30 19:59:50 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2012-12-30 19:59:50 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2012-12-30 19:58:55 | 000,002,596 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2012-12-30 19:58:55 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012-12-30 19:58:55 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012-12-30 19:58:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2012-12-30 19:58:55 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2012-12-30 19:58:55 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2012-12-30 19:58:44 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2012-12-30 19:58:44 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2012-12-30 19:58:42 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2012-12-30 19:57:16 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2012-12-30 19:57:16 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2012-12-30 19:57:07 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2012-12-30 19:57:07 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2012-12-30 19:57:07 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2012-12-30 19:57:07 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2012-12-30 19:57:07 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2012-12-30 19:57:07 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2012-12-30 19:57:00 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Movie Maker.lnk
[2012-12-30 19:56:46 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2012-12-30 19:56:14 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2012-12-30 19:56:14 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2012-12-30 19:56:09 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2012-12-30 19:55:56 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2012-12-30 19:55:45 | 000,379,904 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2012-12-30 19:54:47 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012-12-30 19:54:36 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2012-12-30 19:54:36 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2012-12-30 19:53:57 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Indiański pled.bmp
[2012-12-30 19:53:56 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Bąbelki.bmp
[2012-12-30 19:53:56 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Pod mikroskopem.bmp
[2012-12-30 19:53:56 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Stiuk z Santa Fe.bmp
[2012-12-30 19:53:56 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Wachlarze.bmp
[2012-12-30 19:53:56 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Nefryt.bmp
[2012-12-30 19:53:56 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp
[2012-12-30 19:53:56 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Na rybkach.bmp
[2012-12-30 19:53:56 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kawa.bmp
[2012-12-30 19:53:56 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Puch.bmp
[2012-12-30 19:53:56 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Niebieska koronka 16.bmp
[2012-12-30 19:53:55 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2012-12-30 19:53:55 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2012-12-30 19:53:55 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2012-12-30 19:53:55 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2012-12-30 19:53:55 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2012-12-30 19:53:55 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2012-12-30 19:53:55 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2012-12-30 19:53:55 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2012-12-30 19:53:53 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2012-12-30 19:53:53 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2012-12-30 19:53:53 | 000,001,225 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2012-12-30 19:53:52 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2012-12-30 19:53:52 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2012-12-30 19:53:45 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc

[color=#E56717]========== ZeroAccess Check ==========[/color]


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009-01-07 18:21:32 | 001,497,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2004-08-03 23:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004-08-03 23:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2012-12-31 11:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\GG
[2012-12-31 11:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenOffice.org
[2012-12-30 20:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera
[2012-12-30 22:41:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Tibia
[2013-01-18 15:26:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ArcaBit
[2012-12-31 10:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\GG
[2013-01-18 12:21:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2013-01-05 18:43:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Opera
[2013-01-11 18:28:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Altaron
[2013-01-06 13:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piootrek\Dane aplikacji\dll-files.com
[2013-01-05 18:31:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Opera
[2013-01-06 16:10:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Remere's Map Editor
[2013-01-05 19:11:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Tibia
[2013-01-14 18:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piootrek\Dane aplikacji\YDP

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012-12-30 19:52:14 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2001-07-21 23:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2012-12-30 19:58:55 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012-12-30 19:58:55 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-03 21:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004-08-03 21:59:54 | 000,250,624 | RHS- | M] () -- C:\ntldr
[2013-01-18 11:24:40 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys
[2013-01-02 16:07:15 | 000,173,141 | ---- | M] () -- C:\result.txt

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 231 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B

< End of report >

[/log]

[log]

OTL Extras logfile created on: 2013-01-18 15:12:43 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Piootrek\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1015,48 Mb Total Physical Memory | 509,61 Mb Available Physical Memory | 50,18% Memory free
2,39 Gb Paging File | 1,99 Gb Available in Paging File | 83,32% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 49,26 Gb Free Space | 84,07% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 46,79 Gb Free Space | 95,83% Space Free | Partition Type: NTFS
Drive E: | 41,62 Gb Total Space | 38,54 Gb Free Space | 92,61% Space Free | Partition Type: NTFS

Computer Name: PIOTREK | User Name: Piootrek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-436374069-2049760794-1417001333-1004\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML.G4EHL74QSLVOMH4CVX3CGXCZ5U] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2729:TCP" = 2729:TCP:*:Enabled:kffmn
"50000:TCP" = 50000:TCP:*:Enabled:ArcaVir CommunicationPort (A)
"50001:TCP" = 50001:TCP:*:Enabled:ArcaVir CommunicationPort (S)

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\WapSter\WapSter AQQ\AQQ.exe" = C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ -- ()


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0141D498-16DA-4221-A529-1D7A64BE8B05}" = OpenOffice.org 3.3
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0C0FE292-E7D0-4938-AA41-E6E5F72D21BC}" = Remere's Map Editor
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4849E74C-3408-467A-AF8B-F3DEC3C07542}" = Niezbędnik rowerzysty
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{9FE65E62-D027-47F7-B32D-8CAC60026D75}" = ArcaVir
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC1E4C93-C1E7-11D6-9D10-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.0_03
"{F41B3F68-C137-477A-9DD5-E231F512D84F}" = ArcaVir Prerequistes
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AQQ" = WapSter AQQ
"Dll-Files Fixer_is1" = Dll-Files Fixer
"E.M. Total Video Player 1.31_is1" = E.M. Total Video Player 1.31
"ElfBot NG_is1" = ElfBot NG 4.5.9
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
"Opera 12.12.1707" = Opera 12.12
"Piszę poprawnie 4" = Piszę poprawnie 4
"StmAdsl" = ADSL Modem
"Szkoła podstawowa klasa 4 - Tajemnice przyrody" = Szkoła podstawowa klasa 4 - Tajemnice przyrody
"Szkoła podstawowa klasa 4 - Wczoraj i dziś" = Szkoła podstawowa klasa 4 - Wczoraj i dziś
"Szkoła podstawowa klasy 4-6 - Muzyka na ekranie" = Szkoła podstawowa klasy 4-6 - Muzyka na ekranie
"Tibia_is1" = Tibia
"TMIPC" = Tibia MULTI-ip changer
"WIC" = Windows Imaging Component
"WinRAR archiver" = WinRAR 4.20 (32-bitowy)

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2013-01-05 17:26:01 | Computer Name = PIOTREK | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

Error - 2013-01-05 17:41:58 | Computer Name = PIOTREK | Source = Userenv | ID = 1041
Description = System Windows nie może wykonać kwerendy wpisu rejestru DllName dla
aplikacji {7B849a69-220F-451E-B3FE-2CB811AF94AE}, która nie zostanie załadowana.
Prawdopodobną przyczyną jest błąd rejestracji.

Error - 2013-01-05 17:41:58 | Computer Name = PIOTREK | Source = Userenv | ID = 1041
Description = System Windows nie może wykonać kwerendy wpisu rejestru DllName dla
aplikacji {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}, która nie zostanie załadowana.
Prawdopodobną przyczyną jest błąd rejestracji.

Error - 2013-01-05 17:42:02 | Computer Name = PIOTREK | Source = Userenv | ID = 1041
Description = System Windows nie może wykonać kwerendy wpisu rejestru DllName dla
aplikacji {7B849a69-220F-451E-B3FE-2CB811AF94AE}, która nie zostanie załadowana.
Prawdopodobną przyczyną jest błąd rejestracji.

Error - 2013-01-05 17:42:02 | Computer Name = PIOTREK | Source = Userenv | ID = 1041
Description = System Windows nie może wykonać kwerendy wpisu rejestru DllName dla
aplikacji {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}, która nie zostanie załadowana.
Prawdopodobną przyczyną jest błąd rejestracji.

Error - 2013-01-06 07:52:26 | Computer Name = PIOTREK | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

Error - 2013-01-14 12:00:58 | Computer Name = PIOTREK | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: The server name or address could not be resolved

Error - 2013-01-14 12:00:58 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077
Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej
firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/6252DC40F71143A22FDE9EF7348E064251B18118.crt>,
wystąpił błąd: The server name or address could not be resolved

Error - 2013-01-14 12:00:59 | Computer Name = PIOTREK | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: To połączenie sieciowe nie istnieje.

Error - 2013-01-18 06:27:43 | Computer Name = PIOTREK | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd explorer.exe, wersja 6.2900.0.2180, moduł
powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x71a5664d.

[ System Events ]
Error - 2013-01-16 10:20:24 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023
Description = Usługa jnjajl zakończyła działanie; wystąpił następujący błąd: %%1114

Error - 2013-01-17 10:37:51 | Computer Name = PIOTREK | Source = Ntfs | ID = 262199
Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku.
Uruchom
narzędzie chkdsk na woluminie E:.

Error - 2013-01-17 10:37:51 | Computer Name = PIOTREK | Source = Ntfs | ID = 262199
Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku.
Uruchom
narzędzie chkdsk na woluminie E:.

Error - 2013-01-17 10:39:10 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu
następującego błędu: %%3

Error - 2013-01-17 10:39:10 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023
Description = Usługa jnjajl zakończyła działanie; wystąpił następujący błąd: %%1114

Error - 2013-01-18 06:24:57 | Computer Name = PIOTREK | Source = Ntfs | ID = 262199
Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku.
Uruchom
narzędzie chkdsk na woluminie E:.

Error - 2013-01-18 06:24:57 | Computer Name = PIOTREK | Source = Ntfs | ID = 262199
Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku.
Uruchom
narzędzie chkdsk na woluminie E:.

Error - 2013-01-18 06:26:16 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu
następującego błędu: %%3

Error - 2013-01-18 06:26:16 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023
Description = Usługa jnjajl zakończyła działanie; wystąpił następujący błąd: %%1114

Error - 2013-01-18 10:00:06 | Computer Name = PIOTREK | Source = PSched | ID = 14107
Description = QoS [Karta NDISWANIP]: Harmonogram pakietów nie mógł zainicjować wirtualnego
portu za pomocą NDIS.


< End of report >
[/log]

[Natsuki Kuga]

Z pena i Karty usuniete.

Nie jestem przekonana, ponieważ w logach nadal widnieją szkodliwe wpisy (chyba, że log był wykonany przed użyciem USBFix? Jeśli tak, wykonaj i pokaż nowe logi).

[Soul_bullock]

Ale jesli to miałem na kompie przed uzyciem USBfix to i tak usunęło mi to tylko z pena i karty a na dysku zostało. Tak to przynajmniej rozumiem, że miałem to usunąc z moich pamięci przenośnych, które (jak uważam, poniważ znikneły takie "skróty do folderów" a foldery zawierające dane pojawiły się normlane) są już czyste, a na dysku to pozostało bo USBfix chyba tego z dysku by nie usunął a potrzebowałem pilnie zkopiować dane i przenie,śc nowe może dlatego ponownie się zainfekwoało.

Log wykonałem po uzyciu USBfix.

W sumie najbardziej zalezy mi na tym, aby mój komputer nie chodził jak czołg, tego pendriva moge sobie odpuśić.

Edytowane 21 stycznia 2013 przez Soul_bullock

[Natsuki Kuga]

 USBfix chyba tego z dysku by nie usunął

On usuwa infekcję również z dysków twardych.

 

W sumie najbardziej zalezy mi na tym, aby mój komputer nie chodził jak czołg, tego pendriva moge sobie odpuśić.

Skoro infekcja przyszła z pendrive, to nie można go sobie odpuścić. Jaki sens ma usuwanie wirusa na komputerze skoro zaraz po tym podepniesz pamięć przenośną i wszystko zacznie się od nowa?

 

Pokaż raport z usuwania USBFix i nowe logi.

[Soul_bullock]

Z USBfix

[log]

############################## | UsbFix V 7.085 | [Deletion]

User: Piootrek (Administrator) # PIOTREK
Updated 25/03/2012 by El Desaparecido
Started at 16:31:13 | 22/01/2013

Website: http://eldesaparecido.com
Suspicious file ? : http://eldesaparecido.com/upload.html
Contact: contact@eldesaparecido.com

PC: GBT___ (AWRDACPI) (X86-based PC) # Desktop Computer
CPU: Intel(R) Celeron(R) CPU 2.00GHz (2019)
RAM -> [ Total : 1015 | Free : 758 ]
BIOS: Award Modular BIOS v6.00PG
BOOT: Normal boot

OS: Microsoft Windows XP Professional (5.1.2600 32-Bit) # Dodatek Service Pack 2
WB: Windows Internet Explorer 8.0.6001.18702

SC: Security Center Service [ (!) Disabled ]
WU: Windows Update Service [ (!) Disabled ]
FW: Windows FireWall Service [ (!) Disabled ]

C:\ (%systemdrive%) -> Fixed drive # 59 Gb (46 Mb free - 79%) [] # NTFS
D:\ -> Fixed drive # 49 Gb (46 Mb free - 95%) [] # NTFS
E:\ -> Fixed drive # 42 Gb (38 Mb free - 91%) [Dysk lokalny] # NTFS
F:\ -> CD-ROM
G:\ -> Removable drive # 4 Gb (4 Mb free - 100%) [PIOTREK] # FAT32

################## | Active Processes |

C:\WINDOWS\System32\smss.exe (460)
C:\WINDOWS\system32\winlogon.exe (560)
C:\WINDOWS\system32\services.exe (604)
C:\WINDOWS\system32\lsass.exe (616)
C:\WINDOWS\system32\svchost.exe (768)
C:\WINDOWS\System32\svchost.exe (876)
C:\WINDOWS\system32\spoolsv.exe (1176)
C:\WINDOWS\EXPLORER.EXE (1368)
C:\WINDOWS\system32\igfxtray.exe (1560)
C:\WINDOWS\system32\hkcmd.exe (1652)
C:\WINDOWS\SOUNDMAN.EXE (1660)
C:\WINDOWS\system32\rundll32.exe (1668)
C:\WINDOWS\system32\ctfmon.exe (1692)
C:\Program Files\Messenger\msmsgs.exe (1708)
C:\Program Files\Java\jre7\bin\jqs.exe (852)
C:\WINDOWS\system32\svchost.exe (980)
C:\WINDOWS\system32\wbem\wmiapsrv.exe (256)
C:\UsbFix\Go.exe (3912)

################## | Stopped processes |

Stopped! C:\WINDOWS\system32\spoolsv.exe (1176)
Stopped! C:\WINDOWS\EXPLORER.EXE (1368)
Stopped! C:\WINDOWS\system32\igfxtray.exe (1560)
Stopped! C:\WINDOWS\system32\hkcmd.exe (1652)
Stopped! C:\WINDOWS\SOUNDMAN.EXE (1660)
Stopped! C:\WINDOWS\system32\rundll32.exe (1668)
Stopped! C:\WINDOWS\system32\ctfmon.exe (1692)
Stopped! C:\Program Files\Messenger\msmsgs.exe (1708)
Stopped! C:\Program Files\Java\jre7\bin\jqs.exe (852)
Stopped! C:\WINDOWS\system32\wbem\wmiapsrv.exe (256)

################## | Files # Infected Folders |

Deleted ! G:\gbei.pif
Deleted ! C:\Recycler\S-1-5-21-436374069-2049760794-1417001333-1004
Deleted ! D:\Recycler\S-1-5-21-436374069-2049760794-1417001333-1004
Deleted ! E:\Recycler\S-1-5-21-436374069-2049760794-1417001333-1004
Deleted ! G:\Recycler\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx
Deleted ! G:\Recycler\S-5-3-42-2819952290-8240758988-879315005-3665
Deleted ! G:\Recycler\S-1-5-21-1482476501-1644491937-682003330-1013
Deleted ! G:\krhic.pif
Deleted ! G:\oxnlnk.pif
Not deleted ! G:\autorun.inf

(!) Temporary files deleted.

################## | Registry |

Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|EXPLORER.EXE
Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|wsctf.exe

################## | Mountpoints2 |

Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{cefa68fd-571f-11e2-be0b-00051c1cdbc8}

################## | Listing |

[30/12/2012 - 19:58:55 | N | 0] C:\AUTOEXEC.BAT
[30/12/2012 - 21:35:19 | AD ] C:\autorun.inf
[30/12/2012 - 19:52:14 | N | 211] C:\boot.ini
[21/07/2001 - 23:13:54 | N | 4952] C:\Bootfont.bin
[30/12/2012 - 19:58:55 | N | 0] C:\CONFIG.SYS
[05/01/2013 - 18:42:55 | D ] C:\Documents and Settings
[30/12/2012 - 20:09:10 | D ] C:\Intel
[30/12/2012 - 19:58:55 | N | 0] C:\IO.SYS
[30/12/2012 - 19:58:55 | N | 0] C:\MSDOS.SYS
[03/08/2004 - 21:38:34 | N | 47564] C:\NTDETECT.COM
[03/08/2004 - 21:59:54 | N | 250624] C:\ntldr
[06/01/2013 - 14:29:16 | D ] C:\NVIDIA
[22/01/2013 - 16:26:06 | ASH | 1598029824] C:\pagefile.sys
[18/01/2013 - 16:25:20 | D ] C:\Program Files
[22/01/2013 - 16:36:19 | SHD ] C:\RECYCLER
[02/01/2013 - 16:07:15 | N | 173141] C:\result.txt
[14/01/2013 - 18:20:51 | SHD ] C:\System Volume Information
[22/01/2013 - 16:36:19 | D ] C:\UsbFix
[22/01/2013 - 16:42:28 | A | 3151] C:\UsbFix.txt
[21/01/2013 - 18:49:17 | D ] C:\WINDOWS
[02/01/2013 - 15:33:53 | D ] C:\_OTL
[13/06/2012 - 23:15:42 | D ] D:\5e61ca34df1367e97b315abce33a2b
[30/12/2011 - 11:44:32 | D ] D:\7e33a63a4c69af3283dfee4a595b0d
[11/11/2011 - 15:06:30 | N | 171815304] D:\ArcaSetup2011-PL-32bit.exe
[30/12/2012 - 21:35:20 | AD ] D:\autorun.inf
[28/12/2011 - 12:54:22 | D ] D:\b5069d17efa95ab62b54cce16387
[31/12/2011 - 10:39:50 | D ] D:\bdf0d7f8d45d58503e1520a862cb
[06/01/2013 - 16:46:49 | D ] D:\Filmy
[20/01/2013 - 10:13:16 | N | 27548040] D:\lineage2eu-4game.exe
[30/12/2012 - 21:53:14 | D ] D:\OTs
[22/01/2013 - 16:36:19 | SHD ] D:\RECYCLER
[06/06/2012 - 18:25:22 | D ] D:\Runes_of_Magic_4_0_8_2506_slim_eu
[06/06/2012 - 18:18:50 | N | 1135520] D:\Runes_of_Magic_4_0_8_2506_slim_eu.exe
[05/10/2011 - 18:37:43 | SHD ] D:\System Volume Information
[31/12/2012 - 20:53:39 | N | 3919161] D:\tvpsetup.exe
[30/12/2012 - 21:35:20 | AD ] E:\autorun.inf
[22/01/2013 - 16:36:19 | SHD ] E:\RECYCLER
[30/08/2012 - 13:51:54 | D ] E:\Slub Oli
[30/12/2012 - 20:07:01 | D ] E:\sterowniki
[31/12/2012 - 11:00:41 | SHD ] E:\System Volume Information
[30/12/2012 - 21:51:24 | RSHD ] G:\RECYCLER
[03/08/2004 - 23:44:02 | N | 232] G:\autorun.inf
[22/01/2013 - 16:35:02 | A | 103140] G:\gbei.pif

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_PIOTREK.zip
http://eldesaparecido.com/upload.php
Thank you for your contribution.

################## | E.O.F |
[/log]

OTL

[log]

OTL logfile created on: 2013-01-22 17:57:02 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Piootrek\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1015,48 Mb Total Physical Memory | 691,58 Mb Available Physical Memory | 68,10% Memory free
2,39 Gb Paging File | 2,15 Gb Available in Paging File | 89,83% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 44,78 Gb Free Space | 76,42% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 46,39 Gb Free Space | 95,01% Space Free | Partition Type: NTFS
Drive E: | 41,62 Gb Total Space | 37,85 Gb Free Space | 90,94% Space Free | Partition Type: NTFS
Drive G: | 3,63 Gb Total Space | 3,63 Gb Free Space | 100,00% Space Free | Partition Type: FAT32

Computer Name: PIOTREK | User Name: Piootrek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2013-01-01 17:56:30 | 000,672,256 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piootrek\Pulpit\OTL.exe
PRC - [2012-12-30 20:51:47 | 000,879,080 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2004-08-03 23:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2004-08-03 23:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004-08-03 23:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2004-08-03 23:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2013-01-01 17:56:30 | 000,672,256 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piootrek\Pulpit\OTL.exe
MOD - [2012-12-30 20:51:47 | 016,185,832 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.dll
MOD - [2012-12-30 20:51:47 | 000,879,080 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
MOD - [2012-06-05 10:41:30 | 001,232,896 | ---- | M] (GG Network S.A.) -- C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll
MOD - [2009-03-08 04:39:48 | 011,063,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieframe.dll
MOD - [2009-03-08 04:34:58 | 000,914,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2009-03-08 04:34:56 | 001,206,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2009-03-08 04:34:48 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll
MOD - [2009-03-08 04:32:22 | 001,985,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iertutil.dll
MOD - [2009-01-07 18:21:32 | 001,497,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll
MOD - [2009-01-07 18:21:32 | 001,022,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll
MOD - [2009-01-07 18:21:32 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-01-07 18:20:36 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\normaliz.dll
MOD - [2005-05-04 14:45:32 | 002,890,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll
MOD - [2004-08-03 23:54:52 | 000,359,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll
MOD - [2004-08-03 23:54:52 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll
MOD - [2004-08-03 23:54:52 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll
MOD - [2004-08-03 23:54:52 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv
MOD - [2004-08-03 23:54:52 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2004-08-03 23:54:52 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll
MOD - [2004-08-03 23:44:32 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\h323.tsp
MOD - [2004-08-03 23:44:32 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp
MOD - [2004-08-03 23:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2004-08-03 23:44:32 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ndptsp.tsp
MOD - [2004-08-03 23:44:32 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp
MOD - [2004-08-03 23:44:32 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp
MOD - [2004-08-03 23:44:32 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipconf.tsp
MOD - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
MOD - [2004-08-03 23:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
MOD - [2004-08-03 23:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
MOD - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
MOD - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
MOD - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
MOD - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
MOD - [2004-08-03 23:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
MOD - [2004-08-03 23:44:16 | 000,437,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll
MOD - [2004-08-03 23:44:16 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll
MOD - [2004-08-03 23:44:16 | 000,333,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wiaservc.dll
MOD - [2004-08-03 23:44:16 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2004-08-03 23:44:16 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll
MOD - [2004-08-03 23:44:16 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2004-08-03 23:44:16 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll
MOD - [2004-08-03 23:44:16 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll
MOD - [2004-08-03 23:44:16 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll
MOD - [2004-08-03 23:44:16 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll
MOD - [2004-08-03 23:44:16 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll
MOD - [2004-08-03 23:44:16 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll
MOD - [2004-08-03 23:44:16 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2004-08-03 23:44:16 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2004-08-03 23:44:16 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll
MOD - [2004-08-03 23:44:16 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2004-08-03 23:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll
MOD - [2004-08-03 23:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2004-08-03 23:44:16 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2004-08-03 23:44:16 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll
MOD - [2004-08-03 23:44:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2004-08-03 23:44:14 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll
MOD - [2004-08-03 23:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2004-08-03 23:44:14 | 000,530,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll
MOD - [2004-08-03 23:44:14 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll
MOD - [2004-08-03 23:44:14 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll
MOD - [2004-08-03 23:44:14 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll
MOD - [2004-08-03 23:44:14 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll
MOD - [2004-08-03 23:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll
MOD - [2004-08-03 23:44:14 | 000,246,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapisrv.dll
MOD - [2004-08-03 23:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2004-08-03 23:44:14 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll
MOD - [2004-08-03 23:44:14 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll
MOD - [2004-08-03 23:44:14 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll
MOD - [2004-08-03 23:44:14 | 000,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll
MOD - [2004-08-03 23:44:14 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll
MOD - [2004-08-03 23:44:14 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll
MOD - [2004-08-03 23:44:14 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll
MOD - [2004-08-03 23:44:14 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll
MOD - [2004-08-03 23:44:14 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemsvc.dll
MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemprox.dll
MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2004-08-03 23:44:14 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll
MOD - [2004-08-03 23:44:14 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uniplat.dll
MOD - [2004-08-03 23:44:12 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll
MOD - [2004-08-03 23:44:12 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll
MOD - [2004-08-03 23:44:12 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll
MOD - [2004-08-03 23:44:12 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll
MOD - [2004-08-03 23:44:12 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll
MOD - [2004-08-03 23:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2004-08-03 23:44:12 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2004-08-03 23:44:12 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll
MOD - [2004-08-03 23:44:10 | 008,412,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2004-08-03 23:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2004-08-03 23:44:10 | 000,675,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll
MOD - [2004-08-03 23:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2004-08-03 23:44:10 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll
MOD - [2004-08-03 23:44:10 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll
MOD - [2004-08-03 23:44:10 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll
MOD - [2004-08-03 23:44:10 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll
MOD - [2004-08-03 23:44:10 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasppp.dll
MOD - [2004-08-03 23:44:10 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll
MOD - [2004-08-03 23:44:10 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
MOD - [2004-08-03 23:44:10 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll
MOD - [2004-08-03 23:44:10 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasmans.dll
MOD - [2004-08-03 23:44:10 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll
MOD - [2004-08-03 23:44:10 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll
MOD - [2004-08-03 23:44:10 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll
MOD - [2004-08-03 23:44:10 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll
MOD - [2004-08-03 23:44:10 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll
MOD - [2004-08-03 23:44:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2004-08-03 23:44:10 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll
MOD - [2004-08-03 23:44:10 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll
MOD - [2004-08-03 23:44:10 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastapi.dll
MOD - [2004-08-03 23:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2004-08-03 23:44:10 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll
MOD - [2004-08-03 23:44:10 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2004-08-03 23:44:10 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll
MOD - [2004-08-03 23:44:10 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll
MOD - [2004-08-03 23:44:10 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll
MOD - [2004-08-03 23:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2004-08-03 23:44:10 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll
MOD - [2004-08-03 23:44:10 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll
MOD - [2004-08-03 23:44:10 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll
MOD - [2004-08-03 23:44:10 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll
MOD - [2004-08-03 23:44:10 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll
MOD - [2004-08-03 23:44:08 | 001,714,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll
MOD - [2004-08-03 23:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2004-08-03 23:44:08 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netcfgx.dll
MOD - [2004-08-03 23:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2004-08-03 23:44:08 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll
MOD - [2004-08-03 23:44:08 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2004-08-03 23:44:08 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll
MOD - [2004-08-03 23:44:08 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2004-08-03 23:44:08 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2004-08-03 23:44:08 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll
MOD - [2004-08-03 23:44:08 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll
MOD - [2004-08-03 23:44:08 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2004-08-03 23:44:08 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mydocs.dll
MOD - [2004-08-03 23:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2004-08-03 23:44:08 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2004-08-03 23:44:08 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll
MOD - [2004-08-03 23:44:08 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll
MOD - [2004-08-03 23:44:08 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2004-08-03 23:44:08 | 000,038,912 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
MOD - [2004-08-03 23:44:08 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll
MOD - [2004-08-03 23:44:08 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll
MOD - [2004-08-03 23:44:08 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2004-08-03 23:44:08 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlsapi.dll
MOD - [2004-08-03 23:44:06 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2004-08-03 23:44:06 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2004-08-03 23:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2004-08-03 23:44:06 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll
MOD - [2004-08-03 23:44:06 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll
MOD - [2004-08-03 23:44:06 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll
MOD - [2004-08-03 23:44:06 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll
MOD - [2004-08-03 23:44:06 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll
MOD - [2004-08-03 23:44:06 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msidle.dll
MOD - [2004-08-03 23:44:06 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll
MOD - [2004-08-03 23:44:04 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll
MOD - [2004-08-03 23:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2004-08-03 23:44:04 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll
MOD - [2004-08-03 23:44:04 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll
MOD - [2004-08-03 23:44:04 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2004-08-03 23:44:04 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2004-08-03 23:44:04 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2004-08-03 23:44:04 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2004-08-03 23:44:02 | 001,012,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2004-08-03 23:44:02 | 000,723,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll
MOD - [2004-08-03 23:44:02 | 000,343,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll
MOD - [2004-08-03 23:44:02 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll
MOD - [2004-08-03 23:44:02 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll
MOD - [2004-08-03 23:44:02 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2004-08-03 23:44:02 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll
MOD - [2004-08-03 23:44:02 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll
MOD - [2004-08-03 23:44:02 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2004-08-03 23:44:00 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll
MOD - [2004-08-03 23:44:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2004-08-03 23:44:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2004-08-03 23:44:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2004-08-03 23:44:00 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll
MOD - [2004-08-03 23:43:58 | 001,092,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll
MOD - [2004-08-03 23:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll
MOD - [2004-08-03 23:43:58 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll
MOD - [2004-08-03 23:43:58 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll
MOD - [2004-08-03 23:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
MOD - [2004-08-03 23:43:56 | 001,251,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comsvcs.dll
MOD - [2004-08-03 23:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2004-08-03 23:43:56 | 000,611,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll
MOD - [2004-08-03 23:43:56 | 000,601,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2004-08-03 23:43:56 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll
MOD - [2004-08-03 23:43:56 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll
MOD - [2004-08-03 23:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2004-08-03 23:43:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll
MOD - [2004-08-03 23:43:56 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll
MOD - [2004-08-03 23:43:56 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll
MOD - [2004-08-03 23:43:56 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll
MOD - [2004-08-03 23:43:56 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\colbact.dll
MOD - [2004-08-03 23:43:56 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll
MOD - [2004-08-03 23:43:56 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\devenum.dll
MOD - [2004-08-03 23:43:56 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll
MOD - [2004-08-03 23:43:56 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2004-08-03 23:43:56 | 000,024,064 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\system32\dmserver.dll
MOD - [2004-08-03 23:43:56 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2004-08-03 23:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2004-08-03 23:43:54 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll
MOD - [2004-08-03 23:43:54 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2004-08-03 23:43:54 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll
MOD - [2004-08-03 23:43:54 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll
MOD - [2004-08-03 23:43:54 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll
MOD - [2004-08-03 23:43:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll
MOD - [2004-08-03 23:43:54 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll
MOD - [2004-08-03 23:43:54 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll
MOD - [2004-08-03 23:43:52 | 001,852,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcGenral.dll
MOD - [2004-08-03 23:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2004-08-03 23:43:52 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll
MOD - [2004-08-03 23:43:52 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll
MOD - [2004-08-03 23:43:52 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll
MOD - [2004-08-03 23:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2004-08-03 23:43:42 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll
MOD - [2004-08-03 23:43:30 | 002,953,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2004-08-03 23:43:14 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2004-08-03 23:43:08 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll
MOD - [2004-08-03 23:42:58 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2004-08-03 23:42:42 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cfgmgr32.dll
MOD - [2004-08-03 23:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004-08-03 22:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2004-08-03 21:31:44 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2004-08-03 21:31:44 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll
MOD - [2001-10-26 18:30:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv
MOD - [2001-10-26 18:29:40 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc -- (gupdatem)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /svc -- (gupdate)
SRV - [2013-01-09 17:28:15 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-12-31 11:42:51 | 000,170,408 | ---- | M] (Oracle Corporation) [Auto | Stopped] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2004-08-03 23:44:02 | 000,174,326 | RHS- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\omepcb.dll -- (nfipqs)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCAMPR5.SYS -- (PCAMPR5)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\khlnlg.sys -- (amsint32)
DRV - [2006-08-18 06:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM)
DRV - [2006-05-25 16:28:44 | 000,684,265 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb)
DRV - [2004-08-04 00:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2003-08-12 15:51:00 | 000,060,255 | R--- | M] (STMicroelectronics ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm)
DRV - [2003-08-04 13:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)
DRV - [2001-08-17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001-08-17 21:12:40 | 000,019,017 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8029.sys -- (rtl8029)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-436374069-2049760794-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\S-1-5-21-436374069-2049760794-1417001333-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-436374069-2049760794-1417001333-1004\..\SearchScopes\${searchCLSID}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-436374069-2049760794-1417001333-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-436374069-2049760794-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll File not found



[color=#E56717]========== Chrome ==========[/color]

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Piootrek\Moje dokumenty\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Piootrek\Moje dokumenty\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Piootrek\Moje dokumenty\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Java(TM) Platform SE 7 U10 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll
CHR - plugin: Java Deployment Toolkit 7.0.100.18 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll

O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [ABREGMON] C:\Program Files\ArcaBit\ArcaVir\ABregmon.exe File not found
O4 - HKLM..\Run: [AdslTaskBar] C:\WINDOWS\System32\stmctrl.dll (STMicroelectronics )
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\RunOnce: [] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-436374069-2049760794-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-436374069-2049760794-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1357469666125 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1357470585531 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C623AF4C-8D95-491C-9A29-24DCEC5B7DCF}: NameServer = 194.204.159.1 194.204.152.34
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2013-01-22 16:42:33 | 000,000,000 | ---D | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2013-01-22 16:42:33 | 000,000,000 | ---D | M] - D:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2013-01-22 16:42:33 | 000,000,000 | ---D | M] - E:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2004-08-03 23:44:02 | 000,000,232 | ---- | M] () - G:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: ojumdcjt - File not found
NetSvcs: nfipqs - C:\WINDOWS\system32\omepcb.dll ()




[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2013-01-22 16:42:33 | 000,000,000 | ---D | C] -- C:\Autorun.inf
[2013-01-21 18:39:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2013-01-18 16:25:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Recuva
[2013-01-18 16:25:20 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2013-01-18 15:55:10 | 000,000,000 | ---D | C] -- C:\UsbFix
[2013-01-18 14:57:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ArcaBit
[2013-01-18 14:50:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013-01-17 18:52:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Pulpit\Nowy folder
[2013-01-14 18:34:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Piszę poprawnie 4
[2013-01-14 18:34:40 | 000,000,000 | ---D | C] -- C:\Program Files\Pisze poprawnie 4
[2013-01-14 18:33:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Niezbędnik rowerzysty
[2013-01-14 18:27:38 | 000,000,000 | ---D | C] -- C:\Program Files\Niezbednik rowerzysty
[2013-01-14 18:27:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\YDP
[2013-01-14 18:24:36 | 000,000,000 | ---D | C] -- C:\Program Files\Szkola podstawowa klasa 4 - Wczoraj i dzis
[2013-01-14 18:22:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Szkola podstawowa klasy 4-6
[2013-01-14 18:22:46 | 000,000,000 | ---D | C] -- C:\Program Files\Szkola podstawowa - Muzyka na ekranie
[2013-01-14 16:36:29 | 001,341,831 | ---- | C] (El Desaparecido) -- C:\Documents and Settings\Piootrek\Pulpit\UsbFix.exe
[2013-01-13 19:46:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Szkola podstawowa klasa 4
[2013-01-13 19:46:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\YDP
[2013-01-13 19:46:57 | 000,000,000 | ---D | C] -- C:\Program Files\Szkola podstawowa klasa 4 - Tajemnice przyrody
[2013-01-13 13:35:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2013-01-13 13:34:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ElfBot NG
[2013-01-13 13:34:07 | 000,000,000 | ---D | C] -- C:\Program Files\ElfBot NG
[2013-01-13 13:33:26 | 002,184,565 | ---- | C] (NGSoft, LLC ) -- C:\Documents and Settings\Piootrek\Moje dokumenty\setup-4.5.9.exe
[2013-01-11 22:58:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\Identities
[2013-01-11 18:26:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Altaron
[2013-01-06 16:10:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Remere's Map Editor
[2013-01-06 16:10:26 | 000,000,000 | ---D | C] -- C:\Program Files\Remere's Map Editor
[2013-01-06 16:10:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Remere's Map Editor
[2013-01-06 14:29:16 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2013-01-06 13:36:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\dll-files.com
[2013-01-06 13:35:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Dll-Files Fixer
[2013-01-06 13:35:50 | 000,000,000 | ---D | C] -- C:\Program Files\Dll-Files.com Fixer
[2013-01-06 13:09:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\assembly
[2013-01-06 13:07:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2013-01-06 13:06:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013-01-06 13:06:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2013-01-06 12:48:59 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2013-01-06 11:31:50 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Piootrek\PrivacIE
[2013-01-06 10:53:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\WinRAR
[2013-01-06 10:53:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty\Tibia + inne
[2013-01-05 22:52:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Menu Start\Programy\WapSter
[2013-01-05 22:51:52 | 000,000,000 | ---D | C] -- C:\Program Files\WapSter
[2013-01-05 22:44:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013-01-05 22:20:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\WapSter
[2013-01-05 21:02:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Macromedia
[2013-01-05 21:02:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Adobe
[2013-01-05 19:11:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Tibia
[2013-01-05 18:37:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\Google
[2013-01-05 18:31:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\Opera
[2013-01-05 18:31:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Opera
[2013-01-05 18:30:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Identities
[2013-01-05 18:30:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty\Moje obrazy
[2013-01-05 18:30:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty\Moja muzyka
[2013-01-05 18:29:59 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Piootrek\IETldCache
[2013-01-05 18:29:52 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Microsoft
[2013-01-05 18:29:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Piootrek\SendTo
[2013-01-05 18:29:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Piootrek\Recent
[2013-01-05 18:29:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji
[2013-01-05 18:29:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Ulubione
[2013-01-05 18:29:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty
[2013-01-05 18:29:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Menu Start
[2013-01-05 18:29:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Autostart
[2013-01-05 18:29:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Akcesoria
[2013-01-05 18:29:52 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Piootrek\Cookies
[2013-01-05 18:29:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Piootrek\Szablony
[2013-01-05 18:29:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Piootrek\PrintHood
[2013-01-05 18:29:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Piootrek\NetHood
[2013-01-05 18:29:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Pulpit
[2013-01-05 18:29:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Piootrek\Ustawienia lokalne
[2013-01-05 18:29:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\Microsoft
[2013-01-05 08:44:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2013-01-04 15:33:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2013-01-04 15:31:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-PL
[2013-01-02 15:33:53 | 000,000,000 | ---D | C] -- C:\_OTL
[2013-01-01 17:56:25 | 000,672,256 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Piootrek\Pulpit\OTL.exe
[2012-12-31 20:54:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Total Video Player
[2012-12-31 20:54:23 | 000,000,000 | ---D | C] -- C:\Program Files\Total Video Player
[2012-12-31 11:43:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2012-12-31 11:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012-12-31 11:03:04 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\OpenOffice.org 3.3
[2012-12-31 11:02:06 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2012-12-31 10:04:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\GG
[2012-12-31 00:13:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
[2012-12-30 22:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Tibia
[2012-12-30 22:27:55 | 000,000,000 | ---D | C] -- C:\Program Files\Tibia
[2012-12-30 22:20:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Asprate
[2012-12-30 22:20:07 | 000,000,000 | ---D | C] -- C:\Program Files\Asprate
[2012-12-30 22:19:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\WinRAR
[2012-12-30 22:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012-12-30 21:33:56 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012-12-30 20:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2012-12-30 20:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start
[2012-12-30 20:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty
[2012-12-30 20:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
[2012-12-30 20:47:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Szablony
[2012-12-30 20:47:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Ulubione
[2012-12-30 20:47:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Pulpit
[2012-12-30 20:46:27 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
[2012-12-30 20:46:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji
[2012-12-30 20:41:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads
[2012-12-30 20:38:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty\Google Chrome
[2012-12-30 20:33:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty\Google
[2012-12-30 20:28:11 | 000,032,768 | ---- | C] (France Télécom R&D) -- C:\WINDOWS\System32\WooDial2000.dll
[2012-12-30 20:28:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\neostrada tp
[2012-12-30 20:27:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\InsFiles
[2012-12-30 20:27:43 | 000,102,400 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\stmtrace.exe
[2012-12-30 20:27:43 | 000,065,536 | R--- | C] (STMicroelectronics) -- C:\WINDOWS\DSLTest.exe
[2012-12-30 20:27:42 | 000,446,464 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmadsl.cpl
[2012-12-30 20:27:42 | 000,060,255 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\drivers\stmatm.sys
[2012-12-30 20:26:18 | 000,425,984 | ---- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmcfg32.dll
[2012-12-30 20:26:18 | 000,151,552 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmctrl.dll
[2012-12-30 20:26:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ZXDSL 852
[2012-12-30 20:26:12 | 000,000,000 | ---D | C] -- C:\Program Files\ZTE ZXDSL 852
[2012-12-30 20:26:02 | 000,094,208 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\W32n50.dll
[2012-12-30 20:26:02 | 000,016,128 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCANDIS5.SYS
[2012-12-30 20:25:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Java 2 Runtime Environment
[2012-12-30 20:25:33 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012-12-30 20:24:13 | 000,000,000 | ---D | C] -- C:\Program Files\neostrada tp
[2012-12-30 20:21:00 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2012-12-30 20:20:55 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2012-12-30 20:20:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2012-12-30 20:20:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2012-12-30 20:20:50 | 000,000,000 | ---D | C] -- C:\Program Files
[2012-12-30 20:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2012-12-30 20:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2012-12-30 20:20:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2012-12-30 20:20:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2012-12-30 20:19:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2012-12-30 20:19:40 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012-12-30 20:16:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2012-12-30 20:13:50 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2012-12-30 20:13:50 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2012-12-30 20:13:50 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2012-12-30 20:13:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1045
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2012-12-30 20:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek Sound Manager
[2012-12-30 20:13:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Realtek Sound Manager
[2012-12-30 20:13:25 | 000,000,000 | ---D | C] -- C:\Program Files\AvRack
[2012-12-30 20:13:11 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek AC97
[2012-12-30 20:10:56 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012-12-30 20:10:05 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012-12-30 20:09:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012-12-30 20:09:10 | 000,000,000 | ---D | C] -- C:\Intel
[2012-12-30 20:08:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2012-12-30 20:05:04 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2012-12-30 20:04:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2012-12-30 20:03:31 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2012-12-30 20:03:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012-12-30 20:03:30 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2012-12-30 20:03:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2012-12-30 20:03:21 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2012-12-30 20:03:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2012-12-30 20:01:30 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012-12-30 20:01:30 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012-12-30 20:01:30 | 000,026,624 | ---- | C] (RICOH Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2012-12-30 20:00:00 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012-12-30 19:59:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2012-12-30 19:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2012-12-30 19:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2012-12-30 19:57:32 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2012-12-30 19:57:17 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2012-12-30 19:57:16 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2012-12-30 19:57:01 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2012-12-30 19:56:57 | 000,000,000 | ---D | C] -- C:\Program Files\Usługi online
[2012-12-30 19:56:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2012-12-30 19:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2012-12-30 19:56:04 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2012-12-30 19:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2012-12-30 19:55:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2012-12-30 19:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2012-12-30 19:55:51 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2012-12-30 19:55:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2012-12-30 19:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2012-12-30 19:55:37 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2012-12-30 19:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2012-12-30 19:55:29 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2012-12-30 19:55:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy
[2012-12-30 19:54:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Gry
[2012-12-30 19:54:38 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2012-12-30 19:54:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Narzędzia administracyjne
[2012-12-30 19:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2012-12-30 19:54:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka
[2012-12-30 19:54:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2012-12-30 19:54:17 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2012-12-30 19:54:13 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2012-12-30 19:53:44 | 000,283,136 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2012-12-30 19:53:43 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2012-12-30 19:53:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2012-12-30 19:53:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2012-12-30 19:53:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo
[2012-12-30 19:52:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2013-01-22 17:48:06 | 1792,917,834 | ---- | M] () -- C:\UsbFix_Upload_Me_PIOTREK.zip
[2013-01-22 17:38:00 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013-01-22 17:24:24 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013-01-22 16:26:39 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013-01-22 16:26:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-01-21 15:52:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013-01-19 14:08:02 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\DLL-Files.Com Fixer_Updates.job
[2013-01-18 16:48:42 | 000,005,632 | ---- | M] () -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-01-18 16:25:35 | 000,001,512 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Recuva.lnk
[2013-01-14 16:36:40 | 001,341,831 | ---- | M] (El Desaparecido) -- C:\Documents and Settings\Piootrek\Pulpit\UsbFix.exe
[2013-01-14 15:32:59 | 000,126,112 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013-01-13 13:34:12 | 000,000,623 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\ElfBot NG.lnk
[2013-01-13 13:33:40 | 002,184,565 | ---- | M] (NGSoft, LLC ) -- C:\Documents and Settings\Piootrek\Moje dokumenty\setup-4.5.9.exe
[2013-01-13 13:33:23 | 001,932,288 | ---- | M] () -- C:\Documents and Settings\Piootrek\Moje dokumenty\ElfCrack.exe
[2013-01-06 14:07:35 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\DLL-Files.Com Fixer_MONTHLY.job
[2013-01-06 13:35:57 | 000,000,763 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Dll-Files Fixer.lnk
[2013-01-06 13:26:43 | 000,501,498 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2013-01-06 13:26:43 | 000,088,124 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2013-01-06 13:26:42 | 000,442,636 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013-01-06 13:26:42 | 000,069,670 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013-01-06 12:49:55 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013-01-05 22:52:08 | 000,000,591 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\AQQ.lnk
[2013-01-05 19:07:08 | 000,006,091 | ---- | M] () -- C:\WINDOWS\stsetup.htm
[2013-01-05 19:07:05 | 000,001,414 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ZTE ZXDSL 852.lnk
[2013-01-05 18:47:43 | 000,001,875 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\Google Chrome.lnk
[2013-01-05 18:31:52 | 000,000,348 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\Moje dokumenty.lnk
[2013-01-05 18:31:37 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\Mój komputer.lnk
[2013-01-01 17:56:30 | 000,672,256 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piootrek\Pulpit\OTL.exe
[2012-12-31 20:54:28 | 000,000,661 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\Total Video Player.lnk
[2012-12-31 11:03:05 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.3.lnk
[2012-12-30 22:27:59 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\Tibia.lnk
[2012-12-30 22:20:09 | 000,001,856 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\Tibia MULTI-IP Changer.lnk
[2012-12-30 20:13:26 | 000,001,519 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AvRack.lnk
[2012-12-30 20:03:24 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2012-12-30 20:02:20 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012-12-30 19:58:55 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\MSDOS.SYS
[2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\IO.SYS
[2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012-12-30 19:58:45 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012-12-30 19:58:44 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012-12-30 19:58:44 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012-12-30 19:58:32 | 000,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012-12-30 19:54:47 | 000,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012-12-30 19:52:14 | 000,000,211 | ---- | M] () -- C:\boot.ini
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013-01-22 17:09:32 | 1792,917,834 | ---- | C] () -- C:\UsbFix_Upload_Me_PIOTREK.zip
[2013-01-18 16:25:34 | 000,001,512 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Recuva.lnk
[2013-01-13 13:34:12 | 000,000,623 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\ElfBot NG.lnk
[2013-01-13 13:33:13 | 001,932,288 | ---- | C] () -- C:\Documents and Settings\Piootrek\Moje dokumenty\ElfCrack.exe
[2013-01-06 15:01:39 | 000,000,661 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\Total Video Player.lnk
[2013-01-06 13:36:44 | 000,000,286 | ---- | C] () -- C:\WINDOWS\tasks\DLL-Files.Com Fixer_Updates.job
[2013-01-06 13:36:43 | 000,000,270 | ---- | C] () -- C:\WINDOWS\tasks\DLL-Files.Com Fixer_MONTHLY.job
[2013-01-06 13:35:57 | 000,000,763 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Dll-Files Fixer.lnk
[2013-01-06 12:40:50 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-01-05 22:52:08 | 000,000,591 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\AQQ.lnk
[2013-01-05 19:07:05 | 000,001,414 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ZTE ZXDSL 852.lnk
[2013-01-05 18:34:17 | 000,001,875 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\Google Chrome.lnk
[2013-01-05 18:34:05 | 000,001,856 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\Tibia MULTI-IP Changer.lnk
[2013-01-05 18:31:52 | 000,000,348 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\Moje dokumenty.lnk
[2013-01-05 18:31:37 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\Mój komputer.lnk
[2013-01-05 18:30:19 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Internet Explorer.lnk
[2013-01-05 18:30:08 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Outlook Express.lnk
[2013-01-05 18:29:52 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Pomoc zdalna.lnk
[2013-01-05 18:29:52 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Windows Media Player.lnk
[2012-12-31 11:03:05 | 000,000,923 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.3.lnk
[2012-12-31 00:28:19 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-12-30 22:27:59 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\Tibia.lnk
[2012-12-30 20:51:52 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk
[2012-12-30 20:33:50 | 000,001,050 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-12-30 20:33:49 | 000,001,046 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-12-30 20:31:54 | 000,000,643 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Messenger.lnk
[2012-12-30 20:27:43 | 000,000,902 | R--- | C] () -- C:\WINDOWS\System32\setup.ini
[2012-12-30 20:27:43 | 000,000,161 | R--- | C] () -- C:\WINDOWS\DSLSetup.ini
[2012-12-30 20:27:42 | 000,684,265 | R--- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys
[2012-12-30 20:27:42 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\stmclean.exe
[2012-12-30 20:27:42 | 000,018,498 | R--- | C] () -- C:\WINDOWS\System32\CSALogo.bmp
[2012-12-30 20:26:11 | 000,006,091 | ---- | C] () -- C:\WINDOWS\stsetup.htm
[2012-12-30 20:25:34 | 000,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2012-12-30 20:20:59 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012-12-30 20:20:54 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012-12-30 20:20:51 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2012-12-30 20:20:51 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2012-12-30 20:20:51 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2012-12-30 20:20:51 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2012-12-30 20:20:33 | 000,001,734 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2012-12-30 20:20:21 | 000,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2012-12-30 20:20:21 | 000,102,826 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2012-12-30 20:20:21 | 000,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2012-12-30 20:20:21 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012-12-30 20:20:21 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2012-12-30 20:20:20 | 000,808,524 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012-12-30 20:20:20 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012-12-30 20:20:20 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2012-12-30 20:20:20 | 000,030,983 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2012-12-30 20:20:20 | 000,014,043 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2012-12-30 20:20:20 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012-12-30 20:20:20 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2012-12-30 20:20:20 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012-12-30 20:20:20 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2012-12-30 20:20:19 | 001,896,400 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2012-12-30 20:20:19 | 001,014,483 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2012-12-30 20:20:19 | 000,620,500 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2012-12-30 20:19:40 | 000,126,112 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-12-30 20:18:25 | 000,000,211 | ---- | C] () -- C:\boot.ini
[2012-12-30 20:18:21 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2012-12-30 20:13:48 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012-12-30 20:13:26 | 000,001,519 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AvRack.lnk
[2012-12-30 20:13:25 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2012-12-30 20:13:06 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\alsndmgr.wav
[2012-12-30 20:13:02 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2012-12-30 20:07:02 | 000,067,380 | ---- | C] () -- C:\WINDOWS\System32\igfxhhun.lhp
[2012-12-30 20:07:02 | 000,065,087 | ---- | C] () -- C:\WINDOWS\System32\igfxhkor.lhp
[2012-12-30 20:07:02 | 000,063,938 | ---- | C] () -- C:\WINDOWS\System32\igfxhtrk.lhp
[2012-12-30 20:07:02 | 000,062,815 | ---- | C] () -- C:\WINDOWS\System32\igfxhplk.lhp
[2012-12-30 20:07:02 | 000,062,509 | ---- | C] () -- C:\WINDOWS\System32\igfxhdeu.lhp
[2012-12-30 20:07:02 | 000,061,984 | ---- | C] () -- C:\WINDOWS\System32\igfxhsve.lhp
[2012-12-30 20:07:02 | 000,061,950 | ---- | C] () -- C:\WINDOWS\System32\igfxhfrc.lhp
[2012-12-30 20:07:02 | 000,061,869 | ---- | C] () -- C:\WINDOWS\System32\igfxhtha.lhp
[2012-12-30 20:07:02 | 000,061,799 | ---- | C] () -- C:\WINDOWS\System32\igfxhfin.lhp
[2012-12-30 20:07:02 | 000,061,511 | ---- | C] () -- C:\WINDOWS\System32\igfxhfra.lhp
[2012-12-30 20:07:02 | 000,061,388 | ---- | C] () -- C:\WINDOWS\System32\igfxhptg.lhp
[2012-12-30 20:07:02 | 000,060,848 | ---- | C] () -- C:\WINDOWS\System32\igfxhesp.lhp
[2012-12-30 20:07:02 | 000,060,758 | ---- | C] () -- C:\WINDOWS\System32\igfxhjpn.lhp
[2012-12-30 20:07:02 | 000,060,547 | ---- | C] () -- C:\WINDOWS\System32\igfxhell.lhp
[2012-12-30 20:07:02 | 000,060,476 | ---- | C] () -- C:\WINDOWS\System32\igfxhdan.lhp
[2012-12-30 20:07:02 | 000,060,436 | ---- | C] () -- C:\WINDOWS\System32\igfxhptb.lhp
[2012-12-30 20:07:02 | 000,060,216 | ---- | C] () -- C:\WINDOWS\System32\igfxhrus.lhp
[2012-12-30 20:07:02 | 000,059,861 | ---- | C] () -- C:\WINDOWS\System32\igfxharb.lhp
[2012-12-30 20:07:02 | 000,059,760 | ---- | C] () -- C:\WINDOWS\System32\igfxhcsy.lhp
[2012-12-30 20:07:02 | 000,059,753 | ---- | C] () -- C:\WINDOWS\System32\igfxhara.lhp
[2012-12-30 20:07:02 | 000,059,448 | ---- | C] () -- C:\WINDOWS\System32\igfxhnld.lhp
[2012-12-30 20:07:02 | 000,059,350 | ---- | C] () -- C:\WINDOWS\System32\igfxhnor.lhp
[2012-12-30 20:07:02 | 000,059,095 | ---- | C] () -- C:\WINDOWS\System32\igfxhita.lhp
[2012-12-30 20:07:02 | 000,059,064 | ---- | C] () -- C:\WINDOWS\System32\igfxhheb.lhp
[2012-12-30 20:07:02 | 000,058,394 | ---- | C] () -- C:\WINDOWS\System32\igfxhcht.lhp
[2012-12-30 20:07:02 | 000,057,559 | ---- | C] () -- C:\WINDOWS\System32\igfxheng.lhp
[2012-12-30 20:07:02 | 000,057,430 | ---- | C] () -- C:\WINDOWS\System32\igfxhchs.lhp
[2012-12-30 20:07:02 | 000,056,937 | ---- | C] () -- C:\WINDOWS\System32\igfxhenu.lhp
[2012-12-30 20:03:24 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2012-12-30 20:02:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012-12-30 20:01:21 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012-12-30 20:00:55 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012-12-30 20:00:44 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2012-12-30 20:00:43 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2012-12-30 20:00:41 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012-12-30 20:00:29 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2012-12-30 20:00:23 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012-12-30 20:00:18 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2012-12-30 20:00:03 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2012-12-30 19:58:55 | 000,002,596 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2012-12-30 19:58:55 | 000,000,000 | ---- | C] () -- C:\MSDOS.SYS
[2012-12-30 19:58:55 | 000,000,000 | ---- | C] () -- C:\IO.SYS
[2012-12-30 19:58:55 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2012-12-30 19:58:55 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2012-12-30 19:58:44 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2012-12-30 19:58:44 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2012-12-30 19:58:42 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2012-12-30 19:57:00 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Movie Maker.lnk
[2012-12-30 19:56:46 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2012-12-30 19:56:14 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2012-12-30 19:56:14 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2012-12-30 19:56:09 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2012-12-30 19:55:56 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2012-12-30 19:55:45 | 000,379,904 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2012-12-30 19:54:47 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012-12-30 19:53:57 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Indiański pled.bmp
[2012-12-30 19:53:56 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Bąbelki.bmp
[2012-12-30 19:53:56 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Pod mikroskopem.bmp
[2012-12-30 19:53:56 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Stiuk z Santa Fe.bmp
[2012-12-30 19:53:56 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Wachlarze.bmp
[2012-12-30 19:53:56 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Nefryt.bmp
[2012-12-30 19:53:56 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp
[2012-12-30 19:53:56 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Na rybkach.bmp
[2012-12-30 19:53:56 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kawa.bmp
[2012-12-30 19:53:56 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Puch.bmp
[2012-12-30 19:53:56 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Niebieska koronka 16.bmp
[2012-12-30 19:53:53 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2012-12-30 19:53:53 | 000,001,225 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2012-12-30 19:53:52 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2012-12-30 19:53:45 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc

[color=#E56717]========== ZeroAccess Check ==========[/color]


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009-01-07 18:21:32 | 001,497,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2004-08-03 23:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004-08-03 23:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2012-12-31 11:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\GG
[2012-12-31 11:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenOffice.org
[2012-12-30 20:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera
[2012-12-30 22:41:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Tibia
[2013-01-18 15:26:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ArcaBit
[2012-12-31 10:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\GG
[2013-01-21 21:01:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2013-01-05 18:43:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Opera
[2013-01-11 18:28:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Altaron
[2013-01-06 13:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piootrek\Dane aplikacji\dll-files.com
[2013-01-05 18:31:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Opera
[2013-01-06 16:10:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Remere's Map Editor
[2013-01-05 19:11:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Tibia
[2013-01-14 18:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piootrek\Dane aplikacji\YDP

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012-12-30 19:52:14 | 000,000,211 | ---- | M] () -- C:\boot.ini
[2001-07-21 23:13:54 | 000,004,952 | ---- | M] () -- C:\Bootfont.bin
[2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\IO.SYS
[2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\MSDOS.SYS
[2004-08-03 21:38:34 | 000,047,564 | ---- | M] () -- C:\NTDETECT.COM
[2004-08-03 21:59:54 | 000,250,624 | ---- | M] () -- C:\ntldr
[2013-01-22 16:26:06 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys
[2013-01-02 16:07:15 | 000,173,141 | ---- | M] () -- C:\result.txt
[2013-01-22 17:48:31 | 000,005,970 | ---- | M] () -- C:\UsbFix.txt
[2013-01-22 17:48:06 | 1792,917,834 | ---- | M] () -- C:\UsbFix_Upload_Me_PIOTREK.zip

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 231 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B

< End of report >
[/log]

Extras

[log]

OTL Extras logfile created on: 2013-01-22 17:57:02 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Piootrek\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1015,48 Mb Total Physical Memory | 691,58 Mb Available Physical Memory | 68,10% Memory free
2,39 Gb Paging File | 2,15 Gb Available in Paging File | 89,83% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 44,78 Gb Free Space | 76,42% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 46,39 Gb Free Space | 95,01% Space Free | Partition Type: NTFS
Drive E: | 41,62 Gb Total Space | 37,85 Gb Free Space | 90,94% Space Free | Partition Type: NTFS
Drive G: | 3,63 Gb Total Space | 3,63 Gb Free Space | 100,00% Space Free | Partition Type: FAT32

Computer Name: PIOTREK | User Name: Piootrek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-436374069-2049760794-1417001333-1004\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML.G4EHL74QSLVOMH4CVX3CGXCZ5U] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"UacDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"FirewallOverride" = 1
"UpdatesDisableNotify" = 1
"UacDisableNotify" = 1

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2729:TCP" = 2729:TCP:*:Enabled:kffmn
"50000:TCP" = 50000:TCP:*:Enabled:ArcaVir CommunicationPort (A)
"50001:TCP" = 50001:TCP:*:Enabled:ArcaVir CommunicationPort (S)

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\WapSter\WapSter AQQ\AQQ.exe" = C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ -- (AQQ Sp. z o.o.)
"C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\UsbFix.exe" = C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\UsbFix.exe:*:Enabled:ipsec
"C:\Program Files\ArcaBit\ArcaVir\AVMenu.exe" = C:\Program Files\ArcaBit\ArcaVir\AVMenu.exe:*:Enabled:ipsec
"C:\UsbFix\Go.exe" = C:\UsbFix\Go.exe:*:Enabled:ipsec -- ()
"C:\WINDOWS\system32\igfxtray.exe" = C:\WINDOWS\system32\igfxtray.exe:*:Enabled:ipsec -- (Intel Corporation)
"C:\Program Files\ArcaBit\ArcaAgent\ArcaRemoteSvc.exe" = C:\Program Files\ArcaBit\ArcaAgent\ArcaRemoteSvc.exe:*:Enabled:ipsec
"C:\Program Files\Tibia\Tibia.exe" = C:\Program Files\Tibia\Tibia.exe:*:Enabled:ipsec -- (CipSoft GmbH)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:ipsec -- (Microsoft Corporation)
"C:\Program Files\ArcaBit\ArcaUpdate\update.exe" = C:\Program Files\ArcaBit\ArcaUpdate\update.exe:*:Enabled:ipsec
"C:\Program Files\Asprate\Tibia Multi IP Changer\Tibia MULTI-ip changer.exe" = C:\Program Files\Asprate\Tibia Multi IP Changer\Tibia MULTI-ip changer.exe:*:Enabled:ipsec -- (Asprate)
"C:\WINDOWS\EXPLORER.EXE" = C:\WINDOWS\Explorer.EXE:*:Enabled:ipsec -- (Microsoft Corporation)
"C:\WINDOWS\SOUNDMAN.EXE" = C:\WINDOWS\SOUNDMAN.EXE:*:Enabled:ipsec -- (Realtek Semiconductor Corp.)
"C:\Program Files\ArcaBit\Common\ArcaConfSV.exe" = C:\Program Files\ArcaBit\Common\ArcaConfSV.exe:*:Enabled:ipsec
"C:\WINDOWS\system32\hkcmd.exe" = C:\WINDOWS\system32\hkcmd.exe:*:Enabled:ipsec -- (Intel Corporation)
"C:\WINDOWS\system32\ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe:*:Enabled:ipsec -- (Microsoft Corporation)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0141D498-16DA-4221-A529-1D7A64BE8B05}" = OpenOffice.org 3.3
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0C0FE292-E7D0-4938-AA41-E6E5F72D21BC}" = Remere's Map Editor
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4849E74C-3408-467A-AF8B-F3DEC3C07542}" = Niezbędnik rowerzysty
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC1E4C93-C1E7-11D6-9D10-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.0_03
"{F41B3F68-C137-477A-9DD5-E231F512D84F}" = ArcaVir Prerequistes
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AQQ" = WapSter AQQ
"Dll-Files Fixer_is1" = Dll-Files Fixer
"E.M. Total Video Player 1.31_is1" = E.M. Total Video Player 1.31
"ElfBot NG_is1" = ElfBot NG 4.5.9
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
"Opera 12.12.1707" = Opera 12.12
"Piszę poprawnie 4" = Piszę poprawnie 4
"Recuva" = Recuva
"StmAdsl" = ADSL Modem
"Szkoła podstawowa klasa 4 - Tajemnice przyrody" = Szkoła podstawowa klasa 4 - Tajemnice przyrody
"Szkoła podstawowa klasa 4 - Wczoraj i dziś" = Szkoła podstawowa klasa 4 - Wczoraj i dziś
"Szkoła podstawowa klasy 4-6 - Muzyka na ekranie" = Szkoła podstawowa klasy 4-6 - Muzyka na ekranie
"Tibia_is1" = Tibia
"TMIPC" = Tibia MULTI-ip changer
"Usbfix" = UsbFix By El Desaparecido
"WIC" = Windows Imaging Component
"WinRAR archiver" = WinRAR 4.20 (32-bitowy)

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2013-01-14 12:00:59 | Computer Name = PIOTREK | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: To połączenie sieciowe nie istnieje.

Error - 2013-01-18 06:27:43 | Computer Name = PIOTREK | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd explorer.exe, wersja 6.2900.0.2180, moduł
powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x71a5664d.

Error - 2013-01-18 11:08:17 | Computer Name = PIOTREK | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

Error - 2013-01-19 06:52:02 | Computer Name = PIOTREK | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd rundll32.exe, wersja 5.1.2600.2180, moduł
powodujący błąd , wersja 0.0.0.0, adres błędu 0x00000000.

Error - 2013-01-19 09:34:41 | Computer Name = PIOTREK | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

Error - 2013-01-20 04:08:13 | Computer Name = PIOTREK | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

Error - 2013-01-21 10:54:13 | Computer Name = PIOTREK | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

Error - 2013-01-21 13:06:01 | Computer Name = PIOTREK | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

Error - 2013-01-21 13:32:34 | Computer Name = PIOTREK | Source = EventSystem | ID = 4618
Description = System zdarzeń modelu COM+ spowodował nieoczekiwane naruszenie praw
dostępu 0x774E2E03, próbując uzyskać dostęp do adresu 0x00000018. Skontaktuj się
z Pomocą techniczną firmy Microsoft i zgłoś ten błąd. ole32!StringFromGUID2+0x109
ole32!StringFromGUID2+0x98
ole32!CoMarshalInterface+0x658
ole32!CoMarshalInterface+0x7d2
RPCRT4!IUnknown_Release_Proxy+0x11
es!DllGetClassObject+0x33ca
es!DllGetClassObject+0x3b06
msmsgs!+0x105991
msvcrt!_cexit+0xf
ntdll!LdrInitializeThunk+0x29
ntdll!LdrShutdownProcess+0x142
kernel32!IsValidLocale+0x8eb
kernel32!ExitProcess+0x14
kernel32!FindAtomW+0x112a

Error - 2013-01-21 13:43:12 | Computer Name = PIOTREK | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd msiexec.exe, wersja 3.1.4000.1823, moduł
powodujący błąd , wersja 0.0.0.0, adres błędu 0x00000000.

[ System Events ]
Error - 2013-01-21 13:54:26 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023
Description = Usługa Przeglądarka komputera zakończyła działanie; wystąpił następujący
błąd: %%1460

Error - 2013-01-21 17:10:11 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu
następującego błędu: %%3

Error - 2013-01-21 17:10:11 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023
Description = Usługa jnjajl zakończyła działanie; wystąpił następujący błąd: %%1114

Error - 2013-01-21 17:15:05 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023
Description = Usługa Przeglądarka komputera zakończyła działanie; wystąpił następujący
błąd: %%1460

Error - 2013-01-22 11:28:02 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu
następującego błędu: %%3

Error - 2013-01-22 11:28:02 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023
Description = Usługa jnjajl zakończyła działanie; wystąpił następujący błąd: %%1114

Error - 2013-01-22 11:32:19 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7031
Description = Usługa Bufor wydruku niespodziewanie zakończyła pracę. Wystąpiło to
razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna:
Uruchom usługę ponownie.

Error - 2013-01-22 11:32:19 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7034
Description = Usługa Karta wydajności WMI niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2013-01-22 11:32:20 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7034
Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2013-01-22 11:32:44 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023
Description = Usługa Przeglądarka komputera zakończyła działanie; wystąpił następujący
błąd: %%1460


< End of report >
[/log]

[Natsuki Kuga]

W systemie ujawniła się o wiele groźniejsza infekcja niż te, które były widoczne wcześniej - mianowicie Sality, czyli infekcja plików wykonywalnych.

1. Do OTL wklej:
[spoiler]
:Files
C:\WINDOWS\system32\omepcb.dll
C:\WINDOWS\system32\drivers\khlnlg.sys

:Services
nfipqs
amsint32
[/spoiler]
Wykonaj skrypt.

2. Wykonaj pełne skanowanie wszystkich partycji następującymi skanerami:

• Rmslt: http://download.avgfree.com/filedir/util/avg_rem_sup.dir/rmsality/rmslt.exe
• SalityKiller: http://support.kaspersky.com/pl/faq/?qid=208279886
• DrWeb CureIT!: http://www.freedrweb.com/download+cureit/

Uwaga: Pliki mają być leczone, nie usuwane! Usuwać masz tylko wtedy, kiedy leczenie będzie niemożliwe. Należy skanować dotąd, aż narzędzia nie znajdą zagrożeń. Pokaż potem rapoty ze skanowań.

3. Uruchom ComboFix, przed właściwym skanowaniem zainstaluj konsolę odzyskiwania: http://www.fixitpc.pl/topic/7-dezynfekcja-narzedzie-combofix/ Pokaż raport.

Ważne: Jeśli napotkasz trudności z wykonaniem któregoś kroku, koniecznie o tym napisz.

 

 

[Soul_bullock]

/Edit: Póki co To po wykonaniu 1 kroku
[log]========== FILES ==========
File move failed. C:\WINDOWS\system32\omepcb.dll scheduled to be moved on reboot.
File\Folder C:\WINDOWS\system32\drivers\khlnlg.sys not found.
File\Folder :Services not found.
File\Folder nfipqs not found.
File\Folder amsint32 not found.

OTL by OldTimer - Version 3.2.69.0 log created on 01242013_203807

Files\Folders moved on Reboot...
C:\WINDOWS\system32\omepcb.dll moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
[/log]

Raporty z każdego pojedyńczego skanowania ?

Edytowane 24 stycznia 2013 przez Soul_bullock

[Natsuki Kuga]

Z ostatnich skanowań wystarczą.

[Soul_bullock]

[quote name='Natsuki Kuga' timestamp='1359050012' post='1683742'] SalityKiller: http://support.kaspe.../?qid=208279886 DrWeb CureIT!: http://www.freedrweb...ownload cureit/ [/quote]

Niestety nie mogę tego pobrać. Jeden sie nie otwiera a stronka sie nie ładuje. Jedyne co pobrałem to Rmslt

[Natsuki Kuga]

W takim razie skanuj nim (chyba że się nie uruchamia?).

[Soul_bullock]

Skanowanie trwa od wczoraj do tej pory i trwa nadal. Wgl zeby zaczęło działać trzeba bylo ponownie uruchomić komputer. Czy to dobrze czy zle ze tak dlugo to trwa?

Pisze z telefonu bo przez ten skan nie mam dostępu do komputera

[Natsuki Kuga]

To może potrwać dość długo. Ile plików jest już zainfekowanych?

[Soul_bullock]

Póki co jest tylko 1. Pisze ze 2 sie otwierają. Teraz znowu zaczyna sie skan. Jest podana ścieżka potem "scanning" i cleaned po zakończeniu ścieżki. Trwa to bardzo dlugo i zastanawiam sie czy to normalne. Bo komputer nie włączył sie normalnie tylko skan odbywa sie na niebieskim ekranie i to tez nie wiem czy jest normalne.

tak to wygląda i troche mnie niepokoi bo każda linijka wygląda tak samo i nie wiem czy sie zawiesiło czy co. A skan tak jak sie zaczął tak i trwa. Mam nadzieje ze zdjęcie jest chociaz troche czytelne.
//Edit

Raport z Rmslt

[log]Log from virus remover (Win32/Sality)

 

C:\Documents and Settings\Administrator\Dane aplikacji\GG\ggdrive\unggdrive-menu.exe Cleaned

C:\Documents and Settings\Administrator\Dane aplikacji\GG\ggdrive\unggdrive-overlay-admin.exe Cleaned

C:\Documents and Settings\Administrator\Pulpit\k35ficdl.exe Cleaned

C:\Documents and Settings\Administrator\Pulpit\OpenOffice.org 3.3 (pl) Installation Files\redist\vcredist_x64.exe Cleaned

C:\Documents and Settings\Administrator\Pulpit\OpenOffice.org 3.3 (pl) Installation Files\redist\vcredist_x86.exe Cleaned

C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GG\Application\ggdrive\ggdrive-menu.exe Cleaned

C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GG\Application\ggdrive\ggdrive-overlay.exe Cleaned

C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GG\Application\ggdrive\ggdrive-update.exe Cleaned

C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GG\Application\ggdrive\ggdrive.exe Cleaned

C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GG\Application\gghub.exe Cleaned

C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GG\Application\uninstall.exe Cleaned

C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-autoplay.exe Cleaned

C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\_ISTMP1.DIR\_ISTMP0.DIR\IsUninst.Exe Cleaned

C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\_ISTMP1.DIR\_ISTMP0.DIR\regsvr32.exe Cleaned

C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\_ISTMP2.DIR\_ISTMP0.DIR\IsUninst.Exe Cleaned

C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\_ISTMP2.DIR\_ISTMP0.DIR\regsvr32.exe Cleaned

C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\_ISTMP3.DIR\_ISTMP0.DIR\IsUninst.Exe Cleaned

C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\_ISTMP3.DIR\_ISTMP0.DIR\regsvr32.exe Cleaned

C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\_ISTMP4.DIR\_ISTMP0.DIR\IsUninst.Exe Cleaned

C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\_ISTMP4.DIR\_ISTMP0.DIR\regsvr32.exe Cleaned

C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\_ISTMP5.DIR\_ISTMP0.DIR\IsUninst.Exe Cleaned

C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\_ISTMP5.DIR\_ISTMP0.DIR\regsvr32.exe Cleaned

C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\_ISTMP6.DIR\_ISTMP0.DIR\IsUninst.Exe Cleaned

C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\_ISTMP6.DIR\_ISTMP0.DIR\regsvr32.exe Cleaned

C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\AQQ_PX_24370-x86.exe Cleaned

C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\chromeinstall-7u10.exe Cleaned

C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\dffsetup-msvcp100.exe Cleaned

C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\dxwebsetup.exe Cleaned

C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\Flash_Disinfector.exe Cleaned

C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\KillBox_[www.programosy.pl].exe Cleaned

C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\newestAltaron\Altaron.exe Cleaned

C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\otloader\Installer.exe Cleaned

C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\reglooks.exe Cleaned

C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\vcredist_x86.exe Cleaned

C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\wic_x86_enu.exe Cleaned

C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\WindowsInstaller-KB893803-v2-x86.exe Cleaned

C:\Documents and Settings\Piootrek\Moje dokumenty\ElfCrack.exe Cleaned

C:\Documents and Settings\Piootrek\Moje dokumenty\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\23.0.1271.97\23.0.1271.97_chrome_installer.exe Cleaned

C:\Documents and Settings\Piootrek\Moje dokumenty\setup-4.5.9.exe Cleaned

C:\Documents and Settings\Piootrek\Pulpit\OTL.exe Cleaned

C:\Documents and Settings\Piootrek\Pulpit\UsbFix.exe Cleaned

C:\Documents and Settings\Piootrek\Ustawienia lokalne\Temp\is1095167443\bundlesweetimsetup.exe Cleaned

C:\Documents and Settings\Piootrek\Ustawienia lokalne\Temporary Internet Files\Content.IE5\CSY4A8GM\AQQ_PX_24410-x86[1].exe Cleaned

C:\Documents and Settings\Piootrek\WapSter\AQQ Folder\Profiles\Piotrek\Data\Temp\UpdateAQQ.exe Cleaned

C:\NVIDIA\DisplayDriver\197.44\WinXP\International\hdaudio_1.0.9.1_xp_vista_win7.exe Cleaned

C:\NVIDIA\DisplayDriver\197.44\WinXP\International\nviewsetup.exe Cleaned

C:\NVIDIA\DisplayDriver\197.44\WinXP\International\nvudisp.exe Cleaned

C:\NVIDIA\DisplayDriver\197.44\WinXP\International\setup.exe Cleaned

C:\Program Files\Asprate\Tibia Multi IP Changer\Ip Changer Updater.exe Cleaned

C:\Program Files\Asprate\Tibia Multi IP Changer\Tibia MULTI-ip changer.exe Cleaned

C:\Program Files\Asprate\Tibia Multi IP Changer\UNinstaller.exe Cleaned

C:\Program Files\AvRack\rtlrack.exe Cleaned

C:\Program Files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe Cleaned

C:\Program Files\Common Files\Java\Java Update\jucheck.exe Cleaned

C:\Program Files\Common Files\Java\Java Update\jusched.exe Cleaned

C:\Program Files\Dll-Files.com Fixer\CleanSchedule.exe Cleaned

C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe Cleaned

C:\Program Files\Dll-Files.com Fixer\unins000.exe Cleaned

C:\Program Files\ElfBot NG\navserv.exe Cleaned

C:\Program Files\ElfBot NG\unins000.exe Cleaned

C:\Program Files\InstallShield Installation Information\{4849E74C-3408-467A-AF8B-F3DEC3C07542}\setup.exe Cleaned

C:\Program Files\InstallShield Installation Information\{7C21EEE0-E6FD-11D4-BD19-00D0B702AEC0}\Setup.exe Cleaned

C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe Cleaned

C:\Program Files\InstallShield Installation Information\{AC1E4C93-C1E7-11D6-9D10-00010240CE95}\Setup.exe Cleaned

C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe Cleaned

C:\Program Files\Java\j2re1.4.0_03\bin\java.exe Cleaned

C:\Program Files\Java\j2re1.4.0_03\bin\javaw.exe Cleaned

C:\Program Files\Java\j2re1.4.0_03\bin\jinstall.exe Cleaned

C:\Program Files\Java\j2re1.4.0_03\bin\keytool.exe Cleaned

C:\Program Files\Java\j2re1.4.0_03\bin\orbd.exe Cleaned

C:\Program Files\Java\j2re1.4.0_03\bin\policytool.exe Cleaned

C:\Program Files\Java\j2re1.4.0_03\bin\rmid.exe Cleaned

C:\Program Files\Java\j2re1.4.0_03\bin\rmiregistry.exe Cleaned

C:\Program Files\Java\j2re1.4.0_03\bin\servertool.exe Cleaned

C:\Program Files\Java\j2re1.4.0_03\bin\tnameserv.exe Cleaned

C:\Program Files\Messenger\msmsgs.exe Cleaned

C:\Program Files\neostrada tp\SafeInstall\neostrada.exe Cleaned

C:\Program Files\Niezbednik rowerzysty\data\content\course\unit_vc\media\vc.exe Cleaned

C:\Program Files\Niezbednik rowerzysty\data\fscommand\flashex.exe Cleaned

C:\Program Files\Niezbednik rowerzysty\data\fscommand\flashrec.exe Cleaned

C:\Program Files\Niezbednik rowerzysty\data\fscommand\flsearch.exe Cleaned

C:\Program Files\OpenOffice.org 3\Basis\program\python-core-2.6.1\bin\python.exe Cleaned

C:\Program Files\OpenOffice.org 3\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-6.0.exe Cleaned

C:\Program Files\OpenOffice.org 3\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-7.1.exe Cleaned

C:\Program Files\OpenOffice.org 3\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-8.0.exe Cleaned

C:\Program Files\OpenOffice.org 3\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-9.0.exe Cleaned

C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe Cleaned

C:\Program Files\Real Alternative\settings.exe Cleaned

C:\Program Files\Realtek AC97\alcrmv.exe Cleaned

C:\Program Files\Realtek AC97\ChCfg.exe Cleaned

C:\Program Files\Realtek AC97\SoundMan.exe Cleaned

C:\Program Files\Recuva\recuva.exe Cleaned

C:\Program Files\SweetIM\Messenger\SweetIM.exe Cleaned

C:\Program Files\Tibia\Patch.exe Cleaned

C:\Program Files\Tibia\Tibia.exe Cleaned

C:\Program Files\Tibia\unins000.exe Cleaned

C:\Program Files\Total Video Player\tvp.exe Cleaned

C:\Program Files\Total Video Player\unins000.exe Cleaned

C:\Program Files\WapSter\WapSter AQQ\AQQ.exe Cleaned

C:\Program Files\WapSter\WapSter AQQ\uninstall.exe Cleaned

C:\Program Files\Windows NT\hypertrm.exe Cleaned

C:\Program Files\ZTE ZXDSL 852\Disk1\DSLTest.exe Cleaned

C:\Program Files\ZTE ZXDSL 852\Disk1\setup.exe Cleaned

C:\Program Files\ZTE ZXDSL 852\Disk1\StmClean.exe Cleaned

C:\Program Files\ZTE ZXDSL 852\Disk1\stmtrace.exe Cleaned

C:\Program Files\ZTE ZXDSL 852\Disk1\usbenum.exe Cleaned

C:\rmslt.log Can't open

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001076.exe Cleaned

Log from virus remover (Win32/Sality)

 

Log from virus remover (Win32/Sality)

 

C:\Program Files\ElfBot NG\playerinfo\M\MocnY SqurwysyN Can't open

C:\rmslt.log Can't open

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001077.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001079.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001081.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001082.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001086.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001088.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001109.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001111.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001114.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001119.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001155.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001357.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001358.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001359.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001360.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001364.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001366.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001367.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001368.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001369.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002356.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002359.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002360.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002361.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002364.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002366.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002393.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002395.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002397.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002400.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002402.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002403.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002404.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002405.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002407.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002409.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002411.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002424.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002425.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002426.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002431.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002432.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002433.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002434.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002435.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002436.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002440.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002447.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002449.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002450.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002451.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002452.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002453.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002454.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002455.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002456.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002457.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002458.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002459.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002460.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002461.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002462.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002463.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002464.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002465.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002466.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002467.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002468.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002469.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002470.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002471.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002472.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002473.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002474.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002475.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002476.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002477.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002479.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002480.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002481.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002482.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002483.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002484.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002488.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002489.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002490.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002491.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002492.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002493.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002494.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002495.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002496.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002497.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002498.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002500.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002501.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002502.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002503.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002504.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002505.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002506.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002508.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002509.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002530.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002532.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002533.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002534.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002535.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002541.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002542.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002543.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002544.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002546.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002566.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002568.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002571.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002578.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002579.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002580.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002583.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002586.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002588.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002620.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002622.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002623.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002624.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002625.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002626.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002627.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002628.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002630.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002631.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002632.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002646.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002647.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002648.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002653.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002654.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002655.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002656.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002657.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002658.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002662.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002669.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002670.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002671.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002672.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002673.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002674.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002675.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002676.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002677.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002678.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002679.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002680.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002681.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002682.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002683.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002684.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002685.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002686.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002687.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002688.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002689.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002690.exe Cleaned

Log from virus remover (Win32/Sality)

 

C:\Program Files\ElfBot NG\playerinfo\M\MocnY SqurwysyN Can't open

C:\rmslt.log Can't open

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002691.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002692.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002693.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002694.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002695.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002696.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002697.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002699.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002700.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002701.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002702.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002703.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002704.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002708.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002709.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002710.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002711.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002712.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002713.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002714.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002715.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002716.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002717.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002718.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002720.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002721.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002722.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002723.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002724.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002725.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002726.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002727.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002728.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002729.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002749.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002750.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002751.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002752.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002753.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002758.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002759.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002760.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002761.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002763.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002783.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002785.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002788.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002790.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002791.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002792.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002793.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002794.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002798.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002799.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002800.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002801.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002802.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002803.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002804.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002805.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002806.EXE Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002807.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002808.EXE Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002809.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002810.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002815.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002816.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002817.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002818.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002819.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002823.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002824.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002826.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002827.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002829.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002830.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002842.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002843.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002854.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002873.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002874.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002875.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002876.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002877.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002879.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002880.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002881.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002892.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002893.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002894.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002899.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002900.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002901.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002902.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002903.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002904.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002908.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002915.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002916.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002917.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002918.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002919.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002920.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002921.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002922.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002923.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002924.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002925.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002926.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002927.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002928.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002929.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002930.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002931.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002932.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002933.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002934.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002935.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002936.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002937.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002938.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002939.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002940.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002941.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002942.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002943.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002944.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002945.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002946.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002947.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002948.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002949.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002950.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002954.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002955.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002956.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002957.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002958.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002959.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002960.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002961.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002962.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002963.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002964.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002966.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002967.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002968.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002969.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002970.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002971.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002972.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002973.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002974.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002975.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002998.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002999.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003000.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003001.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003003.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003023.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003025.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003028.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003030.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003031.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003032.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003033.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003034.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003038.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003039.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003040.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003041.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003042.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003043.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003044.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003045.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003046.EXE Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003047.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003048.EXE Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003058.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003059.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003060.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003061.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003062.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003065.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003066.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003067.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003068.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003069.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003070.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003071.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003112.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003114.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003115.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003120.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003121.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003122.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003123.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003124.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003125.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003129.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003134.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003135.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003136.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003137.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003138.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003139.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003141.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003143.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003145.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004134.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004135.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004136.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004137.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004139.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004140.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004141.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004143.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004145.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004188.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004189.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004190.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004195.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004196.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004197.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004198.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004199.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004200.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005134.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005136.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005137.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005138.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005139.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005140.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005143.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005145.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005146.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005196.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005197.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005199.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005200.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005202.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005203.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005204.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005205.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005206.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005207.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005208.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005210.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005211.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005212.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005213.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005214.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005217.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005219.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005221.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005222.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005227.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005229.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005233.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005236.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005250.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005255.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005272.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005297.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005301.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005302.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005306.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005308.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005309.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005310.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005311.rbf Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006136.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006137.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006138.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006142.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006145.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006147.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006174.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006180.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006182.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006183.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006185.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006187.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006202.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006203.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006204.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006209.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006210.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006211.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006212.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006213.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006214.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006218.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006225.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006226.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006227.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006228.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006229.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006230.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006231.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006235.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006236.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006237.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006238.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006239.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006240.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006241.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006242.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006243.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006244.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006245.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006247.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006248.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006249.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006250.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006251.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006252.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006253.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006254.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006255.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006256.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006276.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006277.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006278.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006279.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006280.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006284.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006285.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006286.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006287.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006289.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006309.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006311.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006314.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006316.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006317.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006318.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006319.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006328.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006329.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006330.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006333.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006336.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006338.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006370.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006371.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006374.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006375.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006376.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006378.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006389.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006390.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006391.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006396.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006397.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006398.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006399.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006400.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006401.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006410.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006411.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006412.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006415.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006418.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006420.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006451.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006453.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006455.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006456.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006458.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006464.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006466.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006473.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006474.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006475.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006476.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006477.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006478.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006490.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006503.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006504.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006505.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006510.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006511.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006512.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006513.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006514.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006515.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006519.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006526.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006527.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006528.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006529.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006530.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006531.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006532.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006536.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006537.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006538.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006539.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006540.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006541.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006542.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006543.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006544.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006545.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006546.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006548.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006549.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006550.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006551.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006552.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006553.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006554.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006555.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006556.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006557.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006578.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006579.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006580.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006581.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006582.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006586.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006587.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006588.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006589.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006591.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006611.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006613.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006616.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006618.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006619.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006620.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006621.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006622.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006626.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006627.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006628.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006629.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006630.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006631.EXE Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006632.EXE Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006638.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006639.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006640.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006643.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006646.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006648.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006680.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006682.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006684.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006685.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006686.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006688.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006689.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006700.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006701.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006702.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006707.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006708.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006709.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006710.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006711.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006712.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006717.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006718.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006720.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006721.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006722.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006724.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006725.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006726.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006727.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006728.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006729.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006730.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006740.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006751.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006752.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006753.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006754.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006755.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006756.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006757.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006761.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006762.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006763.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006764.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006765.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006766.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006767.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006768.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006769.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006770.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006772.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006773.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006774.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006775.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006776.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006777.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006778.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006779.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006780.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006781.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006801.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006802.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006803.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006804.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006805.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006809.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006810.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006811.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006812.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006814.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006834.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006836.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006839.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006841.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006842.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006843.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006844.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006845.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006849.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006850.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006851.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006852.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006853.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006854.EXE Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006855.EXE Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006856.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006857.EXE Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006865.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006866.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006906.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006907.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006908.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006913.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006914.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006915.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006916.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006917.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006918.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006925.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006926.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006927.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006930.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006933.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006935.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006966.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006968.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006971.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006973.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006974.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006976.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006977.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006978.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006993.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006994.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006995.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007000.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007001.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007002.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007003.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007004.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007005.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007011.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007018.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007019.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007020.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007021.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007022.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007023.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007024.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007028.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007029.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007030.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007031.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007032.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007033.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007034.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007035.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007036.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007037.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007039.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007040.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007041.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007042.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007043.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007044.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007045.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007046.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007047.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007048.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007068.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007069.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007070.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007071.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007072.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007076.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007077.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007078.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007079.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007081.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007107.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007109.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007112.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007115.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007116.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007117.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007118.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007119.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007123.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007124.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007125.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007126.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007127.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007128.EXE Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007129.EXE Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007130.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007131.EXE Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007140.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007141.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007142.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007143.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007144.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008139.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008140.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008141.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008142.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008143.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008152.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008153.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008155.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008157.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008161.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008163.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008193.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008195.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008197.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008198.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008200.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008201.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008202.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008203.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008204.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008218.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008219.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008220.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008223.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008226.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008228.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008260.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008261.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008264.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008265.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008266.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008268.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008269.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008270.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008271.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008272.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008285.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008286.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008287.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008292.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008293.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008294.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008295.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008296.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008297.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008301.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008303.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008304.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008305.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008306.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008307.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008308.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008309.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008310.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008311.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008312.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008313.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008314.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008315.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008316.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008317.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008318.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008319.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008320.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008321.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008322.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008323.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008324.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008325.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008326.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008327.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008328.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008329.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008330.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008331.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008332.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008333.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008334.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008335.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008336.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008337.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008338.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008339.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008340.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008341.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008342.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008343.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008344.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008345.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008346.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008347.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008348.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008349.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008350.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008351.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008352.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008353.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008354.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008355.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008356.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008357.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008358.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008359.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008360.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008361.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008362.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008363.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008364.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008365.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008366.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008367.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008368.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008369.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008370.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008371.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008372.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008373.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008374.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008375.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008376.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008377.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008378.exe Cleaned

C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008379.exe Cleaned

C:\UsbFix\Backup\Registry-2013-01-18\ERDNT.EXE Cleaned

C:\UsbFix\Backup\Registry-2013-01-22\ERDNT.EXE Cleaned

C:\UsbFix\Go.exe Cleaned

C:\UsbFix\Quarantine\C\Recycler\S-1-5-21-1482476501-1644491937-682003330-1013\iuhx32.exe.vir Cleaned

C:\UsbFix\Quarantine\C\Recycler\S-1-5-21-436374069-2049760794-1417001333-1004\Dc1\ElfCrack.exe.vir Cleaned

C:\UsbFix\Quarantine\C\Recycler\S-1-5-21-436374069-2049760794-1417001333-1004\Dc1\setup-4.5.9.exe.vir Cleaned

C:\UsbFix\Quarantine\C\Recycler\S-1-5-21-436374069-2049760794-1417001333-1004\Dc3\[000010]\Mega Evo by Help3R NEW UPDATE 2012\Silnik\TheForgottenServer.exe.vir Cleaned

C:\UsbFix\Quarantine\G\EXPLORER.EXE.vir Cleaned

C:\UsbFix\Quarantine\G\Recycler\e621ca05.exe.vir Cleaned

C:\UsbFix\Un-UsbFix.exe Cleaned

C:\WINDOWS\soundman.exe Cleaned

C:\WINDOWS\system32\hkcmd.exe Cleaned

C:\WINDOWS\system32\igfxtray.exe Cleaned

C:\WINDOWS\system32\rundll32.exe.tmp Cleaned

C:\_OTL\MovedFiles\01022013_153353\C_WINDOWS\system32\EXPLORER.EXE Cleaned

D:\lineage2eu-4game.exe Cleaned

D:\OTs\TFS 8.6\TheForgottenServer8.60V3.exe Cleaned

D:\Runes_of_Magic_4_0_8_2506_slim_eu.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000115.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001094.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001133.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001134.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001135.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002372.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002421.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002422.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002423.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002596.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002643.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002644.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002645.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002841.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002889.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002890.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002891.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003084.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003110.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003111.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003113.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003154.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004154.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004185.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004186.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004187.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005158.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006157.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006198.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006199.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006200.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006354.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006386.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006387.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006388.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006434.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006498.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006499.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006500.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006664.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006697.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006698.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006699.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006880.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006903.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006904.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006905.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006940.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006989.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006990.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006991.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008174.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008244.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008281.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008282.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008283.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0009311.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0009312.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0009313.exe Cleaned

D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\change.log Can't open

D:\tvpsetup.exe Cleaned

E:\sterowniki\Drivers\Setup.exe Cleaned

E:\sterowniki\Drivers\SetupRtl8139.exe Cleaned

E:\sterowniki\INFUpdate\infinst_autol.exe Cleaned

E:\sterowniki\motherboard_driver_audio_realtek_whql.exe Cleaned

E:\sterowniki\motherboard_driver_chipset_intel_inf.exe Cleaned

E:\sterowniki\motherboard_driver_lan_realtek_81xx.exe Cleaned

E:\sterowniki\motherboard_driver_vga_intel_2kxp.exe Cleaned

E:\sterowniki\Realtek\Ap\MPIE4STD.EXE Cleaned

E:\sterowniki\Realtek\Ap\Mpstd.exe Cleaned

E:\sterowniki\Realtek\setup.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000103.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000104.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000106.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000107.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000109.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000111.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000114.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000116.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000117.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000119.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000120.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000124.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000127.EXE Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000129.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000131.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000132.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000133.EXE Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000134.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000135.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000136.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000138.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001078.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001080.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001083.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001084.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001087.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001089.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001091.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001106.EXE Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001107.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001115.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001362.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001363.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001371.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001372.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002357.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002358.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002362.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002363.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002365.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002367.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002369.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002380.EXE Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002382.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002391.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002581.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002582.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002584.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002585.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002587.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002589.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002591.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002602.EXE Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002603.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002611.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002825.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002828.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002832.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002834.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002835.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002837.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002838.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002851.EXE Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002852.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002860.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003072.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003073.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003074.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003075.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003077.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003078.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003079.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003089.EXE Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003090.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003095.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003142.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003144.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003147.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003148.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003151.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003152.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003153.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003163.EXE Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003164.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003169.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004142.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004144.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004147.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004148.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004151.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004152.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004153.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004163.EXE Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004164.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004169.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005142.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005144.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005150.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005151.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005153.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005154.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005155.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005165.EXE Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005166.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005171.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006139.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006140.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006143.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006144.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006146.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006148.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006150.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006163.EXE Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006165.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006172.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006331.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006332.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006334.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006335.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006337.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006339.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006341.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006351.EXE Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006352.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006359.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006413.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006414.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006416.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006417.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006419.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006421.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006423.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006433.EXE Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006435.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006444.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006641.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006642.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006644.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006645.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006647.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006649.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006651.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006661.EXE Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006662.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006669.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006867.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006868.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006869.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006870.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006871.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006872.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006873.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006883.EXE Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006884.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006889.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006928.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006929.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006931.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006932.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006934.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006937.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006939.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006950.EXE Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006951.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006960.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008154.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008156.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008159.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008160.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008162.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008164.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008166.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008177.EXE Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008179.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008187.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008221.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008222.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008224.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008225.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008227.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008229.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008231.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008241.EXE Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008242.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008249.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0009315.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0009316.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0009317.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0009318.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0009319.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0009320.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0009321.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0009322.EXE Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0009323.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0009324.exe Cleaned

E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\change.log Can't open

[/log]

Jednak on nie usunął wiekszości. Zrobił to Sality Killer (ten od kasperskiego, jednak tu nie pokazał sie żaden raport) a po skanie Dr. Web ujawniły się już tylko trojany w sumie coś ok 36.

//Edit2:

Log z Combofixa

[log]

ComboFix 13-01-28.02 - Piootrek 2013-01-28 20:48:07.1.1 - x86
Uruchomiony z: c:\documents and settings\Piootrek\Pulpit\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Dane aplikacji\TEMP
c:\windows\EventSystem.log
c:\windows\IsUn0415.exe
c:\windows\msmqinst.log
c:\windows\regopt.log
c:\windows\system32\rundll32.exe.tmp
c:\windows\system32\setup.ini
.
.
((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_AMSINT32
-------\Service_amsint32
.
.
((((((((((((((((((((((((( Pliki utworzone od 2012-12-28 do 2013-01-28 )))))))))))))))))))))))))))))))
.
.
2013-01-28 19:00 . 2013-01-28 19:18 -------- d-----w- C:\xampp
2013-01-18 14:55 . 2013-01-22 16:51 -------- d-----w- C:\UsbFix
2013-01-06 13:29 . 2013-01-06 13:29 -------- d-----w- C:\NVIDIA
2013-01-02 14:33 . 2013-01-02 14:33 -------- d-----w- C:\_OTL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-22 16:48 . 2013-01-22 16:09 1792917834 ----a-w- C:\UsbFix_Upload_Me_PIOTREK.zip
.
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay1]
@="{E68D0A50-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A50-3C40-4712-B90D-DCFA93FF2534}]
2012-06-05 09:41 1232896 ----a-w- c:\documents and settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay2]
@="{E68D0A51-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A51-3C40-4712-B90D-DCFA93FF2534}]
2012-06-05 09:41 1232896 ----a-w- c:\documents and settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay3]
@="{E68D0A52-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A52-3C40-4712-B90D-DCFA93FF2534}]
2012-06-05 09:41 1232896 ----a-w- c:\documents and settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay4]
@="{E68D0A53-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A53-3C40-4712-B90D-DCFA93FF2534}]
2012-06-05 09:41 1232896 ----a-w- c:\documents and settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-07-01 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-07-01 118784]
"SoundMan"="SOUNDMAN.EXE" [2006-08-02 577536]
"AdslTaskBar"="stmctrl.dll" [2006-06-02 151552]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 247296]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2012-10-04 106496]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\WapSter\\WapSter AQQ\\AQQ.exe"=
"c:\\UsbFix\\Go.exe"=
"c:\\WINDOWS\\system32\\igfxtray.exe"=
"c:\\Program Files\\Tibia\\Tibia.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Asprate\\Tibia Multi IP Changer\\Tibia MULTI-ip changer.exe"=
"c:\\WINDOWS\\SOUNDMAN.EXE"=
"c:\\WINDOWS\\system32\\hkcmd.exe"=
"c:\\Documents and Settings\\Piootrek\\Pulpit\\OTL.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2729:TCP"= 2729:TCP:kffmn
"50000:TCP"= 50000:TCP:ArcaVir CommunicationPort (A)
"50001:TCP"= 50001:TCP:ArcaVir CommunicationPort (S)
.
R3 Stmatm;ATM/ADSL miniport;c:\windows\system32\drivers\stmatm.sys [2012-12-30 60255]
R3 TaurusUsb;ADSL Modem USB Service;c:\windows\system32\drivers\torususb.sys [2012-12-30 684265]
S2 nfipqs;jnjajl;c:\windows\system32\svchost.exe -k netsvcs [2004-08-03 14336]
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ojumdcjt
nfipqs
.
Zawartość folderu 'Zaplanowane zadania'
.
2013-01-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-30 16:28]
.
2013-01-23 c:\windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
- c:\program files\Dll-Files.com Fixer\DLLFixer.exe [2013-01-06 09:56]
.
2013-01-19 c:\windows\Tasks\DLL-Files.Com Fixer_Updates.job
- c:\program files\Dll-Files.com Fixer\DLLFixer.exe [2013-01-06 09:56]
.
.
------- Skan uzupełniający -------
.
TCP: Interfaces\{C623AF4C-8D95-491C-9A29-24DCEC5B7DCF}: NameServer = 194.204.159.1 194.204.152.34
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
HKLM-Run-ABREGMON - c:\program files\ArcaBit\ArcaVir\ABregmon.exe
AddRemove-Google Chrome - c:\program files\Google\Chrome\Application\23.0.1271.97\Installer\setup.exe
AddRemove-Piszę poprawnie 4 - c:\windows\IsUn0415.exe
AddRemove-Szkoła podstawowa klasa 4 - Tajemnice przyrody - c:\windows\IsUn0415.exe
AddRemove-Szkoła podstawowa klasa 4 - Wczoraj i dziś - c:\windows\IsUn0415.exe
AddRemove-Szkoła podstawowa klasy 4-6 - Muzyka na ekranie - c:\windows\IsUn0415.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-28 21:04
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
.
skanowanie ukrytych procesów ...
.
skanowanie ukrytych wpisów autostartu ...
.
skanowanie ukrytych plików ...
.
skanowanie pomyślnie ukończone
ukryte pliki: 0
.
**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
.
- - - - - - - > 'explorer.exe'(2700)
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\windows\SOUNDMAN.EXE
c:\windows\system32\rundll32.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Czas ukończenia: 2013-01-28 21:11:22 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2013-01-28 20:11
.
Przed: 47 323 697 152 bajtów wolnych
Po: 47 432 364 032 bajtów wolnych
.
WindowsXP-KB310994-SP2-Home-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - BA60231F4F1FFF657EFC5C2D47AF60D2
[/log]

Edytowane 28 stycznia 2013 przez Soul_bullock

[Zayfi]

Postaw system od nowa usuwając wszystkie partycje. infekcja sality jest trudna do wyleczenia i nigdy nie kończy sie na samym leczeniu. trzeba przeinstalować wszystkie aplikacje od nowa ponieważ pliki wykonywalne są uszkodzone.

[Soul_bullock]

Postaw system od nowa usuwając wszystkie partycje. infekcja sality jest trudna do wyleczenia i nigdy nie kończy sie na samym leczeniu. trzeba przeinstalować wszystkie aplikacje od nowa ponieważ pliki wykonywalne są uszkodzone.

Myślę, że odpuszczę sobie Twoją "złotą" radę i poczekam na odpowiedź osoby prowadzącej mnie od początku.

[Zayfi]

Myślę, że odpuszczę sobie Twoją "złotą" radę i poczekam na odpowiedź osoby prowadzącej mnie od początku.

Poczekaj. Masz prawo. Tym bardziej że Twoja wiedza o infekcji Sality jest żadna.

[Soul_bullock]

Odświeżam. Log po ComboFixie jest do sprawdzenia.