Soul_bullock utworzono 30 grudnia 2012 utworzono 30 grudnia 2012 Chodzi mi o EXPOLORER.exe ( a nie explorer ) szukałem i znalazłem jakies tematy ale nie do końca rozumiem o co w nich chodzi :/ czy jest w stanie mi ktoś wytłumaczyć jak mam sie tego pozbyc ? Najlpeiej bez potrzeby formatowania. Ważne by było to dla mnie zrozumiałe ;D
Natsuki Kuga komentarz 1 stycznia 2013 komentarz 1 stycznia 2013 Zapoznaj się z przyklejonymi w dziale Bezpieczeństwo i pokaż odpowiednie logi.
Soul_bullock komentarz 1 stycznia 2013 Autor komentarz 1 stycznia 2013 (edytowane) Przy OTL byla opcja "pomiń znane dobre pliki" czy to źle że ją zaznaczyłem ? [b]OTL.txt[/b] [log]OTL logfile created on: 2013-01-01 18:05:41 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Moje dokumenty\Downloads Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1015,48 Mb Total Physical Memory | 660,21 Mb Available Physical Memory | 65,01% Memory free 2,39 Gb Paging File | 2,08 Gb Available in Paging File | 87,16% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 58,59 Gb Total Space | 54,08 Gb Free Space | 92,29% Space Free | Partition Type: NTFS Drive D: | 48,83 Gb Total Space | 47,47 Gb Free Space | 97,23% Space Free | Partition Type: NTFS Drive E: | 41,62 Gb Total Space | 38,54 Gb Free Space | 92,61% Space Free | Partition Type: NTFS Computer Name: PIOTREK | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2013-01-01 17:56:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Moje dokumenty\Downloads\OTL.exe PRC - [2012-12-31 11:42:51 | 000,170,408 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2012-12-30 22:20:32 | 000,323,584 | ---- | M] (Asprate) -- C:\Program Files\Asprate\Tibia Multi IP Changer\Tibia MULTI-ip changer.exe PRC - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe PRC - [2006-08-02 22:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe PRC - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2004-08-03 23:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2004-08-03 23:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2004-08-03 23:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2004-08-03 23:44:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004-08-03 23:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2004-08-03 23:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2004-08-03 23:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2004-07-01 05:02:52 | 000,155,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxtray.exe PRC - [2004-07-01 04:58:46 | 000,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2013-01-01 17:56:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Moje dokumenty\Downloads\OTL.exe MOD - [2012-12-31 11:42:51 | 000,768,848 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Java\jre7\bin\msvcr100.dll MOD - [2012-12-31 11:42:51 | 000,170,408 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe MOD - [2012-12-30 22:20:32 | 000,323,584 | ---- | M] (Asprate) -- C:\Program Files\Asprate\Tibia Multi IP Changer\Tibia MULTI-ip changer.exe MOD - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe MOD - [2012-12-05 02:15:15 | 012,456,040 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll MOD - [2012-12-05 02:15:15 | 000,460,904 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppgooglenaclpluginchrome.dll MOD - [2012-12-05 02:15:14 | 004,008,040 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll MOD - [2012-12-05 02:14:27 | 009,963,112 | ---- | M] (The ICU Project) -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\icudt.dll MOD - [2012-12-05 02:14:23 | 041,743,976 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\chrome.dll MOD - [2012-12-05 02:14:21 | 000,157,304 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avutil-51.dll MOD - [2012-12-05 02:14:20 | 000,275,576 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avformat-54.dll MOD - [2012-12-05 02:14:19 | 002,168,952 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll MOD - [2012-10-13 11:38:14 | 000,856,064 | ---- | M] (GG Network S.A.) -- C:\Documents and Settings\Administrator\Dane aplikacji\GG\ggdrive\ggdrive-menu.dll MOD - [2012-06-05 10:41:30 | 001,232,896 | ---- | M] (GG Network S.A.) -- C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll MOD - [2011-01-17 16:19:10 | 000,420,864 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll MOD - [2009-07-12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll MOD - [2009-07-12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll MOD - [2006-08-02 22:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe MOD - [2006-06-02 12:01:34 | 000,151,552 | R--- | M] (STMicroelectronics ) -- C:\WINDOWS\system32\stmctrl.dll MOD - [2004-08-03 23:54:52 | 000,359,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll MOD - [2004-08-03 23:54:52 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll MOD - [2004-08-03 23:54:52 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll MOD - [2004-08-03 23:54:52 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv MOD - [2004-08-03 23:54:52 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll MOD - [2004-08-03 23:54:52 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll MOD - [2004-08-03 23:44:32 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\h323.tsp MOD - [2004-08-03 23:44:32 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp MOD - [2004-08-03 23:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2004-08-03 23:44:32 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ndptsp.tsp MOD - [2004-08-03 23:44:32 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp MOD - [2004-08-03 23:44:32 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp MOD - [2004-08-03 23:44:32 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipconf.tsp MOD - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe MOD - [2004-08-03 23:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe MOD - [2004-08-03 23:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe MOD - [2004-08-03 23:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe MOD - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe MOD - [2004-08-03 23:44:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe MOD - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe MOD - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe MOD - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe MOD - [2004-08-03 23:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe MOD - [2004-08-03 23:44:16 | 000,658,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll MOD - [2004-08-03 23:44:16 | 000,437,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll MOD - [2004-08-03 23:44:16 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll MOD - [2004-08-03 23:44:16 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll MOD - [2004-08-03 23:44:16 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll MOD - [2004-08-03 23:44:16 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2004-08-03 23:44:16 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll MOD - [2004-08-03 23:44:16 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprov.dll MOD - [2004-08-03 23:44:16 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll MOD - [2004-08-03 23:44:16 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll MOD - [2004-08-03 23:44:16 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll MOD - [2004-08-03 23:44:16 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll MOD - [2004-08-03 23:44:16 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll MOD - [2004-08-03 23:44:16 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiaprpl.dll MOD - [2004-08-03 23:44:16 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll MOD - [2004-08-03 23:44:16 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll MOD - [2004-08-03 23:44:16 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll MOD - [2004-08-03 23:44:16 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll MOD - [2004-08-03 23:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll MOD - [2004-08-03 23:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll MOD - [2004-08-03 23:44:16 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll MOD - [2004-08-03 23:44:16 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll MOD - [2004-08-03 23:44:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2004-08-03 23:44:14 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll MOD - [2004-08-03 23:44:14 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll MOD - [2004-08-03 23:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2004-08-03 23:44:14 | 000,530,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll MOD - [2004-08-03 23:44:14 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll MOD - [2004-08-03 23:44:14 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll MOD - [2004-08-03 23:44:14 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll MOD - [2004-08-03 23:44:14 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll MOD - [2004-08-03 23:44:14 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll MOD - [2004-08-03 23:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll MOD - [2004-08-03 23:44:14 | 000,246,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapisrv.dll MOD - [2004-08-03 23:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2004-08-03 23:44:14 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll MOD - [2004-08-03 23:44:14 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll MOD - [2004-08-03 23:44:14 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll MOD - [2004-08-03 23:44:14 | 000,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll MOD - [2004-08-03 23:44:14 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll MOD - [2004-08-03 23:44:14 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll MOD - [2004-08-03 23:44:14 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll MOD - [2004-08-03 23:44:14 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll MOD - [2004-08-03 23:44:14 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemsvc.dll MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemprox.dll MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2004-08-03 23:44:14 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll MOD - [2004-08-03 23:44:14 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uniplat.dll MOD - [2004-08-03 23:44:12 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2004-08-03 23:44:12 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll MOD - [2004-08-03 23:44:12 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll MOD - [2004-08-03 23:44:12 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll MOD - [2004-08-03 23:44:12 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll MOD - [2004-08-03 23:44:12 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll MOD - [2004-08-03 23:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2004-08-03 23:44:12 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll MOD - [2004-08-03 23:44:12 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll MOD - [2004-08-03 23:44:10 | 008,412,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2004-08-03 23:44:10 | 001,483,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll MOD - [2004-08-03 23:44:10 | 001,439,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\query.dll MOD - [2004-08-03 23:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2004-08-03 23:44:10 | 000,675,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll MOD - [2004-08-03 23:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2004-08-03 23:44:10 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll MOD - [2004-08-03 23:44:10 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll MOD - [2004-08-03 23:44:10 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll MOD - [2004-08-03 23:44:10 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll MOD - [2004-08-03 23:44:10 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasppp.dll MOD - [2004-08-03 23:44:10 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll MOD - [2004-08-03 23:44:10 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll MOD - [2004-08-03 23:44:10 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll MOD - [2004-08-03 23:44:10 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasmans.dll MOD - [2004-08-03 23:44:10 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll MOD - [2004-08-03 23:44:10 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll MOD - [2004-08-03 23:44:10 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll MOD - [2004-08-03 23:44:10 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll MOD - [2004-08-03 23:44:10 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll MOD - [2004-08-03 23:44:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2004-08-03 23:44:10 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll MOD - [2004-08-03 23:44:10 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll MOD - [2004-08-03 23:44:10 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastapi.dll MOD - [2004-08-03 23:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2004-08-03 23:44:10 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll MOD - [2004-08-03 23:44:10 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll MOD - [2004-08-03 23:44:10 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll MOD - [2004-08-03 23:44:10 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll MOD - [2004-08-03 23:44:10 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll MOD - [2004-08-03 23:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2004-08-03 23:44:10 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll MOD - [2004-08-03 23:44:10 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll MOD - [2004-08-03 23:44:10 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll MOD - [2004-08-03 23:44:10 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll MOD - [2004-08-03 23:44:10 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll MOD - [2004-08-03 23:44:08 | 001,714,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll MOD - [2004-08-03 23:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2004-08-03 23:44:08 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netcfgx.dll MOD - [2004-08-03 23:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2004-08-03 23:44:08 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll MOD - [2004-08-03 23:44:08 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll MOD - [2004-08-03 23:44:08 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pdh.dll MOD - [2004-08-03 23:44:08 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll MOD - [2004-08-03 23:44:08 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll MOD - [2004-08-03 23:44:08 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll MOD - [2004-08-03 23:44:08 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll MOD - [2004-08-03 23:44:08 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll MOD - [2004-08-03 23:44:08 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2004-08-03 23:44:08 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mydocs.dll MOD - [2004-08-03 23:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2004-08-03 23:44:08 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll MOD - [2004-08-03 23:44:08 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll MOD - [2004-08-03 23:44:08 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll MOD - [2004-08-03 23:44:08 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll MOD - [2004-08-03 23:44:08 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfctrs.dll MOD - [2004-08-03 23:44:08 | 000,038,912 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll MOD - [2004-08-03 23:44:08 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll MOD - [2004-08-03 23:44:08 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfproc.dll MOD - [2004-08-03 23:44:08 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfdisk.dll MOD - [2004-08-03 23:44:08 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfos.dll MOD - [2004-08-03 23:44:08 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcbcp.dll MOD - [2004-08-03 23:44:08 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll MOD - [2004-08-03 23:44:08 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll MOD - [2004-08-03 23:44:08 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlsapi.dll MOD - [2004-08-03 23:44:06 | 002,804,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll MOD - [2004-08-03 23:44:06 | 001,392,671 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvbvm60.dll MOD - [2004-08-03 23:44:06 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll MOD - [2004-08-03 23:44:06 | 000,537,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msftedit.dll MOD - [2004-08-03 23:44:06 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll MOD - [2004-08-03 23:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-03 23:44:06 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll MOD - [2004-08-03 23:44:06 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll MOD - [2004-08-03 23:44:06 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll MOD - [2004-08-03 23:44:06 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll MOD - [2004-08-03 23:44:06 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll MOD - [2004-08-03 23:44:06 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msidle.dll MOD - [2004-08-03 23:44:06 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll MOD - [2004-08-03 23:44:04 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll MOD - [2004-08-03 23:44:04 | 000,425,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcprx.dll MOD - [2004-08-03 23:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll MOD - [2004-08-03 23:44:04 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcuiu.dll MOD - [2004-08-03 23:44:04 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll MOD - [2004-08-03 23:44:04 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll MOD - [2004-08-03 23:44:04 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll MOD - [2004-08-03 23:44:04 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll MOD - [2004-08-03 23:44:04 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll MOD - [2004-08-03 23:44:04 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2004-08-03 23:44:02 | 001,024,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42u.dll MOD - [2004-08-03 23:44:02 | 001,012,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2004-08-03 23:44:02 | 000,723,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll MOD - [2004-08-03 23:44:02 | 000,343,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll MOD - [2004-08-03 23:44:02 | 000,331,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipnathlp.dll MOD - [2004-08-03 23:44:02 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll MOD - [2004-08-03 23:44:02 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll MOD - [2004-08-03 23:44:02 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\loadperf.dll MOD - [2004-08-03 23:44:02 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll MOD - [2004-08-03 23:44:02 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll MOD - [2004-08-03 23:44:02 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfcsubs.dll MOD - [2004-08-03 23:44:02 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lpk.dll MOD - [2004-08-03 23:44:02 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll MOD - [2004-08-03 23:44:02 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll MOD - [2004-08-03 23:44:00 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll MOD - [2004-08-03 23:44:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2004-08-03 23:44:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll MOD - [2004-08-03 23:44:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2004-08-03 23:44:00 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll MOD - [2004-08-03 23:43:58 | 001,092,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll MOD - [2004-08-03 23:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll MOD - [2004-08-03 23:43:58 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\duser.dll MOD - [2004-08-03 23:43:58 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll MOD - [2004-08-03 23:43:58 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll MOD - [2004-08-03 23:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll MOD - [2004-08-03 23:43:56 | 001,251,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comsvcs.dll MOD - [2004-08-03 23:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2004-08-03 23:43:56 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dbghelp.dll MOD - [2004-08-03 23:43:56 | 000,611,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll MOD - [2004-08-03 23:43:56 | 000,601,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll MOD - [2004-08-03 23:43:56 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll MOD - [2004-08-03 23:43:56 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dsound.dll MOD - [2004-08-03 23:43:56 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll MOD - [2004-08-03 23:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-03 23:43:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll MOD - [2004-08-03 23:43:56 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll MOD - [2004-08-03 23:43:56 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll MOD - [2004-08-03 23:43:56 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll MOD - [2004-08-03 23:43:56 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptnet.dll MOD - [2004-08-03 23:43:56 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\colbact.dll MOD - [2004-08-03 23:43:56 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll MOD - [2004-08-03 23:43:56 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\devenum.dll MOD - [2004-08-03 23:43:56 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll MOD - [2004-08-03 23:43:56 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll MOD - [2004-08-03 23:43:56 | 000,024,064 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\system32\dmserver.dll MOD - [2004-08-03 23:43:56 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll MOD - [2004-08-03 23:43:54 | 001,017,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll MOD - [2004-08-03 23:43:54 | 000,628,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\catsrvut.dll MOD - [2004-08-03 23:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2004-08-03 23:43:54 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\catsrv.dll MOD - [2004-08-03 23:43:54 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll MOD - [2004-08-03 23:43:54 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll MOD - [2004-08-03 23:43:54 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll MOD - [2004-08-03 23:43:54 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\asycfilt.dll MOD - [2004-08-03 23:43:54 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll MOD - [2004-08-03 23:43:54 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll MOD - [2004-08-03 23:43:54 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll MOD - [2004-08-03 23:43:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll MOD - [2004-08-03 23:43:54 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll MOD - [2004-08-03 23:43:54 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll MOD - [2004-08-03 23:43:52 | 001,852,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcGenral.dll MOD - [2004-08-03 23:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2004-08-03 23:43:52 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll MOD - [2004-08-03 23:43:52 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll MOD - [2004-08-03 23:43:52 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll MOD - [2004-08-03 23:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2004-08-03 23:43:42 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapres.dll MOD - [2004-08-03 23:43:42 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll MOD - [2004-08-03 23:43:30 | 002,953,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll MOD - [2004-08-03 23:43:20 | 000,563,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdoclc.dll MOD - [2004-08-03 23:43:14 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll MOD - [2004-08-03 23:43:08 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll MOD - [2004-08-03 23:42:40 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browselc.dll MOD - [2004-08-03 23:42:34 | 001,712,128 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\GdiPlus.dll MOD - [2004-08-03 23:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2004-08-03 22:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2004-08-03 21:31:44 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll MOD - [2004-08-03 21:31:44 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll MOD - [2004-07-01 05:03:56 | 000,167,936 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxres.dll MOD - [2004-07-01 05:02:52 | 000,155,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxtray.exe MOD - [2004-07-01 05:02:28 | 000,225,280 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpph.dll MOD - [2004-07-01 04:58:46 | 000,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe MOD - [2004-07-01 04:58:34 | 000,126,976 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxhk.dll MOD - [2004-07-01 04:58:26 | 000,344,064 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.dll MOD - [2004-07-01 04:58:02 | 001,097,728 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxress.dll MOD - [2004-07-01 04:57:50 | 000,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hccutils.dll MOD - [2004-07-01 04:57:42 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxdev.dll MOD - [2001-10-26 18:30:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv MOD - [2001-10-26 18:29:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\traffic.dll MOD - [2001-10-26 18:29:44 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\utildll.dll MOD - [2001-10-26 18:29:44 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapiperf.dll MOD - [2001-10-26 18:29:40 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll MOD - [2001-10-26 18:29:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfnet.dll MOD - [2001-10-26 18:29:40 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasctrs.dll MOD - [2001-10-26 18:29:40 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfts.dll MOD - [2001-10-26 18:29:40 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pschdprf.dll MOD - [2001-10-26 18:29:40 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvpperf.dll MOD - [2001-10-26 18:28:30 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2012-12-31 11:42:51 | 000,170,408 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012-12-31 00:28:18 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2004-08-03 23:44:02 | 000,174,326 | RHS- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\omepcb.dll -- (ojumdcjt) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCAMPR5.SYS -- (PCAMPR5) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2006-08-18 06:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) DRV - [2006-05-25 16:28:44 | 000,684,265 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb) DRV - [2004-08-04 00:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2003-08-12 15:51:00 | 000,060,255 | R--- | M] (STMicroelectronics ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm) DRV - [2003-08-04 13:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5) DRV - [2001-08-17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) DRV - [2001-08-17 21:12:40 | 000,019,017 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8029.sys -- (rtl8029) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-436374069-2049760794-1417001333-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.neostrada.pl"]http://www.neostrada.pl[/url] IE - HKU\S-1-5-21-436374069-2049760794-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.) [2012-12-31 10:04:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions [color=#E56717]========== Chrome ==========[/color] CHR - homepage: CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}, CHR - homepage: CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll CHR - Extension: Dysk Google = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Szukaj w Google = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Gmail = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [AdslTaskBar] C:\WINDOWS\System32\stmctrl.dll (STMicroelectronics ) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKU\S-1-5-21-436374069-2049760794-1417001333-500..\Run: [AQQ] C:\Program Files\WapSter\WapSter AQQ\AQQ.exe () O4 - HKU\S-1-5-21-436374069-2049760794-1417001333-500..\Run: [EXPLORER.EXE] C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation) O4 - HKU\S-1-5-21-436374069-2049760794-1417001333-500..\Run: [wsctf.exe] wsctf.exe File not found O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-436374069-2049760794-1417001333-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-436374069-2049760794-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O7 - HKU\S-1-5-21-436374069-2049760794-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab"]http://java.sun.com/..._4_0_03-win.cab[/url] (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} [url="http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab"]http://java.sun.com/..._4_0_03-win.cab[/url] (Java Plug-in 1.4.0_03) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C623AF4C-8D95-491C-9A29-24DCEC5B7DCF}: NameServer = 194.204.159.1 194.204.152.34 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (EXPLORER.EXE) - C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2012-12-30 21:35:19 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2012-12-30 21:35:20 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2012-12-30 21:35:20 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: 6to4 - File not found NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: ojumdcjt - C:\WINDOWS\system32\omepcb.dll () SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012-12-31 20:54:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Total Video Player [2012-12-31 20:54:23 | 000,000,000 | ---D | C] -- C:\Program Files\Total Video Player [2012-12-31 11:43:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun [2012-12-31 11:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012-12-31 11:38:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Sun [2012-12-31 11:36:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenOffice.org [2012-12-31 11:03:04 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\OpenOffice.org 3.3 [2012-12-31 11:02:06 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3 [2012-12-31 11:00:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\OpenOffice.org 3.3 (pl) Installation Files [2012-12-31 10:05:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe [2012-12-31 10:05:14 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\GG dysk [2012-12-31 10:04:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla [2012-12-31 10:04:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\GG [2012-12-31 10:03:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\GG [2012-12-31 10:03:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GG [2012-12-31 00:13:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe [2012-12-30 22:40:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Tibia [2012-12-30 22:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Tibia [2012-12-30 22:27:55 | 000,000,000 | ---D | C] -- C:\Program Files\Tibia [2012-12-30 22:20:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Asprate [2012-12-30 22:20:07 | 000,000,000 | ---D | C] -- C:\Program Files\Asprate [2012-12-30 22:19:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\WinRAR [2012-12-30 22:19:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\WinRAR [2012-12-30 22:19:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\WinRAR [2012-12-30 22:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2012-12-30 22:18:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\Piotrek [2012-12-30 21:35:19 | 000,000,000 | RHSD | C] -- C:\autorun.inf [2012-12-30 21:33:56 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2012-12-30 21:24:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\WapSter [2012-12-30 21:24:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\WapSter [2012-12-30 21:12:15 | 000,000,000 | ---D | C] -- C:\Program Files\WapSter [2012-12-30 20:51:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Opera [2012-12-30 20:51:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera [2012-12-30 20:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2012-12-30 20:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start [2012-12-30 20:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty [2012-12-30 20:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart [2012-12-30 20:47:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Szablony [2012-12-30 20:47:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Ulubione [2012-12-30 20:47:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Pulpit [2012-12-30 20:46:27 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft [2012-12-30 20:46:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji [2012-12-30 20:41:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Downloads [2012-12-30 20:38:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome [2012-12-30 20:33:47 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2012-12-30 20:33:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google [2012-12-30 20:28:11 | 000,032,768 | ---- | C] (France Télécom R&D) -- C:\WINDOWS\System32\WooDial2000.dll [2012-12-30 20:28:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\neostrada tp [2012-12-30 20:27:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\InsFiles [2012-12-30 20:27:43 | 000,102,400 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\stmtrace.exe [2012-12-30 20:27:43 | 000,065,536 | R--- | C] (STMicroelectronics) -- C:\WINDOWS\DSLTest.exe [2012-12-30 20:27:42 | 000,446,464 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmadsl.cpl [2012-12-30 20:27:42 | 000,060,255 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\drivers\stmatm.sys [2012-12-30 20:26:18 | 000,425,984 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmcfg32.dll [2012-12-30 20:26:18 | 000,151,552 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmctrl.dll [2012-12-30 20:26:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ZXDSL 852 [2012-12-30 20:26:12 | 000,000,000 | ---D | C] -- C:\Program Files\ZTE ZXDSL 852 [2012-12-30 20:26:02 | 000,094,208 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\W32n50.dll [2012-12-30 20:26:02 | 000,016,128 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCANDIS5.SYS [2012-12-30 20:25:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Java 2 Runtime Environment [2012-12-30 20:25:33 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012-12-30 20:24:13 | 000,000,000 | ---D | C] -- C:\Program Files\neostrada tp [2012-12-30 20:21:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Macromedia [2012-12-30 20:21:00 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache [2012-12-30 20:20:55 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer [2012-12-30 20:20:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC [2012-12-30 20:20:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines [2012-12-30 20:20:50 | 000,000,000 | R--D | C] -- C:\Program Files [2012-12-30 20:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared [2012-12-30 20:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files [2012-12-30 20:20:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2 [2012-12-30 20:20:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot [2012-12-30 20:19:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings [2012-12-30 20:19:40 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012-12-30 20:16:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS [2012-12-30 20:13:50 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts [2012-12-30 20:13:50 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache [2012-12-30 20:13:50 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web [2012-12-30 20:13:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\system [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\security [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\java [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1045 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025 [2012-12-30 20:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek Sound Manager [2012-12-30 20:13:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Realtek Sound Manager [2012-12-30 20:13:25 | 000,000,000 | ---D | C] -- C:\Program Files\AvRack [2012-12-30 20:13:11 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek AC97 [2012-12-30 20:10:56 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2012-12-30 20:10:05 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2012-12-30 20:09:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2012-12-30 20:09:10 | 000,000,000 | ---D | C] -- C:\Intel [2012-12-30 20:08:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups [2012-12-30 20:05:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Identities [2012-12-30 20:05:04 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information [2012-12-30 20:04:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moje obrazy [2012-12-30 20:04:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moja muzyka [2012-12-30 20:04:51 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft [2012-12-30 20:04:51 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Cookies [2012-12-30 20:04:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\SendTo [2012-12-30 20:04:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent [2012-12-30 20:04:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji [2012-12-30 20:04:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Ulubione [2012-12-30 20:04:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty [2012-12-30 20:04:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start [2012-12-30 20:04:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart [2012-12-30 20:04:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Akcesoria [2012-12-30 20:04:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne [2012-12-30 20:04:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Szablony [2012-12-30 20:04:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\PrintHood [2012-12-30 20:04:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\NetHood [2012-12-30 20:04:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit [2012-12-30 20:04:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft [2012-12-30 20:04:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution [2012-12-30 20:03:31 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft [2012-12-30 20:03:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2012-12-30 20:03:30 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2012-12-30 20:03:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2012-12-30 20:03:21 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2012-12-30 20:03:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2012-12-30 20:01:30 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll [2012-12-30 20:01:30 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll [2012-12-30 20:01:30 | 000,026,624 | ---- | C] (RICOH Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll [2012-12-30 20:00:00 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys [2012-12-30 19:59:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom [2012-12-30 19:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\xerox [2012-12-30 19:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage [2012-12-30 19:57:32 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM [2012-12-30 19:57:17 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages [2012-12-30 19:57:16 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files [2012-12-30 19:57:01 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate [2012-12-30 19:56:57 | 000,000,000 | ---D | C] -- C:\Program Files\Usługi online [2012-12-30 19:56:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX [2012-12-30 19:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services [2012-12-30 19:56:04 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks [2012-12-30 19:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap [2012-12-30 19:55:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst [2012-12-30 19:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed [2012-12-30 19:55:51 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker [2012-12-30 19:55:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore [2012-12-30 19:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting [2012-12-30 19:55:37 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express [2012-12-30 19:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System [2012-12-30 19:55:29 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer [2012-12-30 19:55:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy [2012-12-30 19:54:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Gry [2012-12-30 19:54:38 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications [2012-12-30 19:54:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Narzędzia administracyjne [2012-12-30 19:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration [2012-12-30 19:54:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka [2012-12-30 19:54:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player [2012-12-30 19:54:17 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger [2012-12-30 19:54:13 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone [2012-12-30 19:53:44 | 000,283,136 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe [2012-12-30 19:53:43 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT [2012-12-30 19:53:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc [2012-12-30 19:53:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com [2012-12-30 19:53:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo [2012-12-30 19:52:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2013-01-01 17:38:22 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013-01-01 17:24:06 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013-01-01 11:15:48 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013-01-01 11:15:40 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013-01-01 11:15:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013-01-01 11:15:35 | 000,121,336 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-12-31 20:55:22 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-12-31 20:54:28 | 000,000,649 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Total Video Player.lnk [2012-12-31 11:36:54 | 000,000,864 | ---- | M] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\OpenOffice.org 3.3.lnk [2012-12-31 11:03:05 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.3.lnk [2012-12-31 10:05:14 | 000,001,691 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\GG dysk.lnk [2012-12-31 10:04:09 | 000,001,180 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\GG.lnk [2012-12-30 20:51:52 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2012-12-30 20:28:06 | 000,001,414 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\ZTE ZXDSL 852.lnk [2012-12-30 20:26:22 | 000,002,849 | ---- | M] () -- C:\WINDOWS\stsetup.htm [2012-12-30 20:21:04 | 000,001,362 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012-12-30 20:18:04 | 000,000,353 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Moje dokumenty.lnk [2012-12-30 20:17:55 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Mój komputer.lnk [2012-12-30 20:13:26 | 000,001,519 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AvRack.lnk [2012-12-30 20:06:23 | 000,355,830 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2012-12-30 20:06:23 | 000,311,740 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012-12-30 20:06:23 | 000,049,712 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2012-12-30 20:06:23 | 000,040,128 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012-12-30 20:03:24 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD [2012-12-30 20:02:20 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2012-12-30 19:58:55 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2012-12-30 19:58:55 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2012-12-30 19:58:55 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2012-12-30 19:58:45 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2012-12-30 19:58:44 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2012-12-30 19:58:44 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2012-12-30 19:58:32 | 000,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2012-12-30 19:54:47 | 000,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2012-12-30 19:52:14 | 000,000,211 | -HS- | M] () -- C:\boot.ini [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-12-31 20:55:22 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-12-31 20:54:28 | 000,000,649 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Total Video Player.lnk [2012-12-31 11:36:54 | 000,000,864 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\OpenOffice.org 3.3.lnk [2012-12-31 11:03:05 | 000,000,923 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.3.lnk [2012-12-31 10:05:14 | 000,001,691 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\GG dysk.lnk [2012-12-31 10:04:09 | 000,001,180 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\GG.lnk [2012-12-31 10:03:49 | 000,001,186 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\GG.lnk [2012-12-31 00:28:19 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-12-30 20:51:52 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk [2012-12-30 20:51:52 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2012-12-30 20:33:50 | 000,001,050 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012-12-30 20:33:49 | 000,001,046 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-12-30 20:31:54 | 000,000,643 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Messenger.lnk [2012-12-30 20:28:06 | 000,001,414 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\ZTE ZXDSL 852.lnk [2012-12-30 20:27:43 | 000,000,902 | R--- | C] () -- C:\WINDOWS\System32\setup.ini [2012-12-30 20:27:43 | 000,000,161 | R--- | C] () -- C:\WINDOWS\DSLSetup.ini [2012-12-30 20:27:42 | 000,684,265 | R--- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys [2012-12-30 20:27:42 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\stmclean.exe [2012-12-30 20:27:42 | 000,018,498 | R--- | C] () -- C:\WINDOWS\System32\CSALogo.bmp [2012-12-30 20:26:11 | 000,002,849 | ---- | C] () -- C:\WINDOWS\stsetup.htm [2012-12-30 20:25:34 | 000,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll [2012-12-30 20:20:59 | 000,001,362 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2012-12-30 20:20:54 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2012-12-30 20:20:51 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd [2012-12-30 20:20:51 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa [2012-12-30 20:20:51 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa [2012-12-30 20:20:51 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf [2012-12-30 20:20:33 | 000,001,734 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT [2012-12-30 20:20:21 | 000,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat [2012-12-30 20:20:21 | 000,102,826 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat [2012-12-30 20:20:21 | 000,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat [2012-12-30 20:20:21 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT [2012-12-30 20:20:21 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT [2012-12-30 20:20:20 | 000,808,524 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT [2012-12-30 20:20:20 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2012-12-30 20:20:20 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT [2012-12-30 20:20:20 | 000,030,983 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT [2012-12-30 20:20:20 | 000,014,043 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT [2012-12-30 20:20:20 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT [2012-12-30 20:20:20 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT [2012-12-30 20:20:20 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT [2012-12-30 20:20:20 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat [2012-12-30 20:20:19 | 001,896,400 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT [2012-12-30 20:20:19 | 001,014,483 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT [2012-12-30 20:20:19 | 000,620,500 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT [2012-12-30 20:19:40 | 000,121,336 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-12-30 20:18:25 | 000,000,211 | -HS- | C] () -- C:\boot.ini [2012-12-30 20:18:21 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf [2012-12-30 20:18:04 | 000,000,353 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Moje dokumenty.lnk [2012-12-30 20:17:55 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Mój komputer.lnk [2012-12-30 20:13:48 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2012-12-30 20:13:26 | 000,001,519 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AvRack.lnk [2012-12-30 20:13:25 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini [2012-12-30 20:13:06 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\alsndmgr.wav [2012-12-30 20:13:02 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2012-12-30 20:07:02 | 000,067,380 | ---- | C] () -- C:\WINDOWS\System32\igfxhhun.lhp [2012-12-30 20:07:02 | 000,065,087 | ---- | C] () -- C:\WINDOWS\System32\igfxhkor.lhp [2012-12-30 20:07:02 | 000,063,938 | ---- | C] () -- C:\WINDOWS\System32\igfxhtrk.lhp [2012-12-30 20:07:02 | 000,062,815 | ---- | C] () -- C:\WINDOWS\System32\igfxhplk.lhp [2012-12-30 20:07:02 | 000,062,509 | ---- | C] () -- C:\WINDOWS\System32\igfxhdeu.lhp [2012-12-30 20:07:02 | 000,061,984 | ---- | C] () -- C:\WINDOWS\System32\igfxhsve.lhp [2012-12-30 20:07:02 | 000,061,950 | ---- | C] () -- C:\WINDOWS\System32\igfxhfrc.lhp [2012-12-30 20:07:02 | 000,061,869 | ---- | C] () -- C:\WINDOWS\System32\igfxhtha.lhp [2012-12-30 20:07:02 | 000,061,799 | ---- | C] () -- C:\WINDOWS\System32\igfxhfin.lhp [2012-12-30 20:07:02 | 000,061,511 | ---- | C] () -- C:\WINDOWS\System32\igfxhfra.lhp [2012-12-30 20:07:02 | 000,061,388 | ---- | C] () -- C:\WINDOWS\System32\igfxhptg.lhp [2012-12-30 20:07:02 | 000,060,848 | ---- | C] () -- C:\WINDOWS\System32\igfxhesp.lhp [2012-12-30 20:07:02 | 000,060,758 | ---- | C] () -- C:\WINDOWS\System32\igfxhjpn.lhp [2012-12-30 20:07:02 | 000,060,547 | ---- | C] () -- C:\WINDOWS\System32\igfxhell.lhp [2012-12-30 20:07:02 | 000,060,476 | ---- | C] () -- C:\WINDOWS\System32\igfxhdan.lhp [2012-12-30 20:07:02 | 000,060,436 | ---- | C] () -- C:\WINDOWS\System32\igfxhptb.lhp [2012-12-30 20:07:02 | 000,060,216 | ---- | C] () -- C:\WINDOWS\System32\igfxhrus.lhp [2012-12-30 20:07:02 | 000,059,861 | ---- | C] () -- C:\WINDOWS\System32\igfxharb.lhp [2012-12-30 20:07:02 | 000,059,760 | ---- | C] () -- C:\WINDOWS\System32\igfxhcsy.lhp [2012-12-30 20:07:02 | 000,059,753 | ---- | C] () -- C:\WINDOWS\System32\igfxhara.lhp [2012-12-30 20:07:02 | 000,059,448 | ---- | C] () -- C:\WINDOWS\System32\igfxhnld.lhp [2012-12-30 20:07:02 | 000,059,350 | ---- | C] () -- C:\WINDOWS\System32\igfxhnor.lhp [2012-12-30 20:07:02 | 000,059,095 | ---- | C] () -- C:\WINDOWS\System32\igfxhita.lhp [2012-12-30 20:07:02 | 000,059,064 | ---- | C] () -- C:\WINDOWS\System32\igfxhheb.lhp [2012-12-30 20:07:02 | 000,058,394 | ---- | C] () -- C:\WINDOWS\System32\igfxhcht.lhp [2012-12-30 20:07:02 | 000,057,559 | ---- | C] () -- C:\WINDOWS\System32\igfxheng.lhp [2012-12-30 20:07:02 | 000,057,430 | ---- | C] () -- C:\WINDOWS\System32\igfxhchs.lhp [2012-12-30 20:07:02 | 000,056,937 | ---- | C] () -- C:\WINDOWS\System32\igfxhenu.lhp [2012-12-30 20:05:09 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Outlook Express.lnk [2012-12-30 20:05:04 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Internet Explorer.lnk [2012-12-30 20:04:52 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Pomoc zdalna.lnk [2012-12-30 20:04:52 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Windows Media Player.lnk [2012-12-30 20:03:24 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD [2012-12-30 20:02:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012-12-30 20:01:21 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll [2012-12-30 20:00:55 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex [2012-12-30 20:00:44 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe [2012-12-30 20:00:43 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe [2012-12-30 20:00:41 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex [2012-12-30 20:00:29 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll [2012-12-30 20:00:23 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex [2012-12-30 20:00:18 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll [2012-12-30 20:00:03 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll [2012-12-30 19:58:55 | 000,002,596 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT [2012-12-30 19:58:55 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2012-12-30 19:58:55 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2012-12-30 19:58:55 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS [2012-12-30 19:58:55 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT [2012-12-30 19:58:44 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb [2012-12-30 19:58:44 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb [2012-12-30 19:58:42 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx [2012-12-30 19:57:00 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Movie Maker.lnk [2012-12-30 19:56:46 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex [2012-12-30 19:56:14 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp [2012-12-30 19:56:14 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp [2012-12-30 19:56:09 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf [2012-12-30 19:55:56 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe [2012-12-30 19:55:45 | 000,379,904 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll [2012-12-30 19:54:47 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2012-12-30 19:53:57 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Indiański pled.bmp [2012-12-30 19:53:56 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Bąbelki.bmp [2012-12-30 19:53:56 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Pod mikroskopem.bmp [2012-12-30 19:53:56 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Stiuk z Santa Fe.bmp [2012-12-30 19:53:56 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Wachlarze.bmp [2012-12-30 19:53:56 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Nefryt.bmp [2012-12-30 19:53:56 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp [2012-12-30 19:53:56 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Na rybkach.bmp [2012-12-30 19:53:56 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kawa.bmp [2012-12-30 19:53:56 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Puch.bmp [2012-12-30 19:53:56 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Niebieska koronka 16.bmp [2012-12-30 19:53:53 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h [2012-12-30 19:53:53 | 000,001,225 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd [2012-12-30 19:53:52 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h [2012-12-30 19:53:45 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc [color=#E56717]========== ZeroAccess Check ==========[/color] [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2004-08-03 23:44:10 | 001,483,264 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2004-08-03 23:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004-08-03 23:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2012-12-31 11:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\GG [2012-12-31 11:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenOffice.org [2012-12-30 20:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera [2012-12-30 22:41:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Tibia [2012-12-31 10:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\GG [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2012-12-30 19:52:14 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2001-07-21 23:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2012-12-30 19:58:55 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2012-12-30 19:58:55 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-03 21:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2004-08-03 21:59:54 | 000,250,624 | RHS- | M] () -- C:\ntldr [2013-01-01 11:15:34 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys [2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe < End of report > [/log] [b]Extras.Txt[/b] [log]OTL Extras logfile created on: 2013-01-01 18:05:41 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Moje dokumenty\Downloads Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1015,48 Mb Total Physical Memory | 660,21 Mb Available Physical Memory | 65,01% Memory free 2,39 Gb Paging File | 2,08 Gb Available in Paging File | 87,16% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 58,59 Gb Total Space | 54,08 Gb Free Space | 92,29% Space Free | Partition Type: NTFS Drive D: | 48,83 Gb Total Space | 47,47 Gb Free Space | 97,23% Space Free | Partition Type: NTFS Drive E: | 41,62 Gb Total Space | 38,54 Gb Free Space | 92,61% Space Free | Partition Type: NTFS Computer Name: PIOTREK | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l [HKEY_USERS\S-1-5-21-436374069-2049760794-1417001333-500\SOFTWARE\Classes\<extension>] .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "2729:TCP" = 2729:TCP:*:Enabled:kffmn [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "C:\Program Files\WapSter\WapSter AQQ\AQQ.exe" = C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ -- () [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0141D498-16DA-4221-A529-1D7A64BE8B05}" = OpenOffice.org 3.3 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driver "{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC1E4C93-C1E7-11D6-9D10-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.0_03 "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "AQQ" = WapSter AQQ "E.M. Total Video Player 1.31_is1" = E.M. Total Video Player 1.31 "Google Chrome" = Google Chrome "Opera 12.12.1707" = Opera 12.12 "StmAdsl" = ADSL Modem "Tibia_is1" = Tibia "TMIPC" = Tibia MULTI-ip changer "WinRAR archiver" = WinRAR 4.20 (32-bitowy) [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-436374069-2049760794-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GG" = GG [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-12-30 19:20:09 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077 Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt>, wystąpił błąd: Nie można określić nazwy serwera lub adresu Error - 2012-12-30 19:27:33 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077 Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt>, wystąpił błąd: Nie można określić nazwy serwera lub adresu Error - 2012-12-30 19:28:04 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077 Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt>, wystąpił błąd: Nie można określić nazwy serwera lub adresu Error - 2012-12-30 19:28:04 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077 Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt>, wystąpił błąd: To połączenie sieciowe nie istnieje. Error - 2012-12-31 05:18:06 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077 Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt>, wystąpił błąd: Nie można określić nazwy serwera lub adresu Error - 2012-12-31 07:37:12 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077 Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt>, wystąpił błąd: Nie można określić nazwy serwera lub adresu Error - 2012-12-31 09:22:39 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077 Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt>, wystąpił błąd: Nie można określić nazwy serwera lub adresu Error - 2012-12-31 09:48:32 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077 Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/2796BAE63F1801E277261BA0D77770028F20EEE4.crt>, wystąpił błąd: Nie można określić nazwy serwera lub adresu Error - 2013-01-01 06:16:51 | Computer Name = PIOTREK | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2013-01-01 06:26:25 | Computer Name = PIOTREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd intro.exe, wersja 9.0.0.383, moduł powodujący błąd sound control.x32, wersja 8.5.1.102, adres błędu 0x00005786. [ System Events ] Error - 2012-12-30 15:18:51 | Computer Name = PIOTREK | Source = W32Time | ID = 39452701 Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne. Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego czasu. Error - 2012-12-30 15:26:03 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PCAMPR5 NDIS Protocol Driver z powodu następującego błędu: %%2 Error - 2012-12-30 15:30:43 | Computer Name = PIOTREK | Source = W32Time | ID = 39452689 Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi próbę wyszukania serwera DNS za 15 min. Wystąpił błąd: Próba przeprowadzenia operacji, wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751) Error - 2012-12-30 15:30:43 | Computer Name = PIOTREK | Source = W32Time | ID = 39452701 Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne. Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego czasu. Error - 2012-12-30 15:30:46 | Computer Name = PIOTREK | Source = W32Time | ID = 39452689 Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi próbę wyszukania serwera DNS za 15 min. Wystąpił błąd: Próba przeprowadzenia operacji, wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751) Error - 2012-12-30 15:30:46 | Computer Name = PIOTREK | Source = W32Time | ID = 39452701 Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne. Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego czasu. Error - 2012-12-30 16:45:34 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023 Description = Usługa Helper Installer zakończyła działanie; wystąpił następujący błąd: %%1114 Error - 2012-12-30 17:08:42 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023 Description = Usługa Helper Installer zakończyła działanie; wystąpił następujący błąd: %%1114 Error - 2012-12-31 04:41:55 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023 Description = Usługa Helper Installer zakończyła działanie; wystąpił następujący błąd: %%1114 Error - 2013-01-01 06:17:17 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023 Description = Usługa Helper Installer zakończyła działanie; wystąpił następujący błąd: %%1114 < End of report > [/log] Co do RSIT niestety nie moge go pobrac, wszędzie przekierowywuje mnie do strony której nie moge otworzyć.
Natsuki Kuga komentarz 2 stycznia 2013 komentarz 2 stycznia 2013 [quote name='Soul_bullock' timestamp='1357061321' post='1661155'] Przy OTL byla opcja "pomiń znane dobre pliki" czy to źle że ją zaznaczyłem ? Co do RSIT niestety nie moge go pobrac, wszędzie przekierowywuje mnie do strony której nie moge otworzyć. [/quote] Nie, nic się nie dzieje. Poradzimy sobie bez RSITa za pomocą innych narzędzi. Do OTL wklej: [code] :OTL O4 - HKU\S-1-5-21-436374069-2049760794-1417001333-500..\Run: [EXPLORER.EXE] C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation) O4 - HKU\S-1-5-21-436374069-2049760794-1417001333-500..\Run: [wsctf.exe] wsctf.exe File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (EXPLORER.EXE) - C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation) :Files C:\WINDOWS\system32\omepcb.dll :Reg [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "2729:TCP"=- :Services ojumdcjt :Commands [emptytemp] [emptyflash] [/code] [b]Wykonaj skrypt,[/b] pokaż raport. Uruchom OTL ponownie i wklej: [code] /md5start explorer.exe /md5stop [/code] [b]Skanuj,[/b] pokaż log. Po wykonaniu pokaż logi z [url="http://users.telenet.be/marcvn/tools/reglooks.exe"][b]Reglooks[/b][/url] i [url="http://www.gmer.net/"][b]Gmer.[/b][/url]
Soul_bullock komentarz 2 stycznia 2013 Autor komentarz 2 stycznia 2013 [b]Raport[/b] [log]All processes killed ========== OTL ========== Registry value HKEY_USERS\S-1-5-21-436374069-2049760794-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Run\\EXPLORER.EXE deleted successfully. C:\WINDOWS\system32\EXPLORER.EXE moved successfully. Registry value HKEY_USERS\S-1-5-21-436374069-2049760794-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Run\\wsctf.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:Explorer.exe deleted successfully. File C:\WINDOWS\System32\EXPLORER.EXE not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:EXPLORER.EXE deleted successfully. File C:\WINDOWS\System32\EXPLORER.EXE not found. ========== FILES ========== File move failed. C:\WINDOWS\system32\omepcb.dll scheduled to be moved on reboot. ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\2729:TCP deleted successfully. ========== SERVICES/DRIVERS ========== Service ojumdcjt stopped successfully! Service ojumdcjt deleted successfully! ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 5415687 bytes ->Temporary Internet Files folder emptied: 34257500 bytes ->Google Chrome cache emptied: 18074293 bytes ->Opera cache emptied: 53814072 bytes ->Flash cache emptied: 9010 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 4229168 bytes %systemroot%\System32 .tmp files removed: 2596 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 37087720 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 146,00 mb [EMPTYFLASH] User: Administrator ->Flash cache emptied: 0 bytes User: All Users User: Default User User: LocalService User: NetworkService Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 01022013_153353 Files\Folders moved on Reboot... C:\WINDOWS\system32\omepcb.dll moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot... [/log] [b]OTL.Txt[/b] [log]OTL logfile created on: 2013-01-02 15:50:17 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Moje dokumenty\Downloads Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1015,48 Mb Total Physical Memory | 677,19 Mb Available Physical Memory | 66,69% Memory free 2,39 Gb Paging File | 2,14 Gb Available in Paging File | 89,48% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 58,59 Gb Total Space | 54,20 Gb Free Space | 92,51% Space Free | Partition Type: NTFS Drive D: | 48,83 Gb Total Space | 47,47 Gb Free Space | 97,23% Space Free | Partition Type: NTFS Drive E: | 41,62 Gb Total Space | 38,54 Gb Free Space | 92,61% Space Free | Partition Type: NTFS Computer Name: PIOTREK | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2013-01-01 17:56:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Moje dokumenty\Downloads\OTL.exe PRC - [2012-12-31 11:42:51 | 000,170,408 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe PRC - [2006-08-02 22:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe PRC - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2004-08-03 23:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2004-08-03 23:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2004-08-03 23:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2004-08-03 23:44:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004-08-03 23:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2004-08-03 23:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2004-08-03 23:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2004-07-01 05:02:52 | 000,155,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxtray.exe PRC - [2004-07-01 04:58:46 | 000,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2013-01-01 17:56:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Moje dokumenty\Downloads\OTL.exe MOD - [2012-12-31 11:42:51 | 000,768,848 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Java\jre7\bin\msvcr100.dll MOD - [2012-12-31 11:42:51 | 000,170,408 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe MOD - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe MOD - [2012-12-05 02:15:15 | 012,456,040 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll MOD - [2012-12-05 02:15:15 | 000,460,904 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppgooglenaclpluginchrome.dll MOD - [2012-12-05 02:15:14 | 004,008,040 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll MOD - [2012-12-05 02:14:27 | 009,963,112 | ---- | M] (The ICU Project) -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\icudt.dll MOD - [2012-12-05 02:14:23 | 041,743,976 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\chrome.dll MOD - [2012-12-05 02:14:21 | 000,157,304 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avutil-51.dll MOD - [2012-12-05 02:14:20 | 000,275,576 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avformat-54.dll MOD - [2012-12-05 02:14:19 | 002,168,952 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll MOD - [2012-06-05 10:41:30 | 001,232,896 | ---- | M] (GG Network S.A.) -- C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll MOD - [2011-01-17 16:19:10 | 000,420,864 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll MOD - [2009-07-12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll MOD - [2009-07-12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll MOD - [2006-08-02 22:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe MOD - [2006-06-02 12:01:34 | 000,151,552 | R--- | M] (STMicroelectronics ) -- C:\WINDOWS\system32\stmctrl.dll MOD - [2004-08-03 23:54:52 | 000,359,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll MOD - [2004-08-03 23:54:52 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll MOD - [2004-08-03 23:54:52 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll MOD - [2004-08-03 23:54:52 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv MOD - [2004-08-03 23:54:52 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll MOD - [2004-08-03 23:54:52 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll MOD - [2004-08-03 23:44:32 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\h323.tsp MOD - [2004-08-03 23:44:32 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp MOD - [2004-08-03 23:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2004-08-03 23:44:32 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ndptsp.tsp MOD - [2004-08-03 23:44:32 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp MOD - [2004-08-03 23:44:32 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp MOD - [2004-08-03 23:44:32 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipconf.tsp MOD - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe MOD - [2004-08-03 23:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe MOD - [2004-08-03 23:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe MOD - [2004-08-03 23:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe MOD - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe MOD - [2004-08-03 23:44:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe MOD - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe MOD - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe MOD - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe MOD - [2004-08-03 23:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe MOD - [2004-08-03 23:44:16 | 000,658,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll MOD - [2004-08-03 23:44:16 | 000,437,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll MOD - [2004-08-03 23:44:16 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll MOD - [2004-08-03 23:44:16 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll MOD - [2004-08-03 23:44:16 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll MOD - [2004-08-03 23:44:16 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2004-08-03 23:44:16 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll MOD - [2004-08-03 23:44:16 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprov.dll MOD - [2004-08-03 23:44:16 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll MOD - [2004-08-03 23:44:16 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll MOD - [2004-08-03 23:44:16 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll MOD - [2004-08-03 23:44:16 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll MOD - [2004-08-03 23:44:16 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll MOD - [2004-08-03 23:44:16 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiaprpl.dll MOD - [2004-08-03 23:44:16 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll MOD - [2004-08-03 23:44:16 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll MOD - [2004-08-03 23:44:16 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll MOD - [2004-08-03 23:44:16 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll MOD - [2004-08-03 23:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll MOD - [2004-08-03 23:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll MOD - [2004-08-03 23:44:16 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll MOD - [2004-08-03 23:44:16 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll MOD - [2004-08-03 23:44:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2004-08-03 23:44:14 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll MOD - [2004-08-03 23:44:14 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll MOD - [2004-08-03 23:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2004-08-03 23:44:14 | 000,530,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll MOD - [2004-08-03 23:44:14 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll MOD - [2004-08-03 23:44:14 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll MOD - [2004-08-03 23:44:14 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll MOD - [2004-08-03 23:44:14 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll MOD - [2004-08-03 23:44:14 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll MOD - [2004-08-03 23:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll MOD - [2004-08-03 23:44:14 | 000,246,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapisrv.dll MOD - [2004-08-03 23:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2004-08-03 23:44:14 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll MOD - [2004-08-03 23:44:14 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll MOD - [2004-08-03 23:44:14 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll MOD - [2004-08-03 23:44:14 | 000,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll MOD - [2004-08-03 23:44:14 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll MOD - [2004-08-03 23:44:14 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll MOD - [2004-08-03 23:44:14 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll MOD - [2004-08-03 23:44:14 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll MOD - [2004-08-03 23:44:14 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemsvc.dll MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemprox.dll MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2004-08-03 23:44:14 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll MOD - [2004-08-03 23:44:14 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uniplat.dll MOD - [2004-08-03 23:44:12 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2004-08-03 23:44:12 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll MOD - [2004-08-03 23:44:12 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll MOD - [2004-08-03 23:44:12 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll MOD - [2004-08-03 23:44:12 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll MOD - [2004-08-03 23:44:12 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll MOD - [2004-08-03 23:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2004-08-03 23:44:12 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll MOD - [2004-08-03 23:44:12 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll MOD - [2004-08-03 23:44:10 | 008,412,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2004-08-03 23:44:10 | 001,483,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll MOD - [2004-08-03 23:44:10 | 001,439,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\query.dll MOD - [2004-08-03 23:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2004-08-03 23:44:10 | 000,675,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll MOD - [2004-08-03 23:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2004-08-03 23:44:10 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll MOD - [2004-08-03 23:44:10 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll MOD - [2004-08-03 23:44:10 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll MOD - [2004-08-03 23:44:10 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll MOD - [2004-08-03 23:44:10 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasppp.dll MOD - [2004-08-03 23:44:10 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll MOD - [2004-08-03 23:44:10 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll MOD - [2004-08-03 23:44:10 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll MOD - [2004-08-03 23:44:10 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasmans.dll MOD - [2004-08-03 23:44:10 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll MOD - [2004-08-03 23:44:10 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll MOD - [2004-08-03 23:44:10 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll MOD - [2004-08-03 23:44:10 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll MOD - [2004-08-03 23:44:10 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll MOD - [2004-08-03 23:44:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2004-08-03 23:44:10 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll MOD - [2004-08-03 23:44:10 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll MOD - [2004-08-03 23:44:10 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastapi.dll MOD - [2004-08-03 23:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2004-08-03 23:44:10 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll MOD - [2004-08-03 23:44:10 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll MOD - [2004-08-03 23:44:10 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll MOD - [2004-08-03 23:44:10 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll MOD - [2004-08-03 23:44:10 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll MOD - [2004-08-03 23:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2004-08-03 23:44:10 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll MOD - [2004-08-03 23:44:10 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll MOD - [2004-08-03 23:44:10 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll MOD - [2004-08-03 23:44:10 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll MOD - [2004-08-03 23:44:10 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll MOD - [2004-08-03 23:44:08 | 001,714,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll MOD - [2004-08-03 23:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2004-08-03 23:44:08 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netcfgx.dll MOD - [2004-08-03 23:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2004-08-03 23:44:08 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll MOD - [2004-08-03 23:44:08 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll MOD - [2004-08-03 23:44:08 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pdh.dll MOD - [2004-08-03 23:44:08 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll MOD - [2004-08-03 23:44:08 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll MOD - [2004-08-03 23:44:08 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll MOD - [2004-08-03 23:44:08 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll MOD - [2004-08-03 23:44:08 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll MOD - [2004-08-03 23:44:08 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2004-08-03 23:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2004-08-03 23:44:08 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll MOD - [2004-08-03 23:44:08 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll MOD - [2004-08-03 23:44:08 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll MOD - [2004-08-03 23:44:08 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll MOD - [2004-08-03 23:44:08 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfctrs.dll MOD - [2004-08-03 23:44:08 | 000,038,912 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll MOD - [2004-08-03 23:44:08 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll MOD - [2004-08-03 23:44:08 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfproc.dll MOD - [2004-08-03 23:44:08 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfdisk.dll MOD - [2004-08-03 23:44:08 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfos.dll MOD - [2004-08-03 23:44:08 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcbcp.dll MOD - [2004-08-03 23:44:08 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll MOD - [2004-08-03 23:44:08 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll MOD - [2004-08-03 23:44:08 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlsapi.dll MOD - [2004-08-03 23:44:06 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll MOD - [2004-08-03 23:44:06 | 000,537,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msftedit.dll MOD - [2004-08-03 23:44:06 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll MOD - [2004-08-03 23:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-03 23:44:06 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll MOD - [2004-08-03 23:44:06 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll MOD - [2004-08-03 23:44:06 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll MOD - [2004-08-03 23:44:06 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll MOD - [2004-08-03 23:44:06 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll MOD - [2004-08-03 23:44:06 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msidle.dll MOD - [2004-08-03 23:44:06 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll MOD - [2004-08-03 23:44:04 | 000,425,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcprx.dll MOD - [2004-08-03 23:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll MOD - [2004-08-03 23:44:04 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcuiu.dll MOD - [2004-08-03 23:44:04 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll MOD - [2004-08-03 23:44:04 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll MOD - [2004-08-03 23:44:04 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll MOD - [2004-08-03 23:44:04 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll MOD - [2004-08-03 23:44:04 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll MOD - [2004-08-03 23:44:04 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2004-08-03 23:44:02 | 001,024,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42u.dll MOD - [2004-08-03 23:44:02 | 001,012,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2004-08-03 23:44:02 | 000,723,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll MOD - [2004-08-03 23:44:02 | 000,343,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll MOD - [2004-08-03 23:44:02 | 000,331,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipnathlp.dll MOD - [2004-08-03 23:44:02 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll MOD - [2004-08-03 23:44:02 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll MOD - [2004-08-03 23:44:02 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\loadperf.dll MOD - [2004-08-03 23:44:02 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll MOD - [2004-08-03 23:44:02 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll MOD - [2004-08-03 23:44:02 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lpk.dll MOD - [2004-08-03 23:44:02 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll MOD - [2004-08-03 23:44:02 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll MOD - [2004-08-03 23:44:00 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll MOD - [2004-08-03 23:44:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2004-08-03 23:44:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll MOD - [2004-08-03 23:44:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2004-08-03 23:44:00 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll MOD - [2004-08-03 23:43:58 | 001,092,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll MOD - [2004-08-03 23:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll MOD - [2004-08-03 23:43:58 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\duser.dll MOD - [2004-08-03 23:43:58 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll MOD - [2004-08-03 23:43:58 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll MOD - [2004-08-03 23:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll MOD - [2004-08-03 23:43:56 | 001,251,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comsvcs.dll MOD - [2004-08-03 23:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2004-08-03 23:43:56 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dbghelp.dll MOD - [2004-08-03 23:43:56 | 000,611,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll MOD - [2004-08-03 23:43:56 | 000,601,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll MOD - [2004-08-03 23:43:56 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll MOD - [2004-08-03 23:43:56 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll MOD - [2004-08-03 23:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-03 23:43:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll MOD - [2004-08-03 23:43:56 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll MOD - [2004-08-03 23:43:56 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll MOD - [2004-08-03 23:43:56 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll MOD - [2004-08-03 23:43:56 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptnet.dll MOD - [2004-08-03 23:43:56 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\colbact.dll MOD - [2004-08-03 23:43:56 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll MOD - [2004-08-03 23:43:56 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\devenum.dll MOD - [2004-08-03 23:43:56 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll MOD - [2004-08-03 23:43:56 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll MOD - [2004-08-03 23:43:56 | 000,024,064 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\system32\dmserver.dll MOD - [2004-08-03 23:43:56 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll MOD - [2004-08-03 23:43:54 | 001,017,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll MOD - [2004-08-03 23:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2004-08-03 23:43:54 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll MOD - [2004-08-03 23:43:54 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll MOD - [2004-08-03 23:43:54 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll MOD - [2004-08-03 23:43:54 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll MOD - [2004-08-03 23:43:54 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll MOD - [2004-08-03 23:43:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll MOD - [2004-08-03 23:43:54 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll MOD - [2004-08-03 23:43:54 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll MOD - [2004-08-03 23:43:52 | 001,852,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcGenral.dll MOD - [2004-08-03 23:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2004-08-03 23:43:52 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll MOD - [2004-08-03 23:43:52 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll MOD - [2004-08-03 23:43:52 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll MOD - [2004-08-03 23:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2004-08-03 23:43:42 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapres.dll MOD - [2004-08-03 23:43:42 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll MOD - [2004-08-03 23:43:30 | 002,953,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll MOD - [2004-08-03 23:43:20 | 000,563,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdoclc.dll MOD - [2004-08-03 23:43:14 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll MOD - [2004-08-03 23:43:08 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll MOD - [2004-08-03 23:42:40 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browselc.dll MOD - [2004-08-03 23:42:34 | 001,712,128 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\GdiPlus.dll MOD - [2004-08-03 23:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2004-08-03 22:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2004-08-03 21:31:44 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll MOD - [2004-08-03 21:31:44 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll MOD - [2004-07-01 05:03:56 | 000,167,936 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxres.dll MOD - [2004-07-01 05:02:52 | 000,155,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxtray.exe MOD - [2004-07-01 04:58:46 | 000,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe MOD - [2004-07-01 04:58:34 | 000,126,976 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxhk.dll MOD - [2004-07-01 04:58:26 | 000,344,064 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.dll MOD - [2004-07-01 04:58:02 | 001,097,728 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxress.dll MOD - [2004-07-01 04:57:50 | 000,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hccutils.dll MOD - [2004-07-01 04:57:42 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxdev.dll MOD - [2001-10-26 18:30:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv MOD - [2001-10-26 18:29:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\traffic.dll MOD - [2001-10-26 18:29:44 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\utildll.dll MOD - [2001-10-26 18:29:44 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapiperf.dll MOD - [2001-10-26 18:29:40 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll MOD - [2001-10-26 18:29:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfnet.dll MOD - [2001-10-26 18:29:40 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasctrs.dll MOD - [2001-10-26 18:29:40 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfts.dll MOD - [2001-10-26 18:29:40 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pschdprf.dll MOD - [2001-10-26 18:29:40 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvpperf.dll MOD - [2001-10-26 18:28:30 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2012-12-31 11:42:51 | 000,170,408 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012-12-31 00:28:18 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCAMPR5.SYS -- (PCAMPR5) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2006-08-18 06:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) DRV - [2006-05-25 16:28:44 | 000,684,265 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb) DRV - [2004-08-04 00:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2003-08-12 15:51:00 | 000,060,255 | R--- | M] (STMicroelectronics ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm) DRV - [2003-08-04 13:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5) DRV - [2001-08-17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) DRV - [2001-08-17 21:12:40 | 000,019,017 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8029.sys -- (rtl8029) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-436374069-2049760794-1417001333-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl IE - HKU\S-1-5-21-436374069-2049760794-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.) [2012-12-31 10:04:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions [color=#E56717]========== Chrome ==========[/color] CHR - homepage: CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}, CHR - homepage: CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll CHR - Extension: Dysk Google = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Szukaj w Google = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Gmail = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [AdslTaskBar] C:\WINDOWS\System32\stmctrl.dll (STMicroelectronics ) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKU\S-1-5-21-436374069-2049760794-1417001333-500..\Run: [AQQ] C:\Program Files\WapSter\WapSter AQQ\AQQ.exe () O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-436374069-2049760794-1417001333-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-436374069-2049760794-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O7 - HKU\S-1-5-21-436374069-2049760794-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C623AF4C-8D95-491C-9A29-24DCEC5B7DCF}: NameServer = 194.204.159.1 194.204.152.34 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2012-12-30 21:35:19 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2012-12-30 21:35:20 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2012-12-30 21:35:20 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-01-02 15:33:53 | 000,000,000 | ---D | C] -- C:\_OTL [2012-12-31 20:54:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Total Video Player [2012-12-31 20:54:23 | 000,000,000 | ---D | C] -- C:\Program Files\Total Video Player [2012-12-31 11:43:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun [2012-12-31 11:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012-12-31 11:38:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Sun [2012-12-31 11:36:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenOffice.org [2012-12-31 11:03:04 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\OpenOffice.org 3.3 [2012-12-31 11:02:06 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3 [2012-12-31 11:00:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\OpenOffice.org 3.3 (pl) Installation Files [2012-12-31 10:05:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe [2012-12-31 10:05:14 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\GG dysk [2012-12-31 10:04:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla [2012-12-31 10:04:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\GG [2012-12-31 10:03:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\GG [2012-12-31 10:03:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GG [2012-12-31 00:13:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe [2012-12-30 22:40:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Tibia [2012-12-30 22:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Tibia [2012-12-30 22:27:55 | 000,000,000 | ---D | C] -- C:\Program Files\Tibia [2012-12-30 22:20:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Asprate [2012-12-30 22:20:07 | 000,000,000 | ---D | C] -- C:\Program Files\Asprate [2012-12-30 22:19:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\WinRAR [2012-12-30 22:19:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\WinRAR [2012-12-30 22:19:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\WinRAR [2012-12-30 22:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2012-12-30 22:18:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\Piotrek [2012-12-30 21:35:19 | 000,000,000 | RHSD | C] -- C:\autorun.inf [2012-12-30 21:33:56 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2012-12-30 21:24:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\WapSter [2012-12-30 21:24:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\WapSter [2012-12-30 21:12:15 | 000,000,000 | ---D | C] -- C:\Program Files\WapSter [2012-12-30 20:51:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Opera [2012-12-30 20:51:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera [2012-12-30 20:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2012-12-30 20:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start [2012-12-30 20:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty [2012-12-30 20:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart [2012-12-30 20:47:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Szablony [2012-12-30 20:47:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Ulubione [2012-12-30 20:47:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Pulpit [2012-12-30 20:46:27 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft [2012-12-30 20:46:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji [2012-12-30 20:41:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Downloads [2012-12-30 20:38:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome [2012-12-30 20:33:47 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2012-12-30 20:33:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google [2012-12-30 20:28:11 | 000,032,768 | ---- | C] (France Télécom R&D) -- C:\WINDOWS\System32\WooDial2000.dll [2012-12-30 20:28:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\neostrada tp [2012-12-30 20:27:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\InsFiles [2012-12-30 20:27:43 | 000,102,400 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\stmtrace.exe [2012-12-30 20:27:43 | 000,065,536 | R--- | C] (STMicroelectronics) -- C:\WINDOWS\DSLTest.exe [2012-12-30 20:27:42 | 000,446,464 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmadsl.cpl [2012-12-30 20:27:42 | 000,060,255 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\drivers\stmatm.sys [2012-12-30 20:26:18 | 000,425,984 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmcfg32.dll [2012-12-30 20:26:18 | 000,151,552 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmctrl.dll [2012-12-30 20:26:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ZXDSL 852 [2012-12-30 20:26:12 | 000,000,000 | ---D | C] -- C:\Program Files\ZTE ZXDSL 852 [2012-12-30 20:26:02 | 000,094,208 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\W32n50.dll [2012-12-30 20:26:02 | 000,016,128 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCANDIS5.SYS [2012-12-30 20:25:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Java 2 Runtime Environment [2012-12-30 20:25:33 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012-12-30 20:24:13 | 000,000,000 | ---D | C] -- C:\Program Files\neostrada tp [2012-12-30 20:21:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Macromedia [2012-12-30 20:21:00 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache [2012-12-30 20:20:55 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer [2012-12-30 20:20:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC [2012-12-30 20:20:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines [2012-12-30 20:20:50 | 000,000,000 | R--D | C] -- C:\Program Files [2012-12-30 20:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared [2012-12-30 20:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files [2012-12-30 20:20:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2 [2012-12-30 20:20:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot [2012-12-30 20:19:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings [2012-12-30 20:19:40 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012-12-30 20:16:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS [2012-12-30 20:13:50 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts [2012-12-30 20:13:50 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache [2012-12-30 20:13:50 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web [2012-12-30 20:13:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\system [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\security [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\java [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1045 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025 [2012-12-30 20:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek Sound Manager [2012-12-30 20:13:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Realtek Sound Manager [2012-12-30 20:13:25 | 000,000,000 | ---D | C] -- C:\Program Files\AvRack [2012-12-30 20:13:11 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek AC97 [2012-12-30 20:10:56 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2012-12-30 20:10:05 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2012-12-30 20:09:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2012-12-30 20:09:10 | 000,000,000 | ---D | C] -- C:\Intel [2012-12-30 20:08:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups [2012-12-30 20:05:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Identities [2012-12-30 20:05:04 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information [2012-12-30 20:04:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moje obrazy [2012-12-30 20:04:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moja muzyka [2012-12-30 20:04:51 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft [2012-12-30 20:04:51 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Cookies [2012-12-30 20:04:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\SendTo [2012-12-30 20:04:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent [2012-12-30 20:04:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji [2012-12-30 20:04:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Ulubione [2012-12-30 20:04:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty [2012-12-30 20:04:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start [2012-12-30 20:04:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart [2012-12-30 20:04:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Akcesoria [2012-12-30 20:04:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne [2012-12-30 20:04:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Szablony [2012-12-30 20:04:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\PrintHood [2012-12-30 20:04:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\NetHood [2012-12-30 20:04:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit [2012-12-30 20:04:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft [2012-12-30 20:04:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution [2012-12-30 20:03:31 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft [2012-12-30 20:03:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2012-12-30 20:03:30 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2012-12-30 20:03:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2012-12-30 20:03:21 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2012-12-30 20:03:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2012-12-30 20:01:30 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll [2012-12-30 20:01:30 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll [2012-12-30 20:01:30 | 000,026,624 | ---- | C] (RICOH Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll [2012-12-30 20:00:00 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys [2012-12-30 19:59:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom [2012-12-30 19:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\xerox [2012-12-30 19:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage [2012-12-30 19:57:32 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM [2012-12-30 19:57:17 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages [2012-12-30 19:57:16 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files [2012-12-30 19:57:01 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate [2012-12-30 19:56:57 | 000,000,000 | ---D | C] -- C:\Program Files\Usługi online [2012-12-30 19:56:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX [2012-12-30 19:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services [2012-12-30 19:56:04 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks [2012-12-30 19:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap [2012-12-30 19:55:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst [2012-12-30 19:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed [2012-12-30 19:55:51 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker [2012-12-30 19:55:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore [2012-12-30 19:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting [2012-12-30 19:55:37 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express [2012-12-30 19:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System [2012-12-30 19:55:29 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer [2012-12-30 19:55:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy [2012-12-30 19:54:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Gry [2012-12-30 19:54:38 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications [2012-12-30 19:54:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Narzędzia administracyjne [2012-12-30 19:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration [2012-12-30 19:54:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka [2012-12-30 19:54:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player [2012-12-30 19:54:17 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger [2012-12-30 19:54:13 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone [2012-12-30 19:53:44 | 000,283,136 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe [2012-12-30 19:53:43 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT [2012-12-30 19:53:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc [2012-12-30 19:53:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com [2012-12-30 19:53:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo [2012-12-30 19:52:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-01-02 15:38:01 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013-01-02 15:35:53 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013-01-02 15:35:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013-01-02 15:24:28 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013-01-01 21:24:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013-01-01 11:15:35 | 000,121,336 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-12-31 20:55:22 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-12-31 20:54:28 | 000,000,649 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Total Video Player.lnk [2012-12-31 11:36:54 | 000,000,864 | ---- | M] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\OpenOffice.org 3.3.lnk [2012-12-31 11:03:05 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.3.lnk [2012-12-31 10:05:14 | 000,001,691 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\GG dysk.lnk [2012-12-31 10:04:09 | 000,001,180 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\GG.lnk [2012-12-30 20:51:52 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2012-12-30 20:28:06 | 000,001,414 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\ZTE ZXDSL 852.lnk [2012-12-30 20:26:22 | 000,002,849 | ---- | M] () -- C:\WINDOWS\stsetup.htm [2012-12-30 20:21:04 | 000,001,362 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012-12-30 20:18:04 | 000,000,353 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Moje dokumenty.lnk [2012-12-30 20:17:55 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Mój komputer.lnk [2012-12-30 20:13:26 | 000,001,519 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AvRack.lnk [2012-12-30 20:06:23 | 000,355,830 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2012-12-30 20:06:23 | 000,311,740 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012-12-30 20:06:23 | 000,049,712 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2012-12-30 20:06:23 | 000,040,128 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012-12-30 20:03:24 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD [2012-12-30 20:02:20 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2012-12-30 19:58:55 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2012-12-30 19:58:55 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2012-12-30 19:58:55 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2012-12-30 19:58:45 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2012-12-30 19:58:44 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2012-12-30 19:58:44 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2012-12-30 19:58:32 | 000,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2012-12-30 19:54:47 | 000,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2012-12-30 19:52:14 | 000,000,211 | -HS- | M] () -- C:\boot.ini [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-12-31 20:55:22 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-12-31 20:54:28 | 000,000,649 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Total Video Player.lnk [2012-12-31 11:36:54 | 000,000,864 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\OpenOffice.org 3.3.lnk [2012-12-31 11:03:05 | 000,000,923 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.3.lnk [2012-12-31 10:05:14 | 000,001,691 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\GG dysk.lnk [2012-12-31 10:04:09 | 000,001,180 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\GG.lnk [2012-12-31 10:03:49 | 000,001,186 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\GG.lnk [2012-12-31 00:28:19 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-12-30 20:51:52 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk [2012-12-30 20:51:52 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2012-12-30 20:33:50 | 000,001,050 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012-12-30 20:33:49 | 000,001,046 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-12-30 20:31:54 | 000,000,643 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Messenger.lnk [2012-12-30 20:28:06 | 000,001,414 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\ZTE ZXDSL 852.lnk [2012-12-30 20:27:43 | 000,000,902 | R--- | C] () -- C:\WINDOWS\System32\setup.ini [2012-12-30 20:27:43 | 000,000,161 | R--- | C] () -- C:\WINDOWS\DSLSetup.ini [2012-12-30 20:27:42 | 000,684,265 | R--- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys [2012-12-30 20:27:42 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\stmclean.exe [2012-12-30 20:27:42 | 000,018,498 | R--- | C] () -- C:\WINDOWS\System32\CSALogo.bmp [2012-12-30 20:26:11 | 000,002,849 | ---- | C] () -- C:\WINDOWS\stsetup.htm [2012-12-30 20:25:34 | 000,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll [2012-12-30 20:20:59 | 000,001,362 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2012-12-30 20:20:54 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2012-12-30 20:20:51 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd [2012-12-30 20:20:51 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa [2012-12-30 20:20:51 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa [2012-12-30 20:20:51 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf [2012-12-30 20:20:33 | 000,001,734 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT [2012-12-30 20:20:21 | 000,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat [2012-12-30 20:20:21 | 000,102,826 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat [2012-12-30 20:20:21 | 000,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat [2012-12-30 20:20:21 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT [2012-12-30 20:20:21 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT [2012-12-30 20:20:20 | 000,808,524 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT [2012-12-30 20:20:20 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2012-12-30 20:20:20 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT [2012-12-30 20:20:20 | 000,030,983 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT [2012-12-30 20:20:20 | 000,014,043 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT [2012-12-30 20:20:20 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT [2012-12-30 20:20:20 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT [2012-12-30 20:20:20 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT [2012-12-30 20:20:20 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat [2012-12-30 20:20:19 | 001,896,400 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT [2012-12-30 20:20:19 | 001,014,483 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT [2012-12-30 20:20:19 | 000,620,500 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT [2012-12-30 20:19:40 | 000,121,336 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-12-30 20:18:25 | 000,000,211 | -HS- | C] () -- C:\boot.ini [2012-12-30 20:18:21 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf [2012-12-30 20:18:04 | 000,000,353 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Moje dokumenty.lnk [2012-12-30 20:17:55 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Mój komputer.lnk [2012-12-30 20:13:48 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2012-12-30 20:13:26 | 000,001,519 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AvRack.lnk [2012-12-30 20:13:25 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini [2012-12-30 20:13:06 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\alsndmgr.wav [2012-12-30 20:13:02 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2012-12-30 20:07:02 | 000,067,380 | ---- | C] () -- C:\WINDOWS\System32\igfxhhun.lhp [2012-12-30 20:07:02 | 000,065,087 | ---- | C] () -- C:\WINDOWS\System32\igfxhkor.lhp [2012-12-30 20:07:02 | 000,063,938 | ---- | C] () -- C:\WINDOWS\System32\igfxhtrk.lhp [2012-12-30 20:07:02 | 000,062,815 | ---- | C] () -- C:\WINDOWS\System32\igfxhplk.lhp [2012-12-30 20:07:02 | 000,062,509 | ---- | C] () -- C:\WINDOWS\System32\igfxhdeu.lhp [2012-12-30 20:07:02 | 000,061,984 | ---- | C] () -- C:\WINDOWS\System32\igfxhsve.lhp [2012-12-30 20:07:02 | 000,061,950 | ---- | C] () -- C:\WINDOWS\System32\igfxhfrc.lhp [2012-12-30 20:07:02 | 000,061,869 | ---- | C] () -- C:\WINDOWS\System32\igfxhtha.lhp [2012-12-30 20:07:02 | 000,061,799 | ---- | C] () -- C:\WINDOWS\System32\igfxhfin.lhp [2012-12-30 20:07:02 | 000,061,511 | ---- | C] () -- C:\WINDOWS\System32\igfxhfra.lhp [2012-12-30 20:07:02 | 000,061,388 | ---- | C] () -- C:\WINDOWS\System32\igfxhptg.lhp [2012-12-30 20:07:02 | 000,060,848 | ---- | C] () -- C:\WINDOWS\System32\igfxhesp.lhp [2012-12-30 20:07:02 | 000,060,758 | ---- | C] () -- C:\WINDOWS\System32\igfxhjpn.lhp [2012-12-30 20:07:02 | 000,060,547 | ---- | C] () -- C:\WINDOWS\System32\igfxhell.lhp [2012-12-30 20:07:02 | 000,060,476 | ---- | C] () -- C:\WINDOWS\System32\igfxhdan.lhp [2012-12-30 20:07:02 | 000,060,436 | ---- | C] () -- C:\WINDOWS\System32\igfxhptb.lhp [2012-12-30 20:07:02 | 000,060,216 | ---- | C] () -- C:\WINDOWS\System32\igfxhrus.lhp [2012-12-30 20:07:02 | 000,059,861 | ---- | C] () -- C:\WINDOWS\System32\igfxharb.lhp [2012-12-30 20:07:02 | 000,059,760 | ---- | C] () -- C:\WINDOWS\System32\igfxhcsy.lhp [2012-12-30 20:07:02 | 000,059,753 | ---- | C] () -- C:\WINDOWS\System32\igfxhara.lhp [2012-12-30 20:07:02 | 000,059,448 | ---- | C] () -- C:\WINDOWS\System32\igfxhnld.lhp [2012-12-30 20:07:02 | 000,059,350 | ---- | C] () -- C:\WINDOWS\System32\igfxhnor.lhp [2012-12-30 20:07:02 | 000,059,095 | ---- | C] () -- C:\WINDOWS\System32\igfxhita.lhp [2012-12-30 20:07:02 | 000,059,064 | ---- | C] () -- C:\WINDOWS\System32\igfxhheb.lhp [2012-12-30 20:07:02 | 000,058,394 | ---- | C] () -- C:\WINDOWS\System32\igfxhcht.lhp [2012-12-30 20:07:02 | 000,057,559 | ---- | C] () -- C:\WINDOWS\System32\igfxheng.lhp [2012-12-30 20:07:02 | 000,057,430 | ---- | C] () -- C:\WINDOWS\System32\igfxhchs.lhp [2012-12-30 20:07:02 | 000,056,937 | ---- | C] () -- C:\WINDOWS\System32\igfxhenu.lhp [2012-12-30 20:05:09 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Outlook Express.lnk [2012-12-30 20:05:04 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Internet Explorer.lnk [2012-12-30 20:04:52 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Pomoc zdalna.lnk [2012-12-30 20:04:52 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Windows Media Player.lnk [2012-12-30 20:03:24 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD [2012-12-30 20:02:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012-12-30 20:01:21 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll [2012-12-30 20:00:55 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex [2012-12-30 20:00:44 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe [2012-12-30 20:00:43 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe [2012-12-30 20:00:41 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex [2012-12-30 20:00:29 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll [2012-12-30 20:00:23 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex [2012-12-30 20:00:18 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll [2012-12-30 20:00:03 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll [2012-12-30 19:58:55 | 000,002,596 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT [2012-12-30 19:58:55 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2012-12-30 19:58:55 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2012-12-30 19:58:55 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS [2012-12-30 19:58:55 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT [2012-12-30 19:58:44 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb [2012-12-30 19:58:44 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb [2012-12-30 19:58:42 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx [2012-12-30 19:57:00 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Movie Maker.lnk [2012-12-30 19:56:46 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex [2012-12-30 19:56:14 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp [2012-12-30 19:56:14 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp [2012-12-30 19:56:09 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf [2012-12-30 19:55:56 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe [2012-12-30 19:55:45 | 000,379,904 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll [2012-12-30 19:54:47 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2012-12-30 19:53:57 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Indiański pled.bmp [2012-12-30 19:53:56 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Bąbelki.bmp [2012-12-30 19:53:56 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Pod mikroskopem.bmp [2012-12-30 19:53:56 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Stiuk z Santa Fe.bmp [2012-12-30 19:53:56 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Wachlarze.bmp [2012-12-30 19:53:56 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Nefryt.bmp [2012-12-30 19:53:56 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp [2012-12-30 19:53:56 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Na rybkach.bmp [2012-12-30 19:53:56 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kawa.bmp [2012-12-30 19:53:56 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Puch.bmp [2012-12-30 19:53:56 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Niebieska koronka 16.bmp [2012-12-30 19:53:53 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h [2012-12-30 19:53:53 | 000,001,225 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd [2012-12-30 19:53:52 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h [2012-12-30 19:53:45 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc [color=#E56717]========== ZeroAccess Check ==========[/color] [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2004-08-03 23:44:10 | 001,483,264 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2004-08-03 23:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004-08-03 23:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2012-12-31 11:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\GG [2012-12-31 11:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenOffice.org [2012-12-30 20:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera [2012-12-30 22:41:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Tibia [2012-12-31 10:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\GG [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2006-10-25 17:32:36 | 000,036,864 | RHS- | M] (Microsoft Corporation) MD5=136C4F09BC335313E1F3B5784040F255 -- C:\_OTL\MovedFiles\01022013_153353\C_WINDOWS\system32\EXPLORER.EXE [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=379098A96E6C165B659DE7E4328010EA -- C:\WINDOWS\explorer.exe [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=379098A96E6C165B659DE7E4328010EA -- C:\WINDOWS\system32\dllcache\explorer.exe < End of report > [/log] [b]EXTRAS[/b] [log]OTL Extras logfile created on: 2013-01-02 15:50:17 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Moje dokumenty\Downloads Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1015,48 Mb Total Physical Memory | 677,19 Mb Available Physical Memory | 66,69% Memory free 2,39 Gb Paging File | 2,14 Gb Available in Paging File | 89,48% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 58,59 Gb Total Space | 54,20 Gb Free Space | 92,51% Space Free | Partition Type: NTFS Drive D: | 48,83 Gb Total Space | 47,47 Gb Free Space | 97,23% Space Free | Partition Type: NTFS Drive E: | 41,62 Gb Total Space | 38,54 Gb Free Space | 92,61% Space Free | Partition Type: NTFS Computer Name: PIOTREK | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l [HKEY_USERS\S-1-5-21-436374069-2049760794-1417001333-500\SOFTWARE\Classes\<extension>] .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "C:\Program Files\WapSter\WapSter AQQ\AQQ.exe" = C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ -- () [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0141D498-16DA-4221-A529-1D7A64BE8B05}" = OpenOffice.org 3.3 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver "{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC1E4C93-C1E7-11D6-9D10-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.0_03 "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "AQQ" = WapSter AQQ "E.M. Total Video Player 1.31_is1" = E.M. Total Video Player 1.31 "Google Chrome" = Google Chrome "Opera 12.12.1707" = Opera 12.12 "StmAdsl" = ADSL Modem "Tibia_is1" = Tibia "TMIPC" = Tibia MULTI-ip changer "WinRAR archiver" = WinRAR 4.20 (32-bitowy) [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-436374069-2049760794-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GG" = GG [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-12-30 19:27:33 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077 Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt>, wystąpił błąd: Nie można określić nazwy serwera lub adresu Error - 2012-12-30 19:28:04 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077 Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt>, wystąpił błąd: Nie można określić nazwy serwera lub adresu Error - 2012-12-30 19:28:04 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077 Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt>, wystąpił błąd: To połączenie sieciowe nie istnieje. Error - 2012-12-31 05:18:06 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077 Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt>, wystąpił błąd: Nie można określić nazwy serwera lub adresu Error - 2012-12-31 07:37:12 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077 Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt>, wystąpił błąd: Nie można określić nazwy serwera lub adresu Error - 2012-12-31 09:22:39 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077 Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt>, wystąpił błąd: Nie można określić nazwy serwera lub adresu Error - 2012-12-31 09:48:32 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077 Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/2796BAE63F1801E277261BA0D77770028F20EEE4.crt>, wystąpił błąd: Nie można określić nazwy serwera lub adresu Error - 2013-01-01 06:16:51 | Computer Name = PIOTREK | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2013-01-01 06:26:25 | Computer Name = PIOTREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd intro.exe, wersja 9.0.0.383, moduł powodujący błąd sound control.x32, wersja 8.5.1.102, adres błędu 0x00005786. Error - 2013-01-02 10:25:40 | Computer Name = PIOTREK | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. [ System Events ] Error - 2012-12-30 15:30:43 | Computer Name = PIOTREK | Source = W32Time | ID = 39452689 Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi próbę wyszukania serwera DNS za 15 min. Wystąpił błąd: Próba przeprowadzenia operacji, wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751) Error - 2012-12-30 15:30:43 | Computer Name = PIOTREK | Source = W32Time | ID = 39452701 Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne. Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego czasu. Error - 2012-12-30 15:30:46 | Computer Name = PIOTREK | Source = W32Time | ID = 39452689 Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi próbę wyszukania serwera DNS za 15 min. Wystąpił błąd: Próba przeprowadzenia operacji, wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751) Error - 2012-12-30 15:30:46 | Computer Name = PIOTREK | Source = W32Time | ID = 39452701 Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne. Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego czasu. Error - 2012-12-30 16:45:34 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023 Description = Usługa Helper Installer zakończyła działanie; wystąpił następujący błąd: %%1114 Error - 2012-12-30 17:08:42 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023 Description = Usługa Helper Installer zakończyła działanie; wystąpił następujący błąd: %%1114 Error - 2012-12-31 04:41:55 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023 Description = Usługa Helper Installer zakończyła działanie; wystąpił następujący błąd: %%1114 Error - 2013-01-01 06:17:17 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023 Description = Usługa Helper Installer zakończyła działanie; wystąpił następujący błąd: %%1114 Error - 2013-01-02 10:26:06 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023 Description = Usługa Helper Installer zakończyła działanie; wystąpił następujący błąd: %%1114 Error - 2013-01-02 10:33:55 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7034 Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. < End of report > [/log] [b]REGLOOKS[/b] [log]REGLOOKS logfile - version 0.994 Scan started: 2013-01-02 16:04:45,76 --- INFORMATION --- Manufacturer: GBT___ - Model: AWRDACPI Operating System: Microsoft Windows XP Professional -- 5.1.2600 -- Dodatek Service Pack 2 -- Install Date: 2012-12-30 20:02:12 Last Boot: 2013-01-02 15:35:25 Processor: Intel(R) Celeron(R) CPU 2.00GHz Work Station Bootmode: Normal boot Total RAM: 1015 MB (free 631 MB - 62%) Computername: PIOTREK Domain: GRUPA_ROBOCZA User: Administrator (Administrator account) Disk Name: Dysk #0, partycja #0 Primary Partition: Prawda Bootable: Prawda Boot Partition: Prawda Hidden Sectors: Size: 58 GB -- 60000 MB -- 61440561 kb Type: Installable File System Disk Name: Dysk #0, partycja #1 Primary Partition: Fałsz Bootable: Boot Partition: Fałsz Hidden Sectors: Size: 90 GB -- 92616 MB -- 94839727 kb Type: Extended w/Extended Int 13 Removable Disk: A:\ - - GB (free GB) Local Disk: C:\ - NTFS - 58 GB (free 54 GB) Local Disk: D:\ - NTFS - 48 GB (free 47 GB) Local Disk: E:\ - NTFS - 41 GB (free 38 GB) CD \ DVD Drive: F:\ Bootdevice: \Device\HarddiskVolume1 Systemdrive: C: Windowsdirectory: C:\WINDOWS Systemdirectory: C:\WINDOWS\system32 Internet Explorer Version: 6.0.2900.2180 Windows update: DEP: ONN - DEP is enabled for a limited number of binaries, the kernel, and all Windows-based services --- System Restore Points --- Restorepoint 1: 2012-12-30 21:45:16 - First run - Punkt kontrolny systemu Restorepoint 2: 2012-12-31 11:00:47 - Application installation - Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Restorepoint 3: 2012-12-31 11:01:55 - Application installation - Zainstalowano: OpenOffice.org 3.3 Restorepoint 4: 2012-12-31 11:42:41 - Application installation - Installed Java 7 Update 10 Restorepoint 5: 2013-01-01 11:46:49 - Checkpoint - Punkt kontrolny systemu --- RUNNING PROCESSES --- C:\WINDOWS\System32\smss.exe csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost -k DcomLaunch C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe alg.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrator\Moje dokumenty\Downloads\OTL.exe C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\cscript.exe wmiprvse.exe --- SIGCHECK --- C:\WINDOWS\explorer.exe -- [1033728] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\appmgmts.dll -- [172032] -- [2004-08-03 23:43] -- sigcheck OK C:\WINDOWS\system32\browser.dll -- [77312] -- [2004-08-03 23:43] -- sigcheck OK C:\WINDOWS\system32\comres.dll -- [822272] -- [2004-08-03 23:43] -- sigcheck OK C:\WINDOWS\system32\comctl32.dll -- [611328] -- [2004-08-03 23:43] -- sigcheck OK C:\WINDOWS\system32\cryptsvc.dll -- [60416] -- [2004-08-03 23:43] -- sigcheck OK C:\WINDOWS\system32\ctfmon.exe -- [15360] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\es.dll -- [243200] -- [2004-08-03 23:43] -- sigcheck OK C:\WINDOWS\system32\eventlog.dll -- [55808] -- [2004-08-03 23:43] -- sigcheck OK C:\WINDOWS\system32\ias.dll NOT found C:\WINDOWS\system32\imm32.dll -- [110080] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\kernel32.dll -- [1012224] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\linkinfo.dll -- [18944] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\lpk.dll -- [22016] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\lsass.exe -- [13312] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\mfc40u.dll -- [924432] -- [2001-10-26 18:29] -- sigcheck OK C:\WINDOWS\system32\msgsvc.dll -- [33792] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\mshtml.dll -- [3003392] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\mspmsnsv.dll -- [52736] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\mswsock.dll -- [246784] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\netlogon.dll -- [407040] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\netman.dll -- [198144] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\ntkrnlpa.exe -- [2058112] -- [2004-08-03 23:54] -- sigcheck OK C:\WINDOWS\system32\ntmssvc.dll -- [435712] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\ntoskrnl.exe -- [2182272] -- [2004-08-03 23:39] -- sigcheck OK C:\WINDOWS\system32\pchsvc.dll NOT found C:\WINDOWS\system32\powrprof.dll -- [17408] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\qmgr.dll -- [382464] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\rasauto.dll -- [89088] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\regsvc.dll -- [59904] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\rpcss.dll -- [395776] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\scecli.dll -- [185344] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\schedsvc.dll -- [192000] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\services.exe -- [108544] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\sfc.dll -- [5120] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\sfcfiles.dll -- [1548288] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\spoolsv.exe -- [57856] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\srsvc.dll -- [171008] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\ssdpsrv.dll -- [71680] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\svchost.exe -- [14336] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\tapisrv.dll -- [246272] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\termsrv.dll -- [296448] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\upnphost.dll -- [185856] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\user32.dll -- [578560] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\userinit.exe -- [25088] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\wininet.dll -- [658944] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\winlogon.exe -- [504832] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\ws2_32.dll -- [82944] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\wscntfy.exe -- [13824] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\wuauclt.exe -- [112128] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\xmlprov.dll -- [129536] -- [2004-08-03 23:44] -- sigcheck OK C:\WINDOWS\system32\drivers\acpiec.sys -- [12032] -- [2001-10-26 17:46] -- sigcheck OK C:\WINDOWS\system32\drivers\aec.sys -- [142464] -- [2004-08-03 23:39] -- sigcheck OK C:\WINDOWS\system32\drivers\afd.sys -- [138496] -- [2004-08-03 22:14] -- sigcheck OK C:\WINDOWS\system32\drivers\asyncmac.sys -- [14336] -- [2004-08-03 22:05] -- sigcheck OK C:\WINDOWS\system32\drivers\atapi.sys -- [95360] -- [2004-08-03 22:59] -- sigcheck OK C:\WINDOWS\system32\drivers\beep.sys -- [4224] -- [2001-08-17 22:47] -- sigcheck OK C:\WINDOWS\system32\drivers\classpnp.sys -- [49664] -- [2004-08-03 22:14] -- sigcheck OK C:\WINDOWS\system32\drivers\disk.sys -- [36352] -- [2004-08-03 21:59] -- sigcheck OK C:\WINDOWS\system32\drivers\iaStor.sys NOT found C:\WINDOWS\system32\drivers\ip6fw.sys -- [29056] -- [2004-08-03 22:00] -- sigcheck OK C:\WINDOWS\system32\drivers\IPSec.sys -- [74752] -- [2004-08-03 22:14] -- sigcheck OK C:\WINDOWS\system32\drivers\kbdclass.sys -- [24960] -- [2004-08-03 23:38] -- sigcheck OK C:\WINDOWS\system32\drivers\ndis.sys -- [182912] -- [2004-08-03 22:14] -- sigcheck OK C:\WINDOWS\system32\drivers\ntfs.sys -- [574592] -- [2004-08-03 22:15] -- sigcheck OK C:\WINDOWS\system32\drivers\tcpip.sys -- [359040] -- [2004-08-03 22:14] -- sigcheck OK C:\WINDOWS\system32\drivers\tdx.sys NOT found --- SSODL regkeys --- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" -- File: %SystemRoot%\system32\SHELL32.dll -- [?] "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" -- File: %SystemRoot%\system32\SHELL32.dll -- [?] "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" -- File: %SystemRoot%\system32\webcheck.dll -- [?] "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" -- File: C:\WINDOWS\system32\stobject.dll -- [122368] -- [2004-08-03 23:44] --- STS regkeys --- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Moduł wstępnego ładowania interfejsu Browseui" -- File: %SystemRoot%\system32\browseui.dll -- [?] "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Demon buforu kategorii składników" -- File: %SystemRoot%\system32\browseui.dll -- [?] --- USERINIT regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="userinit.exe," File: C:\WINDOWS\system32\userinit.exe -- [25088] -- [2004-08-03 23:44] --- SHELL regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Shell"="Explorer.exe," File: C:\WINDOWS\Explorer.exe -- [1033728] -- [2004-08-03 23:44] --- SYSTEM regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" --- APPINIT_DLLS regkey --- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" --- NOTIFY regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] -- File: C:\WINDOWS\system32\crypt32.dll -- [601088] -- [2004-08-03 23:43] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] -- File: C:\WINDOWS\system32\cryptnet.dll -- [63488] -- [2004-08-03 23:43] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] -- File: C:\WINDOWS\system32\cscdll.dll -- [102400] -- [2004-08-03 23:43] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] -- File: C:\WINDOWS\system32\igfxsrvc.dll -- [344064] -- [2004-07-01 04:58] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] -- File: C:\WINDOWS\system32\wlnotify.dll -- [93184] -- [2004-08-03 23:44] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] -- File: C:\WINDOWS\system32\wlnotify.dll -- [93184] -- [2004-08-03 23:44] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] -- File: C:\WINDOWS\system32\sclgntfy.dll -- [22016] -- [2004-08-03 23:44] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] -- File: C:\WINDOWS\system32\WlNotify.dll -- [93184] -- [2004-08-03 23:44] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] -- File: C:\WINDOWS\system32\wlnotify.dll -- [93184] -- [2004-08-03 23:44] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] -- File: C:\WINDOWS\system32\wlnotify.dll -- [93184] -- [2004-08-03 23:44] --- RUN / LOAD regkeys --- [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] "load"="" --- SHELLEXECUTEHOOKS regkey --- [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" -- File: shell32.dll -- [?] --- HKLM AUTORUN regkeys --- [HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor] "AutoRun"="" --- HKCU AUTORUN regkeys --- [HKEY_CURRENT_USER\Software\Microsoft\Command Processor] no AutoRun regkey found --- HKLM\RUN regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray" -- File C:\WINDOWS\system32\igfxtray.exe -- [155648] -- [2004-07-01 05:02] "HotKeysCmds" -- File C:\WINDOWS\system32\hkcmd.exe -- [118784] -- [2004-07-01 04:58] "SoundMan" -- File: SOUNDMAN.EXE -- [?] "AdslTaskBar" -- File: rundll32.exe stmctrl.dll,TaskBar -- [?] "SunJavaUpdateSched" -- File "C:\Program Files\Common Files\Java\Java Update\jusched.exe" -- [252848] -- [2012-07-03 09:04] --- HKLM\RUNONCE regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] no runonce values found --- HKLM\RUNONCEEX regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx] no runonceex values found --- HKLM\RUNSERVICES regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] key not found --- HKLM\RUNSERVICESONCE regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce] key not found --- HKCU\RUN regkey --- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE" -- File C:\WINDOWS\system32\ctfmon.exe -- [15360] -- [2004-08-03 23:44] "AQQ" -- File C:\PROGRA~1\WapSter\WAPSTE~1\AQQ.exe -- [9784832] -- [2012-12-17 11:08] --- HKCU\RUNONCE regkey --- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] no runonce values found --- HKCU\RUNONCEEX regkey --- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx] key not found --- HKCU\RUNSERVICES regkey --- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] key not found --- HKCU\RUNSERVICESONCE regkey --- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce] key not found --- HKU\.DEFAULT\Run regkeys - Default user --- [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE" -- File C:\WINDOWS\system32\CTFMON.EXE -- [15360] -- [2004-08-03 23:44] --- HKU\S-1-5-18\Run regkeys - user SYSTEM --- [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE" -- File C:\WINDOWS\system32\CTFMON.EXE -- [15360] -- [2004-08-03 23:44] --- HKU\S-1-5-19\Run regkeys - User Lokale service --- [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE" -- File C:\WINDOWS\system32\CTFMON.EXE -- [15360] -- [2004-08-03 23:44] --- HKU\S-1-5-20\Run regkeys - User Lokale service --- [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE" -- File C:\WINDOWS\system32\CTFMON.EXE -- [15360] -- [2004-08-03 23:44] --- HKLM\Explorer\Run regkeys --- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] no run values found --- HKCU\Explorer\Run regkeys --- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] no run values found --- Image File Execution regkeys --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] no debuggers found --- BROWSER HELPER OBJECTS regkeys --- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -- File: C:\Program Files\Java\jre7\bin\ssv.dll -- [460712] -- [2012-12-31 11:42] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -- File: C:\Program Files\Java\jre7\bin\jp2ssv.dll -- [170416] -- [2012-12-31 11:42] --- TOOLBAR regkeys --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] no toolbars found --- HKLM\URLSEARCHHOOKS regkeys --- [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\URLSearchHooks] key not found --- HKCU\URLSEARCHHOOKS regkeys --- [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] {CFBFAE00-17A6-11D0-99CB-00C04FD64497} -- File: %SystemRoot%\system32\shdocvw.dll -- [?] --- SRCEENSAVER regkey --- [HKEY_CURRENT_USER\Control Panel\Desktop] "SCRNSAVE.EXE" -- File C:\WINDOWS\system32\logon.scr -- [220672] -- [2004-08-03 23:44] --- ALTERNATESHELL regkey --- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot] File: C:\WINDOWS\system32\cmd.exe -- [395776] -- [2004-08-03 23:44] --- SECURITYPROVIDERS regkey --- [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" File: C:\WINDOWS\system32\msapsspc.dll -- [86016] -- [2004-08-03 23:44] File: C:\WINDOWS\system32\schannel.dll -- [144896] -- [2004-08-03 23:44] File: C:\WINDOWS\system32\digest.dll -- [68608] -- [2004-08-03 23:43] File: C:\WINDOWS\system32\msnsspc.dll -- [290816] -- [2004-08-03 23:44] --- Active Setup\Installed Components regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] -- File: %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] -- File: RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] -- File: %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] -- File: %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -- File: "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] -- File: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] -- File: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -- File: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] -- File: regsvr32.exe /s /n /i:U shell32.dll -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] -- File: %SystemRoot%\system32\ie4uinit.exe -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] -- File: %SystemRoot%\system32\ie4uinit.exe -- [?] -- DRIVERS -- S4 - Abiosdsk - Abiosdsk - S4 - abp480n5 - abp480n5 - R0 - ACPI - Sterownik Microsoft ACPI - C:\WINDOWS\system32\DRIVERS\ACPI.sys S4 - ACPIEC - ACPIEC - C:\WINDOWS\system32\drivers\ACPIEC.sys S4 - adpu160m - adpu160m - S3 - aec - Microsoft Kernel Acoustic Echo Canceller - C:\WINDOWS\system32\drivers\aec.sys R1 - AFD - AFD - C:\WINDOWS\system32\drivers\afd.sys S4 - Aha154x - Aha154x - S4 - aic78u2 - aic78u2 - S4 - aic78xx - aic78xx - R3 - ALCXWDM - Service for Realtek AC97 Audio (WDM) - C:\WINDOWS\system32\drivers\ALCXWDM.SYS S4 - AliIde - AliIde - S4 - amsint - amsint - S4 - asc - asc - S4 - asc3350p - asc3350p - S4 - asc3550 - asc3550 - S3 - AsyncMac - Sterownik multimediów asynchronicznych RAS - C:\WINDOWS\system32\DRIVERS\asyncmac.sys R0 - atapi - Standardowy kontroler dysku twardego IDE/ESDI - C:\WINDOWS\system32\DRIVERS\atapi.sys S4 - Atdisk - Atdisk - S3 - Atmarpc - Protokół klienta ARP ATM - C:\WINDOWS\system32\DRIVERS\atmarpc.sys R3 - audstub - Sterownik Audio Stub - C:\WINDOWS\system32\DRIVERS\audstub.sys R1 - Beep - Beep - C:\WINDOWS\system32\drivers\Beep.sys S4 - cbidf2k - cbidf2k - C:\WINDOWS\system32\drivers\cbidf2k.sys S4 - cd20xrnt - cd20xrnt - S1 - Cdaudio - Cdaudio - C:\WINDOWS\system32\drivers\Cdaudio.sys R4 - Cdfs - Cdfs - C:\WINDOWS\system32\drivers\Cdfs.sys R1 - Cdrom - Sterownik stacji dysków CD-ROM - C:\WINDOWS\system32\DRIVERS\cdrom.sys S1 - Changer - Changer - S4 - CmdIde - CmdIde - S4 - Cpqarray - Cpqarray - S4 - dac960nt - dac960nt - R0 - Disk - Sterownik dysku - C:\WINDOWS\system32\DRIVERS\disk.sys S4 - dmboot - dmboot - C:\WINDOWS\system32\drivers\dmboot.sys R0 - dmio - Sterownik Menedżera dysków logicznych - C:\WINDOWS\system32\drivers\dmio.sys R0 - dmload - dmload - C:\WINDOWS\system32\drivers\dmload.sys S3 - DMusic - Syntezator Microsoft Kernel DLS - C:\WINDOWS\system32\drivers\DMusic.sys S4 - dpti2o - dpti2o - S3 - drmkaud - Microsoft Kernel DRM Audio Descrambler - C:\WINDOWS\system32\drivers\drmkaud.sys S4 - Fastfat - Fastfat - C:\WINDOWS\system32\drivers\Fastfat.sys R3 - Fdc - Sterownik kontrolera stacji dyskietek - C:\WINDOWS\system32\DRIVERS\fdc.sys R1 - Fips - Fips - C:\WINDOWS\system32\drivers\Fips.sys R3 - Flpydisk - Sterownik stacji dyskietek - C:\WINDOWS\system32\DRIVERS\flpydisk.sys R0 - FltMgr - FltMgr - C:\WINDOWS\system32\DRIVERS\fltMgr.sys R0 - Ftdisk - Sterownik Menedżera woluminów - C:\WINDOWS\system32\DRIVERS\ftdisk.sys R3 - gameenum - Licznik portów gier - C:\WINDOWS\system32\DRIVERS\gameenum.sys R3 - Gpc - Rodzajowy klasyfikator pakietu - C:\WINDOWS\system32\DRIVERS\msgpc.sys S4 - hpn - hpn - R3 - HTTP - HTTP - C:\WINDOWS\system32\Drivers\HTTP.sys S1 - i2omgmt - i2omgmt - S4 - i2omp - i2omp - R1 - i8042prt - Sterownik portu klawiatury i8042 i myszy PS/2 - C:\WINDOWS\system32\DRIVERS\i8042prt.sys R3 - ialm - ialm - C:\WINDOWS\system32\DRIVERS\ialmnt5.sys S1 - Imapi - Sterownik filtru nagrywania dysków CD - C:\WINDOWS\system32\DRIVERS\imapi.sys S4 - ini910u - ini910u - R0 - IntelIde - IntelIde - C:\WINDOWS\system32\DRIVERS\intelide.sys R1 - intelppm - Sterownik procesora Intel - C:\WINDOWS\system32\DRIVERS\intelppm.sys S3 - Ip6Fw - Sterownik Zapory systemu Windows IPv6 - C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys S3 - IpFilterDriver - Sterownik filtru ruchu IP - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys S3 - IpInIp - Sterownik IP w tunelu IP - C:\WINDOWS\system32\DRIVERS\ipinip.sys R3 - IpNat - Translator adresów sieciowych IP - C:\WINDOWS\system32\DRIVERS\ipnat.sys R1 - IPSec - Sterownik IPSEC - C:\WINDOWS\system32\DRIVERS\ipsec.sys S3 - IRENUM - Usługa wyliczania IR - C:\WINDOWS\system32\DRIVERS\irenum.sys R0 - isapnp - Sterownik PnP magistrali ISA/EISA - C:\WINDOWS\system32\DRIVERS\isapnp.sys R1 - Kbdclass - Sterownik klasy klawiatury - C:\WINDOWS\system32\DRIVERS\kbdclass.sys R3 - kmixer - Microsoft Kernel Wave Audio Mixer - C:\WINDOWS\system32\drivers\kmixer.sys R0 - KSecDD - KSecDD - C:\WINDOWS\system32\drivers\KSecDD.sys S1 - lbrtfdc - lbrtfdc - R1 - mnmdd - mnmdd - C:\WINDOWS\system32\drivers\mnmdd.sys S3 - Modem - Modem - C:\WINDOWS\system32\drivers\Modem.sys R1 - Mouclass - Sterownik klasy myszy - C:\WINDOWS\system32\DRIVERS\mouclass.sys R0 - MountMgr - MountMgr - C:\WINDOWS\system32\drivers\MountMgr.sys S4 - mraid35x - mraid35x - R3 - MRxDAV - Readresator klienta WebDav - C:\WINDOWS\system32\DRIVERS\mrxdav.sys R1 - MRxSmb - MRXSMB - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys R1 - Msfs - Msfs - C:\WINDOWS\system32\drivers\Msfs.sys S3 - MSKSSRV - Serwer proxy usługi Microsoft Streaming - C:\WINDOWS\system32\drivers\MSKSSRV.sys S3 - MSPCLOCK - Serwer proxy zegara Microsoft Streaming - C:\WINDOWS\system32\drivers\MSPCLOCK.sys S3 - MSPQM - Serwer proxy menedżera jakości Microsoft Streaming - C:\WINDOWS\system32\drivers\MSPQM.sys R3 - mssmbios - Sterownik BIOS zarządzania systemem firmy Microsoft - C:\WINDOWS\system32\DRIVERS\mssmbios.sys R3 - ms_mpu401 - Sterownik portu MIDI UART Microsoft MPU-401 - C:\WINDOWS\system32\drivers\msmpu401.sys R0 - Mup - Mup - C:\WINDOWS\system32\drivers\Mup.sys R0 - NDIS - Sterownik systemu NDIS - C:\WINDOWS\system32\drivers\NDIS.sys R3 - NdisTapi - Sterownik usługi Dostęp zdalny NDIS TAPI - C:\WINDOWS\system32\DRIVERS\ndistapi.sys R3 - Ndisuio - Protokół We/Wy trybu użytkownika NDIS - C:\WINDOWS\system32\DRIVERS\ndisuio.sys R3 - NdisWan - Sterownik usługi Dostęp zdalny NDIS WAN - C:\WINDOWS\system32\DRIVERS\ndiswan.sys R3 - NDProxy - Serwer proxy NDIS - C:\WINDOWS\system32\drivers\NDProxy.sys R1 - NetBIOS - Interfejs NetBIOS - C:\WINDOWS\system32\DRIVERS\netbios.sys R1 - NetBT - NetBios przez TCP/IP - C:\WINDOWS\system32\DRIVERS\netbt.sys R1 - Npfs - Npfs - C:\WINDOWS\system32\drivers\Npfs.sys R4 - Ntfs - Ntfs - C:\WINDOWS\system32\drivers\Ntfs.sys R1 - Null - Null - C:\WINDOWS\system32\drivers\Null.sys S3 - NwlnkFlt - Sterownik filtru ruchu IPX - C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys S3 - NwlnkFwd - Sterownik usług przesyłania dalej ruchu IPX - C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys R3 - Parport - Sterownik portu równoległego - C:\WINDOWS\system32\DRIVERS\parport.sys R0 - PartMgr - PartMgr - C:\WINDOWS\system32\drivers\PartMgr.sys R2 - ParVdm - ParVdm - C:\WINDOWS\system32\drivers\ParVdm.sys S3 - PCAMPR5 - PCAMPR5 NDIS Protocol Driver - \??\C:\WINDOWS\system32\PCAMPR5.SYS S3 - PCANDIS5 - PCANDIS5 NDIS Protocol Driver - \??\C:\WINDOWS\system32\PCANDIS5.SYS R0 - PCI - Sterownik magistrali PCI - C:\WINDOWS\system32\DRIVERS\pci.sys S1 - PCIDump - PCIDump - R0 - PCIIde - PCIIde - C:\WINDOWS\system32\DRIVERS\pciide.sys S4 - Pcmcia - Pcmcia - C:\WINDOWS\system32\drivers\Pcmcia.sys S3 - PDCOMP - PDCOMP - S3 - PDFRAME - PDFRAME - S3 - PDRELI - PDRELI - S3 - PDRFRAME - PDRFRAME - S4 - perc2 - perc2 - S4 - perc2hib - perc2hib - R3 - PptpMiniport - WAN Miniport (PPTP) - C:\WINDOWS\system32\DRIVERS\raspptp.sys R3 - PSched - Harmonogram pakietów QoS - C:\WINDOWS\system32\DRIVERS\psched.sys R3 - Ptilink - Sterownik bezpośredniego połączenia kablowego - C:\WINDOWS\system32\DRIVERS\ptilink.sys S4 - ql1080 - ql1080 - S4 - Ql10wnt - Ql10wnt - S4 - ql12160 - ql12160 - S4 - ql1240 - ql1240 - S4 - ql1280 - ql1280 - R1 - RasAcd - Sterownik automatycznego połączenia dostępu zdalnego - C:\WINDOWS\system32\DRIVERS\rasacd.sys R3 - Rasl2tp - WAN Miniport (L2TP) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys R3 - RasPppoe - Sterownik usługi Dostęp zdalny PPPOE - C:\WINDOWS\system32\DRIVERS\raspppoe.sys R3 - Raspti - Bezpośrednie połączenie kablowe - C:\WINDOWS\system32\DRIVERS\raspti.sys R1 - Rdbss - Rdbss - C:\WINDOWS\system32\DRIVERS\rdbss.sys R1 - RDPCDD - RDPCDD - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys R3 - rdpdr - Sterownik przekierowania urządzenia serwera terminali - C:\WINDOWS\system32\DRIVERS\rdpdr.sys S3 - RDPWD - RDPWD - C:\WINDOWS\system32\drivers\RDPWD.sys R1 - redbook - Sterownik filtru odtwarzania audio cyfrowych dysków CD - C:\WINDOWS\system32\DRIVERS\redbook.sys R3 - rtl8029 - Sterownik NT karty Realtek RTL8029(AS)-based PCI Ethernet - C:\WINDOWS\system32\DRIVERS\RTL8029.SYS S3 - Secdrv - Secdrv - C:\WINDOWS\system32\DRIVERS\secdrv.sys R3 - serenum - Sterownik filtru Serenum - C:\WINDOWS\system32\DRIVERS\serenum.sys R1 - Serial - Sterownik portu szeregowego - C:\WINDOWS\system32\DRIVERS\serial.sys S1 - Sfloppy - Sfloppy - C:\WINDOWS\system32\drivers\Sfloppy.sys S4 - Simbad - Simbad - S4 - Sparrow - Sparrow - S3 - splitter - Microsoft Kernel Audio Splitter - C:\WINDOWS\system32\drivers\splitter.sys R0 - sr - Sterownik filtru Przywracania systemu - C:\WINDOWS\system32\DRIVERS\sr.sys R3 - Srv - Srv - C:\WINDOWS\system32\DRIVERS\srv.sys R3 - Stmatm - ATM/ADSL miniport - C:\WINDOWS\system32\DRIVERS\stmatm.sys R3 - swenum - Sterownik magistrali programowej - C:\WINDOWS\system32\DRIVERS\swenum.sys S3 - swmidi - Syntezator tablicy dźwięków WAVE Microsoft Kernel GS - C:\WINDOWS\system32\drivers\swmidi.sys S4 - symc810 - symc810 - S4 - symc8xx - symc8xx - S4 - sym_hi - sym_hi - S4 - sym_u3 - sym_u3 - R3 - sysaudio - Urządzenie audio Microsoft Kernel System - C:\WINDOWS\system32\drivers\sysaudio.sys R3 - TaurusUsb - ADSL Modem USB Service - C:\WINDOWS\system32\DRIVERS\torususb.sys R1 - Tcpip - Sterownik protokołu TCP/IP - C:\WINDOWS\system32\DRIVERS\tcpip.sys S3 - TDPIPE - TDPIPE - C:\WINDOWS\system32\drivers\TDPIPE.sys S3 - TDTCP - TDTCP - C:\WINDOWS\system32\drivers\TDTCP.sys R1 - TermDD - Sterownik urządzenia terminalu - C:\WINDOWS\system32\DRIVERS\termdd.sys S4 - TosIde - TosIde - S4 - Udfs - Udfs - C:\WINDOWS\system32\drivers\Udfs.sys S4 - ultra - ultra - R3 - Update - Sterownik Microcode Update - C:\WINDOWS\system32\DRIVERS\update.sys R3 - usbehci - Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft - C:\WINDOWS\system32\DRIVERS\usbehci.sys R3 - usbhub - Koncentrator z obsługą USB2 - C:\WINDOWS\system32\DRIVERS\usbhub.sys S3 - USBSTOR - Sterownik magazynu masowego USB - C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS R3 - usbuhci - Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft - C:\WINDOWS\system32\DRIVERS\usbuhci.sys R1 - VgaSave - VgaSave - C:\WINDOWS\system32\drivers\vga.sys S4 - ViaIde - ViaIde - R0 - VolSnap - VolSnap - C:\WINDOWS\system32\drivers\VolSnap.sys R3 - Wanarp - Sterownik usługi Dostęp zdalny IP ARP - C:\WINDOWS\system32\DRIVERS\wanarp.sys S3 - WDICA - WDICA - R3 - wdmaud - Sterownik zgodności audio Microsoft WINMM WDM - C:\WINDOWS\system32\drivers\wdmaud.sys -- SERVICES -- S3 - AdobeFlashPlayerUpdateSvc - Adobe Flash Player Update Service - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe R3 - ALG - Usługa bramy warstwy aplikacji - C:\WINDOWS\System32\alg.exe S3 - CiSvc - Usługa indeksowania - C:\WINDOWS\system32\cisvc.exe S4 - ClipSrv - ClipBook - C:\WINDOWS\system32\clipsrv.exe S3 - COMSysApp - Aplikacja systemowa modelu COM+ - C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} S3 - dmadmin - Usługa administracyjna Menedżera dysków logicznych - C:\WINDOWS\System32\dmadmin.exe /com R2 - Eventlog - Dziennik zdarzeń - C:\WINDOWS\system32\services.exe S2 - gupdate - Usługa Google Update (gupdate) - "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc S3 - gupdatem - Usługa Google Update (gupdatem) - "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc S3 - ImapiService - Usługa COM nagrywania dysków CD IMAPI - C:\WINDOWS\system32\imapi.exe R2 - JavaQuickStarterService - Java Quick Starter - "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" S3 - mnmsrvc - NetMeeting Remote Desktop Sharing - C:\WINDOWS\system32\mnmsrvc.exe S3 - MSDTC - Distributed Transaction Coordinator - C:\WINDOWS\system32\msdtc.exe S3 - MSIServer - Instalator Windows - C:\WINDOWS\system32\msiexec.exe /V S4 - NetDDE - DDE sieci - C:\WINDOWS\system32\netdde.exe S4 - NetDDEdsdm - DSDM DDE sieci - C:\WINDOWS\system32\netdde.exe S3 - Netlogon - Logowanie do sieci - C:\WINDOWS\system32\lsass.exe S3 - NtLmSsp - Usługa NT LM Security Support Provider - C:\WINDOWS\system32\lsass.exe R2 - PlugPlay - Plug and Play - C:\WINDOWS\system32\services.exe R2 - PolicyAgent - Usługi IPSEC - C:\WINDOWS\system32\lsass.exe R2 - ProtectedStorage - Magazyn chroniony - C:\WINDOWS\system32\lsass.exe S3 - RDSessMgr - Menedżer sesji pomocy pulpitu zdalnego - C:\WINDOWS\system32\sessmgr.exe S3 - RpcLocator - Lokalizator usługi zdalnego wywołania procedury (RPC) - C:\WINDOWS\system32\locator.exe S3 - RSVP - QoS RSVP - C:\WINDOWS\system32\rsvp.exe R2 - SamSs - Menedżer kont zabezpieczeń - C:\WINDOWS\system32\lsass.exe S3 - SCardSvr - Karta inteligentna - C:\WINDOWS\System32\SCardSvr.exe R2 - Spooler - Bufor wydruku - C:\WINDOWS\system32\spoolsv.exe S3 - SwPrv - MS Software Shadow Copy Provider - C:\WINDOWS\system32\dllhost.exe /Processid:{260354A5-793F-408C-BDE8-F880F55659F7} S3 - SysmonLog - Dzienniki wydajności i alerty - C:\WINDOWS\system32\smlogsvc.exe S4 - TlntSvr - Telnet - C:\WINDOWS\system32\tlntsvr.exe S3 - UPS - Zasilacz awaryjny (UPS) - C:\WINDOWS\System32\ups.exe S3 - VSS - Kopiowanie woluminów w tle - C:\WINDOWS\System32\vssvc.exe R3 - WmiApSrv - Karta wydajności WMI - C:\WINDOWS\system32\wbem\wmiapsrv.exe --- SAFEBOOT MINIMAL SERVICES --- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal no unknown services found --- SAFEBOOT Network SERVICES --- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network DnsCache --- BOOTEXECUTE regkey --- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager] "BootExecute"= autocheck autochk *\0\0 --- PENDINGFILERENAMEOPERATIONS regkey --- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager] PendingFileRenameOperations key not found --- WOW-CMDLINE regkeys --- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WOW] "cmdline" = %SystemRoot%\system32\ntvdm.exe "cmdline" = %SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386 --- SVCHOST HTTPFilter regkey --- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] -- HTTPFilter HTTPFilter -- %SystemRoot%\System32\w3ssl.dll --- SVCHOST LocalService regkey --- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] -- LocalService only standard values found --- SVCHOST NetworkService regkey --- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] -- NetworkService only standard values found --- SVCHOST netsvcs regkey --- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] -- netsvcs WmdmPmSN -- C:\WINDOWS\system32\mspmsnsv.dll ojumdcjt loading point not found --- SVCHOST DcomLaunch regkey --- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] -- DcomLaunch only standard values found --- SVCHOST rpcss regkey --- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] -- rpcss only standard values found --- SVCHOST imgsvc regkey --- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] -- imgsvc only standard values found --- SVCHOST termsvcs regkey --- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] -- termsvcs only standard values found --- DNS SERVER regkeys --- no "NameServer" values found --- HKCU SEARCHSCOPE --- --- HKLM SEARCHSCOPE --- --- File associations --- .BAT files: ("%1" %*) .COM files: ("%1" %*) .EXE files: ("%1" %*) .HLP files: (%SystemRoot%\System32\winhlp32.exe %1) .INF files: (%SystemRoot%\System32\NOTEPAD.EXE %1) .INI files: (%SystemRoot%\System32\NOTEPAD.EXE %1) .JS files: (%SystemRoot%\System32\WScript.exe "%1" %*) .PIF files: ("%1" %*) .REG files: (regedit.exe "%1") .SCR files: ("%1" /S) .TXT files: (%SystemRoot%\system32\NOTEPAD.EXE %1) .VBS files: (%SystemRoot%\System32\WScript.exe "%1" %*) --- STARTUP FOLDERS --- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\desktop.ini -- [84] -- [2012-12-30 19:59] C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\OpenOffice.org 3.3.lnk -- [864] -- [2012-12-31 11:36] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\desktop.ini -- [84] -- [2012-12-30 19:59] C:\WINDOWS\system32\config\systemprofile\Menu Start\Programy\Autostart\desktop.ini -- [84] -- [2012-12-30 19:59] C:\WINDOWS\system32\config\systemprofile\Menu Start\Programy\Autostart\desktop.ini -- [84] -- [2012-12-30 19:59] --- TASK SCHEDULER JOBS --- C:\WINDOWS\tasks\Adobe Flash Player Updater.job -- [930] -- [2013-01-01 21:24] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job -- [1046] -- [2013-01-02 15:35] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job -- [1050] -- [2013-01-02 15:38] --- Created files --- 2013-01-02 15:04:44 -------- d-----w- [---] C:\WINDOWS\RegLooks 2013-01-02 14:33:53 -------- d-----w- [---] C:\_OTL 2013-01-02 14:33:53 -------- d-----w- [---] \_OTL 2012-12-31 19:54:23 -------- d-----w- [---] C:\Program Files\Total Video Player 2012-12-31 10:43:32 -------- d-----w- [---] C:\Program Files\Common Files\Java 2012-12-31 10:43:25 859072 ----a-w- [7--] C:\WINDOWS\system32\npDeployJava1.dll 2012-12-31 10:43:25 779704 ----a-w- [7--] C:\WINDOWS\system32\deployJava1.dll 2012-12-31 10:43:25 260528 ----a-w- [7--] C:\WINDOWS\system32\javaws.exe 2012-12-31 10:43:25 143872 ----a-w- [---] C:\WINDOWS\system32\javacpl.cpl 2012-12-31 10:43:10 93640 ----a-w- [7--] C:\WINDOWS\system32\WindowsAccessBridge.dll 2012-12-31 10:43:10 174000 ----a-w- [7--] C:\WINDOWS\system32\javaw.exe 2012-12-31 10:43:10 173992 ----a-w- [7--] C:\WINDOWS\system32\java.exe 2012-12-31 10:38:34 -------- d-----w- [---] C:\Documents and Settings\Administrator\Dane aplikacji\Sun 2012-12-31 10:36:22 -------- d-----w- [---] C:\Documents and Settings\Administrator\Dane aplikacji\OpenOffice.org 2012-12-31 10:02:06 -------- d-----w- [---] C:\Program Files\OpenOffice.org 3 2012-12-31 09:05:28 -------- d-----w- [---] C:\Documents and Settings\Administrator\Dane aplikacji\Adobe 2012-12-31 09:05:14 -------- d-s---w- [---] C:\Documents and Settings\Administrator\GG dysk 2012-12-31 09:04:19 -------- d-----w- [---] C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla 2012-12-31 09:03:50 -------- d-----w- [---] C:\Documents and Settings\Administrator\Dane aplikacji\GG 2012-12-30 23:28:19 930 ----a-w- [---] C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2012-12-30 23:28:18 73656 ----a-w- [7--] C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2012-12-30 23:28:18 697272 ----a-w- [7--] C:\WINDOWS\system32\FlashPlayerApp.exe 2012-12-30 21:40:47 -------- d-----w- [---] C:\Documents and Settings\Administrator\Dane aplikacji\Tibia 2012-12-30 21:27:55 -------- d-----w- [---] C:\Program Files\Tibia 2012-12-30 21:20:07 -------- d-----w- [---] C:\Program Files\Asprate 2012-12-30 21:19:41 -------- d-----w- [---] C:\Documents and Settings\Administrator\Dane aplikacji\WinRAR 2012-12-30 21:19:30 -------- d-----w- [---] C:\Program Files\WinRAR 2012-12-30 20:35:19 -------- d-sha-r- [---] C:\autorun.inf 2012-12-30 20:35:19 -------- d-sha-r- [---] \autorun.inf 2012-12-30 20:33:56 -------- d-sh--w- [---] C:\RECYCLER 2012-12-30 20:33:56 -------- d-sh--w- [---] \RECYCLER 2012-12-30 20:24:46 -------- d-----w- [---] C:\Documents and Settings\Administrator\WapSter 2012-12-30 20:21:21 26496 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\usbstor.sys 2012-12-30 20:21:21 26496 ----a-w- [7-8] C:\WINDOWS\system32\drivers\USBSTOR.SYS 2012-12-30 20:12:15 -------- d-----w- [---] C:\Program Files\WapSter 2012-12-30 19:51:56 -------- d-----w- [---] C:\Documents and Settings\Administrator\Dane aplikacji\Opera 2012-12-30 19:51:51 0 ----a-w- [---] C:\WINDOWS\system32\h323log.txt 2012-12-30 19:51:46 -------- d-----w- [---] C:\Program Files\Opera 2012-12-30 19:47:07 -------- d--h--w- [---] C:\Documents and Settings\All Users\Szablony 2012-12-30 19:47:07 -------- d-----w- [---] C:\Documents and Settings\All Users\Ulubione 2012-12-30 19:47:07 -------- d-----w- [---] C:\Documents and Settings\All Users\Pulpit 2012-12-30 19:47:07 -------- d-----r- [---] C:\Documents and Settings\All Users\Menu Start 2012-12-30 19:47:07 -------- d-----r- [---] C:\Documents and Settings\All Users\Dokumenty 2012-12-30 19:46:27 -------- d--h--r- [---] C:\Documents and Settings\All Users\Dane aplikacji 2012-12-30 19:33:50 1050 ----a-w- [---] C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2012-12-30 19:33:49 1046 ----a-w- [---] C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2012-12-30 19:33:47 -------- d-----w- [---] C:\Program Files\Google 2012-12-30 19:31:53 39 ----a-w- [---] C:\Documents and Settings\Administrator\custom.log 2012-12-30 19:28:11 32768 ----a-w- [---] C:\WINDOWS\system32\WooDial2000.dll 2012-12-30 19:27:46 -------- d-----w- [---] C:\WINDOWS\system32\InsFiles 2012-12-30 19:27:44 1434 ----a-w- [---] C:\WINDOWS\coinst.log 2012-12-30 19:27:43 902 ----a-r- [---] C:\WINDOWS\system32\setup.ini 2012-12-30 19:27:43 766 ----a-r- [---] C:\WINDOWS\system32\icStop.ico 2012-12-30 19:27:43 766 ----a-r- [---] C:\WINDOWS\system32\icShTx.ico 2012-12-30 19:27:43 766 ----a-r- [---] C:\WINDOWS\system32\icShTR.ico 2012-12-30 19:27:43 766 ----a-r- [---] C:\WINDOWS\system32\icShRx.ico 2012-12-30 19:27:43 766 ----a-r- [---] C:\WINDOWS\system32\icShow.ico 2012-12-30 19:27:43 766 ----a-r- [---] C:\WINDOWS\system32\icInit.ico 2012-12-30 19:27:43 65536 ----a-r- [---] C:\WINDOWS\DSLTest.exe 2012-12-30 19:27:43 161 ----a-r- [---] C:\WINDOWS\DSLSetup.ini 2012-12-30 19:27:43 102400 ----a-r- [---] C:\WINDOWS\stmtrace.exe 2012-12-30 19:27:42 766 ----a-r- [---] C:\WINDOWS\system32\icNoMo.ico 2012-12-30 19:27:42 684265 ----a-r- [---] C:\WINDOWS\system32\drivers\torususb.sys 2012-12-30 19:27:42 60255 ----a-r- [---] C:\WINDOWS\system32\drivers\stmatm.sys 2012-12-30 19:27:42 446464 ----a-r- [---] C:\WINDOWS\system32\stmadsl.cpl 2012-12-30 19:27:42 36864 ----a-r- [---] C:\WINDOWS\system32\stmclean.exe 2012-12-30 19:27:42 18498 ----a-r- [---] C:\WINDOWS\system32\CSALogo.bmp 2012-12-30 19:26:18 425984 ----a-r- [---] C:\WINDOWS\system32\stmcfg32.dll 2012-12-30 19:26:18 151552 ----a-r- [---] C:\WINDOWS\system32\stmctrl.dll 2012-12-30 19:26:12 -------- d-----w- [---] C:\Program Files\ZTE ZXDSL 852 2012-12-30 19:26:11 2849 ----a-w- [---] C:\WINDOWS\stsetup.htm 2012-12-30 19:26:02 94208 ----a-w- [---] C:\WINDOWS\system32\W32n50.dll 2012-12-30 19:26:02 16128 ------w- [---] C:\WINDOWS\system32\PCANDIS5.SYS 2012-12-30 19:25:40 45175 ------w- [---] C:\WINDOWS\system32\plugincpl140_03.cpl 2012-12-30 19:25:34 41068 ------w- [---] C:\WINDOWS\system32\ActPanel.dll 2012-12-30 19:25:33 -------- d-----w- [---] C:\Program Files\Java 2012-12-30 19:24:29 6400 ----a-w- [7-8] C:\WINDOWS\system32\drivers\splitter.sys 2012-12-30 19:24:28 2944 ----a-w- [7-8] C:\WINDOWS\system32\drivers\drmkaud.sys 2012-12-30 19:24:27 4992 ----a-w- [7-8] C:\WINDOWS\system32\drivers\MSPQM.sys 2012-12-30 19:24:25 142464 ----a-w- [7-8] C:\WINDOWS\system32\drivers\aec.sys 2012-12-30 19:24:23 54272 ----a-w- [7-8] C:\WINDOWS\system32\drivers\swmidi.sys 2012-12-30 19:24:22 82944 ----a-w- [7-8] C:\WINDOWS\system32\drivers\wdmaud.sys 2012-12-30 19:24:20 171776 ----a-w- [7-8] C:\WINDOWS\system32\drivers\kmixer.sys 2012-12-30 19:24:18 52864 ----a-w- [7-8] C:\WINDOWS\system32\drivers\DMusic.sys 2012-12-30 19:24:16 7552 ----a-w- [7-8] C:\WINDOWS\system32\drivers\MSKSSRV.sys 2012-12-30 19:24:15 60800 ----a-w- [7-8] C:\WINDOWS\system32\drivers\sysaudio.sys 2012-12-30 19:24:13 -------- d-----w- [---] C:\Program Files\neostrada tp 2012-12-30 19:24:12 5376 ----a-w- [7-8] C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2012-12-30 19:24:08 3072 ----a-w- [7-8] C:\WINDOWS\system32\drivers\audstub.sys 2012-12-30 19:24:02 530 ----a-w- [---] C:\WINDOWS\wiadebug.log 2012-12-30 19:24:01 50 ----a-w- [---] C:\WINDOWS\wiaservc.log 2012-12-30 19:24:00 0 ----a-w- [---] C:\WINDOWS\Sti_Trace.log 2012-12-30 19:23:08 58624 ----a-w- [7-8] C:\WINDOWS\system32\drivers\redbook.sys 2012-12-30 19:22:44 19017 ----a-w- [7-8] C:\WINDOWS\system32\drivers\RTL8029.sys 2012-12-30 19:22:40 60288 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\drmk.sys 2012-12-30 19:22:40 60288 ----a-w- [7-8] C:\WINDOWS\system32\drivers\drmk.sys 2012-12-30 19:22:40 4096 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\ksuser.dll 2012-12-30 19:22:40 4096 ----a-w- [7-8] C:\WINDOWS\system32\ksuser.dll 2012-12-30 19:22:40 2944 ----a-w- [7-8] C:\WINDOWS\system32\drivers\msmpu401.sys 2012-12-30 19:22:40 145792 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\portcls.sys 2012-12-30 19:22:40 145792 ----a-w- [7-8] C:\WINDOWS\system32\drivers\portcls.sys 2012-12-30 19:22:40 130048 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\ksproxy.ax 2012-12-30 19:22:40 130048 ----a-w- [7-8] C:\WINDOWS\system32\ksproxy.ax 2012-12-30 19:22:38 10624 ----a-w- [7-8] C:\WINDOWS\system32\drivers\gameenum.sys 2012-12-30 19:22:21 5504 ----a-w- [7-8] C:\WINDOWS\system32\drivers\intelide.sys 2012-12-30 19:22:19 77312 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\usbui.dll 2012-12-30 19:22:19 77312 ----a-w- [7-8] C:\WINDOWS\system32\usbui.dll 2012-12-30 19:21:02 -------- d-----w- [---] C:\Documents and Settings\Administrator\Dane aplikacji\Macromedia 2012-12-30 19:21:00 3886 ----a-w- [---] C:\WINDOWS\netfxocm.log 2012-12-30 19:21:00 1919 ----a-w- [---] C:\WINDOWS\MedCtrOC.log 2012-12-30 19:21:00 1802 ----a-w- [---] C:\WINDOWS\tabletoc.log 2012-12-30 19:21:00 1189 ----a-w- [---] C:\WINDOWS\ocmsn.log 2012-12-30 19:21:00 -------- d-sh--w- [---] C:\WINDOWS\ftpcache 2012-12-30 19:20:59 4438 ----a-w- [---] C:\WINDOWS\imsins.log 2012-12-30 19:20:59 1362 ----a-w- [---] C:\WINDOWS\imsins.BAK 2012-12-30 19:20:59 1181 ----a-w- [---] C:\WINDOWS\msgsocm.log 2012-12-30 19:20:58 57690 ----a-w- [---] C:\WINDOWS\iis6.log 2012-12-30 19:20:58 20608 ----a-w- [---] C:\WINDOWS\comsetup.log 2012-12-30 19:20:58 14263 ----a-w- [---] C:\WINDOWS\tsoc.log 2012-12-30 19:20:58 13264 ----a-w- [---] C:\WINDOWS\msmqinst.log 2012-12-30 19:20:58 12305 ----a-w- [---] C:\WINDOWS\ntdtcsetup.log 2012-12-30 19:20:57 17739 ----a-w- [---] C:\WINDOWS\ocgen.log 2012-12-30 19:20:57 16773 ----a-w- [---] C:\WINDOWS\FaxSetup.log 2012-12-30 19:20:55 763990 ----a-w- [---] C:\WINDOWS\system32\PerfStringBackup.INI 2012-12-30 19:20:55 -------- d-sh--w- [---] C:\WINDOWS\Installer 2012-12-30 19:20:54 4293 ----a-w- [---] C:\WINDOWS\ODBCINST.INI 2012-12-30 19:20:54 -------- d-----w- [---] C:\Program Files\Common Files\ODBC 2012-12-30 19:20:52 77824 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\spcommon.dll 2012-12-30 19:20:52 61440 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\spcplui.dll 2012-12-30 19:20:51 888 -c--a-w-[---] C:\WINDOWS\system32\dllcache\sam.sdf 2012-12-30 19:20:51 774144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\spttseng.dll 2012-12-30 19:20:51 643717 -c--a-w-[---] C:\WINDOWS\system32\dllcache\ltts1033.lxa 2012-12-30 19:20:51 605050 -c--a-w-[---] C:\WINDOWS\system32\dllcache\r1033tts.lxa 2012-12-30 19:20:51 36864 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sapisvr.exe 2012-12-30 19:20:51 1685606 -c--a-w-[---] C:\WINDOWS\system32\dllcache\sam.spd 2012-12-30 19:20:51 155648 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sapi.cpl 2012-12-30 19:20:51 -------- d-----w- [---] C:\Program Files\Common Files\SpeechEngines 2012-12-30 19:20:50 741376 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sapi.dll 2012-12-30 19:20:50 -------- d-----w- [---] C:\Program Files\Common Files\Microsoft Shared 2012-12-30 19:20:50 -------- d-----w- [---] C:\Program Files\Common Files 2012-12-30 19:20:50 -------- d-----r- [---] C:\Program Files 2012-12-30 19:20:50 -------- d-----r- [---] \Program Files 2012-12-30 19:20:47 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_28603.nls 2012-12-30 19:20:47 66082 ----a-w- [--8] C:\WINDOWS\system32\c_28603.nls 2012-12-30 19:20:47 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\agt041f.dll 2012-12-30 19:20:46 66594 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_857.nls 2012-12-30 19:20:46 66594 ----a-w- [--8] C:\WINDOWS\system32\c_857.nls 2012-12-30 19:20:46 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_28599.nls 2012-12-30 19:20:46 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10081.nls 2012-12-30 19:20:46 66082 ----a-w- [--8] C:\WINDOWS\system32\c_28599.nls 2012-12-30 19:20:46 66082 ----a-w- [--8] C:\WINDOWS\system32\c_10081.nls 2012-12-30 19:20:46 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdtuq.dll 2012-12-30 19:20:46 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdtuf.dll 2012-12-30 19:20:46 6144 ----a-r- [7-8] C:\WINDOWS\system32\kbdtuq.dll 2012-12-30 19:20:46 6144 ----a-r- [7-8] C:\WINDOWS\system32\kbdtuf.dll 2012-12-30 19:20:46 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdazel.dll 2012-12-30 19:20:46 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdazel.dll 2012-12-30 19:20:46 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\agt0419.dll 2012-12-30 19:20:44 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_28595.nls 2012-12-30 19:20:44 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10017.nls 2012-12-30 19:20:44 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10007.nls 2012-12-30 19:20:44 66082 ----a-w- [--8] C:\WINDOWS\system32\C_28595.NLS 2012-12-30 19:20:44 66082 ----a-w- [--8] C:\WINDOWS\system32\c_10017.nls 2012-12-30 19:20:44 66082 ----a-w- [--8] C:\WINDOWS\system32\c_10007.nls 2012-12-30 19:20:44 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdycc.dll 2012-12-30 19:20:44 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbduzb.dll 2012-12-30 19:20:44 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdur.dll 2012-12-30 19:20:44 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdtat.dll 2012-12-30 19:20:44 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdru1.dll 2012-12-30 19:20:44 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdru.dll 2012-12-30 19:20:44 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdmon.dll 2012-12-30 19:20:44 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdkyr.dll 2012-12-30 19:20:44 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdkaz.dll 2012-12-30 19:20:44 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdbu.dll 2012-12-30 19:20:44 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdblr.dll 2012-12-30 19:20:44 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdaze.dll 2012-12-30 19:20:44 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdycc.dll 2012-12-30 19:20:44 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbduzb.dll 2012-12-30 19:20:44 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdur.dll 2012-12-30 19:20:44 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdtat.dll 2012-12-30 19:20:44 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdru1.dll 2012-12-30 19:20:44 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdru.dll 2012-12-30 19:20:44 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdmon.dll 2012-12-30 19:20:44 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdkyr.dll 2012-12-30 19:20:44 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdkaz.dll 2012-12-30 19:20:44 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdbu.dll 2012-12-30 19:20:44 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdblr.dll 2012-12-30 19:20:44 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdaze.dll 2012-12-30 19:20:44 22016 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\agt0408.dll 2012-12-30 19:20:42 8192 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdhept.dll 2012-12-30 19:20:42 8192 ----a-r- [7-8] C:\WINDOWS\system32\kbdhept.dll 2012-12-30 19:20:42 66594 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_869.nls 2012-12-30 19:20:42 66594 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_737.nls 2012-12-30 19:20:42 66594 ----a-w- [--8] C:\WINDOWS\system32\c_869.nls 2012-12-30 19:20:42 66594 ----a-w- [--8] C:\WINDOWS\system32\c_737.nls 2012-12-30 19:20:42 6656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdhela3.dll 2012-12-30 19:20:42 6656 ----a-r- [7-8] C:\WINDOWS\system32\kbdhela3.dll 2012-12-30 19:20:42 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_875.nls 2012-12-30 19:20:42 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_28597.nls 2012-12-30 19:20:42 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10006.nls 2012-12-30 19:20:42 66082 ----a-w- [--8] C:\WINDOWS\system32\c_875.nls 2012-12-30 19:20:42 66082 ----a-w- [--8] C:\WINDOWS\system32\C_28597.NLS 2012-12-30 19:20:42 66082 ----a-w- [--8] C:\WINDOWS\system32\c_10006.nls 2012-12-30 19:20:42 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdhela2.dll 2012-12-30 19:20:42 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdgkl.dll 2012-12-30 19:20:42 6144 ----a-r- [7-8] C:\WINDOWS\system32\kbdhela2.dll 2012-12-30 19:20:42 6144 ----a-r- [7-8] C:\WINDOWS\system32\kbdgkl.dll 2012-12-30 19:20:42 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdhe319.dll 2012-12-30 19:20:42 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdhe220.dll 2012-12-30 19:20:42 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdhe.dll 2012-12-30 19:20:42 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdhe319.dll 2012-12-30 19:20:42 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdhe220.dll 2012-12-30 19:20:42 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdhe.dll 2012-12-30 19:20:41 66594 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_866.nls 2012-12-30 19:20:41 66594 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_855.nls 2012-12-30 19:20:41 66594 ----a-w- [--8] C:\WINDOWS\system32\c_866.nls 2012-12-30 19:20:41 66594 ----a-w- [--8] C:\WINDOWS\system32\c_855.nls 2012-12-30 19:20:41 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_28594.nls 2012-12-30 19:20:41 66082 ----a-w- [--8] C:\WINDOWS\system32\C_28594.NLS 2012-12-30 19:20:41 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdlv1.dll 2012-12-30 19:20:41 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdlv.dll 2012-12-30 19:20:41 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdest.dll 2012-12-30 19:20:41 6144 ----a-r- [7-8] C:\WINDOWS\system32\kbdlv1.dll 2012-12-30 19:20:41 6144 ----a-r- [7-8] C:\WINDOWS\system32\kbdlv.dll 2012-12-30 19:20:41 6144 ----a-r- [7-8] C:\WINDOWS\system32\kbdest.dll 2012-12-30 19:20:41 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdlt1.dll 2012-12-30 19:20:41 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdlt.dll 2012-12-30 19:20:41 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdlt1.dll 2012-12-30 19:20:41 5632 ----a-r- [7-8] C:\WINDOWS\system32\kbdlt.dll 2012-12-30 19:20:40 3094 ----a-w- [---] C:\WINDOWS\regopt.log 2012-12-30 19:20:39 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20127.nls 2012-12-30 19:20:39 66082 ----a-w- [--8] C:\WINDOWS\system32\c_20127.nls 2012-12-30 19:20:38 19968 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\agt040e.dll 2012-12-30 19:20:38 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\agt0415.dll 2012-12-30 19:20:38 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\agt0405.dll 2012-12-30 19:20:37 7168 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdcz.dll 2012-12-30 19:20:37 7168 ----a-w- [7-8] C:\WINDOWS\system32\kbdcz.dll 2012-12-30 19:20:37 6656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdycl.dll 2012-12-30 19:20:37 6656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdsl1.dll 2012-12-30 19:20:37 6656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdsl.dll 2012-12-30 19:20:37 6656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdhu.dll 2012-12-30 19:20:37 6656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdcz2.dll 2012-12-30 19:20:37 6656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdcz1.dll 2012-12-30 19:20:37 6656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdcr.dll 2012-12-30 19:20:37 6656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdal.dll 2012-12-30 19:20:37 6656 ----a-w- [7-8] C:\WINDOWS\system32\kbdycl.dll 2012-12-30 19:20:37 6656 ----a-w- [7-8] C:\WINDOWS\system32\kbdsl1.dll 2012-12-30 19:20:37 6656 ----a-w- [7-8] C:\WINDOWS\system32\kbdsl.dll 2012-12-30 19:20:37 6656 ----a-w- [7-8] C:\WINDOWS\system32\kbdhu.dll 2012-12-30 19:20:37 6656 ----a-w- [7-8] C:\WINDOWS\system32\kbdcz2.dll 2012-12-30 19:20:37 6656 ----a-w- [7-8] C:\WINDOWS\system32\kbdcz1.dll 2012-12-30 19:20:37 6656 ----a-w- [7-8] C:\WINDOWS\system32\kbdcr.dll 2012-12-30 19:20:37 6656 ----a-w- [7-8] C:\WINDOWS\system32\KBDAL.DLL 2012-12-30 19:20:37 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdro.dll 2012-12-30 19:20:37 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdhu1.dll 2012-12-30 19:20:37 5632 ----a-w- [7-8] C:\WINDOWS\system32\kbdro.dll 2012-12-30 19:20:37 5632 ----a-w- [7-8] C:\WINDOWS\system32\kbdhu1.dll 2012-12-30 19:20:36 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10082.nls 2012-12-30 19:20:36 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10029.nls 2012-12-30 19:20:36 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10010.nls 2012-12-30 19:20:36 66082 ----a-w- [--8] C:\WINDOWS\system32\c_10082.nls 2012-12-30 19:20:36 66082 ----a-w- [--8] C:\WINDOWS\system32\c_10029.nls 2012-12-30 19:20:36 66082 ----a-w- [--8] C:\WINDOWS\system32\c_10010.nls 2012-12-30 19:20:36 13312 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\irclass.dll 2012-12-30 19:20:36 13312 ----a-w- [7-8] C:\WINDOWS\system32\irclass.dll 2012-12-30 19:20:35 9168 ----a-w- [7-8] C:\WINDOWS\system\VER.DLL 2012-12-30 19:20:35 85532 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\dgsetup.dll 2012-12-30 19:20:35 85532 ----a-w- [7-8] C:\WINDOWS\system32\dgsetup.dll 2012-12-30 19:20:35 4096 ----a-w- [7-8] C:\WINDOWS\system\TIMER.DRV 2012-12-30 19:20:35 3360 ----a-w- [7-8] C:\WINDOWS\system\SYSTEM.DRV 2012-12-30 19:20:35 24661 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\spxcoins.dll 2012-12-30 19:20:35 24661 ----a-w- [7-8] C:\WINDOWS\system32\spxcoins.dll 2012-12-30 19:20:35 2176 ----a-w- [7-8] C:\WINDOWS\system\VGA.DRV 2012-12-30 19:20:35 19200 ----a-w- [7-8] C:\WINDOWS\system\TAPI.DLL 2012-12-30 19:20:35 176157 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\dgrpsetu.dll 2012-12-30 19:20:35 176157 ----a-w- [7-8] C:\WINDOWS\system32\dgrpsetu.dll 2012-12-30 19:20:35 1744 ----a-w- [7-8] C:\WINDOWS\system\SOUND.DRV 2012-12-30 19:20:35 13600 ----a-w- [7-8] C:\WINDOWS\system\WFWNET.DRV 2012-12-30 19:20:35 103424 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\eqnclass.dll 2012-12-30 19:20:35 103424 ----a-w- [7-8] C:\WINDOWS\system32\EqnClass.Dll 2012-12-30 19:20:34 9936 ----a-w- [7-8] C:\WINDOWS\system\LZEXPAND.DLL 2012-12-30 19:20:34 83456 ----a-w- [7-8] C:\WINDOWS\system\OLECLI.DLL 2012-12-30 19:20:34 73616 ----a-w- [7-8] C:\WINDOWS\system\MCIAVI.DRV 2012-12-30 19:20:34 5120 ----a-w- [7-8] C:\WINDOWS\system\SHELL.DLL 2012-12-30 19:20:34 33376 ----a-w- [7-8] C:\WINDOWS\system\COMMDLG.DLL 2012-12-30 19:20:34 28160 ----a-w- [7-8] C:\WINDOWS\system\MCIWAVE.DRV 2012-12-30 19:20:34 25296 ----a-w- [7-8] C:\WINDOWS\system\MCISEQ.DRV 2012-12-30 19:20:34 24064 ----a-w- [7-8] C:\WINDOWS\system\OLESVR.DLL 2012-12-30 19:20:34 2032 ----a-w- [7-8] C:\WINDOWS\system\MOUSE.DRV 2012-12-30 19:20:34 2000 ----a-w- [7-8] C:\WINDOWS\system\KEYBOARD.DRV 2012-12-30 19:20:34 127008 ----a-w- [7-8] C:\WINDOWS\system\MSVIDEO.DLL 2012-12-30 19:20:34 1152 ----a-w- [7-8] C:\WINDOWS\system\MMTASK.TSK 2012-12-30 19:20:33 8704 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\batt.dll 2012-12-30 19:20:33 8704 ----a-w- [7-8] C:\WINDOWS\system32\batt.dll 2012-12-30 19:20:33 70096 ----a-w- [7-8] C:\WINDOWS\system\AVICAP.DLL 2012-12-30 19:20:33 1734 ----a-w- [---] C:\WINDOWS\system32\AUTOEXEC.NT 2012-12-30 19:20:33 15360 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\taskman.exe 2012-12-30 19:20:33 15360 ----a-w- [7-8] C:\WINDOWS\TASKMAN.EXE 2012-12-30 19:20:33 11264 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\irenum.sys 2012-12-30 19:20:33 11264 ----a-w- [7-8] C:\WINDOWS\system32\drivers\irenum.sys 2012-12-30 19:20:33 109488 ----a-w- [7-8] C:\WINDOWS\system\AVIFILE.DLL 2012-12-30 19:20:32 70144 ----a-w- [7-8] C:\WINDOWS\NOTEPAD.EXE 2012-12-30 19:20:32 69552 ----a-w- [7-8] C:\WINDOWS\system\MMSYSTEM.DLL 2012-12-30 19:20:32 146432 ----a-w- [7-8] C:\WINDOWS\system\WINSPOOL.DRV 2012-12-30 19:20:31 75776 ----a-w- [7-8] C:\WINDOWS\system32\storprop.dll 2012-12-30 19:20:21 7382 -c--a-w-[---] C:\WINDOWS\system32\dllcache\OEMBIOS.CAT 2012-12-30 19:20:21 7245 -c--a-w-[---] C:\WINDOWS\system32\dllcache\MSTSWEB.CAT 2012-12-30 19:20:21 31965 -c--a-w-[---] C:\WINDOWS\system32\dllcache\mediactr.cat 2012-12-30 19:20:21 141702 -c--a-w-[---] C:\WINDOWS\system32\dllcache\netfx.cat 2012-12-30 19:20:21 102826 -c--a-w-[---] C:\WINDOWS\system32\dllcache\tabletpc.cat 2012-12-30 19:20:20 9581 -c--a-w-[---] C:\WINDOWS\system32\dllcache\MSMSGS.CAT 2012-12-30 19:20:20 8599 -c--a-w-[---] C:\WINDOWS\system32\dllcache\IASNT4.CAT 2012-12-30 19:20:20 808524 -c--a-w-[---] C:\WINDOWS\system32\dllcache\NT5IIS.CAT 2012-12-30 19:20:20 7334 -c--a-w-[---] C:\WINDOWS\system32\dllcache\wmerrenu.cat 2012-12-30 19:20:20 399670 -c--a-w-[---] C:\WINDOWS\system32\dllcache\MAPIMIG.CAT 2012-12-30 19:20:20 37509 -c--a-w-[---] C:\WINDOWS\system32\dllcache\MW770.CAT 2012-12-30 19:20:20 30983 -c--a-w-[---] C:\WINDOWS\system32\dllcache\FP4.CAT 2012-12-30 19:20:20 14043 -c--a-w-[---] C:\WINDOWS\system32\dllcache\IMS.CAT 2012-12-30 19:20:20 13497 -c--a-w-[---] C:\WINDOWS\system32\dllcache\HPCRDP.CAT 2012-12-30 19:20:20 1086058 -c--a-w-[---] C:\WINDOWS\system32\dllcache\NTPRINT.CAT 2012-12-30 19:20:19 620500 -c--a-w-[---] C:\WINDOWS\system32\dllcache\NT5INF.CAT 2012-12-30 19:20:19 1896400 -c--a-w-[---] C:\WINDOWS\system32\dllcache\NT5.CAT 2012-12-30 19:20:19 1014483 -c--a-w-[---] C:\WINDOWS\system32\dllcache\SP2.CAT 2012-12-30 19:20:06 -------- d-----w- [---] C:\WINDOWS\system32\CatRoot2 2012-12-30 19:20:06 -------- d-----w- [---] C:\WINDOWS\system32\CatRoot 2012-12-30 19:20:00 442351 ----a-w- [---] C:\WINDOWS\setupapi.log 2012-12-30 19:19:48 195462 ----a-w- [---] C:\WINDOWS\setupact.log 2012-12-30 19:19:48 0 ----a-w- [---] C:\WINDOWS\setuperr.log 2012-12-30 19:19:45 711820 ----a-w- [---] C:\WINDOWS\setuplog.txt 2012-12-30 19:19:41 -------- d-----w- [---] C:\Documents and Settings 2012-12-30 19:19:41 -------- d-----w- [---] \Documents and Settings 2012-12-30 19:19:40 121336 ----a-w- [---] C:\WINDOWS\system32\FNTCACHE.DAT 2012-12-30 19:19:40 -------- d-sh--w- [---] C:\System Volume Information 2012-12-30 19:19:40 -------- d-sh--w- [---] \System Volume Information 2012-12-30 19:18:25 211 --sh--w- [---] C:\boot.ini 2012-12-30 19:18:25 211 --sh--w- [---] \boot.ini 2012-12-30 19:18:21 261 ----a-w- [---] C:\WINDOWS\system32\$winnt$.inf 2012-12-30 19:16:15 -------- d-----w- [---] C:\WINDOWS\OPTIONS 2012-12-30 19:13:50 -------- dcsh--r- [---] C:\WINDOWS\system32\dllcache 2012-12-30 19:13:50 -------- d-s---r- [---] C:\WINDOWS\Fonts 2012-12-30 19:13:50 -------- d--h--w- [---] C:\WINDOWS\inf 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\WinSxS 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\twain_32 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\Temp 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\wins 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\wbem\xml 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\wbem\Repository 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\wbem\mof 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\wbem\Logs 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\wbem 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\usmt 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\spool 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\ShellExt 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\Setup 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\ras 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\oobe 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\npp 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\mui 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\inetsrv 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\IME 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\icsxml 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\ias 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\export 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\drivers\etc 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\drivers\disdn 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\drivers 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\dhcp 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\config 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\3com_dmi 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\3076 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\2052 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\1054 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\1045 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\1042 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\1041 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\1037 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\1033 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\1031 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\1028 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32\1025 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system32 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\system 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\security 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\Resources 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\repair 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\Provisioning 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\PeerNet 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\pchealth 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\mui 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\msapps 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\msagent 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\Media 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\java 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\ime 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\Help 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\ehome 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\Driver Cache 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\Debug 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\Cursors 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\Connection Wizard 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\Config 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\AppPatch 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS\addins 2012-12-30 19:13:50 -------- d-----w- [---] C:\WINDOWS 2012-12-30 19:13:50 -------- d-----w- [---] \WINDOWS 2012-12-30 19:13:50 -------- d-----r- [---] C:\WINDOWS\Web 2012-12-30 19:13:48 49152 ----a-w- [---] C:\WINDOWS\system32\ChCfg.exe 2012-12-30 19:13:35 4017536 ----a-r- [7--] C:\WINDOWS\system32\drivers\alcxwdm.sys 2012-12-30 19:13:26 -------- d-----w- [---] C:\Program Files\Realtek Sound Manager 2012-12-30 19:13:25 164 ----a-w- [---] C:\WINDOWS\avrack.ini 2012-12-30 19:13:25 104 ----a-w- [---] C:\WINDOWS\APSetup.log 2012-12-30 19:13:25 -------- d-----w- [---] C:\Program Files\AvRack 2012-12-30 19:13:11 -------- d-----w- [---] C:\Program Files\Realtek AC97 2012-12-30 19:13:06 141016 ----a-w- [---] C:\WINDOWS\system32\alsndmgr.wav 2012-12-30 19:13:06 10528768 ----a-w- [7--] C:\WINDOWS\system32\RTLCPL.exe 2012-12-30 19:13:02 577536 ----a-w- [7--] C:\WINDOWS\soundman.exe 2012-12-30 19:13:02 18804736 ----a-w- [7--] C:\WINDOWS\system32\alsndmgr.cpl 2012-12-30 19:13:02 143360 ----a-w- [7--] C:\WINDOWS\system32\RtlCPAPI.dll 2012-12-30 19:12:59 315392 ----a-w- [---] C:\WINDOWS\alcupd.exe 2012-12-30 19:12:59 217088 ----a-w- [7--] C:\WINDOWS\Alcrmv.exe 2012-12-30 19:10:56 -------- d-----w- [---] C:\Program Files\Intel 2012-12-30 19:10:05 537 ----a-w- [---] C:\WINDOWS\chipset.log 2012-12-30 19:10:05 -------- d--h--w- [---] C:\Program Files\InstallShield Installation Information 2012-12-30 19:09:28 -------- d-----w- [---] C:\Program Files\Common Files\InstallShield 2012-12-30 19:09:10 167936 ----a-w- [7--] C:\WINDOWS\system32\igfxres.dll 2012-12-30 19:09:10 -------- d-----w- [---] C:\Intel 2012-12-30 19:09:10 -------- d-----w- [---] \Intel 2012-12-30 19:08:03 -------- d-----w- [---] C:\WINDOWS\system32\ReinstallBackups 2012-12-30 19:07:04 724221 ----a-w- [7--] C:\WINDOWS\system32\drivers\ialmnt5.sys 2012-12-30 19:07:04 114688 ----a-w- [7--] C:\WINDOWS\system32\igfxzoom.exe 2012-12-30 19:07:03 99388 ----a-w- [7--] C:\WINDOWS\system32\ialmdnt5.dll 2012-12-30 19:07:03 86016 ----a-w- [7--] C:\WINDOWS\system32\igfxdo.dll 2012-12-30 19:07:03 748091 ----a-w- [7--] C:\WINDOWS\system32\ialmdd5.dll 2012-12-30 19:07:03 61440 ----a-w- [7--] C:\WINDOWS\system32\iAlmCoIn_v3865.dll 2012-12-30 19:07:03 495616 ----a-w- [7--] C:\WINDOWS\system32\ialmgdev.dll 2012-12-30 19:07:03 49152 ----a-w- [7--] C:\WINDOWS\system32\ialmrem.dll 2012-12-30 19:07:03 487424 ----a-w- [7--] C:\WINDOWS\system32\igfxcfg.exe 2012-12-30 19:07:03 45056 ----a-w- [7--] C:\WINDOWS\system32\igfxdgps.dll 2012-12-30 19:07:03 37951 ----a-w- [7--] C:\WINDOWS\system32\ialmrnt5.dll 2012-12-30 19:07:03 36864 ----a-w- [7--] C:\WINDOWS\system32\igfxexps.dll 2012-12-30 19:07:03 344064 ----a-w- [7--] C:\WINDOWS\system32\igfxsrvc.dll 2012-12-30 19:07:03 2285568 ----a-w- [7--] C:\WINDOWS\system32\ialmgicd.dll 2012-12-30 19:07:03 225280 ----a-w- [7--] C:\WINDOWS\system32\igfxpph.dll 2012-12-30 19:07:03 221184 ----a-w- [7--] C:\WINDOWS\system32\igfxeud.dll 2012-12-30 19:07:03 155648 ----a-w- [7--] C:\WINDOWS\system32\igfxtray.exe 2012-12-30 19:07:03 151552 ----a-w- [7--] C:\WINDOWS\system32\igfxdiag.exe 2012-12-30 19:07:03 151259 ----a-w- [7--] C:\WINDOWS\system32\ialmdev5.dll 2012-12-30 19:07:03 139264 ----a-w- [7--] C:\WINDOWS\system32\igfxdev.dll 2012-12-30 19:07:03 126976 ----a-w- [7--] C:\WINDOWS\system32\igfxhk.dll 2012-12-30 19:07:03 118784 ----a-w- [7--] C:\WINDOWS\system32\hkcmd.exe 2012-12-30 19:07:03 118784 ----a-w- [7--] C:\WINDOWS\system32\hccutils.dll 2012-12-30 19:07:03 1097728 ----a-w- [7--] C:\WINDOWS\system32\igfxress.dll 2012-12-30 19:07:03 106496 ----a-w- [7--] C:\WINDOWS\system32\igfxext.exe 2012-12-30 19:07:02 94208 ----a-w- [7--] C:\WINDOWS\system32\igfxcpl.cpl 2012-12-30 19:07:02 67380 ----a-w- [---] C:\WINDOWS\system32\igfxhhun.lhp 2012-12-30 19:07:02 65087 ----a-w- [---] C:\WINDOWS\system32\igfxhkor.lhp 2012-12-30 19:07:02 63938 ----a-w- [---] C:\WINDOWS\system32\igfxhtrk.lhp 2012-12-30 19:07:02 62815 ----a-w- [---] C:\WINDOWS\system32\igfxhplk.lhp 2012-12-30 19:07:02 62509 ----a-w- [---] C:\WINDOWS\system32\igfxhdeu.lhp 2012-12-30 19:07:02 61984 ----a-w- [---] C:\WINDOWS\system32\igfxhsve.lhp 2012-12-30 19:07:02 61950 ----a-w- [---] C:\WINDOWS\system32\igfxhfrc.lhp 2012-12-30 19:07:02 61869 ----a-w- [---] C:\WINDOWS\system32\igfxhtha.lhp 2012-12-30 19:07:02 61799 ----a-w- [---] C:\WINDOWS\system32\igfxhfin.lhp 2012-12-30 19:07:02 61511 ----a-w- [---] C:\WINDOWS\system32\igfxhfra.lhp 2012-12-30 19:07:02 61388 ----a-w- [---] C:\WINDOWS\system32\igfxhptg.lhp 2012-12-30 19:07:02 60848 ----a-w- [---] C:\WINDOWS\system32\igfxhesp.lhp 2012-12-30 19:07:02 60758 ----a-w- [---] C:\WINDOWS\system32\igfxhjpn.lhp 2012-12-30 19:07:02 60547 ----a-w- [---] C:\WINDOWS\system32\igfxhell.lhp 2012-12-30 19:07:02 60476 ----a-w- [---] C:\WINDOWS\system32\igfxhdan.lhp 2012-12-30 19:07:02 60436 ----a-w- [---] C:\WINDOWS\system32\igfxhptb.lhp 2012-12-30 19:07:02 60216 ----a-w- [---] C:\WINDOWS\system32\igfxhrus.lhp 2012-12-30 19:07:02 59861 ----a-w- [---] C:\WINDOWS\system32\igfxharb.lhp 2012-12-30 19:07:02 59760 ----a-w- [---] C:\WINDOWS\system32\igfxhcsy.lhp 2012-12-30 19:07:02 59753 ----a-w- [---] C:\WINDOWS\system32\igfxhara.lhp 2012-12-30 19:07:02 59448 ----a-w- [---] C:\WINDOWS\system32\igfxhnld.lhp 2012-12-30 19:07:02 59350 ----a-w- [---] C:\WINDOWS\system32\igfxhnor.lhp 2012-12-30 19:07:02 59095 ----a-w- [---] C:\WINDOWS\system32\igfxhita.lhp 2012-12-30 19:07:02 59064 ----a-w- [---] C:\WINDOWS\system32\igfxhheb.lhp 2012-12-30 19:07:02 58394 ----a-w- [---] C:\WINDOWS\system32\igfxhcht.lhp 2012-12-30 19:07:02 57559 ----a-w- [---] C:\WINDOWS\system32\igfxheng.lhp 2012-12-30 19:07:02 57430 ----a-w- [---] C:\WINDOWS\system32\igfxhchs.lhp 2012-12-30 19:07:02 56937 ----a-w- [---] C:\WINDOWS\system32\igfxhenu.lhp 2012-12-30 19:07:02 172032 ----a-w- [7--] C:\WINDOWS\system32\igfxresp.lrc 2012-12-30 19:07:02 172032 ----a-w- [7--] C:\WINDOWS\system32\igfxrell.lrc 2012-12-30 19:07:02 167936 ----a-w- [7--] C:\WINDOWS\system32\igfxrrus.lrc 2012-12-30 19:07:02 167936 ----a-w- [7--] C:\WINDOWS\system32\igfxrptg.lrc 2012-12-30 19:07:02 167936 ----a-w- [7--] C:\WINDOWS\system32\igfxrptb.lrc 2012-12-30 19:07:02 167936 ----a-w- [7--] C:\WINDOWS\system32\igfxrplk.lrc 2012-12-30 19:07:02 167936 ----a-w- [7--] C:\WINDOWS\system32\igfxrnld.lrc 2012-12-30 19:07:02 167936 ----a-w- [7--] C:\WINDOWS\system32\igfxrita.lrc 2012-12-30 19:07:02 167936 ----a-w- [7--] C:\WINDOWS\system32\igfxrhun.lrc 2012-12-30 19:07:02 167936 ----a-w- [7--] C:\WINDOWS\system32\igfxrfrc.lrc 2012-12-30 19:07:02 167936 ----a-w- [7--] C:\WINDOWS\system32\igfxrfra.lrc 2012-12-30 19:07:02 163840 ----a-w- [7--] C:\WINDOWS\system32\igfxrtrk.lrc 2012-12-30 19:07:02 163840 ----a-w- [7--] C:\WINDOWS\system32\igfxrtha.lrc 2012-12-30 19:07:02 163840 ----a-w- [7--] C:\WINDOWS\system32\igfxrsve.lrc 2012-12-30 19:07:02 163840 ----a-w- [7--] C:\WINDOWS\system32\igfxrnor.lrc 2012-12-30 19:07:02 163840 ----a-w- [7--] C:\WINDOWS\system32\igfxrfin.lrc 2012-12-30 19:07:02 163840 ----a-w- [7--] C:\WINDOWS\system32\igfxrdeu.lrc 2012-12-30 19:07:02 163840 ----a-w- [7--] C:\WINDOWS\system32\igfxrdan.lrc 2012-12-30 19:07:02 163840 ----a-w- [7--] C:\WINDOWS\system32\igfxrcsy.lrc 2012-12-30 19:07:02 159744 ----a-w- [7--] C:\WINDOWS\system32\igfxrkor.lrc 2012-12-30 19:07:02 159744 ----a-w- [7--] C:\WINDOWS\system32\igfxrjpn.lrc 2012-12-30 19:07:02 159744 ----a-w- [7--] C:\WINDOWS\system32\igfxrheb.lrc 2012-12-30 19:07:02 159744 ----a-w- [7--] C:\WINDOWS\system32\igfxrenu.lrc 2012-12-30 19:07:02 159744 ----a-w- [7--] C:\WINDOWS\system32\igfxreng.lrc 2012-12-30 19:07:02 159744 ----a-w- [7--] C:\WINDOWS\system32\igfxrcht.lrc 2012-12-30 19:07:02 159744 ----a-w- [7--] C:\WINDOWS\system32\igfxrchs.lrc 2012-12-30 19:07:02 159744 ----a-w- [7--] C:\WINDOWS\system32\igfxrarb.lrc 2012-12-30 19:07:02 159744 ----a-w- [7--] C:\WINDOWS\system32\igfxrara.lrc 2012-12-30 19:05:08 -------- d-----w- [---] C:\Documents and Settings\Administrator\Dane aplikacji\Identities 2012-12-30 19:05:04 -------- d--h--w- [---] C:\Program Files\Uninstall Information 2012-12-30 19:04:54 0 ----a-w- [---] C:\WINDOWS\0.log 2012-12-30 19:04:53 188 --sh--w- [---] C:\Documents and Settings\Administrator\ntuser.ini 2012-12-30 19:04:52 62 --sha-w- [---] C:\Documents and Settings\Administrator\Dane aplikacji\desktop.ini 2012-12-30 19:04:52 1024 ---ha-w- [---] C:\Documents and Settings\Administrator\ntuser.dat.LOG 2012-12-30 19:04:51 1048576 ---ha-w- [---] C:\Documents and Settings\Administrator\NTUSER.DAT 2012-12-30 19:04:51 -------- d-s---w- [---] C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft 2012-12-30 19:04:51 -------- d-s---w- [---] C:\Documents and Settings\Administrator\Cookies 2012-12-30 19:04:51 -------- d--h--w- [---] C:\Documents and Settings\Administrator\Ustawienia lokalne 2012-12-30 19:04:51 -------- d--h--w- [---] C:\Documents and Settings\Administrator\Szablony 2012-12-30 19:04:51 -------- d--h--w- [---] C:\Documents and Settings\Administrator\PrintHood 2012-12-30 19:04:51 -------- d--h--w- [---] C:\Documents and Settings\Administrator\NetHood 2012-12-30 19:04:51 -------- d--h--r- [---] C:\Documents and Settings\Administrator\SendTo 2012-12-30 19:04:51 -------- d--h--r- [---] C:\Documents and Settings\Administrator\Recent 2012-12-30 19:04:51 -------- d--h--r- [---] C:\Documents and Settings\Administrator\Dane aplikacji 2012-12-30 19:04:51 -------- d-----w- [---] C:\Documents and Settings\Administrator\Pulpit 2012-12-30 19:04:51 -------- d-----r- [---] C:\Documents and Settings\Administrator\Ulubione 2012-12-30 19:04:51 -------- d-----r- [---] C:\Documents and Settings\Administrator\Moje dokumenty 2012-12-30 19:04:51 -------- d-----r- [---] C:\Documents and Settings\Administrator\Menu Start 2012-12-30 19:04:42 -------- d-----w- [---] C:\WINDOWS\SoftwareDistribution 2012-12-30 19:03:31 6 ---ha-w- [---] C:\WINDOWS\Tasks\SA.DAT 2012-12-30 19:03:31 32562 ----a-w- [---] C:\WINDOWS\SchedLgU.Txt 2012-12-30 19:03:31 -------- d-s---w- [---] C:\WINDOWS\system32\Microsoft 2012-12-30 19:03:31 -------- d-----w- [---] C:\WINDOWS\Prefetch 2012-12-30 19:03:24 8192 ----a-w- [---] C:\WINDOWS\REGLOCS.OLD 2012-12-30 19:02:20 2048 --s-a-w- [---] C:\WINDOWS\bootstat.dat 2012-12-30 19:02:10 28288 -c--a-w-[---] C:\WINDOWS\system32\dllcache\xjis.nls 2012-12-30 19:02:02 156672 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\winzm.ime 2012-12-30 19:02:02 156672 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\winsp.ime 2012-12-30 19:02:02 156672 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\winpy.ime 2012-12-30 19:02:01 69120 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wingb.ime 2012-12-30 19:02:01 65536 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\winime.ime 2012-12-30 19:02:00 79360 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\winar30.ime 2012-12-30 19:01:59 41600 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\weitekp9.dll 2012-12-30 19:01:59 31360 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\weitekp9.sys 2012-12-30 19:01:58 53248 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wamreg51.dll 2012-12-30 19:01:57 9216 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wamps51.dll 2012-12-30 19:01:57 77312 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wam51.dll 2012-12-30 19:01:57 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\w3svapi.dll 2012-12-30 19:01:57 366080 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\w3svc.dll 2012-12-30 19:01:56 86073 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\voicesub.dll 2012-12-30 19:01:56 74240 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\w3ext.dll 2012-12-30 19:01:56 48256 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\w32.dll 2012-12-30 19:01:56 4608 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\w3ctrs51.dll 2012-12-30 19:01:55 426041 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\voicepad.dll 2012-12-30 19:01:53 76288 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\uniime.dll 2012-12-30 19:01:53 65024 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\unicdime.ime 2012-12-30 19:01:52 14336 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tsprof.exe 2012-12-30 19:01:52 103936 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\uihelper.dll 2012-12-30 19:01:50 455168 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tintsetp.exe 2012-12-30 19:01:50 44032 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tintlphr.exe 2012-12-30 19:01:50 31232 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tools.dll 2012-12-30 19:01:50 10240 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tmigrate.dll 2012-12-30 19:01:49 571392 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tintlgnt.ime 2012-12-30 19:01:49 185344 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\thawbrkr.dll 2012-12-30 19:01:48 21896 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tdipx.sys 2012-12-30 19:01:48 19464 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tdspx.sys 2012-12-30 19:01:48 13192 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tdasync.sys 2012-12-30 19:01:46 47104 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\svcext51.dll 2012-12-30 19:01:45 46592 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sspifilt.dll 2012-12-30 19:01:45 45056 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\ssinc51.dll 2012-12-30 19:01:45 16896 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\status.dll 2012-12-30 19:01:44 101376 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\srusbusd.dll 2012-12-30 19:01:42 8704 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\snmptrap.exe 2012-12-30 19:01:42 7168 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\EXCH_snprfdll.dll 2012-12-30 19:01:42 143422 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\softkey.dll 2012-12-30 19:01:41 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\snmpmib.dll 2012-12-30 19:01:41 40448 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\snmpthrd.dll 2012-12-30 19:01:41 358400 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\snmpincl.dll 2012-12-30 19:01:41 259072 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\snmpcl.dll 2012-12-30 19:01:41 188416 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\snmpsmir.dll 2012-12-30 19:01:41 10240 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\snmpstup.dll 2012-12-30 19:01:40 464384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\smtpsvc.dll 2012-12-30 19:01:40 32256 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\snmp.exe 2012-12-30 19:01:40 12800 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\EXCH_smtpctrs.dll 2012-12-30 19:01:39 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\smimsgif.dll 2012-12-30 19:01:39 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\smierrsy.dll 2012-12-30 19:01:39 31744 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\smb6w.dll 2012-12-30 19:01:39 236544 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\smi2smir.exe 2012-12-30 19:01:39 15872 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\smierrsm.dll 2012-12-30 19:01:39 10752 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\smtpapi.dll 2012-12-30 19:01:38 38912 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sm9aw.dll 2012-12-30 19:01:38 31744 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sma3w.dll 2012-12-30 19:01:38 29184 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sm8cw.dll 2012-12-30 19:01:38 26624 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sm93w.dll 2012-12-30 19:01:38 26624 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sm92w.dll 2012-12-30 19:01:38 26112 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sm90w.dll 2012-12-30 19:01:38 26112 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sm8dw.dll 2012-12-30 19:01:38 26112 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sm8aw.dll 2012-12-30 19:01:37 30208 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sm87w.dll 2012-12-30 19:01:37 30208 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sm81w.dll 2012-12-30 19:01:37 26112 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sm89w.dll 2012-12-30 19:01:37 25088 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sm59w.dll 2012-12-30 19:01:37 18944 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\simptcp.dll 2012-12-30 19:01:33 26112 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\EXCH_seos.dll 2012-12-30 19:01:33 221696 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\seo.dll 2012-12-30 19:01:32 57856 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\EXCH_scripto.dll 2012-12-30 19:01:30 9728 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rwnh.dll 2012-12-30 19:01:30 80384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rwia330.dll 2012-12-30 19:01:30 80384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rwia001.dll 2012-12-30 19:01:30 26624 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rw330ext.dll 2012-12-30 19:01:30 25088 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rw001ext.dll 2012-12-30 19:01:29 4096 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rpcref.dll 2012-12-30 19:01:28 26112 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\romanime.ime 2012-12-30 19:01:28 23040 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\EXCH_regtrace.exe 2012-12-30 19:01:27 14848 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\register.exe 2012-12-30 19:01:26 20736 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\ramdisk.sys 2012-12-30 19:01:25 9728 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\query.exe 2012-12-30 19:01:25 77824 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\quick.ime 2012-12-30 19:01:25 16896 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\quser.exe 2012-12-30 19:01:24 7680 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\pwsdata.dll 2012-12-30 19:01:23 83748 -c--a-w-[---] C:\WINDOWS\system32\dllcache\prcp.nls 2012-12-30 19:01:23 83748 -c--a-w-[---] C:\WINDOWS\system32\dllcache\prc.nls 2012-12-30 19:01:23 131584 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\pmxviceo.dll 2012-12-30 19:01:22 70144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\pintlphr.exe 2012-12-30 19:01:22 67584 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\pmigrate.dll 2012-12-30 19:01:22 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\pmxgl.dll 2012-12-30 19:01:22 482304 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\pintlgnt.ime 2012-12-30 19:01:22 11264 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\pmxmcro.dll 2012-12-30 19:01:21 79360 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\phon.ime 2012-12-30 19:01:21 53760 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\pintlcsd.dll 2012-12-30 19:01:21 20992 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\permchk.dll 2012-12-30 19:01:21 175104 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\pintlcsa.dll 2012-12-30 19:01:20 31744 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\pagecnt.dll 2012-12-30 19:01:20 15360 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\padrs804.dll 2012-12-30 19:01:19 36927 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\padrs411.dll 2012-12-30 19:01:19 15872 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\padrs404.dll 2012-12-30 19:01:19 14336 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\padrs412.dll 2012-12-30 19:01:16 45056 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\nsepm.dll 2012-12-30 19:01:16 38912 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\EXCH_ntfsdrv.dll 2012-12-30 19:01:14 53248 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\nextlink.dll 2012-12-30 19:01:12 229439 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\multibox.dll 2012-12-30 19:01:12 111104 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mtstocom.exe 2012-12-30 19:01:08 40960 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msiregmv.exe 2012-12-30 19:01:07 98304 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msir3jp.dll 2012-12-30 19:01:07 1875968 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msir3jp.lex 2012-12-30 19:01:00 92416 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mga.sys 2012-12-30 19:01:00 92032 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mga.dll 2012-12-30 19:01:00 86016 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\metada51.dll 2012-12-30 19:01:00 7680 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\migregdb.exe 2012-12-30 19:00:59 37888 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\md5filt.dll 2012-12-30 19:00:59 26624 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mdsync.dll 2012-12-30 19:00:58 65536 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\EXCH_mailmsg.dll 2012-12-30 19:00:57 23040 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\lpdsvc.dll 2012-12-30 19:00:57 22016 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\logscrpt.dll 2012-12-30 19:00:57 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\lprmon.dll 2012-12-30 19:00:57 13312 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\lonsint.dll 2012-12-30 19:00:56 33792 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\lmmib2.dll 2012-12-30 19:00:55 70656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\korwbrkr.dll 2012-12-30 19:00:55 47066 -c--a-w-[---] C:\WINDOWS\system32\dllcache\ksc.nls 2012-12-30 19:00:55 1158818 -c--a-w-[---] C:\WINDOWS\system32\dllcache\korwbrkr.lex 2012-12-30 19:00:54 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdvntc.dll 2012-12-30 19:00:54 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdusa.dll 2012-12-30 19:00:54 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdurdu.dll 2012-12-30 19:00:53 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdth3.dll 2012-12-30 19:00:53 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdth2.dll 2012-12-30 19:00:53 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdth1.dll 2012-12-30 19:00:53 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdth0.dll 2012-12-30 19:00:53 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdsyr2.dll 2012-12-30 19:00:53 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdsyr1.dll 2012-12-30 19:00:52 9216 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdnecat.dll 2012-12-30 19:00:52 7680 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdnecnt.dll 2012-12-30 19:00:52 7168 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdnec95.dll 2012-12-30 19:00:52 6656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdlk41a.dll 2012-12-30 19:00:52 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdlk41j.dll 2012-12-30 19:00:51 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdinpun.dll 2012-12-30 19:00:51 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdintel.dll 2012-12-30 19:00:51 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdintam.dll 2012-12-30 19:00:51 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdinmar.dll 2012-12-30 19:00:51 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdinkan.dll 2012-12-30 19:00:51 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdinhin.dll 2012-12-30 19:00:51 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdinguj.dll 2012-12-30 19:00:51 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdindev.dll 2012-12-30 19:00:50 7168 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdibm02.dll 2012-12-30 19:00:50 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdheb.dll 2012-12-30 19:00:50 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdfa.dll 2012-12-30 19:00:50 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbddiv2.dll 2012-12-30 19:00:50 5120 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdgeo.dll 2012-12-30 19:00:49 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdax2.dll 2012-12-30 19:00:49 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbddiv1.dll 2012-12-30 19:00:49 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbda3.dll 2012-12-30 19:00:49 5120 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdarmw.dll 2012-12-30 19:00:49 5120 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbdarme.dll 2012-12-30 19:00:48 9216 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iwrps.dll 2012-12-30 19:00:48 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbd106n.dll 2012-12-30 19:00:48 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbd101a.dll 2012-12-30 19:00:48 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbd101.dll 2012-12-30 19:00:48 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbda2.dll 2012-12-30 19:00:48 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\kbda1.dll 2012-12-30 19:00:48 18432 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\jupiw.dll 2012-12-30 19:00:47 7168 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\isapips.dll 2012-12-30 19:00:47 27136 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iscomlog.dll 2012-12-30 19:00:46 8704 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\infoctrs.dll 2012-12-30 19:00:46 35328 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iprip.dll 2012-12-30 19:00:45 315452 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imskf.dll 2012-12-30 19:00:45 257024 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\infocomm.dll 2012-12-30 19:00:45 15872 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\inetin51.exe 2012-12-30 19:00:44 59904 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imkrinst.exe 2012-12-30 19:00:44 59392 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imscinst.exe 2012-12-30 19:00:44 471102 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imskdic.dll 2012-12-30 19:00:44 45109 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjpuex.exe 2012-12-30 19:00:44 274489 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjputyc.dll 2012-12-30 19:00:44 262200 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjputy.exe 2012-12-30 19:00:44 102456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imlang.dll 2012-12-30 19:00:43 81976 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjpdct.dll 2012-12-30 19:00:43 307257 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjpdct.exe 2012-12-30 19:00:43 233527 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjprw.exe 2012-12-30 19:00:43 208952 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjpmig.exe 2012-12-30 19:00:43 196665 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjpinst.exe 2012-12-30 19:00:43 155705 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjpdsvr.exe 2012-12-30 19:00:42 811064 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjp81k.dll 2012-12-30 19:00:42 716856 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjpcus.dll 2012-12-30 19:00:42 57398 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjpdadm.exe 2012-12-30 19:00:42 368696 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjpcic.dll 2012-12-30 19:00:42 340023 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imjp81.ime 2012-12-30 19:00:41 94720 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imekr61.ime 2012-12-30 19:00:41 86016 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imekrmbx.dll 2012-12-30 19:00:41 44032 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imekrmig.exe 2012-12-30 19:00:41 311359 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imepadsv.exe 2012-12-30 19:00:41 134339 -c--a-w-[---] C:\WINDOWS\system32\dllcache\imekr.lex 2012-12-30 19:00:41 106496 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imekrcic.dll 2012-12-30 19:00:41 102463 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\imepadsm.dll 2012-12-30 19:00:40 79872 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iislog51.dll 2012-12-30 19:00:40 7168 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iisfecnv.dll 2012-12-30 19:00:40 6656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iissync.exe 2012-12-30 19:00:40 60928 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iisclex4.dll 2012-12-30 19:00:40 3584 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iismui.dll 2012-12-30 19:00:40 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iiscrmap.dll 2012-12-30 19:00:39 25088 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iisadmin.dll 2012-12-30 19:00:39 145408 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iische51.dll 2012-12-30 19:00:34 10129408 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\hwxkor.dll 2012-12-30 19:00:29 13463552 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\hwxjpn.dll 2012-12-30 19:00:25 8192 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\httpmb51.dll 2012-12-30 19:00:25 61440 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\httpod51.dll 2012-12-30 19:00:25 268288 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\httpext.dll 2012-12-30 19:00:25 10096640 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\hwxcht.dll 2012-12-30 19:00:24 39936 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\hostmib.dll 2012-12-30 19:00:23 36864 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\hanjadic.dll 2012-12-30 19:00:23 32256 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\gzip.dll 2012-12-30 19:00:23 108827 -c--a-w-[---] C:\WINDOWS\system32\dllcache\hanja.lex 2012-12-30 19:00:22 400896 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxsxp32.dll 2012-12-30 19:00:22 194560 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxswzrd.dll 2012-12-30 19:00:21 562688 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxsst.dll 2012-12-30 19:00:21 397312 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxstiff.dll 2012-12-30 19:00:21 31744 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxsroute.dll 2012-12-30 19:00:21 268288 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxssvc.exe 2012-12-30 19:00:21 246272 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxst30.dll 2012-12-30 19:00:21 155648 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxsui.dll 2012-12-30 19:00:21 11264 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxssend.exe 2012-12-30 19:00:20 8704 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxsperf.dll 2012-12-30 19:00:20 7168 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxsres.dll 2012-12-30 19:00:20 58880 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxsevent.dll 2012-12-30 19:00:20 285184 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxscomex.dll 2012-12-30 19:00:20 27136 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxsdrv.dll 2012-12-30 19:00:20 23552 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxsmon.dll 2012-12-30 19:00:20 23552 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxsext32.dll 2012-12-30 19:00:20 233472 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxscover.exe 2012-12-30 19:00:19 72192 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxscom.dll 2012-12-30 19:00:19 452096 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxsapi.dll 2012-12-30 19:00:19 143360 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxsclnt.exe 2012-12-30 19:00:19 137728 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxsclntr.dll 2012-12-30 19:00:19 126976 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\ftpsv251.dll 2012-12-30 19:00:19 112128 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fxscfgwz.dll 2012-12-30 19:00:18 94208 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fpencode.dll 2012-12-30 19:00:18 7680 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\ftpctrs2.dll 2012-12-30 19:00:18 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\ftpmib.dll 2012-12-30 19:00:18 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\ftlx041e.dll 2012-12-30 19:00:17 618605 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fp4autl.dll 2012-12-30 19:00:17 24632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fpadmcgi.exe 2012-12-30 19:00:17 20541 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fpadmdll.dll 2012-12-30 19:00:17 14848 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\flattemp.exe 2012-12-30 19:00:16 7168 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\f3ahvoas.dll 2012-12-30 19:00:16 43520 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\EXCH_fcachdll.dll 2012-12-30 19:00:15 93184 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\evntwin.exe 2012-12-30 19:00:15 26112 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\evntcmd.exe 2012-12-30 19:00:15 14336 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\exstrace.dll 2012-12-30 19:00:15 105984 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\evntagnt.dll 2012-12-30 19:00:14 57856 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\esuimgd.dll 2012-12-30 19:00:14 45056 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\esunid.dll 2012-12-30 19:00:14 31744 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\esucmd.dll 2012-12-30 19:00:14 25856 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\et4000.sys 2012-12-30 19:00:13 514587 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\edb500.dll 2012-12-30 19:00:08 78848 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\dayi.ime 2012-12-30 19:00:08 42496 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\davcdata.exe 2012-12-30 19:00:06 57399 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cplexe.exe 2012-12-30 19:00:06 56832 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\convlog.exe 2012-12-30 19:00:06 20480 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\counters.dll 2012-12-30 19:00:06 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cprofile.exe 2012-12-30 19:00:05 33792 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\controt.dll 2012-12-30 19:00:05 24064 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\compfilt.dll 2012-12-30 19:00:03 56320 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\chtskdic.dll 2012-12-30 19:00:03 480256 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cintsetp.exe 2012-12-30 19:00:03 21504 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cintlgnt.ime 2012-12-30 19:00:03 198656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cintime.dll 2012-12-30 19:00:03 173568 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\chtskf.dll 2012-12-30 19:00:02 97792 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\chtmbx.dll 2012-12-30 19:00:02 838144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\chtbrkr.dll 2012-12-30 19:00:02 1677824 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\chsbrkr.dll 2012-12-30 19:00:01 9728 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\change.exe 2012-12-30 19:00:01 78336 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\chajei.ime 2012-12-30 19:00:01 15872 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\chgport.exe 2012-12-30 19:00:01 14848 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\chgusr.exe 2012-12-30 19:00:01 13824 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\chglogon.exe 2012-12-30 19:00:00 54528 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cap7146.sys 2012-12-30 18:59:59 66594 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_864.nls 2012-12-30 18:59:59 66594 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_862.nls 2012-12-30 18:59:59 6656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\c_is2022.dll 2012-12-30 18:59:59 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_870.nls 2012-12-30 18:59:59 218112 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\c_g18030.dll 2012-12-30 18:59:59 10752 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\c_iscii.dll 2012-12-30 18:59:58 66594 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_858.nls 2012-12-30 18:59:58 66594 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_720.nls 2012-12-30 18:59:58 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_708.nls 2012-12-30 18:59:58 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_28596.nls 2012-12-30 18:59:58 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_21027.nls 2012-12-30 18:59:57 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_21025.nls 2012-12-30 18:59:57 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20924.nls 2012-12-30 18:59:57 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20880.nls 2012-12-30 18:59:57 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20871.nls 2012-12-30 18:59:57 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20838.nls 2012-12-30 18:59:57 180770 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20932.nls 2012-12-30 18:59:57 177698 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20949.nls 2012-12-30 18:59:57 173602 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20936.nls 2012-12-30 18:59:56 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20833.nls 2012-12-30 18:59:56 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20424.nls 2012-12-30 18:59:56 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20423.nls 2012-12-30 18:59:56 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20420.nls 2012-12-30 18:59:56 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20297.nls 2012-12-30 18:59:56 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20290.nls 2012-12-30 18:59:56 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20285.nls 2012-12-30 18:59:56 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20284.nls 2012-12-30 18:59:56 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20280.nls 2012-12-30 18:59:55 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20278.nls 2012-12-30 18:59:55 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20277.nls 2012-12-30 18:59:55 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20273.nls 2012-12-30 18:59:55 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20269.nls 2012-12-30 18:59:55 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20108.nls 2012-12-30 18:59:55 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20107.nls 2012-12-30 18:59:55 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20106.nls 2012-12-30 18:59:55 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20105.nls 2012-12-30 18:59:54 189986 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_1361.nls 2012-12-30 18:59:54 187938 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20005.nls 2012-12-30 18:59:54 186402 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20001.nls 2012-12-30 18:59:54 185378 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20003.nls 2012-12-30 18:59:54 180258 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20004.nls 2012-12-30 18:59:54 180258 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20000.nls 2012-12-30 18:59:54 173602 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_20002.nls 2012-12-30 18:59:53 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_1149.nls 2012-12-30 18:59:53 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_1148.nls 2012-12-30 18:59:53 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_1147.nls 2012-12-30 18:59:53 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_1146.nls 2012-12-30 18:59:53 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_1145.nls 2012-12-30 18:59:53 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_1144.nls 2012-12-30 18:59:53 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_1143.nls 2012-12-30 18:59:52 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_1142.nls 2012-12-30 18:59:52 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_1141.nls 2012-12-30 18:59:52 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_1140.nls 2012-12-30 18:59:52 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_1047.nls 2012-12-30 18:59:52 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10021.nls 2012-12-30 18:59:52 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10005.nls 2012-12-30 18:59:52 66082 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10004.nls 2012-12-30 18:59:52 173602 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10008.nls 2012-12-30 18:59:51 45568 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\browscap.dll 2012-12-30 18:59:51 195618 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10002.nls 2012-12-30 18:59:51 177698 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10003.nls 2012-12-30 18:59:51 162850 -c--a-w-[---] C:\WINDOWS\system32\dllcache\c_10001.nls 2012-12-30 18:59:50 82172 -c--a-w-[---] C:\WINDOWS\system32\dllcache\bopomofo.nls 2012-12-30 18:59:50 66728 -c--a-w-[---] C:\WINDOWS\system32\dllcache\big5.nls 2012-12-30 18:59:49 9216 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\authfilt.dll 2012-12-30 18:59:48 373248 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\asp51.dll 2012-12-30 18:59:48 29184 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\asptxn.dll 2012-12-30 18:59:48 10240 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\aspperf.dll 2012-12-30 18:59:47 45056 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\EXCH_aqadmin.dll 2012-12-30 18:59:47 333312 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\aqueue.dll 2012-12-30 18:59:47 109568 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\appconf.dll 2012-12-30 18:59:46 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\agt0804.dll 2012-12-30 18:59:46 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\agt0412.dll 2012-12-30 18:59:46 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\agt0411.dll 2012-12-30 18:59:46 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\agt040d.dll 2012-12-30 18:59:46 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\agt0404.dll 2012-12-30 18:59:46 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\agt0401.dll 2012-12-30 18:59:45 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\EXCH_adsiisex.dll 2012-12-30 18:59:44 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\admxprox.dll 2012-12-30 18:59:44 50176 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\adrot.dll 2012-12-30 18:59:44 29696 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\admexs.dll 2012-12-30 18:59:40 7168 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wamregps.dll 2012-12-30 18:59:40 16384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tcptsat.dll 2012-12-30 18:59:39 8192 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\staxmem.dll 2012-12-30 18:59:39 32827 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tcptest.exe 2012-12-30 18:59:39 2134528 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\smtpsnap.dll 2012-12-30 18:59:38 20536 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\shtml.dll 2012-12-30 18:59:38 189440 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\smtpadm.dll 2012-12-30 18:59:38 16437 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\shtml.exe 2012-12-30 18:59:33 77824 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\logui.ocx 2012-12-30 18:59:33 68608 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\isatq.dll 2012-12-30 18:59:33 13312 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\infoadmn.dll 2012-12-30 18:59:32 836096 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\inetmgr.dll 2012-12-30 18:59:32 7680 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\inetmgr.exe 2012-12-30 18:59:32 31232 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iisrstas.exe 2012-12-30 18:59:32 19968 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\inetsloc.dll 2012-12-30 18:59:32 171520 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iisui.dll 2012-12-30 18:59:32 133632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iisrtl.dll 2012-12-30 18:59:31 68608 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iisext51.dll 2012-12-30 18:59:31 64512 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iismap.dll 2012-12-30 18:59:31 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\ftpsapi2.dll 2012-12-30 18:59:31 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iisrstap.dll 2012-12-30 18:59:31 20538 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fpremadm.exe 2012-12-30 18:59:31 15360 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iisreset.exe 2012-12-30 18:59:30 598071 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fpmmc.dll 2012-12-30 18:59:30 212992 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fpmmcsat.dll 2012-12-30 18:59:30 20541 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fpexedll.dll 2012-12-30 18:59:29 876653 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fp4awel.dll 2012-12-30 18:59:29 49212 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fp4awebs.dll 2012-12-30 18:59:29 188494 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fpcount.exe 2012-12-30 18:59:29 14608 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fp98sadm.exe 2012-12-30 18:59:29 109328 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fp98swin.exe 2012-12-30 18:59:28 82035 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fp4anscp.dll 2012-12-30 18:59:28 49210 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fp4areg.dll 2012-12-30 18:59:28 41020 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fp4avnb.dll 2012-12-30 18:59:28 32826 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fp4avss.dll 2012-12-30 18:59:28 147513 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fp4apws.dll 2012-12-30 18:59:28 102509 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fp4atxt.dll 2012-12-30 18:59:27 46592 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\coadmin.dll 2012-12-30 18:59:27 184435 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fp4amsft.dll 2012-12-30 18:59:26 95744 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\certmap.ocx 2012-12-30 18:59:26 76800 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cnfgprts.ocx 2012-12-30 18:59:26 278528 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\certwiz.ocx 2012-12-30 18:59:26 188480 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cfgwiz.exe 2012-12-30 18:59:26 16439 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\author.exe 2012-12-30 18:59:25 43520 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\admwprox.dll 2012-12-30 18:59:25 290816 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\adsiis51.dll 2012-12-30 18:59:25 20540 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\author.dll 2012-12-30 18:59:24 16439 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\admin.exe 2012-12-30 18:59:23 20540 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\admin.dll 2012-12-30 18:59:21 -------- d-----w- [---] C:\WINDOWS\system32\xircom 2012-12-30 18:59:21 -------- d-----w- [---] C:\WINDOWS\system32\wbem\snmp 2012-12-30 18:59:21 -------- d-----w- [---] C:\Program Files\xerox 2012-12-30 18:59:21 -------- d-----w- [---] C:\Program Files\microsoft frontpage 2012-12-30 18:58:55 2596 ----a-w- [---] C:\WINDOWS\system32\CONFIG.NT 2012-12-30 18:58:55 0 --sha-r- [---] C:\MSDOS.SYS 2012-12-30 18:58:55 0 --sha-r- [---] C:\IO.SYS 2012-12-30 18:58:55 0 --sha-r- [---] \MSDOS.SYS 2012-12-30 18:58:55 0 --sha-r- [---] \IO.SYS 2012-12-30 18:58:55 0 ----a-w- [---] C:\WINDOWS\control.ini 2012-12-30 18:58:55 0 ----a-w- [---] C:\CONFIG.SYS 2012-12-30 18:58:55 0 ----a-w- [---] C:\AUTOEXEC.BAT 2012-12-30 18:58:55 0 ----a-w- [---] \CONFIG.SYS 2012-12-30 18:58:55 0 ----a-w- [---] \AUTOEXEC.BAT 2012-12-30 18:58:44 23392 ----a-w- [---] C:\WINDOWS\system32\nscompat.tlb 2012-12-30 18:58:44 16832 ----a-w- [---] C:\WINDOWS\system32\amcompat.tlb 2012-12-30 18:58:42 316640 ----a-w- [---] C:\WINDOWS\WMSysPr9.prx 2012-12-30 18:58:36 833 ----a-w- [---] C:\WINDOWS\OEWABLog.txt 2012-12-30 18:58:32 112128 ----a-w- [7--] C:\WINDOWS\system32\mapi32.dll 2012-12-30 18:57:32 -------- d-sh--w- [---] C:\Documents and Settings\All Users\DRM 2012-12-30 18:57:17 -------- d-----r- [---] C:\WINDOWS\Offline Web Pages 2012-12-30 18:57:16 488 ---ha-r- [---] C:\WINDOWS\system32\WindowsLogon.manifest 2012-12-30 18:57:16 488 ---ha-r- [---] C:\WINDOWS\system32\logonui.exe.manifest 2012-12-30 18:57:16 -------- d-s---w- [---] C:\WINDOWS\Downloaded Program Files 2012-12-30 18:57:07 749 ---ha-r- [---] C:\WINDOWS\WindowsShell.Manifest 2012-12-30 18:57:07 749 ---ha-r- [---] C:\WINDOWS\system32\wuaucpl.cpl.manifest 2012-12-30 18:57:07 749 ---ha-r- [---] C:\WINDOWS\system32\sapi.cpl.manifest 2012-12-30 18:57:07 749 ---ha-r- [---] C:\WINDOWS\system32\nwc.cpl.manifest 2012-12-30 18:57:07 749 ---ha-r- [---] C:\WINDOWS\system32\ncpa.cpl.manifest 2012-12-30 18:57:07 749 ---ha-r- [---] C:\WINDOWS\system32\cdplayer.exe.manifest 2012-12-30 18:57:02 14216 ----a-w- [---] C:\WINDOWS\WindowsUpdate.log 2012-12-30 18:57:01 -------- d--h--w- [---] C:\Program Files\WindowsUpdate 2012-12-30 18:56:57 -------- d-----w- [---] C:\Program Files\Usługi online 2012-12-30 18:56:46 4399505 -c--a-w-[---] C:\WINDOWS\system32\dllcache\nls302en.lex 2012-12-30 18:56:37 -------- d-----w- [---] C:\WINDOWS\system32\DirectX 2012-12-30 18:56:18 28160 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msoobe.exe 2012-12-30 18:56:17 11264 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\atrace.dll 2012-12-30 18:56:17 11264 ----a-w- [7-8] C:\WINDOWS\system32\atrace.dll 2012-12-30 18:56:16 99840 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\helphost.exe 2012-12-30 18:56:16 7680 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\hcappres.dll 2012-12-30 18:56:16 35328 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\notiflag.exe 2012-12-30 18:56:16 21504 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\brpinfo.dll 2012-12-30 18:56:14 48680 --sh--w- [---] C:\WINDOWS\winnt256.bmp 2012-12-30 18:56:14 48680 --sh--w- [---] C:\WINDOWS\winnt.bmp 2012-12-30 18:56:14 2 ----a-w- [---] C:\WINDOWS\system32\desktop.ini 2012-12-30 18:56:14 2 ----a-w- [---] C:\WINDOWS\desktop.ini 2012-12-30 18:56:09 984 -c--a-w-[---] C:\WINDOWS\system32\dllcache\srframe.mmf 2012-12-30 18:56:09 47104 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\srdiag.exe 2012-12-30 18:56:08 12288 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wb32.exe 2012-12-30 18:56:08 12288 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\nmevtmsg.dll 2012-12-30 18:56:08 12288 ----a-w- [7-8] C:\WINDOWS\system32\nmevtmsg.dll 2012-12-30 18:56:08 118784 ----a-w- [7--] C:\WINDOWS\system32\msg723.acm 2012-12-30 18:56:07 67584 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\acctres.dll 2012-12-30 18:56:07 67584 ----a-w- [7-8] C:\WINDOWS\system32\acctres.dll 2012-12-30 18:56:07 40448 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msinfo32.exe 2012-12-30 18:56:07 12288 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cb32.exe 2012-12-30 18:56:06 -------- d-----w- [---] C:\Program Files\Common Files\Services 2012-12-30 18:56:04 65 ---h--r- [---] C:\WINDOWS\Tasks\desktop.ini 2012-12-30 18:56:04 40960 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\trialoc.dll 2012-12-30 18:56:04 16384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\icfgnt5.dll 2012-12-30 18:56:04 16384 ----a-w- [7-8] C:\WINDOWS\system32\icfgnt5.dll 2012-12-30 18:56:04 -------- d-s---w- [---] C:\WINDOWS\Tasks 2012-12-30 18:56:03 73728 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\icwtutor.exe 2012-12-30 18:56:03 65536 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\icwres.dll 2012-12-30 18:56:03 25088 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wisc10.dll 2012-12-30 18:56:03 235520 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mssoap1.dll 2012-12-30 18:56:03 23552 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mssoapr.dll 2012-12-30 18:56:03 16384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\isignup.exe 2012-12-30 18:56:03 -------- d-----w- [---] C:\Program Files\Common Files\MSSoap 2012-12-30 18:56:02 94208 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\ieinfo5.ocx 2012-12-30 18:56:00 726078 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\srchui.dll 2012-12-30 18:56:00 58434 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\srchctls.dll 2012-12-30 18:55:59 848384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\vgx.dll 2012-12-30 18:55:59 3166208 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msgr3en.dll 2012-12-30 18:55:59 -------- d-----w- [---] C:\WINDOWS\srchasst 2012-12-30 18:55:58 98304 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmpband.dll 2012-12-30 18:55:58 774144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\setup_wm.exe 2012-12-30 18:55:58 -------- d-----w- [---] C:\WINDOWS\system32\Macromed 2012-12-30 18:55:57 786432 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\migrate.exe 2012-12-30 18:55:57 73728 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmplayer.exe 2012-12-30 18:55:57 368640 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mpvis.dll 2012-12-30 18:55:57 28672 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\custsat.dll 2012-12-30 18:55:57 226816 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\npdrmv2.dll 2012-12-30 18:55:57 221184 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmpns.dll 2012-12-30 18:55:56 6656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wuauserv.dll 2012-12-30 18:55:56 6656 ----a-w- [7-8] C:\WINDOWS\system32\wuauserv.dll 2012-12-30 18:55:56 4639 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mplayer2.exe 2012-12-30 18:55:56 364544 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\npdsplay.dll 2012-12-30 18:55:56 184320 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wuaueng1.dll 2012-12-30 18:55:56 184320 ----a-w- [7-8] C:\WINDOWS\system32\wuaueng1.dll 2012-12-30 18:55:56 120320 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wuweb.dll 2012-12-30 18:55:56 120320 ----a-w- [7-8] C:\WINDOWS\system32\wuweb.dll 2012-12-30 18:55:56 113664 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wucltui.dll 2012-12-30 18:55:56 113664 ----a-w- [7-8] C:\WINDOWS\system32\wucltui.dll 2012-12-30 18:55:56 10240 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\npwmsdrm.dll 2012-12-30 18:55:55 8192 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\bitsprx2.dll 2012-12-30 18:55:55 8192 ----a-w- [7-8] C:\WINDOWS\system32\bitsprx2.dll 2012-12-30 18:55:55 7168 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\bitsprx3.dll 2012-12-30 18:55:55 7168 ----a-w- [7-8] C:\WINDOWS\system32\bitsprx3.dll 2012-12-30 18:55:55 431616 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wuapi.dll 2012-12-30 18:55:55 431616 ----a-w- [7-8] C:\WINDOWS\system32\wuapi.dll 2012-12-30 18:55:55 36864 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wups.dll 2012-12-30 18:55:55 36864 ----a-w- [7-8] C:\WINDOWS\system32\wups.dll 2012-12-30 18:55:55 168960 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wuauclt1.exe 2012-12-30 18:55:55 168960 ----a-w- [7-8] C:\WINDOWS\system32\wuauclt1.exe 2012-12-30 18:55:55 163328 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wuaucpl.cpl 2012-12-30 18:55:55 163328 ----a-w- [7-8] C:\WINDOWS\system32\wuaucpl.cpl 2012-12-30 18:55:55 1134592 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wuaueng.dll 2012-12-30 18:55:55 1134592 ----a-w- [7-8] C:\WINDOWS\system32\wuaueng.dll 2012-12-30 18:55:55 112128 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wuauclt.exe 2012-12-30 18:55:55 112128 ----a-w- [7-8] C:\WINDOWS\system32\wuauclt.exe 2012-12-30 18:55:54 382464 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\qmgr.dll 2012-12-30 18:55:54 382464 ----a-w- [7-8] C:\WINDOWS\system32\qmgr.dll 2012-12-30 18:55:54 18944 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\qmgrprxy.dll 2012-12-30 18:55:54 18944 ----a-w- [7-8] C:\WINDOWS\system32\qmgrprxy.dll 2012-12-30 18:55:53 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmm2res2.dll 2012-12-30 18:55:53 4096 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmm2eres.dll 2012-12-30 18:55:52 7680 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmm2ext.dll 2012-12-30 18:55:52 502272 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmm2fxa.dll 2012-12-30 18:55:52 4275200 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmm2res.dll 2012-12-30 18:55:52 402432 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmm2filt.dll 2012-12-30 18:55:52 325632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmm2fxb.dll 2012-12-30 18:55:52 167936 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmm2ae.dll 2012-12-30 18:55:51 3555328 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\moviemk.exe 2012-12-30 18:55:51 -------- d-----w- [---] C:\Program Files\Movie Maker 2012-12-30 18:55:49 563200 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msobmain.dll 2012-12-30 18:55:49 51712 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\oobebaln.exe 2012-12-30 18:55:49 30720 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msobshel.dll 2012-12-30 18:55:49 18944 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msobweb.dll 2012-12-30 18:55:49 16384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msobdl.dll 2012-12-30 18:55:49 122368 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msobcomm.dll 2012-12-30 18:55:47 45568 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\safrslv.dll 2012-12-30 18:55:47 45568 ----a-w- [7-8] C:\WINDOWS\system32\safrslv.dll 2012-12-30 18:55:47 43520 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\safrcdlg.dll 2012-12-30 18:55:47 43520 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\racpldlg.dll 2012-12-30 18:55:47 43520 ----a-w- [7-8] C:\WINDOWS\system32\safrcdlg.dll 2012-12-30 18:55:47 43520 ----a-w- [7-8] C:\WINDOWS\system32\racpldlg.dll 2012-12-30 18:55:47 29696 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\safrdm.dll 2012-12-30 18:55:47 29696 ----a-w- [7-8] C:\WINDOWS\system32\safrdm.dll 2012-12-30 18:55:47 151040 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\uploadm.exe 2012-12-30 18:55:46 38912 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\pchsvc.dll 2012-12-30 18:55:46 102400 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\pchshell.dll 2012-12-30 18:55:45 379904 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msinfo.dll 2012-12-30 18:55:45 18944 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\hscupd.exe 2012-12-30 18:55:45 159744 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msconfig.exe 2012-12-30 18:55:44 768512 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\helpctr.exe 2012-12-30 18:55:44 743936 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\helpsvc.exe 2012-12-30 18:55:44 22528 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fltmc.exe 2012-12-30 18:55:44 22528 ----a-w- [7-8] C:\WINDOWS\system32\fltMc.exe 2012-12-30 18:55:44 16896 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fltlib.dll 2012-12-30 18:55:44 16896 ----a-w- [7-8] C:\WINDOWS\system32\fltlib.dll 2012-12-30 18:55:44 124800 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fltmgr.sys 2012-12-30 18:55:44 124800 ----a-w- [7-8] C:\WINDOWS\system32\drivers\fltMgr.sys 2012-12-30 18:55:43 73472 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sr.sys 2012-12-30 18:55:43 73472 ----a-w- [7-8] C:\WINDOWS\system32\drivers\sr.sys 2012-12-30 18:55:43 67584 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\srclient.dll 2012-12-30 18:55:43 67584 ----a-w- [7-8] C:\WINDOWS\system32\srclient.dll 2012-12-30 18:55:43 382976 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rstrui.exe 2012-12-30 18:55:43 240128 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\srrstr.dll 2012-12-30 18:55:43 240128 ----a-w- [7-8] C:\WINDOWS\system32\srrstr.dll 2012-12-30 18:55:43 171008 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\srsvc.dll 2012-12-30 18:55:43 171008 ----a-w- [7-8] C:\WINDOWS\system32\srsvc.dll 2012-12-30 18:55:43 -------- d-----w- [---] C:\WINDOWS\system32\Restore 2012-12-30 18:55:42 81920 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\ils.dll 2012-12-30 18:55:42 81920 ----a-w- [7-8] C:\WINDOWS\system32\ils.dll 2012-12-30 18:55:42 69632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msconf.dll 2012-12-30 18:55:42 69632 ----a-w- [7-8] C:\WINDOWS\system32\msconf.dll 2012-12-30 18:55:42 40960 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\dcap32.dll 2012-12-30 18:55:42 34560 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mnmdd.dll 2012-12-30 18:55:42 34560 ----a-w- [7-8] C:\WINDOWS\system32\mnmdd.dll 2012-12-30 18:55:42 32768 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mnmsrvc.exe 2012-12-30 18:55:42 32768 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\isrdbg32.dll 2012-12-30 18:55:42 32768 ----a-w- [7-8] C:\WINDOWS\system32\mnmsrvc.exe 2012-12-30 18:55:42 32768 ----a-w- [7-8] C:\WINDOWS\system32\isrdbg32.dll 2012-12-30 18:55:42 28672 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\nmmkcert.dll 2012-12-30 18:55:42 28672 ----a-w- [7-8] C:\WINDOWS\system32\nmmkcert.dll 2012-12-30 18:55:42 229376 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\nmas.dll 2012-12-30 18:55:42 188416 ----a-w- [7--] C:\WINDOWS\system32\msh261.drv 2012-12-30 18:55:41 61440 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rrcm.dll 2012-12-30 18:55:41 57344 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\h323cc.dll 2012-12-30 18:55:41 45056 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\confmrsl.dll 2012-12-30 18:55:41 385024 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\callcont.dll 2012-12-30 18:55:41 28672 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\nmasnt.dll 2012-12-30 18:55:41 221184 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\nac.dll 2012-12-30 18:55:40 81920 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\nmchat.dll 2012-12-30 18:55:40 77824 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\nmcom.dll 2012-12-30 18:55:40 57344 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mst123.dll 2012-12-30 18:55:40 274432 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mst120.dll 2012-12-30 18:55:40 188416 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\nmwb.dll 2012-12-30 18:55:40 172032 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\nmoldwb.dll 2012-12-30 18:55:40 151552 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\nmft.dll 2012-12-30 18:55:40 1036288 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\conf.exe 2012-12-30 18:55:39 84992 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wabimp.dll 2012-12-30 18:55:39 81408 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\directdb.dll 2012-12-30 18:55:39 504832 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wab32.dll 2012-12-30 18:55:39 46080 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wab.exe 2012-12-30 18:55:39 32768 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wabfind.dll 2012-12-30 18:55:39 30208 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wabmig.exe 2012-12-30 18:55:39 255488 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wab32res.dll 2012-12-30 18:55:39 252928 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msoeacct.dll 2012-12-30 18:55:39 252928 ----a-w- [7-8] C:\WINDOWS\system32\msoeacct.dll 2012-12-30 18:55:39 105984 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msoert2.dll 2012-12-30 18:55:39 105984 ----a-w- [7-8] C:\WINDOWS\system32\msoert2.dll 2012-12-30 18:55:39 -------- d-----w- [---] C:\Program Files\NetMeeting 2012-12-30 18:55:38 678400 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\inetcomm.dll 2012-12-30 18:55:38 678400 ----a-w- [7-8] C:\WINDOWS\system32\inetcomm.dll 2012-12-30 18:55:38 60928 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msimn.exe 2012-12-30 18:55:38 49664 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\inetres.dll 2012-12-30 18:55:38 49664 ----a-w- [7-8] C:\WINDOWS\system32\inetres.dll 2012-12-30 18:55:38 1311232 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msoe.dll 2012-12-30 18:55:38 104448 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\oeimport.dll 2012-12-30 18:55:37 73728 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\setup50.exe 2012-12-30 18:55:37 60928 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\oemig50.exe 2012-12-30 18:55:37 35840 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\oemiglib.dll 2012-12-30 18:55:37 2512384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msoeres.dll 2012-12-30 18:55:37 192000 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\schedsvc.dll 2012-12-30 18:55:37 192000 ----a-w- [7-8] C:\WINDOWS\system32\schedsvc.dll 2012-12-30 18:55:37 12288 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mstinit.exe 2012-12-30 18:55:37 12288 ----a-w- [7-8] C:\WINDOWS\system32\mstinit.exe 2012-12-30 18:55:37 -------- d-----w- [---] C:\Program Files\Outlook Express 2012-12-30 18:55:36 86016 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\isign32.dll 2012-12-30 18:55:36 86016 ----a-w- [7-8] C:\WINDOWS\system32\isign32.dll 2012-12-30 18:55:36 73728 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\icwdial.dll 2012-12-30 18:55:36 73728 ----a-w- [7-8] C:\WINDOWS\system32\icwdial.dll 2012-12-30 18:55:36 65536 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\icwphbk.dll 2012-12-30 18:55:36 65536 ----a-w- [7-8] C:\WINDOWS\system32\icwphbk.dll 2012-12-30 18:55:36 278528 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mstask.dll 2012-12-30 18:55:36 278528 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\inetcfg.dll 2012-12-30 18:55:36 278528 ----a-w- [7-8] C:\WINDOWS\system32\mstask.dll 2012-12-30 18:55:36 278528 ----a-w- [7-8] C:\WINDOWS\system32\inetcfg.dll 2012-12-30 18:55:35 86016 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\icwconn2.exe 2012-12-30 18:55:35 61440 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\icwconn.dll 2012-12-30 18:55:35 49152 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\icwutil.dll 2012-12-30 18:55:35 32768 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\icwdl.dll 2012-12-30 18:55:35 24576 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\icwrmind.exe 2012-12-30 18:55:35 20480 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\inetwiz.exe 2012-12-30 18:55:35 176128 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\icwhelp.dll 2012-12-30 18:55:34 69632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\oledb32r.dll 2012-12-30 18:55:34 561179 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\dao360.dll 2012-12-30 18:55:34 217088 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sqlxmlx.dll 2012-12-30 18:55:34 216576 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\icwconn1.exe 2012-12-30 18:55:33 94208 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdatl3.dll 2012-12-30 18:55:33 77824 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdaosp.dll 2012-12-30 18:55:33 487424 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\oledb32.dll 2012-12-30 18:55:33 4096 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdaurl.dll 2012-12-30 18:55:33 4096 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdasc.dll 2012-12-30 18:55:33 4096 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdaer.dll 2012-12-30 18:55:33 4096 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdaenum.dll 2012-12-30 18:55:33 4096 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdadc.dll 2012-12-30 18:55:33 315392 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdasql.dll 2012-12-30 18:55:33 24576 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msxactps.dll 2012-12-30 18:55:33 233472 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdaora.dll 2012-12-30 18:55:33 204800 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdaps.dll 2012-12-30 18:55:33 20480 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdatt.dll 2012-12-30 18:55:33 20480 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdaorar.dll 2012-12-30 18:55:33 16384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdasqlr.dll 2012-12-30 18:55:33 102400 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msjro.dll 2012-12-30 18:55:32 81920 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msado27.tlb 2012-12-30 18:55:32 81920 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msado26.tlb 2012-12-30 18:55:32 81920 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msado25.tlb 2012-12-30 18:55:32 61440 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msado21.tlb 2012-12-30 18:55:32 61440 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msado20.tlb 2012-12-30 18:55:32 57344 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msadrh15.dll 2012-12-30 18:55:32 57344 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msador15.dll 2012-12-30 18:55:32 536576 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msado15.dll 2012-12-30 18:55:32 28672 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msader15.dll 2012-12-30 18:55:32 200704 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msadox.dll 2012-12-30 18:55:32 180224 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msadomd.dll 2012-12-30 18:55:31 61440 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msadcf.dll 2012-12-30 18:55:31 53248 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msadcs.dll 2012-12-30 18:55:31 36864 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdfmap.dll 2012-12-30 18:55:31 331776 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msadce.dll 2012-12-30 18:55:31 24576 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msaddsr.dll 2012-12-30 18:55:31 20480 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msadcer.dll 2012-12-30 18:55:31 200704 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdaprst.dll 2012-12-30 18:55:31 16384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdaremr.dll 2012-12-30 18:55:31 16384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdaprsr.dll 2012-12-30 18:55:31 16384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msadcor.dll 2012-12-30 18:55:31 16384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msadcfr.dll 2012-12-30 18:55:31 155648 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msadds.dll 2012-12-30 18:55:31 143360 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msadco.dll 2012-12-30 18:55:31 118784 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdarem.dll 2012-12-30 18:55:30 38912 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\hmmapi.dll 2012-12-30 18:55:30 18432 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iedw.exe 2012-12-30 18:55:30 153088 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\triedit.dll 2012-12-30 18:55:30 128000 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\dhtmled.ocx 2012-12-30 18:55:30 -------- d-----w- [---] C:\Program Files\Common Files\System 2012-12-30 18:55:29 93184 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\iexplore.exe 2012-12-30 18:55:29 -------- d-----w- [---] C:\Program Files\Internet Explorer 2012-12-30 18:55:24 1017 ----a-w- [---] C:\WINDOWS\sessmgr.setup.log 2012-12-30 18:54:57 -------- d-----w- [---] C:\WINDOWS\system32\wbem\AutoRecover 2012-12-30 18:54:54 -------- d-----w- [---] C:\WINDOWS\system32\wbem\Performance 2012-12-30 18:54:47 21856 ----a-w- [---] C:\WINDOWS\system32\emptyregdb.dat 2012-12-30 18:54:38 -------- d-----w- [---] C:\Program Files\ComPlus Applications 2012-12-30 18:54:36 37 ----a-w- [---] C:\WINDOWS\vbaddin.ini 2012-12-30 18:54:36 36 ----a-w- [---] C:\WINDOWS\vb.ini 2012-12-30 18:54:31 -------- d-----w- [---] C:\WINDOWS\Registration 2012-12-30 18:54:28 133 ----a-w- [---] C:\WINDOWS\DtcInstall.log 2012-12-30 18:54:23 936 ----a-w- [---] C:\WINDOWS\wmsetup.log 2012-12-30 18:54:23 -------- d-----w- [---] C:\Program Files\Windows Media Player 2012-12-30 18:54:17 -------- d-----w- [---] C:\Program Files\Messenger 2012-12-30 18:54:16 82501 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\bckg.dll 2012-12-30 18:54:16 42577 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\bckgzm.exe 2012-12-30 18:54:16 42574 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rvsezm.exe 2012-12-30 18:54:16 1817687 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\bckgres.dll 2012-12-30 18:54:15 781397 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\chkrres.dll 2012-12-30 18:54:15 753236 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rvseres.dll 2012-12-30 18:54:15 66113 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\shvl.dll 2012-12-30 18:54:15 48706 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rvse.dll 2012-12-30 18:54:15 42575 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\chkrzm.exe 2012-12-30 18:54:15 42573 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\shvlzm.exe 2012-12-30 18:54:15 42573 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\hrtzzm.exe 2012-12-30 18:54:15 40515 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\chkr.dll 2012-12-30 18:54:15 2178131 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\shvlres.dll 2012-12-30 18:54:15 1175635 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\hrtzres.dll 2012-12-30 18:54:14 57409 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\hrtz.dll 2012-12-30 18:54:14 4677 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\zeeverm.dll 2012-12-30 18:54:14 41029 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\zcorem.dll 2012-12-30 18:54:14 32339 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\uniansi.dll 2012-12-30 18:54:14 13894 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\zonelibm.dll 2012-12-30 18:54:14 113222 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\zoneclim.dll 2012-12-30 18:54:14 1041491 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cmnresm.dll 2012-12-30 18:54:13 5632 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\write.exe 2012-12-30 18:54:13 5632 ----a-w- [7-8] C:\WINDOWS\system32\write.exe 2012-12-30 18:54:13 36937 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\zclientm.exe 2012-12-30 18:54:13 29760 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\znetm.dll 2012-12-30 18:54:13 217160 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cmnclim.dll 2012-12-30 18:54:13 -------- d-----w- [---] C:\Program Files\MSN Gaming Zone 2012-12-30 18:54:03 139264 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sndvol32.exe 2012-12-30 18:54:03 139264 ----a-w- [7-8] C:\WINDOWS\system32\sndvol32.exe 2012-12-30 18:54:02 73216 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\avwav.dll 2012-12-30 18:54:02 73216 ----a-w- [7-8] C:\WINDOWS\system32\avwav.dll 2012-12-30 18:54:02 44544 ----a-w- [7--] C:\WINDOWS\system32\hticons.dll 2012-12-30 18:54:02 35328 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\winchat.exe 2012-12-30 18:54:02 35328 ----a-w- [7-8] C:\WINDOWS\system32\winchat.exe 2012-12-30 18:54:02 231424 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\avtapi.dll 2012-12-30 18:54:02 231424 ----a-w- [7-8] C:\WINDOWS\system32\avtapi.dll 2012-12-30 18:54:02 16384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\avmeter.dll 2012-12-30 18:54:02 16384 ----a-w- [7-8] C:\WINDOWS\system32\avmeter.dll 2012-12-30 18:54:02 13312 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\htrn_jis.dll 2012-12-30 18:53:57 9522 ----a-w- [---] C:\WINDOWS\Indiański pled.bmp 2012-12-30 18:53:56 65978 ----a-w- [---] C:\WINDOWS\Bąbelki.bmp 2012-12-30 18:53:56 65954 ----a-w- [---] C:\WINDOWS\Pod mikroskopem.bmp 2012-12-30 18:53:56 65832 ----a-w- [---] C:\WINDOWS\Stiuk z Santa Fe.bmp 2012-12-30 18:53:56 26680 ----a-w- [---] C:\WINDOWS\Wachlarze.bmp 2012-12-30 18:53:56 26582 ----a-w- [---] C:\WINDOWS\Nefryt.bmp 2012-12-30 18:53:56 17362 ----a-w- [---] C:\WINDOWS\Rododendron.bmp 2012-12-30 18:53:56 17336 ----a-w- [---] C:\WINDOWS\Na rybkach.bmp 2012-12-30 18:53:56 17062 ----a-w- [---] C:\WINDOWS\Kawa.bmp 2012-12-30 18:53:56 16730 ----a-w- [---] C:\WINDOWS\Puch.bmp 2012-12-30 18:53:56 1272 ----a-w- [---] C:\WINDOWS\Niebieska koronka 16.bmp 2012-12-30 18:53:55 93702 ----a-w- [---] C:\WINDOWS\system32\subrange.uce 2012-12-30 18:53:55 8484 ----a-w- [---] C:\WINDOWS\system32\kanji_2.uce 2012-12-30 18:53:55 80896 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\charmap.exe 2012-12-30 18:53:55 80896 ----a-w- [7-8] C:\WINDOWS\system32\charmap.exe 2012-12-30 18:53:55 6948 ----a-w- [---] C:\WINDOWS\system32\kanji_1.uce 2012-12-30 18:53:55 605696 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\getuname.dll 2012-12-30 18:53:55 605696 ----a-w- [7-8] C:\WINDOWS\system32\getuname.dll 2012-12-30 18:53:55 60458 ----a-w- [---] C:\WINDOWS\system32\ideograf.uce 2012-12-30 18:53:55 24006 ----a-w- [---] C:\WINDOWS\system32\gb2312.uce 2012-12-30 18:53:55 22984 ----a-w- [---] C:\WINDOWS\system32\bopomofo.uce 2012-12-30 18:53:55 16740 ----a-w- [---] C:\WINDOWS\system32\shiftjis.uce 2012-12-30 18:53:55 12876 ----a-w- [---] C:\WINDOWS\system32\korean.uce 2012-12-30 18:53:55 115200 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\calc.exe 2012-12-30 18:53:55 115200 ----a-w- [7-8] C:\WINDOWS\system32\calc.exe 2012-12-30 18:53:54 57344 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sol.exe 2012-12-30 18:53:54 57344 ----a-w- [7-8] C:\WINDOWS\system32\sol.exe 2012-12-30 18:53:54 128000 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mshearts.exe 2012-12-30 18:53:54 128000 ----a-w- [7-8] C:\WINDOWS\system32\mshearts.exe 2012-12-30 18:53:54 119808 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\winmine.exe 2012-12-30 18:53:54 119808 ----a-w- [7-8] C:\WINDOWS\system32\winmine.exe 2012-12-30 18:53:53 9728 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\reset.exe 2012-12-30 18:53:53 9728 ----a-w- [7-8] C:\WINDOWS\system32\reset.exe 2012-12-30 18:53:53 55808 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\freecell.exe 2012-12-30 18:53:53 55808 ----a-w- [7-8] C:\WINDOWS\system32\freecell.exe 2012-12-30 18:53:53 4608 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rdpcfgex.dll 2012-12-30 18:53:53 4608 ----a-w- [7-8] C:\WINDOWS\system32\rdpcfgex.dll 2012-12-30 18:53:53 33792 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\regini.exe 2012-12-30 18:53:53 33792 ----a-w- [7-8] C:\WINDOWS\system32\regini.exe 2012-12-30 18:53:53 3286 ----a-w- [---] C:\WINDOWS\system32\tslabels.h 2012-12-30 18:53:53 26717 ----a-w- [---] C:\WINDOWS\system32\tslabels.ini 2012-12-30 18:53:53 22528 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\qwinsta.exe 2012-12-30 18:53:53 22528 ----a-w- [7-8] C:\WINDOWS\system32\qwinsta.exe 2012-12-30 18:53:53 17920 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tsshutdn.exe 2012-12-30 18:53:53 17920 ----a-w- [7-8] C:\WINDOWS\system32\tsshutdn.exe 2012-12-30 18:53:53 17408 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\qappsrv.exe 2012-12-30 18:53:53 17408 ----a-w- [7-8] C:\WINDOWS\system32\qappsrv.exe 2012-12-30 18:53:53 16384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tskill.exe 2012-12-30 18:53:53 16384 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rwinsta.exe 2012-12-30 18:53:53 16384 ----a-w- [7-8] C:\WINDOWS\system32\tskill.exe 2012-12-30 18:53:53 16384 ----a-w- [7-8] C:\WINDOWS\system32\rwinsta.exe 2012-12-30 18:53:53 15360 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tsdiscon.exe 2012-12-30 18:53:53 15360 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tscon.exe 2012-12-30 18:53:53 15360 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\shadow.exe 2012-12-30 18:53:53 15360 ----a-w- [7-8] C:\WINDOWS\system32\tsdiscon.exe 2012-12-30 18:53:53 15360 ----a-w- [7-8] C:\WINDOWS\system32\tscon.exe 2012-12-30 18:53:53 15360 ----a-w- [7-8] C:\WINDOWS\system32\shadow.exe 2012-12-30 18:53:53 1225 ----a-w- [---] C:\WINDOWS\system32\usrlogon.cmd 2012-12-30 18:53:52 768 ----a-w- [---] C:\WINDOWS\system32\msdtcprf.h 2012-12-30 18:53:52 3813 ----a-w- [---] C:\WINDOWS\system32\msdtcprf.ini 2012-12-30 18:53:52 22528 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msg.exe 2012-12-30 18:53:52 22528 ----a-w- [7-8] C:\WINDOWS\system32\msg.exe 2012-12-30 18:53:52 19456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mtsadmin.tlb 2012-12-30 18:53:52 15872 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\logoff.exe 2012-12-30 18:53:52 15872 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cdmodem.dll 2012-12-30 18:53:52 15872 ----a-w- [7-8] C:\WINDOWS\system32\logoff.exe 2012-12-30 18:53:52 15872 ----a-w- [7-8] C:\WINDOWS\system32\cdmodem.dll 2012-12-30 18:53:51 82432 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\comrepl.dll 2012-12-30 18:53:51 82432 ----a-w- [7-8] C:\WINDOWS\system32\comrepl.dll 2012-12-30 18:53:51 54272 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\stclient.dll 2012-12-30 18:53:51 54272 ----a-w- [7-8] C:\WINDOWS\system32\stclient.dll 2012-12-30 18:53:51 5120 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\dcomcnfg.exe 2012-12-30 18:53:51 5120 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\comrereg.exe 2012-12-30 18:53:51 5120 ----a-w- [7-8] C:\WINDOWS\system32\dcomcnfg.exe 2012-12-30 18:53:51 4096 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mtxex.dll 2012-12-30 18:53:51 4096 ----a-w- [7-8] C:\WINDOWS\system32\mtxex.dll 2012-12-30 18:53:51 25600 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\comaddin.dll 2012-12-30 18:53:51 25600 ----a-w- [7-8] C:\WINDOWS\system32\comaddin.dll 2012-12-30 18:53:51 25088 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mtxlegih.dll 2012-12-30 18:53:51 25088 ----a-w- [7-8] C:\WINDOWS\system32\mtxlegih.dll 2012-12-30 18:53:51 20480 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mtxdm.dll 2012-12-30 18:53:51 20480 ----a-w- [7-8] C:\WINDOWS\system32\mtxdm.dll 2012-12-30 18:53:51 147456 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\comsnap.dll 2012-12-30 18:53:51 147456 ----a-w- [7-8] C:\WINDOWS\system32\comsnap.dll 2012-12-30 18:53:50 9414 ----a-w- [---] C:\WINDOWS\system32\wbem\wmipsess.mfl 2012-12-30 18:53:50 6494 ----a-w- [---] C:\WINDOWS\system32\wbem\wmitimep.mof 2012-12-30 18:53:50 61208 ----a-w- [---] C:\WINDOWS\system32\wbem\wmipjobj.mof 2012-12-30 18:53:50 47992 ----a-w- [---] C:\WINDOWS\system32\wbem\wmipjobj.mfl 2012-12-30 18:53:50 45568 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmi2xml.dll 2012-12-30 18:53:50 3848 ----a-w- [---] C:\WINDOWS\system32\wbem\wmitimep.mfl 2012-12-30 18:53:50 23692 ----a-w- [---] C:\WINDOWS\system32\wbem\wmipiprt.mof 2012-12-30 18:53:50 19356 ----a-w- [---] C:\WINDOWS\system32\wbem\wmipicmp.mof 2012-12-30 18:53:50 17110 ----a-w- [---] C:\WINDOWS\system32\wbem\wmipiprt.mfl 2012-12-30 18:53:50 13880 ----a-w- [---] C:\WINDOWS\system32\wbem\wmipsess.mof 2012-12-30 18:53:49 8938 ----a-w- [---] C:\WINDOWS\system32\wbem\wmipdskq.mfl 2012-12-30 18:53:49 8238 ----a-w- [---] C:\WINDOWS\system32\wbem\tmplprov.mfl 2012-12-30 18:53:49 4998 ----a-w- [---] C:\WINDOWS\system32\wbem\trnsprov.mof 2012-12-30 18:53:49 4546 ----a-w- [---] C:\WINDOWS\system32\wbem\wmi.mfl 2012-12-30 18:53:49 4458 ----a-w- [---] C:\WINDOWS\system32\wbem\subscrpt.mof 2012-12-30 18:53:49 41402 ----a-w- [---] C:\WINDOWS\system32\wbem\wmipcima.mof 2012-12-30 18:53:49 29170 ----a-w- [---] C:\WINDOWS\system32\wbem\wmipcima.mfl 2012-12-30 18:53:49 2114 ----a-w- [---] C:\WINDOWS\system32\wbem\trnsprov.mfl 2012-12-30 18:53:49 20720 ----a-w- [---] C:\WINDOWS\system32\wbem\updprov.mof 2012-12-30 18:53:49 18004 ----a-w- [---] C:\WINDOWS\system32\wbem\wbemcons.mof 2012-12-30 18:53:49 14564 ----a-w- [---] C:\WINDOWS\system32\wbem\wmipicmp.mfl 2012-12-30 18:53:49 14064 ----a-w- [---] C:\WINDOWS\system32\wbem\updprov.mfl 2012-12-30 18:53:49 13382 ----a-w- [---] C:\WINDOWS\system32\wbem\wbemcons.mfl 2012-12-30 18:53:49 13342 ----a-w- [---] C:\WINDOWS\system32\wbem\wmipdskq.mof 2012-12-30 18:53:49 127370 ----a-w- [---] C:\WINDOWS\system32\wbem\system.mof 2012-12-30 18:53:49 12144 ----a-w- [---] C:\WINDOWS\system32\wbem\tmplprov.mof 2012-12-30 18:53:48 626 ----a-w- [---] C:\WINDOWS\system32\wbem\ncprov.mfl 2012-12-30 18:53:48 58746 ----a-w- [---] C:\WINDOWS\system32\wbem\secrcw32.mof 2012-12-30 18:53:48 5728 ----a-w- [---] C:\WINDOWS\system32\wbem\scrcons.mof 2012-12-30 18:53:48 5002 ----a-w- [---] C:\WINDOWS\system32\wbem\policman.mfl 2012-12-30 18:53:48 46372 ----a-w- [---] C:\WINDOWS\system32\wbem\regevent.mof 2012-12-30 18:53:48 4100 ----a-w- [---] C:\WINDOWS\system32\wbem\smtpcons.mof 2012-12-30 18:53:48 40150 ----a-w- [---] C:\WINDOWS\system32\wbem\regevent.mfl 2012-12-30 18:53:48 3606 ----a-w- [---] C:\WINDOWS\system32\wbem\scrcons.mfl 2012-12-30 18:53:48 33840 ----a-w- [---] C:\WINDOWS\system32\wbem\secrcw32.mfl 2012-12-30 18:53:48 32676 ----a-w- [---] C:\WINDOWS\system32\wbem\scm.mof 2012-12-30 18:53:48 29762 ----a-w- [---] C:\WINDOWS\system32\wbem\ntevt.mof 2012-12-30 18:53:48 2880 ----a-w- [---] C:\WINDOWS\system32\wbem\ncprov.mof 2012-12-30 18:53:48 2716 ----a-w- [---] C:\WINDOWS\system32\wbem\smtpcons.mfl 2012-12-30 18:53:48 21940 ----a-w- [---] C:\WINDOWS\system32\wbem\ntevt.mfl 2012-12-30 18:53:48 165430 ----a-w- [---] C:\WINDOWS\system32\wbem\msi.mof 2012-12-30 18:53:48 12150 ----a-w- [---] C:\WINDOWS\system32\wbem\policman.mof 2012-12-30 18:53:48 112618 ----a-w- [---] C:\WINDOWS\system32\wbem\msi.mfl 2012-12-30 18:53:47 9442 ----a-w- [---] C:\WINDOWS\system32\wbem\wmiclimofformat.xsl 2012-12-30 18:53:47 8790 ----a-w- [---] C:\WINDOWS\system32\wbem\fconprov.mof 2012-12-30 18:53:47 8522 ----a-w- [---] C:\WINDOWS\system32\wbem\krnlprov.mfl 2012-12-30 18:53:47 76800 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmipicmp.dll 2012-12-30 18:53:47 76800 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmipicmp.dll 2012-12-30 18:53:47 6586 ----a-w- [---] C:\WINDOWS\system32\wbem\fconprov.mfl 2012-12-30 18:53:47 61440 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmimsg.dll 2012-12-30 18:53:47 61440 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmimsg.dll 2012-12-30 18:53:47 52224 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmitimep.dll 2012-12-30 18:53:47 52224 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmitimep.dll 2012-12-30 18:53:47 485 ----a-w- [---] C:\WINDOWS\system32\wbem\wmiclivalueformat.xsl 2012-12-30 18:53:47 4392 ----a-w- [---] C:\WINDOWS\system32\wbem\fevprov.mof 2012-12-30 18:53:47 3921 ----a-w- [---] C:\WINDOWS\system32\wbem\wmiclitableformatnosys.xsl 2012-12-30 18:53:47 3260 ----a-w- [---] C:\WINDOWS\system32\wbem\fevprov.mfl 2012-12-30 18:53:47 3247 ----a-w- [---] C:\WINDOWS\system32\wbem\wmiclitableformat.xsl 2012-12-30 18:53:47 18398 ----a-w- [---] C:\WINDOWS\system32\wbem\dsprov.mof 2012-12-30 18:53:47 17920 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\winmgmtr.dll 2012-12-30 18:53:47 17920 ----a-w- [7-8] C:\WINDOWS\system32\wbem\winmgmtr.dll 2012-12-30 18:53:47 12712 ----a-w- [---] C:\WINDOWS\system32\wbem\krnlprov.mof 2012-12-30 18:53:47 11556 ----a-w- [---] C:\WINDOWS\system32\wbem\dsprov.mfl 2012-12-30 18:53:46 61952 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tmplprov.dll 2012-12-30 18:53:46 61952 ----a-w- [7-8] C:\WINDOWS\system32\wbem\tmplprov.dll 2012-12-30 18:53:46 59904 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wbemdisp.tlb 2012-12-30 18:53:46 59904 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\trnsprov.dll 2012-12-30 18:53:46 59904 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wbemdisp.tlb 2012-12-30 18:53:46 59904 ----a-w- [7-8] C:\WINDOWS\system32\wbem\trnsprov.dll 2012-12-30 18:53:46 40960 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\smtpcons.dll 2012-12-30 18:53:46 40960 ----a-w- [7-8] C:\WINDOWS\system32\wbem\smtpcons.dll 2012-12-30 18:53:46 3247 ----a-w- [---] C:\WINDOWS\system32\wbem\texttablewsys.xsl 2012-12-30 18:53:46 31232 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wbemads.tlb 2012-12-30 18:53:46 31232 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wbemads.tlb 2012-12-30 18:53:46 273920 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msiprov.dll 2012-12-30 18:53:46 273920 ----a-w- [7-8] C:\WINDOWS\system32\wbem\msiprov.dll 2012-12-30 18:53:46 16896 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\unsecapp.exe 2012-12-30 18:53:46 16896 ----a-w- [7-8] C:\WINDOWS\system32\wbem\unsecapp.exe 2012-12-30 18:53:46 13824 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\winmgmt.exe 2012-12-30 18:53:46 13824 ----a-w- [7-8] C:\WINDOWS\system32\wbem\winmgmt.exe 2012-12-30 18:53:46 12288 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wbemads.dll 2012-12-30 18:53:46 12288 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wbemads.dll 2012-12-30 18:53:46 116224 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\updprov.dll 2012-12-30 18:53:46 116224 ----a-w- [7-8] C:\WINDOWS\system32\wbem\updprov.dll 2012-12-30 18:53:45 63488 ----a-w- [---] C:\WINDOWS\system32\wmimgmt.msc 2012-12-30 18:53:45 53248 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fwdprov.dll 2012-12-30 18:53:45 53248 ----a-w- [7-8] C:\WINDOWS\system32\wbem\fwdprov.dll 2012-12-30 18:53:45 2859 ----a-w- [---] C:\WINDOWS\system32\wbem\htable-sortby.xsl 2012-12-30 18:53:45 217088 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wordpad.exe 2012-12-30 18:53:45 120320 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\dsprov.dll 2012-12-30 18:53:45 120320 ----a-w- [7-8] C:\WINDOWS\system32\wbem\dsprov.dll 2012-12-30 18:53:44 70656 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\access.cpl 2012-12-30 18:53:44 70656 ----a-w- [7-8] C:\WINDOWS\system32\access.cpl 2012-12-30 18:53:44 349696 ----a-w- [7--] C:\WINDOWS\system32\hypertrm.dll 2012-12-30 18:53:44 283136 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\pinball.exe 2012-12-30 18:53:44 187904 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\accwiz.exe 2012-12-30 18:53:44 187904 ----a-w- [7-8] C:\WINDOWS\system32\accwiz.exe 2012-12-30 18:53:44 132608 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sndrec32.exe 2012-12-30 18:53:44 132608 ----a-w- [7-8] C:\WINDOWS\system32\sndrec32.exe 2012-12-30 18:53:44 124928 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mplay32.exe 2012-12-30 18:53:44 124928 ----a-w- [7-8] C:\WINDOWS\system32\mplay32.exe 2012-12-30 18:53:43 99750 ----a-w- [---] C:\WINDOWS\system32\wbem\tscfgwmi.mof 2012-12-30 18:53:43 59566 ----a-w- [---] C:\WINDOWS\system32\wbem\tscfgwmi.mfl 2012-12-30 18:53:43 545792 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\dialer.exe 2012-12-30 18:53:43 539136 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\spider.exe 2012-12-30 18:53:43 539136 ----a-w- [7-8] C:\WINDOWS\system32\spider.exe 2012-12-30 18:53:43 345088 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mspaint.exe 2012-12-30 18:53:43 345088 ----a-w- [7-8] C:\WINDOWS\system32\mspaint.exe 2012-12-30 18:53:43 21896 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tdtcp.sys 2012-12-30 18:53:43 21896 ----a-w- [7-8] C:\WINDOWS\system32\drivers\tdtcp.sys 2012-12-30 18:53:43 12040 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tdpipe.sys 2012-12-30 18:53:43 12040 ----a-w- [7-8] C:\WINDOWS\system32\drivers\tdpipe.sys 2012-12-30 18:53:43 103424 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\clipbrd.exe 2012-12-30 18:53:43 103424 ----a-w- [7-8] C:\WINDOWS\system32\clipbrd.exe 2012-12-30 18:53:43 -------- d-----w- [---] C:\Program Files\Windows NT 2012-12-30 18:53:42 94720 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tscfgwmi.dll 2012-12-30 18:53:42 94720 ----a-w- [7-8] C:\WINDOWS\system32\tscfgwmi.dll 2012-12-30 18:53:42 67072 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rdshost.exe 2012-12-30 18:53:42 67072 ----a-w- [7-8] C:\WINDOWS\system32\rdshost.exe 2012-12-30 18:53:42 655360 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mstscax.dll 2012-12-30 18:53:42 655360 ----a-w- [7-8] C:\WINDOWS\system32\mstscax.dll 2012-12-30 18:53:42 60928 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\remotepg.dll 2012-12-30 18:53:42 60928 ----a-w- [7-8] C:\WINDOWS\system32\remotepg.dll 2012-12-30 18:53:42 408576 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mstsc.exe 2012-12-30 18:53:42 408576 ----a-w- [7-8] C:\WINDOWS\system32\mstsc.exe 2012-12-30 18:53:42 141824 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\sessmgr.exe 2012-12-30 18:53:42 141824 ----a-w- [7-8] C:\WINDOWS\system32\sessmgr.exe 2012-12-30 18:53:42 139400 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rdpwd.sys 2012-12-30 18:53:42 139400 ----a-w- [7-8] C:\WINDOWS\system32\drivers\rdpwd.sys 2012-12-30 18:53:42 13824 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rdsaddin.exe 2012-12-30 18:53:42 13824 ----a-w- [7-8] C:\WINDOWS\system32\rdsaddin.exe 2012-12-30 18:53:41 87176 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rdpwsx.dll 2012-12-30 18:53:41 87176 ----a-w- [7-8] C:\WINDOWS\system32\rdpwsx.dll 2012-12-30 18:53:41 62464 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rdpclip.exe 2012-12-30 18:53:41 62464 ----a-w- [7-8] C:\WINDOWS\system32\rdpclip.exe 2012-12-30 18:53:41 44544 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\tscupgrd.exe 2012-12-30 18:53:41 44544 ----a-w- [7-8] C:\WINDOWS\system32\tscupgrd.exe 2012-12-30 18:53:41 38912 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cfgbkend.dll 2012-12-30 18:53:41 38912 ----a-w- [7-8] C:\WINDOWS\system32\cfgbkend.dll 2012-12-30 18:53:41 296448 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\termsrv.dll 2012-12-30 18:53:41 296448 ----a-w- [7-8] C:\WINDOWS\system32\termsrv.dll 2012-12-30 18:53:41 20992 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\qprocess.exe 2012-12-30 18:53:41 20992 ----a-w- [7-8] C:\WINDOWS\system32\qprocess.exe 2012-12-30 18:53:41 19968 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rdpsnd.dll 2012-12-30 18:53:41 19968 ----a-w- [7-8] C:\WINDOWS\system32\rdpsnd.dll 2012-12-30 18:53:41 161280 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdtcuiu.dll 2012-12-30 18:53:41 161280 ----a-w- [7-8] C:\WINDOWS\system32\msdtcuiu.dll 2012-12-30 18:53:41 147968 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\rdchost.dll 2012-12-30 18:53:41 147968 ----a-w- [7-8] C:\WINDOWS\system32\rdchost.dll 2012-12-30 18:53:41 11264 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\icaapi.dll 2012-12-30 18:53:41 11264 ----a-w- [7-8] C:\WINDOWS\system32\icaapi.dll 2012-12-30 18:53:41 -------- d-----w- [---] C:\WINDOWS\system32\MsDtc 2012-12-30 18:53:40 949248 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdtctm.dll 2012-12-30 18:53:40 949248 ----a-w- [7-8] C:\WINDOWS\system32\msdtctm.dll 2012-12-30 18:53:40 90112 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mtxoci.dll 2012-12-30 18:53:40 90112 ----a-w- [7-8] C:\WINDOWS\system32\mtxoci.dll 2012-12-30 18:53:40 6144 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdtc.exe 2012-12-30 18:53:40 6144 ----a-w- [7-8] C:\WINDOWS\system32\msdtc.exe 2012-12-30 18:53:40 58880 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdtclog.dll 2012-12-30 18:53:40 58880 ----a-w- [7-8] C:\WINDOWS\system32\msdtclog.dll 2012-12-30 18:53:40 425472 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\msdtcprx.dll 2012-12-30 18:53:40 425472 ----a-w- [7-8] C:\WINDOWS\system32\msdtcprx.dll 2012-12-30 18:53:40 11776 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\xolehlp.dll 2012-12-30 18:53:40 11776 ----a-w- [7-8] C:\WINDOWS\system32\xolehlp.dll 2012-12-30 18:53:39 9728 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\comrepl.exe 2012-12-30 18:53:39 85504 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\catsrvps.dll 2012-12-30 18:53:39 85504 ----a-w- [7-8] C:\WINDOWS\system32\catsrvps.dll 2012-12-30 18:53:39 628224 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\catsrvut.dll 2012-12-30 18:53:39 628224 ----a-w- [7-8] C:\WINDOWS\system32\catsrvut.dll 2012-12-30 18:53:39 62464 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\colbact.dll 2012-12-30 18:53:39 62464 ----a-w- [7-8] C:\WINDOWS\system32\colbact.dll 2012-12-30 18:53:39 229888 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\catsrv.dll 2012-12-30 18:53:39 229888 ----a-w- [7-8] C:\WINDOWS\system32\catsrv.dll 2012-12-30 18:53:39 195584 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\comadmin.dll 2012-12-30 18:53:39 110080 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\clbcatex.dll 2012-12-30 18:53:39 110080 ----a-w- [7-8] C:\WINDOWS\system32\clbcatex.dll 2012-12-30 18:53:39 -------- d-----w- [---] C:\WINDOWS\system32\Com 2012-12-30 18:53:38 540160 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\comuid.dll 2012-12-30 18:53:38 540160 ----a-w- [7-8] C:\WINDOWS\system32\comuid.dll 2012-12-30 18:53:38 501248 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\clbcatq.dll 2012-12-30 18:53:38 501248 ----a-w- [7-8] C:\WINDOWS\system32\clbcatq.dll 2012-12-30 18:53:38 1251840 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\comsvcs.dll 2012-12-30 18:53:38 1251840 ----a-w- [7-8] C:\WINDOWS\system32\comsvcs.dll 2012-12-30 18:53:37 33674 ----a-w- [---] C:\WINDOWS\system32\wbem\cliegaliases.mfl 2012-12-30 18:53:37 29290 ----a-w- [---] C:\WINDOWS\system32\wbem\cli.mof 2012-12-30 18:53:37 2774228 ----a-w- [---] C:\WINDOWS\system32\wbem\cimwin32.mof 2012-12-30 18:53:37 2570538 ----a-w- [---] C:\WINDOWS\system32\wbem\cliegaliases.mof 2012-12-30 18:53:37 2092060 ----a-w- [---] C:\WINDOWS\system32\wbem\cimwin32.mfl 2012-12-30 18:53:37 15586 ----a-w- [---] C:\WINDOWS\system32\wbem\licwmi.mof 2012-12-30 18:53:37 10688 ----a-w- [---] C:\WINDOWS\system32\wbem\wmi.mof 2012-12-30 18:53:37 10442 ----a-w- [---] C:\WINDOWS\system32\wbem\licwmi.mfl 2012-12-30 18:53:36 98304 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmiutils.dll 2012-12-30 18:53:36 98304 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmiutils.dll 2012-12-30 18:53:36 62976 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmipjobj.dll 2012-12-30 18:53:36 62976 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmipjobj.dll 2012-12-30 18:53:36 62464 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmipiprt.dll 2012-12-30 18:53:36 62464 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmipiprt.dll 2012-12-30 18:53:36 60928 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmicookr.dll 2012-12-30 18:53:36 60928 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmicookr.dll 2012-12-30 18:53:36 437248 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmiprvsd.dll 2012-12-30 18:53:36 437248 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmiprvsd.dll 2012-12-30 18:53:36 41472 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmipsess.dll 2012-12-30 18:53:36 41472 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmipsess.dll 2012-12-30 18:53:36 2870 ----a-w- [---] C:\WINDOWS\system32\wbem\xsl-mappings.xml 2012-12-30 18:53:36 218112 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmiprvse.exe 2012-12-30 18:53:36 218112 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmiprvse.exe 2012-12-30 18:53:36 1743 ----a-w- [---] C:\WINDOWS\system32\wbem\xml.xsl 2012-12-30 18:53:36 156672 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmipcima.dll 2012-12-30 18:53:36 156672 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmipcima.dll 2012-12-30 18:53:36 145408 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmisvc.dll 2012-12-30 18:53:36 145408 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmisvc.dll 2012-12-30 18:53:36 144896 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmiprov.dll 2012-12-30 18:53:36 144896 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmiprov.dll 2012-12-30 18:53:36 140800 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmidcprv.dll 2012-12-30 18:53:36 140800 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmidcprv.dll 2012-12-30 18:53:36 132096 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmipdskq.dll 2012-12-30 18:53:36 132096 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmipdskq.dll 2012-12-30 18:53:35 89088 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmiaprpl.dll 2012-12-30 18:53:35 89088 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmiaprpl.dll 2012-12-30 18:53:35 71680 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wbemcons.dll 2012-12-30 18:53:35 71680 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wbemcons.dll 2012-12-30 18:53:35 7168 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmiapres.dll 2012-12-30 18:53:35 7168 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmiapres.dll 2012-12-30 18:53:35 530944 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wbemcore.dll 2012-12-30 18:53:35 530944 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wbemcore.dll 2012-12-30 18:53:35 43520 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wbemsvc.dll 2012-12-30 18:53:35 43520 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wbemsvc.dll 2012-12-30 18:53:35 367104 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmic.exe 2012-12-30 18:53:35 367104 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmic.exe 2012-12-30 18:53:35 273920 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wbemess.dll 2012-12-30 18:53:35 273920 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wbemess.dll 2012-12-30 18:53:35 197120 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wbemupgd.dll 2012-12-30 18:53:35 197120 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wbemupgd.dll 2012-12-30 18:53:35 196608 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmiadap.exe 2012-12-30 18:53:35 196608 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmiadap.exe 2012-12-30 18:53:35 18944 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wbemprox.dll 2012-12-30 18:53:35 18944 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wbemprox.dll 2012-12-30 18:53:35 178176 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wbemdisp.dll 2012-12-30 18:53:35 178176 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wbemdisp.dll 2012-12-30 18:53:35 126464 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wmiapsrv.exe 2012-12-30 18:53:35 126464 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wmiapsrv.exe 2012-12-30 18:53:35 118272 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wbemtest.exe 2012-12-30 18:53:35 118272 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wbemtest.exe 2012-12-30 18:53:34 92672 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\policman.dll 2012-12-30 18:53:34 92672 ----a-w- [7-8] C:\WINDOWS\system32\wbem\policman.dll 2012-12-30 18:53:34 86528 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\stdprov.dll 2012-12-30 18:53:34 86528 ----a-w- [7-8] C:\WINDOWS\system32\wbem\stdprov.dll 2012-12-30 18:53:34 623 ----a-w- [---] C:\WINDOWS\system32\wbem\rawxml.xsl 2012-12-30 18:53:34 6000 ----a-w- [---] C:\WINDOWS\system32\wbem\texttable.xsl 2012-12-30 18:53:34 36864 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\scrcons.exe 2012-12-30 18:53:34 36864 ----a-w- [7-8] C:\WINDOWS\system32\wbem\scrcons.exe 2012-12-30 18:53:34 2766 ----a-w- [---] C:\WINDOWS\system32\wbem\textvaluelist.xsl 2012-12-30 18:53:34 237056 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\provthrd.dll 2012-12-30 18:53:34 237056 ----a-w- [7-8] C:\WINDOWS\system32\wbem\provthrd.dll 2012-12-30 18:53:34 214528 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wbemcomn.dll 2012-12-30 18:53:34 214528 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wbemcomn.dll 2012-12-30 18:53:34 212992 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\ntevt.dll 2012-12-30 18:53:34 212992 ----a-w- [7-8] C:\WINDOWS\system32\wbem\ntevt.dll 2012-12-30 18:53:34 199680 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\wbemcntl.dll 2012-12-30 18:53:34 199680 ----a-w- [7-8] C:\WINDOWS\system32\wbem\wbemcntl.dll 2012-12-30 18:53:34 177152 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\repdrvfs.dll 2012-12-30 18:53:34 177152 ----a-w- [7-8] C:\WINDOWS\system32\wbem\repdrvfs.dll 2012-12-30 18:53:34 131584 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\viewprov.dll 2012-12-30 18:53:34 131584 ----a-w- [7-8] C:\WINDOWS\system32\wbem\viewprov.dll 2012-12-30 18:53:33 9261 ----a-w- [---] C:\WINDOWS\system32\wbem\mof.xsl 2012-12-30 18:53:33 4944 ----a-w- [---] C:\WINDOWS\system32\wbem\hform.xsl 2012-12-30 18:53:33 472064 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\fastprox.dll 2012-12-30 18:53:33 472064 ----a-w- [7-8] C:\WINDOWS\system32\wbem\fastprox.dll 2012-12-30 18:53:33 47104 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\ncprov.dll 2012-12-30 18:53:33 47104 ----a-w- [7-8] C:\WINDOWS\system32\wbem\ncprov.dll 2012-12-30 18:53:33 4597 ----a-w- [---] C:\WINDOWS\system32\wbem\htable.xsl 2012-12-30 18:53:33 2503 ----a-w- [---] C:\WINDOWS\system32\wbem\csv.xsl 2012-12-30 18:53:33 247808 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\esscli.dll 2012-12-30 18:53:33 247808 ----a-w- [7-8] C:\WINDOWS\system32\wbem\esscli.dll 2012-12-30 18:53:33 24576 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\krnlprov.dll 2012-12-30 18:53:33 24576 ----a-w- [7-8] C:\WINDOWS\system32\wbem\krnlprov.dll 2012-12-30 18:53:33 185856 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\framedyn.dll 2012-12-30 18:53:33 185856 ----a-w- [7-8] C:\WINDOWS\system32\wbem\framedyn.dll 2012-12-30 18:53:33 17408 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mofcomp.exe 2012-12-30 18:53:33 17408 ----a-w- [7-8] C:\WINDOWS\system32\wbem\mofcomp.exe 2012-12-30 18:53:33 124928 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mofd.dll 2012-12-30 18:53:33 124928 ----a-w- [7-8] C:\WINDOWS\system32\wbem\mofd.dll 2012-12-30 18:53:32 58880 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\licwmi.dll 2012-12-30 18:53:32 58880 ----a-w- [7-8] C:\WINDOWS\system32\licwmi.dll 2012-12-30 18:53:32 56320 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\servdeps.dll 2012-12-30 18:53:32 56320 ----a-w- [7-8] C:\WINDOWS\system32\servdeps.dll 2012-12-30 18:53:32 187904 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cmprops.dll 2012-12-30 18:53:32 187904 ----a-w- [7-8] C:\WINDOWS\system32\cmprops.dll 2012-12-30 18:53:32 17920 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\mmfutil.dll 2012-12-30 18:53:32 17920 ----a-w- [7-8] C:\WINDOWS\system32\mmfutil.dll 2012-12-30 18:53:32 1352704 -c--a-w-[7--] C:\WINDOWS\system32\dllcache\cimwin32.dll 2012-12-30 18:53:32 1352704 ----a-w- [7-8] C:\WINDOWS\system32\wbem\cimwin32.dll 2012-12-30 18:53:30 196864 ----a-w- [7-8] C:\WINDOWS\system32\drivers\rdpdr.sys 2012-12-30 18:53:29 40840 ----a-w- [7-8] C:\WINDOWS\system32\drivers\termdd.sys 2012-12-30 18:52:39 200 ----a-w- [---] C:\WINDOWS\cmsetacl.log --- Modified files --- 2013-01-02 15:06:05 1024 ---ha-w- [---] C:\Documents and Settings\Administrator\ntuser.dat.LOG 2013-01-02 14:38:01 1050 ----a-w- [---] C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2013-01-02 14:37:06 0 ----a-w- [---] C:\WINDOWS\0.log 2013-01-02 14:35:53 1046 ----a-w- [---] C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2013-01-02 14:35:52 6 ---ha-w- [---] C:\WINDOWS\Tasks\SA.DAT 2013-01-02 14:35:48 2048 --s-a-w- [---] C:\WINDOWS\bootstat.dat 2013-01-02 14:35:08 32562 ----a-w- [---] C:\WINDOWS\SchedLgU.Txt 2013-01-02 14:35:08 14216 ----a-w- [---] C:\WINDOWS\WindowsUpdate.log 2013-01-02 14:35:06 188 --sh--w- [---] C:\Documents and Settings\Administrator\ntuser.ini 2013-01-02 14:35:06 1048576 ---ha-w- [---] C:\Documents and Settings\Administrator\NTUSER.DAT 2013-01-02 14:24:28 2206 ----a-w- [---] C:\WINDOWS\system32\wpa.dbl 2013-01-01 20:24:00 930 ----a-w- [---] C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2013-01-01 10:15:35 121336 ----a-w- [---] C:\WINDOWS\system32\FNTCACHE.DAT 2012-12-31 10:42:51 93640 ----a-w- [7--] C:\WINDOWS\system32\WindowsAccessBridge.dll 2012-12-31 10:42:50 859072 ----a-w- [7--] C:\WINDOWS\system32\npDeployJava1.dll 2012-12-31 10:42:50 779704 ----a-w- [7--] C:\WINDOWS\system32\deployJava1.dll 2012-12-31 10:42:50 260528 ----a-w- [7--] C:\WINDOWS\system32\javaws.exe 2012-12-31 10:42:50 174000 ----a-w- [7--] C:\WINDOWS\system32\javaw.exe 2012-12-31 10:42:50 173992 ----a-w- [7--] C:\WINDOWS\system32\java.exe 2012-12-31 10:42:50 143872 ----a-w- [---] C:\WINDOWS\system32\javacpl.cpl 2012-12-30 23:28:18 73656 ----a-w- [7--] C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2012-12-30 23:28:18 697272 ----a-w- [7--] C:\WINDOWS\system32\FlashPlayerApp.exe 2012-12-30 20:52:19 442351 ----a-w- [---] C:\WINDOWS\setupapi.log 2012-12-30 19:51:51 0 ----a-w- [---] C:\WINDOWS\system32\h323log.txt 2012-12-30 19:49:37 530 ----a-w- [---] C:\WINDOWS\wiadebug.log 2012-12-30 19:49:36 50 ----a-w- [---] C:\WINDOWS\wiaservc.log 2012-12-30 19:47:17 3094 ----a-w- [---] C:\WINDOWS\regopt.log 2012-12-30 19:47:16 231 ----a-w- [---] C:\WINDOWS\system.ini 2012-12-30 19:47:06 62 --sha-w- [---] C:\Documents and Settings\Administrator\Dane aplikacji\desktop.ini 2012-12-30 19:31:54 39 ----a-w- [---] C:\Documents and Settings\Administrator\custom.log 2012-12-30 19:28:07 1434 ----a-w- [---] C:\WINDOWS\coinst.log 2012-12-30 19:26:22 2849 ----a-w- [---] C:\WINDOWS\stsetup.htm 2012-12-30 19:24:00 0 ----a-w- [---] C:\WINDOWS\Sti_Trace.log 2012-12-30 19:21:04 1362 ----a-w- [---] C:\WINDOWS\imsins.BAK 2012-12-30 19:19:48 0 ----a-w- [---] C:\WINDOWS\setuperr.log 2012-12-30 19:13:26 104 ----a-w- [---] C:\WINDOWS\APSetup.log 2012-12-30 19:10:56 537 ----a-w- [---] C:\WINDOWS\chipset.log 2012-12-30 19:06:23 763990 ----a-w- [---] C:\WINDOWS\system32\PerfStringBackup.INI 2012-12-30 19:06:23 49712 ----a-w- [---] C:\WINDOWS\system32\perfc015.dat 2012-12-30 19:06:23 40128 ----a-w- [---] C:\WINDOWS\system32\perfc009.dat 2012-12-30 19:06:23 355830 ----a-w- [---] C:\WINDOWS\system32\perfh015.dat 2012-12-30 19:06:23 311740 ----a-w- [---] C:\WINDOWS\system32\perfh009.dat 2012-12-30 19:05:11 833 ----a-w- [---] C:\WINDOWS\OEWABLog.txt 2012-12-30 19:05:10 936 ----a-w- [---] C:\WINDOWS\wmsetup.log 2012-12-30 19:04:47 711820 ----a-w- [---] C:\WINDOWS\setuplog.txt 2012-12-30 19:03:24 8192 ----a-w- [---] C:\WINDOWS\REGLOCS.OLD 2012-12-30 19:02:26 57690 ----a-w- [---] C:\WINDOWS\iis6.log 2012-12-30 19:02:26 4438 ----a-w- [---] C:\WINDOWS\imsins.log 2012-12-30 19:02:26 20608 ----a-w- [---] C:\WINDOWS\comsetup.log 2012-12-30 19:02:26 195462 ----a-w- [---] C:\WINDOWS\setupact.log 2012-12-30 19:02:26 1802 ----a-w- [---] C:\WINDOWS\tabletoc.log 2012-12-30 19:02:26 14263 ----a-w- [---] C:\WINDOWS\tsoc.log 2012-12-30 19:02:26 12305 ----a-w- [---] C:\WINDOWS\ntdtcsetup.log 2012-12-30 19:02:26 1189 ----a-w- [---] C:\WINDOWS\ocmsn.log 2012-12-30 19:02:20 261 ----a-w- [---] C:\WINDOWS\system32\$winnt$.inf 2012-12-30 18:58:55 477 ----a-w- [---] C:\WINDOWS\win.ini 2012-12-30 18:58:55 2596 ----a-w- [---] C:\WINDOWS\system32\CONFIG.NT 2012-12-30 18:58:55 0 --sha-r- [---] C:\MSDOS.SYS 2012-12-30 18:58:55 0 --sha-r- [---] C:\IO.SYS 2012-12-30 18:58:55 0 ----a-w- [---] C:\WINDOWS\control.ini 2012-12-30 18:58:55 0 ----a-w- [---] C:\CONFIG.SYS 2012-12-30 18:58:55 0 ----a-w- [---] C:\AUTOEXEC.BAT 2012-12-30 18:58:45 316640 ----a-w- [---] C:\WINDOWS\WMSysPr9.prx 2012-12-30 18:58:44 23392 ----a-w- [---] C:\WINDOWS\system32\nscompat.tlb 2012-12-30 18:58:44 16832 ----a-w- [---] C:\WINDOWS\system32\amcompat.tlb 2012-12-30 18:58:32 4293 ----a-w- [---] C:\WINDOWS\ODBCINST.INI 2012-12-30 18:57:16 488 ---ha-r- [---] C:\WINDOWS\system32\WindowsLogon.manifest 2012-12-30 18:57:16 488 ---ha-r- [---] C:\WINDOWS\system32\logonui.exe.manifest 2012-12-30 18:57:07 749 ---ha-r- [---] C:\WINDOWS\WindowsShell.Manifest 2012-12-30 18:57:07 749 ---ha-r- [---] C:\WINDOWS\system32\wuaucpl.cpl.manifest 2012-12-30 18:57:07 749 ---ha-r- [---] C:\WINDOWS\system32\sapi.cpl.manifest 2012-12-30 18:57:07 749 ---ha-r- [---] C:\WINDOWS\system32\nwc.cpl.manifest 2012-12-30 18:57:07 749 ---ha-r- [---] C:\WINDOWS\system32\ncpa.cpl.manifest 2012-12-30 18:57:07 749 ---ha-r- [---] C:\WINDOWS\system32\cdplayer.exe.manifest 2012-12-30 18:55:27 1919 ----a-w- [---] C:\WINDOWS\MedCtrOC.log 2012-12-30 18:55:27 17739 ----a-w- [---] C:\WINDOWS\ocgen.log 2012-12-30 18:55:27 16773 ----a-w- [---] C:\WINDOWS\FaxSetup.log 2012-12-30 18:55:27 1181 ----a-w- [---] C:\WINDOWS\msgsocm.log 2012-12-30 18:55:27 1017 ----a-w- [---] C:\WINDOWS\sessmgr.setup.log 2012-12-30 18:55:23 3886 ----a-w- [---] C:\WINDOWS\netfxocm.log 2012-12-30 18:54:47 21856 ----a-w- [---] C:\WINDOWS\system32\emptyregdb.dat 2012-12-30 18:54:36 37 ----a-w- [---] C:\WINDOWS\vbaddin.ini 2012-12-30 18:54:36 36 ----a-w- [---] C:\WINDOWS\vb.ini 2012-12-30 18:54:28 133 ----a-w- [---] C:\WINDOWS\DtcInstall.log 2012-12-30 18:54:23 13264 ----a-w- [---] C:\WINDOWS\msmqinst.log 2012-12-30 18:52:39 200 ----a-w- [---] C:\WINDOWS\cmsetacl.log 2012-12-30 18:52:14 211 --sh--w- [---] C:\boot.ini Scan completed: 2013-01-02 16:07:15,00 FINISHED [/log] [b]GMER[/b][log]GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2013-01-02 16:41:09 Windows 5.1.2600 Dodatek Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD1600AABB-00PUA0 rev.00.07H00 Running: k35ficdl.exe; Driver: C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\kwldapow.sys ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtCreateFile + 6 7C90D688 4 Bytes [28, 68, E7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtCreateFile + B 7C90D68D 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtMapViewOfSection + 6 7C90DC5B 4 Bytes [28, 6B, E7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtMapViewOfSection + B 7C90DC60 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenFile + 6 7C90DD03 4 Bytes [68, 68, E7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenFile + B 7C90DD08 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenProcess + 6 7C90DD81 4 Bytes [A8, 69, E7, 00] {TEST AL, 0x69; OUT 0x0, EAX} .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenProcess + B 7C90DD86 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenProcessToken + 6 7C90DD96 4 Bytes CALL 7B91C504 .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenProcessToken + B 7C90DD9B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenProcessTokenEx + 6 7C90DDAB 4 Bytes [A8, 6A, E7, 00] {TEST AL, 0x6a; OUT 0x0, EAX} .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenProcessTokenEx + B 7C90DDB0 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenThread + 6 7C90DDFF 4 Bytes [68, 69, E7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenThread + B 7C90DE04 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenThreadToken + 6 7C90DE14 4 Bytes [68, 6A, E7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenThreadToken + B 7C90DE19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenThreadTokenEx + 6 7C90DE29 4 Bytes CALL 7B91C598 .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtOpenThreadTokenEx + B 7C90DE2E 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtQueryAttributesFile + 6 7C90DEE6 4 Bytes [A8, 68, E7, 00] {TEST AL, 0x68; OUT 0x0, EAX} .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtQueryAttributesFile + B 7C90DEEB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtQueryFullAttributesFile + 6 7C90DFB8 4 Bytes CALL 7B91C725 .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtQueryFullAttributesFile + B 7C90DFBD 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtSetInformationFile + 6 7C90E5DF 4 Bytes [28, 69, E7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtSetInformationFile + B 7C90E5E4 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtSetInformationThread + 6 7C90E648 4 Bytes [28, 6A, E7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtSetInformationThread + B 7C90E64D 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtUnmapViewOfSection + 6 7C90E966 4 Bytes [68, 6B, E7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[900] ntdll.dll!NtUnmapViewOfSection + B 7C90E96B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtCreateFile + 6 7C90D688 4 Bytes [28, 94, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtCreateFile + B 7C90D68D 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtMapViewOfSection + 6 7C90DC5B 4 Bytes [28, 97, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtMapViewOfSection + B 7C90DC60 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenFile + 6 7C90DD03 4 Bytes [68, 94, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenFile + B 7C90DD08 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenProcess + 6 7C90DD81 4 Bytes [A8, 95, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenProcess + B 7C90DD86 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenProcessToken + 6 7C90DD96 4 Bytes CALL 7B913330 .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenProcessToken + B 7C90DD9B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenProcessTokenEx + 6 7C90DDAB 4 Bytes [A8, 96, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenProcessTokenEx + B 7C90DDB0 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenThread + 6 7C90DDFF 4 Bytes [68, 95, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenThread + B 7C90DE04 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenThreadToken + 6 7C90DE14 4 Bytes [68, 96, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenThreadToken + B 7C90DE19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenThreadTokenEx + 6 7C90DE29 4 Bytes CALL 7B9133C4 .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtOpenThreadTokenEx + B 7C90DE2E 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtQueryAttributesFile + 6 7C90DEE6 4 Bytes [A8, 94, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtQueryAttributesFile + B 7C90DEEB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtQueryFullAttributesFile + 6 7C90DFB8 4 Bytes CALL 7B913551 .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtQueryFullAttributesFile + B 7C90DFBD 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtSetInformationFile + 6 7C90E5DF 4 Bytes [28, 95, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtSetInformationFile + B 7C90E5E4 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtSetInformationThread + 6 7C90E648 4 Bytes [28, 96, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtSetInformationThread + B 7C90E64D 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtUnmapViewOfSection + 6 7C90E966 4 Bytes [68, 97, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2288] ntdll.dll!NtUnmapViewOfSection + B 7C90E96B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtCreateFile + 6 7C90D688 4 Bytes [28, 30, 6F, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtCreateFile + B 7C90D68D 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtMapViewOfSection + 6 7C90DC5B 4 Bytes [28, 33, 6F, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtMapViewOfSection + B 7C90DC60 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenFile + 6 7C90DD03 4 Bytes [68, 30, 6F, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenFile + B 7C90DD08 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenProcess + 6 7C90DD81 4 Bytes [A8, 31, 6F, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenProcess + B 7C90DD86 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenProcessToken + 6 7C90DD96 4 Bytes CALL 7B914CCC .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenProcessToken + B 7C90DD9B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenProcessTokenEx + 6 7C90DDAB 4 Bytes [A8, 32, 6F, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenProcessTokenEx + B 7C90DDB0 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenThread + 6 7C90DDFF 4 Bytes [68, 31, 6F, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenThread + B 7C90DE04 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenThreadToken + 6 7C90DE14 4 Bytes [68, 32, 6F, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenThreadToken + B 7C90DE19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenThreadTokenEx + 6 7C90DE29 4 Bytes CALL 7B914D60 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenThreadTokenEx + B 7C90DE2E 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtQueryAttributesFile + 6 7C90DEE6 4 Bytes [A8, 30, 6F, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtQueryAttributesFile + B 7C90DEEB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtQueryFullAttributesFile + 6 7C90DFB8 4 Bytes CALL 7B914EED .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtQueryFullAttributesFile + B 7C90DFBD 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtSetInformationFile + 6 7C90E5DF 4 Bytes [28, 31, 6F, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtSetInformationFile + B 7C90E5E4 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtSetInformationThread + 6 7C90E648 4 Bytes [28, 32, 6F, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtSetInformationThread + B 7C90E64D 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtUnmapViewOfSection + 6 7C90E966 4 Bytes [68, 33, 6F, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtUnmapViewOfSection + B 7C90E96B 1 Byte [E2] ---- EOF - GMER 1.0.15 ---- [/log]
Natsuki Kuga komentarz 5 stycznia 2013 komentarz 5 stycznia 2013 Czy występują jeszcze jakieś problemy?
Soul_bullock komentarz 8 stycznia 2013 Autor komentarz 8 stycznia 2013 (edytowane) od czasu "usuniecia" tego innego EXPLORER komp wlacza sie duzo dłuzej i czasem sie wiesza. zuzycie CPU zwykłego procesu explorer.exe dochodzi czasem do 80-90 //EDIT: Mam jeszcze pytanie, syf ten przenislem z pena kolezanki. Teraz mam załatwione 2 peny i karte pamieci telefonu. Da sie tego z nich jakos pozbyc? zwykle zformatowanie nie pomoglo. Odświeżam. Dlaczego teraz chodzi wolno? Prosze o odp
Natsuki Kuga komentarz 11 stycznia 2013 komentarz 11 stycznia 2013 //EDIT: Mam jeszcze pytanie, syf ten przenislem z pena kolezanki. Teraz mam załatwione 2 peny i karte pamieci telefonu. Da sie tego z nich jakos pozbyc? zwykle zformatowanie nie pomoglo. Użyj USBFix z opcji Deletion. Pokaż raport. Po wykonaniu tego pokaż też zestaw nowych logów.
Soul_bullock komentarz 18 stycznia 2013 Autor komentarz 18 stycznia 2013 Z pena i Karty usuniete. Ale to nie poprawia tego ważnejszego problemu bo komp chodzi jak czołg ;/ a nie chodził tak [log] OTL logfile created on: 2013-01-18 15:12:43 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Piootrek\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1015,48 Mb Total Physical Memory | 509,61 Mb Available Physical Memory | 50,18% Memory free 2,39 Gb Paging File | 1,99 Gb Available in Paging File | 83,32% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 58,59 Gb Total Space | 49,26 Gb Free Space | 84,07% Space Free | Partition Type: NTFS Drive D: | 48,83 Gb Total Space | 46,79 Gb Free Space | 95,83% Space Free | Partition Type: NTFS Drive E: | 41,62 Gb Total Space | 38,54 Gb Free Space | 92,61% Space Free | Partition Type: NTFS Computer Name: PIOTREK | User Name: Piootrek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2013-01-01 17:56:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piootrek\Pulpit\OTL.exe PRC - [2012-12-31 11:42:51 | 000,170,408 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2011-09-28 11:33:26 | 000,539,216 | ---- | M] () -- C:\Program Files\ArcaBit\ArcaAgent\ArcaRemoteSvc.exe PRC - [2011-09-27 08:58:00 | 000,117,328 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaUpdate\update.exe PRC - [2011-09-26 14:10:36 | 000,494,160 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\AVMenu.exe PRC - [2011-09-21 13:56:04 | 000,137,808 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\ArcaConfSV.exe PRC - [2011-06-17 15:58:02 | 000,155,112 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\ArcaMainSV.exe PRC - [2011-01-21 13:42:20 | 000,129,616 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\ArcaTasksService.exe PRC - [2006-08-02 22:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe PRC - [2004-08-04 00:55:54 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe PRC - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2004-08-03 23:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2004-08-03 23:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2004-08-03 23:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2004-08-03 23:44:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004-08-03 23:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2004-08-03 23:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2004-08-03 23:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2004-07-01 05:02:52 | 000,155,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxtray.exe PRC - [2004-07-01 04:58:46 | 000,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2013-01-01 17:56:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piootrek\Pulpit\OTL.exe MOD - [2012-12-31 11:42:51 | 000,768,848 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Java\jre7\bin\msvcr100.dll MOD - [2012-12-31 11:42:51 | 000,170,408 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe MOD - [2012-06-09 19:20:02 | 000,168,448 | ---- | M] (Alexander Roshal) -- C:\Program Files\WinRAR\RarExt.dll MOD - [2012-06-05 10:41:30 | 001,232,896 | ---- | M] (GG Network S.A.) -- C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll MOD - [2011-10-19 18:25:44 | 000,297,552 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanExploit.dll MOD - [2011-09-28 11:33:46 | 004,729,424 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\abmaster.dll MOD - [2011-09-28 11:33:26 | 000,539,216 | ---- | M] () -- C:\Program Files\ArcaBit\ArcaAgent\ArcaRemoteSvc.exe MOD - [2011-09-27 08:58:00 | 000,117,328 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaUpdate\update.exe MOD - [2011-09-26 14:10:36 | 000,494,160 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\AVMenu.exe MOD - [2011-09-21 14:00:12 | 000,088,656 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\ArcaLogs.dll MOD - [2011-09-21 13:56:04 | 000,137,808 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\ArcaConfSV.exe MOD - [2011-09-21 13:55:56 | 000,125,520 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\AVConfig.dll MOD - [2011-09-21 13:55:48 | 000,473,680 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\filescan.dll MOD - [2011-09-09 14:59:40 | 000,203,344 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\facproxy.dll MOD - [2011-09-09 14:59:34 | 000,121,424 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\HTTPContent.dll MOD - [2011-08-11 17:19:12 | 000,076,368 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\AVObject.dll MOD - [2011-07-29 13:20:24 | 000,113,232 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\ABSlave.dll MOD - [2011-07-28 15:18:30 | 000,739,920 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\AVConvOb.dll MOD - [2011-07-28 15:18:24 | 000,551,504 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\AVArchOb.dll MOD - [2011-07-28 15:18:14 | 000,748,112 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\netscan.dll MOD - [2011-07-14 14:55:36 | 000,044,624 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\AVQuarEx.dll MOD - [2011-07-06 10:06:20 | 000,024,656 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\DiskCheck.dll MOD - [2011-06-17 15:58:02 | 000,155,112 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\ArcaMainSV.exe MOD - [2011-06-17 15:58:00 | 000,445,008 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\avaspam.dll MOD - [2011-05-14 01:17:40 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll MOD - [2011-05-14 01:12:34 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll MOD - [2011-05-13 20:04:20 | 001,093,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll MOD - [2011-05-05 13:19:50 | 000,305,744 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\HTTPRegx.dll MOD - [2011-05-05 13:19:38 | 000,072,272 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanTrojan.dll MOD - [2011-05-05 13:19:24 | 000,045,648 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanGeneric.dll MOD - [2011-05-05 13:19:12 | 000,020,048 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanCom.dll MOD - [2011-04-26 11:56:46 | 000,068,176 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\avengine.dll MOD - [2011-04-26 11:55:56 | 000,029,264 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanText.dll MOD - [2011-04-04 12:02:38 | 000,035,920 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanScript.dll MOD - [2011-04-04 12:02:30 | 000,032,336 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanMlw.dll MOD - [2011-04-04 12:02:22 | 000,023,632 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanHeurDM.dll MOD - [2011-04-04 12:02:10 | 000,041,552 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanExe.dll MOD - [2011-04-04 12:02:00 | 000,016,464 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanEicar.dll MOD - [2011-04-04 12:01:52 | 000,022,096 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanDialer.dll MOD - [2011-04-04 12:01:38 | 000,028,752 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanAux.dll MOD - [2011-04-04 12:01:32 | 000,064,080 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\Heur.dll MOD - [2011-04-04 12:01:16 | 000,025,168 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\Cure.dll MOD - [2011-03-17 17:28:32 | 000,088,656 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanOle.dll MOD - [2011-03-08 14:54:08 | 000,020,048 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\ScanHlp.dll MOD - [2011-03-07 15:26:52 | 000,036,432 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\AVUtils.dll MOD - [2011-03-07 15:24:12 | 000,018,512 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\Patterns.dll MOD - [2011-03-07 15:23:56 | 000,044,112 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\FindMeta.dll MOD - [2011-03-07 15:23:30 | 000,025,168 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Engine\BaseManager.dll MOD - [2011-01-21 13:42:20 | 000,129,616 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\ArcaTasksService.exe MOD - [2011-01-17 16:19:10 | 000,420,864 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll MOD - [2011-01-14 11:38:22 | 000,121,424 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\avcnstat.dll MOD - [2010-12-23 18:56:26 | 000,030,800 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\AVLang.dll MOD - [2010-12-23 18:53:40 | 000,043,088 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaUpdate\HTTPServ_dll.dll MOD - [2010-12-16 17:40:30 | 000,034,896 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\MetaProc.dll MOD - [2010-11-05 12:58:14 | 000,219,728 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\ArcaBit\ArcaVir\ssleay32.dll MOD - [2010-11-05 12:58:02 | 001,038,928 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\ArcaBit\ArcaVir\libeay32.dll MOD - [2010-09-27 18:19:22 | 000,207,440 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\avtransl.dll MOD - [2010-08-31 23:21:54 | 000,129,616 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\Decrypt.dll MOD - [2010-03-18 16:47:22 | 000,030,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll MOD - [2010-03-18 16:47:22 | 000,017,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\aspnet_counters.dll MOD - [2010-03-18 13:16:28 | 000,771,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr100_clr0400.dll MOD - [2010-03-18 13:16:28 | 000,413,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll MOD - [2010-03-18 13:16:28 | 000,129,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll MOD - [2010-03-18 13:16:28 | 000,121,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll MOD - [2010-03-18 10:09:00 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscoree.dll MOD - [2010-03-18 10:09:00 | 000,049,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netfxperf.dll MOD - [2009-07-12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll MOD - [2009-07-12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll MOD - [2009-03-08 04:39:48 | 011,063,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieframe.dll MOD - [2009-03-08 04:34:58 | 000,914,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll MOD - [2009-03-08 04:34:56 | 001,206,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll MOD - [2009-03-08 04:34:48 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll MOD - [2009-03-08 04:32:22 | 001,985,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iertutil.dll MOD - [2009-01-07 18:21:32 | 001,497,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll MOD - [2009-01-07 18:21:32 | 001,022,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll MOD - [2009-01-07 18:21:32 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-01-07 18:20:36 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\normaliz.dll MOD - [2006-08-02 22:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe MOD - [2006-06-02 12:01:34 | 000,151,552 | R--- | M] (STMicroelectronics ) -- C:\WINDOWS\system32\stmctrl.dll MOD - [2005-05-04 14:45:32 | 002,890,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll MOD - [2004-08-04 00:55:54 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe MOD - [2004-08-03 23:54:52 | 000,359,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll MOD - [2004-08-03 23:54:52 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll MOD - [2004-08-03 23:54:52 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll MOD - [2004-08-03 23:54:52 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv MOD - [2004-08-03 23:54:52 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll MOD - [2004-08-03 23:54:52 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll MOD - [2004-08-03 23:44:32 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\h323.tsp MOD - [2004-08-03 23:44:32 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp MOD - [2004-08-03 23:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2004-08-03 23:44:32 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ndptsp.tsp MOD - [2004-08-03 23:44:32 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp MOD - [2004-08-03 23:44:32 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp MOD - [2004-08-03 23:44:32 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipconf.tsp MOD - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe MOD - [2004-08-03 23:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe MOD - [2004-08-03 23:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe MOD - [2004-08-03 23:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe MOD - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe MOD - [2004-08-03 23:44:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe MOD - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe MOD - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe MOD - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe MOD - [2004-08-03 23:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe MOD - [2004-08-03 23:44:18 | 000,338,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\zipfldr.dll MOD - [2004-08-03 23:44:16 | 000,437,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll MOD - [2004-08-03 23:44:16 | 000,378,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcdlg.dll MOD - [2004-08-03 23:44:16 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll MOD - [2004-08-03 23:44:16 | 000,333,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wiaservc.dll MOD - [2004-08-03 23:44:16 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll MOD - [2004-08-03 23:44:16 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll MOD - [2004-08-03 23:44:16 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2004-08-03 23:44:16 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll MOD - [2004-08-03 23:44:16 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprov.dll MOD - [2004-08-03 23:44:16 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll MOD - [2004-08-03 23:44:16 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll MOD - [2004-08-03 23:44:16 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll MOD - [2004-08-03 23:44:16 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll MOD - [2004-08-03 23:44:16 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll MOD - [2004-08-03 23:44:16 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiaprpl.dll MOD - [2004-08-03 23:44:16 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll MOD - [2004-08-03 23:44:16 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll MOD - [2004-08-03 23:44:16 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll MOD - [2004-08-03 23:44:16 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll MOD - [2004-08-03 23:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll MOD - [2004-08-03 23:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll MOD - [2004-08-03 23:44:16 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll MOD - [2004-08-03 23:44:16 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll MOD - [2004-08-03 23:44:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2004-08-03 23:44:14 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll MOD - [2004-08-03 23:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2004-08-03 23:44:14 | 000,530,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll MOD - [2004-08-03 23:44:14 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll MOD - [2004-08-03 23:44:14 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll MOD - [2004-08-03 23:44:14 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll MOD - [2004-08-03 23:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll MOD - [2004-08-03 23:44:14 | 000,246,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapisrv.dll MOD - [2004-08-03 23:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2004-08-03 23:44:14 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll MOD - [2004-08-03 23:44:14 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll MOD - [2004-08-03 23:44:14 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll MOD - [2004-08-03 23:44:14 | 000,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll MOD - [2004-08-03 23:44:14 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll MOD - [2004-08-03 23:44:14 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll MOD - [2004-08-03 23:44:14 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll MOD - [2004-08-03 23:44:14 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll MOD - [2004-08-03 23:44:14 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemsvc.dll MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemprox.dll MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2004-08-03 23:44:14 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll MOD - [2004-08-03 23:44:14 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uniplat.dll MOD - [2004-08-03 23:44:12 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll MOD - [2004-08-03 23:44:12 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll MOD - [2004-08-03 23:44:12 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll MOD - [2004-08-03 23:44:12 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll MOD - [2004-08-03 23:44:12 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll MOD - [2004-08-03 23:44:12 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sti.dll MOD - [2004-08-03 23:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2004-08-03 23:44:12 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll MOD - [2004-08-03 23:44:12 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll MOD - [2004-08-03 23:44:10 | 008,412,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2004-08-03 23:44:10 | 001,439,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\query.dll MOD - [2004-08-03 23:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2004-08-03 23:44:10 | 000,675,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll MOD - [2004-08-03 23:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2004-08-03 23:44:10 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll MOD - [2004-08-03 23:44:10 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll MOD - [2004-08-03 23:44:10 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll MOD - [2004-08-03 23:44:10 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll MOD - [2004-08-03 23:44:10 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasppp.dll MOD - [2004-08-03 23:44:10 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll MOD - [2004-08-03 23:44:10 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll MOD - [2004-08-03 23:44:10 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll MOD - [2004-08-03 23:44:10 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasmans.dll MOD - [2004-08-03 23:44:10 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll MOD - [2004-08-03 23:44:10 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll MOD - [2004-08-03 23:44:10 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll MOD - [2004-08-03 23:44:10 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll MOD - [2004-08-03 23:44:10 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll MOD - [2004-08-03 23:44:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2004-08-03 23:44:10 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll MOD - [2004-08-03 23:44:10 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll MOD - [2004-08-03 23:44:10 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastapi.dll MOD - [2004-08-03 23:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2004-08-03 23:44:10 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll MOD - [2004-08-03 23:44:10 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll MOD - [2004-08-03 23:44:10 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll MOD - [2004-08-03 23:44:10 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll MOD - [2004-08-03 23:44:10 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll MOD - [2004-08-03 23:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2004-08-03 23:44:10 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll MOD - [2004-08-03 23:44:10 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll MOD - [2004-08-03 23:44:10 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll MOD - [2004-08-03 23:44:10 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll MOD - [2004-08-03 23:44:10 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll MOD - [2004-08-03 23:44:08 | 001,714,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll MOD - [2004-08-03 23:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2004-08-03 23:44:08 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netcfgx.dll MOD - [2004-08-03 23:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2004-08-03 23:44:08 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll MOD - [2004-08-03 23:44:08 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll MOD - [2004-08-03 23:44:08 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pdh.dll MOD - [2004-08-03 23:44:08 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll MOD - [2004-08-03 23:44:08 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll MOD - [2004-08-03 23:44:08 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll MOD - [2004-08-03 23:44:08 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll MOD - [2004-08-03 23:44:08 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll MOD - [2004-08-03 23:44:08 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2004-08-03 23:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2004-08-03 23:44:08 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll MOD - [2004-08-03 23:44:08 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll MOD - [2004-08-03 23:44:08 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll MOD - [2004-08-03 23:44:08 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll MOD - [2004-08-03 23:44:08 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfctrs.dll MOD - [2004-08-03 23:44:08 | 000,038,912 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll MOD - [2004-08-03 23:44:08 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll MOD - [2004-08-03 23:44:08 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfproc.dll MOD - [2004-08-03 23:44:08 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfdisk.dll MOD - [2004-08-03 23:44:08 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfos.dll MOD - [2004-08-03 23:44:08 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcbcp.dll MOD - [2004-08-03 23:44:08 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll MOD - [2004-08-03 23:44:08 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll MOD - [2004-08-03 23:44:08 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlsapi.dll MOD - [2004-08-03 23:44:06 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll MOD - [2004-08-03 23:44:06 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll MOD - [2004-08-03 23:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-03 23:44:06 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll MOD - [2004-08-03 23:44:06 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll MOD - [2004-08-03 23:44:06 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll MOD - [2004-08-03 23:44:06 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll MOD - [2004-08-03 23:44:06 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll MOD - [2004-08-03 23:44:06 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msidle.dll MOD - [2004-08-03 23:44:06 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll MOD - [2004-08-03 23:44:04 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll MOD - [2004-08-03 23:44:04 | 000,425,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcprx.dll MOD - [2004-08-03 23:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll MOD - [2004-08-03 23:44:04 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcuiu.dll MOD - [2004-08-03 23:44:04 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll MOD - [2004-08-03 23:44:04 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll MOD - [2004-08-03 23:44:04 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll MOD - [2004-08-03 23:44:04 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll MOD - [2004-08-03 23:44:04 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll MOD - [2004-08-03 23:44:02 | 001,024,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42u.dll MOD - [2004-08-03 23:44:02 | 001,012,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2004-08-03 23:44:02 | 000,723,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll MOD - [2004-08-03 23:44:02 | 000,343,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll MOD - [2004-08-03 23:44:02 | 000,331,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipnathlp.dll MOD - [2004-08-03 23:44:02 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll MOD - [2004-08-03 23:44:02 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll MOD - [2004-08-03 23:44:02 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\loadperf.dll MOD - [2004-08-03 23:44:02 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll MOD - [2004-08-03 23:44:02 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll MOD - [2004-08-03 23:44:02 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfcsubs.dll MOD - [2004-08-03 23:44:02 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll MOD - [2004-08-03 23:44:02 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll MOD - [2004-08-03 23:44:00 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll MOD - [2004-08-03 23:44:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2004-08-03 23:44:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll MOD - [2004-08-03 23:44:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2004-08-03 23:44:00 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll MOD - [2004-08-03 23:43:58 | 001,092,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll MOD - [2004-08-03 23:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll MOD - [2004-08-03 23:43:58 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\duser.dll MOD - [2004-08-03 23:43:58 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll MOD - [2004-08-03 23:43:58 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll MOD - [2004-08-03 23:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll MOD - [2004-08-03 23:43:58 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\fltlib.dll MOD - [2004-08-03 23:43:56 | 001,251,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comsvcs.dll MOD - [2004-08-03 23:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2004-08-03 23:43:56 | 000,611,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll MOD - [2004-08-03 23:43:56 | 000,601,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll MOD - [2004-08-03 23:43:56 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll MOD - [2004-08-03 23:43:56 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll MOD - [2004-08-03 23:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-03 23:43:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll MOD - [2004-08-03 23:43:56 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll MOD - [2004-08-03 23:43:56 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll MOD - [2004-08-03 23:43:56 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll MOD - [2004-08-03 23:43:56 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptnet.dll MOD - [2004-08-03 23:43:56 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\colbact.dll MOD - [2004-08-03 23:43:56 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll MOD - [2004-08-03 23:43:56 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll MOD - [2004-08-03 23:43:56 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll MOD - [2004-08-03 23:43:56 | 000,024,064 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\system32\dmserver.dll MOD - [2004-08-03 23:43:56 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll MOD - [2004-08-03 23:43:54 | 000,628,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\catsrvut.dll MOD - [2004-08-03 23:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2004-08-03 23:43:54 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\catsrv.dll MOD - [2004-08-03 23:43:54 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll MOD - [2004-08-03 23:43:54 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll MOD - [2004-08-03 23:43:54 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll MOD - [2004-08-03 23:43:54 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll MOD - [2004-08-03 23:43:54 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll MOD - [2004-08-03 23:43:54 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll MOD - [2004-08-03 23:43:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll MOD - [2004-08-03 23:43:54 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll MOD - [2004-08-03 23:43:54 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll MOD - [2004-08-03 23:43:52 | 001,852,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcGenral.dll MOD - [2004-08-03 23:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2004-08-03 23:43:52 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll MOD - [2004-08-03 23:43:52 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll MOD - [2004-08-03 23:43:52 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll MOD - [2004-08-03 23:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2004-08-03 23:43:42 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapres.dll MOD - [2004-08-03 23:43:42 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll MOD - [2004-08-03 23:43:30 | 002,953,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll MOD - [2004-08-03 23:43:20 | 000,563,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdoclc.dll MOD - [2004-08-03 23:43:14 | 000,427,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpob2res.dll MOD - [2004-08-03 23:43:14 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll MOD - [2004-08-03 23:43:08 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll MOD - [2004-08-03 23:42:58 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME MOD - [2004-08-03 23:42:42 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cfgmgr32.dll MOD - [2004-08-03 23:42:40 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browselc.dll MOD - [2004-08-03 23:42:34 | 001,712,128 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\GdiPlus.dll MOD - [2004-08-03 23:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2004-08-03 22:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2004-08-03 21:31:44 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll MOD - [2004-08-03 21:31:44 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll MOD - [2004-07-01 05:03:56 | 000,167,936 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxres.dll MOD - [2004-07-01 05:02:52 | 000,155,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxtray.exe MOD - [2004-07-01 05:02:28 | 000,225,280 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpph.dll MOD - [2004-07-01 04:58:46 | 000,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe MOD - [2004-07-01 04:58:34 | 000,126,976 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxhk.dll MOD - [2004-07-01 04:58:26 | 000,344,064 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.dll MOD - [2004-07-01 04:58:02 | 001,097,728 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxress.dll MOD - [2004-07-01 04:57:50 | 000,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hccutils.dll MOD - [2004-07-01 04:57:42 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxdev.dll MOD - [2001-10-26 18:30:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv MOD - [2001-10-26 18:29:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\traffic.dll MOD - [2001-10-26 18:29:44 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\utildll.dll MOD - [2001-10-26 18:29:44 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapiperf.dll MOD - [2001-10-26 18:29:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfnet.dll MOD - [2001-10-26 18:29:40 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasctrs.dll MOD - [2001-10-26 18:29:40 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfts.dll MOD - [2001-10-26 18:29:40 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pschdprf.dll MOD - [2001-10-26 18:29:40 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvpperf.dll MOD - [2001-10-26 18:28:30 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc -- (gupdatem) SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /svc -- (gupdate) SRV - [2013-01-09 17:28:15 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-12-31 11:42:51 | 000,170,408 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2011-09-28 11:33:26 | 000,539,216 | ---- | M] () [Auto | Running] -- C:\Program Files\ArcaBit\ArcaAgent\ArcaRemoteSvc.exe -- (ArcaRemoteService) SRV - [2011-09-27 08:58:00 | 000,117,328 | ---- | M] (ArcaBit) [Auto | Running] -- C:\Program Files\ArcaBit\ArcaUpdate\update.exe -- (AVUpdate) SRV - [2011-09-21 13:56:04 | 000,137,808 | ---- | M] (ArcaBit) [Auto | Running] -- C:\Program Files\ArcaBit\Common\ArcaConfSV.exe -- (ABConfSV) SRV - [2011-06-17 15:58:02 | 000,155,112 | ---- | M] (ArcaBit) [Auto | Running] -- C:\Program Files\ArcaBit\ArcaVir\ArcaMainSV.exe -- (ABMainSV) SRV - [2011-03-29 13:37:42 | 000,186,960 | ---- | M] (ArcaBit) [Auto | Stopped] -- C:\Program Files\ArcaBit\ArcaTools\ArcaBackup\ArcaBackupService.exe -- (AVBackup) SRV - [2011-01-21 13:42:20 | 000,129,616 | ---- | M] (ArcaBit) [Auto | Running] -- C:\Program Files\ArcaBit\Common\ArcaTasksService.exe -- (AVTasks2) SRV - [2004-08-03 23:44:02 | 000,174,326 | RHS- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\omepcb.dll -- (nfipqs) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCAMPR5.SYS -- (PCAMPR5) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2011-02-21 15:56:58 | 000,037,968 | ---- | M] (ArcaBit) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\abndis.sys -- (ABndisMP) DRV - [2011-02-21 15:56:58 | 000,037,968 | ---- | M] (ArcaBit) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\abndis.sys -- (ABndis) DRV - [2011-02-14 17:16:02 | 000,052,304 | ---- | M] (ArcaBit) [File_System | On_Demand | Running] -- C:\Program Files\ArcaBit\ArcaVir\ABFLT.sys -- (ABFLT) DRV - [2010-10-26 13:04:30 | 000,051,280 | ---- | M] (ArcaBit) [Kernel | System | Running] -- C:\Program Files\ArcaBit\ArcaVir\ABTDI.sys -- (ABTDI) DRV - [2006-08-18 06:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) DRV - [2006-05-25 16:28:44 | 000,684,265 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb) DRV - [2004-08-04 00:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2003-08-12 15:51:00 | 000,060,255 | R--- | M] (STMicroelectronics ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm) DRV - [2003-08-04 13:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5) DRV - [2001-08-17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) DRV - [2001-08-17 21:12:40 | 000,019,017 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8029.sys -- (rtl8029) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-436374069-2049760794-1417001333-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-436374069-2049760794-1417001333-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-436374069-2049760794-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll File not found [color=#E56717]========== Chrome ==========[/color] CHR - homepage: CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Piootrek\Moje dokumenty\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Piootrek\Moje dokumenty\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Piootrek\Moje dokumenty\Google\Chrome\Application\23.0.1271.97\pdf.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Java(TM) Platform SE 7 U10 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll CHR - plugin: Java Deployment Toolkit 7.0.100.18 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [ABREGMON] C:\Program Files\ArcaBit\ArcaVir\abregmon.exe (ArcaBit) O4 - HKLM..\Run: [AdslTaskBar] C:\WINDOWS\System32\stmctrl.dll (STMicroelectronics ) O4 - HKLM..\Run: [AvMenu] C:\Program Files\ArcaBit\ArcaVir\AVMenu.exe (ArcaBit) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKU\S-1-5-21-436374069-2049760794-1417001333-1004..\Run: [EXPLORER.EXE] C:\WINDOWS\System32\EXPLORER.EXE () O4 - HKU\S-1-5-21-436374069-2049760794-1417001333-1004..\Run: [wsctf.exe] wsctf.exe File not found O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-436374069-2049760794-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: ArcaVir >> - {40525A66-DB98-480D-BCF9-7AF88C1AF438} - C:\Program Files\ArcaBit\WebExtensions\ie\ArcaIEExt.dll (ArcaBit sp. z o.o) O9 - Extra 'Tools' menuitem : ArcaVir >> - {40525A66-DB98-480D-BCF9-7AF88C1AF438} - C:\Program Files\ArcaBit\WebExtensions\ie\ArcaIEExt.dll (ArcaBit sp. z o.o) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1357469666125 (WUWebControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1357470585531 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C623AF4C-8D95-491C-9A29-24DCEC5B7DCF}: NameServer = 194.204.159.1 194.204.152.34 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\System32\EXPLORER.EXE () O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (EXPLORER.EXE) - C:\WINDOWS\System32\EXPLORER.EXE () O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2012-12-30 21:35:19 | 000,000,000 | -HSD | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2012-12-30 21:35:20 | 000,000,000 | -HSD | M] - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2012-12-30 21:35:20 | 000,000,000 | -HSD | M] - E:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{408a7130-52b7-11e2-be00-00051c1cdbc8}\Shell - "" = AutoRun O33 - MountPoints2\{408a7130-52b7-11e2-be00-00051c1cdbc8}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn O33 - MountPoints2\{9efb9c80-5e69-11e2-be1e-00051c1cdbc8}\Shell\AutoRun\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhx32.exe O33 - MountPoints2\{9efb9c80-5e69-11e2-be1e-00051c1cdbc8}\Shell\open\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhx32.exe O33 - MountPoints2\{cefa68fd-571f-11e2-be0b-00051c1cdbc8}\Shell\AutoRun\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhx32.exe O33 - MountPoints2\{cefa68fd-571f-11e2-be0b-00051c1cdbc8}\Shell\open\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhx32.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: 6to4 - File not found NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: ojumdcjt - File not found NetSvcs: nfipqs - C:\WINDOWS\system32\omepcb.dll () SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2013-01-18 14:59:50 | 000,037,968 | ---- | C] (ArcaBit) -- C:\WINDOWS\System32\drivers\abndis.sys [2013-01-18 14:59:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ArcaVir [2013-01-18 14:57:48 | 000,000,000 | ---D | C] -- C:\Program Files\ArcaBit [2013-01-18 14:57:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ArcaBit [2013-01-18 14:50:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2013-01-17 18:52:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Pulpit\Nowy folder [2013-01-14 18:34:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Piszę poprawnie 4 [2013-01-14 18:34:40 | 000,000,000 | ---D | C] -- C:\Program Files\Pisze poprawnie 4 [2013-01-14 18:33:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Niezbędnik rowerzysty [2013-01-14 18:27:38 | 000,000,000 | ---D | C] -- C:\Program Files\Niezbednik rowerzysty [2013-01-14 18:27:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\YDP [2013-01-14 18:24:36 | 000,000,000 | ---D | C] -- C:\Program Files\Szkola podstawowa klasa 4 - Wczoraj i dzis [2013-01-14 18:22:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Szkola podstawowa klasy 4-6 [2013-01-14 18:22:46 | 000,000,000 | ---D | C] -- C:\Program Files\Szkola podstawowa - Muzyka na ekranie [2013-01-13 19:46:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Szkola podstawowa klasa 4 [2013-01-13 19:46:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\YDP [2013-01-13 19:46:57 | 000,000,000 | ---D | C] -- C:\Program Files\Szkola podstawowa klasa 4 - Tajemnice przyrody [2013-01-13 13:35:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2013-01-13 13:34:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ElfBot NG [2013-01-13 13:34:07 | 000,000,000 | ---D | C] -- C:\Program Files\ElfBot NG [2013-01-13 13:33:26 | 002,110,837 | ---- | C] (NGSoft, LLC ) -- C:\Documents and Settings\Piootrek\Moje dokumenty\setup-4.5.9.exe [2013-01-11 22:58:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\Identities [2013-01-11 18:26:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Altaron [2013-01-06 16:10:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Remere's Map Editor [2013-01-06 16:10:26 | 000,000,000 | ---D | C] -- C:\Program Files\Remere's Map Editor [2013-01-06 16:10:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Remere's Map Editor [2013-01-06 14:29:16 | 000,000,000 | ---D | C] -- C:\NVIDIA [2013-01-06 13:36:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\dll-files.com [2013-01-06 13:35:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Dll-Files Fixer [2013-01-06 13:35:50 | 000,000,000 | ---D | C] -- C:\Program Files\Dll-Files.com Fixer [2013-01-06 13:09:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\assembly [2013-01-06 13:07:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US [2013-01-06 13:06:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2013-01-06 13:06:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET [2013-01-06 12:48:59 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$ [2013-01-06 11:31:50 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Piootrek\PrivacIE [2013-01-06 10:53:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\WinRAR [2013-01-06 10:53:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty\Tibia + inne [2013-01-05 22:52:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Menu Start\Programy\WapSter [2013-01-05 22:51:52 | 000,000,000 | ---D | C] -- C:\Program Files\WapSter [2013-01-05 22:44:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2013-01-05 22:20:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\WapSter [2013-01-05 21:02:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Macromedia [2013-01-05 21:02:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Adobe [2013-01-05 19:11:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Tibia [2013-01-05 18:37:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\Google [2013-01-05 18:31:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\Opera [2013-01-05 18:31:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Opera [2013-01-05 18:30:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Identities [2013-01-05 18:30:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty\Moje obrazy [2013-01-05 18:30:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty\Moja muzyka [2013-01-05 18:29:59 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Piootrek\IETldCache [2013-01-05 18:29:52 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Microsoft [2013-01-05 18:29:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Piootrek\SendTo [2013-01-05 18:29:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Piootrek\Recent [2013-01-05 18:29:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji [2013-01-05 18:29:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Ulubione [2013-01-05 18:29:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty [2013-01-05 18:29:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Menu Start [2013-01-05 18:29:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Autostart [2013-01-05 18:29:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Akcesoria [2013-01-05 18:29:52 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Piootrek\Cookies [2013-01-05 18:29:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Piootrek\Szablony [2013-01-05 18:29:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Piootrek\PrintHood [2013-01-05 18:29:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Piootrek\NetHood [2013-01-05 18:29:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Pulpit [2013-01-05 18:29:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Piootrek\Ustawienia lokalne [2013-01-05 18:29:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\Microsoft [2013-01-05 08:44:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2013-01-04 15:33:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2013-01-04 15:31:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-PL [2013-01-02 15:33:53 | 000,000,000 | ---D | C] -- C:\_OTL [2013-01-01 17:56:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Piootrek\Pulpit\OTL.exe [2012-12-31 20:54:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Total Video Player [2012-12-31 20:54:23 | 000,000,000 | ---D | C] -- C:\Program Files\Total Video Player [2012-12-31 11:43:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun [2012-12-31 11:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012-12-31 11:03:04 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\OpenOffice.org 3.3 [2012-12-31 11:02:06 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3 [2012-12-31 10:04:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\GG [2012-12-31 00:13:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe [2012-12-30 22:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Tibia [2012-12-30 22:27:55 | 000,000,000 | ---D | C] -- C:\Program Files\Tibia [2012-12-30 22:20:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Asprate [2012-12-30 22:20:07 | 000,000,000 | ---D | C] -- C:\Program Files\Asprate [2012-12-30 22:19:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\WinRAR [2012-12-30 22:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2012-12-30 21:35:19 | 000,000,000 | -HSD | C] -- C:\autorun.inf [2012-12-30 21:33:56 | 000,000,000 | RHSD | C] -- C:\RECYCLER [2012-12-30 20:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2012-12-30 20:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start [2012-12-30 20:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty [2012-12-30 20:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart [2012-12-30 20:47:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Szablony [2012-12-30 20:47:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Ulubione [2012-12-30 20:47:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Pulpit [2012-12-30 20:46:27 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft [2012-12-30 20:46:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji [2012-12-30 20:41:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads [2012-12-30 20:38:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty\Google Chrome [2012-12-30 20:33:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty\Google [2012-12-30 20:28:11 | 000,032,768 | ---- | C] (France Télécom R&D) -- C:\WINDOWS\System32\WooDial2000.dll [2012-12-30 20:28:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\neostrada tp [2012-12-30 20:27:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\InsFiles [2012-12-30 20:27:43 | 000,102,400 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\stmtrace.exe [2012-12-30 20:27:43 | 000,065,536 | R--- | C] (STMicroelectronics) -- C:\WINDOWS\DSLTest.exe [2012-12-30 20:27:42 | 000,446,464 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmadsl.cpl [2012-12-30 20:27:42 | 000,060,255 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\drivers\stmatm.sys [2012-12-30 20:26:18 | 000,425,984 | ---- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmcfg32.dll [2012-12-30 20:26:18 | 000,151,552 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmctrl.dll [2012-12-30 20:26:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ZXDSL 852 [2012-12-30 20:26:12 | 000,000,000 | ---D | C] -- C:\Program Files\ZTE ZXDSL 852 [2012-12-30 20:26:02 | 000,094,208 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\W32n50.dll [2012-12-30 20:26:02 | 000,016,128 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCANDIS5.SYS [2012-12-30 20:25:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Java 2 Runtime Environment [2012-12-30 20:25:33 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012-12-30 20:24:13 | 000,000,000 | ---D | C] -- C:\Program Files\neostrada tp [2012-12-30 20:21:00 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache [2012-12-30 20:20:55 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer [2012-12-30 20:20:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC [2012-12-30 20:20:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines [2012-12-30 20:20:50 | 000,000,000 | R--D | C] -- C:\Program Files [2012-12-30 20:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared [2012-12-30 20:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files [2012-12-30 20:20:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2 [2012-12-30 20:20:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot [2012-12-30 20:19:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings [2012-12-30 20:19:40 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012-12-30 20:16:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS [2012-12-30 20:13:50 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts [2012-12-30 20:13:50 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache [2012-12-30 20:13:50 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web [2012-12-30 20:13:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\system [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\security [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\java [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1045 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025 [2012-12-30 20:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek Sound Manager [2012-12-30 20:13:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Realtek Sound Manager [2012-12-30 20:13:25 | 000,000,000 | ---D | C] -- C:\Program Files\AvRack [2012-12-30 20:13:11 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek AC97 [2012-12-30 20:10:56 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2012-12-30 20:10:05 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2012-12-30 20:09:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2012-12-30 20:09:10 | 000,000,000 | ---D | C] -- C:\Intel [2012-12-30 20:08:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups [2012-12-30 20:05:04 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information [2012-12-30 20:04:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution [2012-12-30 20:03:31 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft [2012-12-30 20:03:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2012-12-30 20:03:30 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2012-12-30 20:03:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2012-12-30 20:03:21 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2012-12-30 20:03:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2012-12-30 20:01:30 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll [2012-12-30 20:01:30 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll [2012-12-30 20:01:30 | 000,026,624 | ---- | C] (RICOH Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll [2012-12-30 20:00:00 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys [2012-12-30 19:59:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom [2012-12-30 19:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\xerox [2012-12-30 19:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage [2012-12-30 19:57:32 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM [2012-12-30 19:57:17 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages [2012-12-30 19:57:16 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files [2012-12-30 19:57:01 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate [2012-12-30 19:56:57 | 000,000,000 | ---D | C] -- C:\Program Files\Usługi online [2012-12-30 19:56:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX [2012-12-30 19:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services [2012-12-30 19:56:04 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks [2012-12-30 19:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap [2012-12-30 19:55:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst [2012-12-30 19:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed [2012-12-30 19:55:51 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker [2012-12-30 19:55:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore [2012-12-30 19:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting [2012-12-30 19:55:37 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express [2012-12-30 19:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System [2012-12-30 19:55:29 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer [2012-12-30 19:55:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy [2012-12-30 19:54:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Gry [2012-12-30 19:54:38 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications [2012-12-30 19:54:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Narzędzia administracyjne [2012-12-30 19:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration [2012-12-30 19:54:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka [2012-12-30 19:54:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player [2012-12-30 19:54:17 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger [2012-12-30 19:54:13 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone [2012-12-30 19:53:44 | 000,283,136 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe [2012-12-30 19:53:43 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT [2012-12-30 19:53:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc [2012-12-30 19:53:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com [2012-12-30 19:53:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo [2012-12-30 19:52:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2013-01-18 15:38:00 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013-01-18 15:24:17 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013-01-18 14:21:28 | 000,002,377 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\Remere's Map Editor.lnk [2013-01-18 11:27:30 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013-01-18 11:24:51 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2013-01-18 11:24:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013-01-17 23:29:02 | 001,572,864 | -H-- | M] () -- C:\Documents and Settings\Piootrek\NTUSER.DAT [2013-01-17 23:29:02 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Piootrek\ntuser.ini [2013-01-17 23:28:53 | 005,362,568 | -H-- | M] () -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\IconCache.db [2013-01-17 15:37:40 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013-01-14 15:32:59 | 000,126,112 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013-01-13 13:34:12 | 000,000,623 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\ElfBot NG.lnk [2013-01-13 13:33:40 | 002,110,837 | ---- | M] (NGSoft, LLC ) -- C:\Documents and Settings\Piootrek\Moje dokumenty\setup-4.5.9.exe [2013-01-13 13:33:23 | 001,859,072 | ---- | M] () -- C:\Documents and Settings\Piootrek\Moje dokumenty\ElfCrack.exe [2013-01-12 14:09:28 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\DLL-Files.Com Fixer_Updates.job [2013-01-08 18:24:44 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-01-06 14:07:35 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\DLL-Files.Com Fixer_MONTHLY.job [2013-01-06 13:35:57 | 000,000,763 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Dll-Files Fixer.lnk [2013-01-06 13:26:43 | 000,501,498 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2013-01-06 13:26:43 | 000,088,124 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2013-01-06 13:26:42 | 001,068,048 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2013-01-06 13:26:42 | 000,442,636 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013-01-06 13:26:42 | 000,069,670 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013-01-06 12:49:55 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013-01-05 22:53:37 | 000,018,856 | ---- | M] () -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2013-01-05 22:52:08 | 000,000,591 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\AQQ.lnk [2013-01-05 19:07:08 | 000,006,091 | ---- | M] () -- C:\WINDOWS\stsetup.htm [2013-01-05 19:07:05 | 000,001,414 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ZTE ZXDSL 852.lnk [2013-01-05 18:47:43 | 000,001,875 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\Google Chrome.lnk [2013-01-05 18:31:52 | 000,000,348 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\Moje dokumenty.lnk [2013-01-05 18:31:37 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\Mój komputer.lnk [2013-01-01 17:56:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piootrek\Pulpit\OTL.exe [2012-12-31 20:54:28 | 000,000,661 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\Total Video Player.lnk [2012-12-31 11:03:05 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.3.lnk [2012-12-30 22:27:59 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\Tibia.lnk [2012-12-30 22:20:09 | 000,001,856 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\Tibia MULTI-IP Changer.lnk [2012-12-30 20:47:16 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini [2012-12-30 20:13:26 | 000,001,519 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AvRack.lnk [2012-12-30 20:03:24 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD [2012-12-30 20:02:20 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2012-12-30 19:58:55 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2012-12-30 19:58:55 | 000,000,477 | ---- | M] () -- C:\WINDOWS\win.ini [2012-12-30 19:58:55 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2012-12-30 19:58:55 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2012-12-30 19:58:45 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2012-12-30 19:58:44 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2012-12-30 19:58:44 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2012-12-30 19:58:32 | 000,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2012-12-30 19:57:16 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2012-12-30 19:57:16 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest [2012-12-30 19:57:07 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2012-12-30 19:57:07 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest [2012-12-30 19:57:07 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2012-12-30 19:57:07 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2012-12-30 19:57:07 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2012-12-30 19:57:07 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2012-12-30 19:54:47 | 000,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2012-12-30 19:54:36 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini [2012-12-30 19:54:36 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini [2012-12-30 19:52:14 | 000,000,211 | -HS- | M] () -- C:\boot.ini [color=#E56717]========== Files Created - No Company Name ==========[/color] File not found -- C:\WINDOWS\System32\EXPLORER.EXE [2013-01-13 13:34:12 | 000,000,623 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\ElfBot NG.lnk [2013-01-13 13:33:13 | 001,859,072 | ---- | C] () -- C:\Documents and Settings\Piootrek\Moje dokumenty\ElfCrack.exe [2013-01-06 16:10:41 | 000,002,377 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\Remere's Map Editor.lnk [2013-01-06 15:01:39 | 000,000,661 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\Total Video Player.lnk [2013-01-06 13:36:44 | 000,000,286 | ---- | C] () -- C:\WINDOWS\tasks\DLL-Files.Com Fixer_Updates.job [2013-01-06 13:36:43 | 000,000,270 | ---- | C] () -- C:\WINDOWS\tasks\DLL-Files.Com Fixer_MONTHLY.job [2013-01-06 13:35:57 | 000,000,763 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Dll-Files Fixer.lnk [2013-01-06 12:40:50 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-01-05 22:53:37 | 000,018,856 | ---- | C] () -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2013-01-05 22:52:08 | 000,000,591 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\AQQ.lnk [2013-01-05 19:07:05 | 000,001,414 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ZTE ZXDSL 852.lnk [2013-01-05 18:42:43 | 005,362,568 | -H-- | C] () -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\IconCache.db [2013-01-05 18:34:17 | 000,001,875 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\Google Chrome.lnk [2013-01-05 18:34:05 | 000,001,856 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\Tibia MULTI-IP Changer.lnk [2013-01-05 18:31:52 | 000,000,348 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\Moje dokumenty.lnk [2013-01-05 18:31:37 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\Mój komputer.lnk [2013-01-05 18:30:19 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Internet Explorer.lnk [2013-01-05 18:30:08 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Outlook Express.lnk [2013-01-05 18:29:54 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\Piootrek\ntuser.ini [2013-01-05 18:29:52 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Pomoc zdalna.lnk [2013-01-05 18:29:52 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Windows Media Player.lnk [2013-01-05 18:29:51 | 001,572,864 | -H-- | C] () -- C:\Documents and Settings\Piootrek\NTUSER.DAT [2012-12-31 11:03:05 | 000,000,923 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.3.lnk [2012-12-31 00:28:19 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-12-30 22:27:59 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\Tibia.lnk [2012-12-30 20:51:52 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk [2012-12-30 20:33:50 | 000,001,050 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012-12-30 20:33:49 | 000,001,046 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-12-30 20:31:54 | 000,000,643 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Messenger.lnk [2012-12-30 20:27:43 | 000,000,902 | R--- | C] () -- C:\WINDOWS\System32\setup.ini [2012-12-30 20:27:43 | 000,000,161 | R--- | C] () -- C:\WINDOWS\DSLSetup.ini [2012-12-30 20:27:42 | 000,684,265 | R--- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys [2012-12-30 20:27:42 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\stmclean.exe [2012-12-30 20:27:42 | 000,018,498 | R--- | C] () -- C:\WINDOWS\System32\CSALogo.bmp [2012-12-30 20:26:11 | 000,006,091 | ---- | C] () -- C:\WINDOWS\stsetup.htm [2012-12-30 20:25:34 | 000,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll [2012-12-30 20:20:59 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2012-12-30 20:20:55 | 001,068,048 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2012-12-30 20:20:54 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2012-12-30 20:20:51 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd [2012-12-30 20:20:51 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa [2012-12-30 20:20:51 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa [2012-12-30 20:20:51 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf [2012-12-30 20:20:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls [2012-12-30 20:20:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls [2012-12-30 20:20:46 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls [2012-12-30 20:20:46 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls [2012-12-30 20:20:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls [2012-12-30 20:20:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls [2012-12-30 20:20:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls [2012-12-30 20:20:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls [2012-12-30 20:20:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls [2012-12-30 20:20:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS [2012-12-30 20:20:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls [2012-12-30 20:20:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls [2012-12-30 20:20:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls [2012-12-30 20:20:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls [2012-12-30 20:20:42 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls [2012-12-30 20:20:42 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls [2012-12-30 20:20:42 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls [2012-12-30 20:20:42 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls [2012-12-30 20:20:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls [2012-12-30 20:20:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls [2012-12-30 20:20:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls [2012-12-30 20:20:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS [2012-12-30 20:20:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls [2012-12-30 20:20:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls [2012-12-30 20:20:41 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls [2012-12-30 20:20:41 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls [2012-12-30 20:20:41 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls [2012-12-30 20:20:41 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls [2012-12-30 20:20:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls [2012-12-30 20:20:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS [2012-12-30 20:20:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls [2012-12-30 20:20:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls [2012-12-30 20:20:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls [2012-12-30 20:20:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls [2012-12-30 20:20:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls [2012-12-30 20:20:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls [2012-12-30 20:20:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls [2012-12-30 20:20:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls [2012-12-30 20:20:33 | 000,001,734 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT [2012-12-30 20:20:21 | 000,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat [2012-12-30 20:20:21 | 000,102,826 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat [2012-12-30 20:20:21 | 000,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat [2012-12-30 20:20:21 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT [2012-12-30 20:20:21 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT [2012-12-30 20:20:20 | 001,086,058 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NTPRINT.CAT [2012-12-30 20:20:20 | 000,808,524 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT [2012-12-30 20:20:20 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2012-12-30 20:20:20 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT [2012-12-30 20:20:20 | 000,030,983 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT [2012-12-30 20:20:20 | 000,014,043 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT [2012-12-30 20:20:20 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT [2012-12-30 20:20:20 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT [2012-12-30 20:20:20 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT [2012-12-30 20:20:20 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat [2012-12-30 20:20:19 | 001,896,400 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT [2012-12-30 20:20:19 | 001,014,483 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT [2012-12-30 20:20:19 | 000,620,500 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT [2012-12-30 20:19:40 | 000,126,112 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-12-30 20:18:25 | 000,000,211 | -HS- | C] () -- C:\boot.ini [2012-12-30 20:18:21 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf [2012-12-30 20:13:48 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2012-12-30 20:13:26 | 000,001,519 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AvRack.lnk [2012-12-30 20:13:25 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini [2012-12-30 20:13:06 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\alsndmgr.wav [2012-12-30 20:13:02 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2012-12-30 20:07:02 | 000,067,380 | ---- | C] () -- C:\WINDOWS\System32\igfxhhun.lhp [2012-12-30 20:07:02 | 000,065,087 | ---- | C] () -- C:\WINDOWS\System32\igfxhkor.lhp [2012-12-30 20:07:02 | 000,063,938 | ---- | C] () -- C:\WINDOWS\System32\igfxhtrk.lhp [2012-12-30 20:07:02 | 000,062,815 | ---- | C] () -- C:\WINDOWS\System32\igfxhplk.lhp [2012-12-30 20:07:02 | 000,062,509 | ---- | C] () -- C:\WINDOWS\System32\igfxhdeu.lhp [2012-12-30 20:07:02 | 000,061,984 | ---- | C] () -- C:\WINDOWS\System32\igfxhsve.lhp [2012-12-30 20:07:02 | 000,061,950 | ---- | C] () -- C:\WINDOWS\System32\igfxhfrc.lhp [2012-12-30 20:07:02 | 000,061,869 | ---- | C] () -- C:\WINDOWS\System32\igfxhtha.lhp [2012-12-30 20:07:02 | 000,061,799 | ---- | C] () -- C:\WINDOWS\System32\igfxhfin.lhp [2012-12-30 20:07:02 | 000,061,511 | ---- | C] () -- C:\WINDOWS\System32\igfxhfra.lhp [2012-12-30 20:07:02 | 000,061,388 | ---- | C] () -- C:\WINDOWS\System32\igfxhptg.lhp [2012-12-30 20:07:02 | 000,060,848 | ---- | C] () -- C:\WINDOWS\System32\igfxhesp.lhp [2012-12-30 20:07:02 | 000,060,758 | ---- | C] () -- C:\WINDOWS\System32\igfxhjpn.lhp [2012-12-30 20:07:02 | 000,060,547 | ---- | C] () -- C:\WINDOWS\System32\igfxhell.lhp [2012-12-30 20:07:02 | 000,060,476 | ---- | C] () -- C:\WINDOWS\System32\igfxhdan.lhp [2012-12-30 20:07:02 | 000,060,436 | ---- | C] () -- C:\WINDOWS\System32\igfxhptb.lhp [2012-12-30 20:07:02 | 000,060,216 | ---- | C] () -- C:\WINDOWS\System32\igfxhrus.lhp [2012-12-30 20:07:02 | 000,059,861 | ---- | C] () -- C:\WINDOWS\System32\igfxharb.lhp [2012-12-30 20:07:02 | 000,059,760 | ---- | C] () -- C:\WINDOWS\System32\igfxhcsy.lhp [2012-12-30 20:07:02 | 000,059,753 | ---- | C] () -- C:\WINDOWS\System32\igfxhara.lhp [2012-12-30 20:07:02 | 000,059,448 | ---- | C] () -- C:\WINDOWS\System32\igfxhnld.lhp [2012-12-30 20:07:02 | 000,059,350 | ---- | C] () -- C:\WINDOWS\System32\igfxhnor.lhp [2012-12-30 20:07:02 | 000,059,095 | ---- | C] () -- C:\WINDOWS\System32\igfxhita.lhp [2012-12-30 20:07:02 | 000,059,064 | ---- | C] () -- C:\WINDOWS\System32\igfxhheb.lhp [2012-12-30 20:07:02 | 000,058,394 | ---- | C] () -- C:\WINDOWS\System32\igfxhcht.lhp [2012-12-30 20:07:02 | 000,057,559 | ---- | C] () -- C:\WINDOWS\System32\igfxheng.lhp [2012-12-30 20:07:02 | 000,057,430 | ---- | C] () -- C:\WINDOWS\System32\igfxhchs.lhp [2012-12-30 20:07:02 | 000,056,937 | ---- | C] () -- C:\WINDOWS\System32\igfxhenu.lhp [2012-12-30 20:03:31 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT [2012-12-30 20:03:24 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD [2012-12-30 20:02:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012-12-30 20:02:10 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls [2012-12-30 20:01:23 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls [2012-12-30 20:01:23 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls [2012-12-30 20:01:21 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll [2012-12-30 20:00:55 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex [2012-12-30 20:00:55 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls [2012-12-30 20:00:44 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe [2012-12-30 20:00:43 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe [2012-12-30 20:00:41 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex [2012-12-30 20:00:29 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll [2012-12-30 20:00:23 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex [2012-12-30 20:00:18 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll [2012-12-30 20:00:03 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll [2012-12-30 19:59:59 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls [2012-12-30 19:59:59 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls [2012-12-30 19:59:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls [2012-12-30 19:59:58 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls [2012-12-30 19:59:58 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls [2012-12-30 19:59:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls [2012-12-30 19:59:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls [2012-12-30 19:59:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls [2012-12-30 19:59:57 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls [2012-12-30 19:59:57 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls [2012-12-30 19:59:57 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls [2012-12-30 19:59:57 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls [2012-12-30 19:59:57 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls [2012-12-30 19:59:57 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls [2012-12-30 19:59:57 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls [2012-12-30 19:59:57 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls [2012-12-30 19:59:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls [2012-12-30 19:59:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls [2012-12-30 19:59:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls [2012-12-30 19:59:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls [2012-12-30 19:59:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls [2012-12-30 19:59:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls [2012-12-30 19:59:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls [2012-12-30 19:59:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls [2012-12-30 19:59:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls [2012-12-30 19:59:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls [2012-12-30 19:59:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls [2012-12-30 19:59:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls [2012-12-30 19:59:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls [2012-12-30 19:59:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls [2012-12-30 19:59:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls [2012-12-30 19:59:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls [2012-12-30 19:59:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls [2012-12-30 19:59:54 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls [2012-12-30 19:59:54 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls [2012-12-30 19:59:54 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls [2012-12-30 19:59:54 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls [2012-12-30 19:59:54 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls [2012-12-30 19:59:54 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls [2012-12-30 19:59:54 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls [2012-12-30 19:59:53 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls [2012-12-30 19:59:53 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls [2012-12-30 19:59:53 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls [2012-12-30 19:59:53 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls [2012-12-30 19:59:53 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls [2012-12-30 19:59:53 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls [2012-12-30 19:59:53 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls [2012-12-30 19:59:52 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls [2012-12-30 19:59:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls [2012-12-30 19:59:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls [2012-12-30 19:59:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls [2012-12-30 19:59:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls [2012-12-30 19:59:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls [2012-12-30 19:59:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls [2012-12-30 19:59:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls [2012-12-30 19:59:51 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls [2012-12-30 19:59:51 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls [2012-12-30 19:59:51 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls [2012-12-30 19:59:50 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls [2012-12-30 19:59:50 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls [2012-12-30 19:58:55 | 000,002,596 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT [2012-12-30 19:58:55 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2012-12-30 19:58:55 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2012-12-30 19:58:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini [2012-12-30 19:58:55 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS [2012-12-30 19:58:55 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT [2012-12-30 19:58:44 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb [2012-12-30 19:58:44 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb [2012-12-30 19:58:42 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx [2012-12-30 19:57:16 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2012-12-30 19:57:16 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2012-12-30 19:57:07 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2012-12-30 19:57:07 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest [2012-12-30 19:57:07 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2012-12-30 19:57:07 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2012-12-30 19:57:07 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2012-12-30 19:57:07 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2012-12-30 19:57:00 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Movie Maker.lnk [2012-12-30 19:56:46 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex [2012-12-30 19:56:14 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp [2012-12-30 19:56:14 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp [2012-12-30 19:56:09 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf [2012-12-30 19:55:56 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe [2012-12-30 19:55:45 | 000,379,904 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll [2012-12-30 19:54:47 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2012-12-30 19:54:36 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini [2012-12-30 19:54:36 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini [2012-12-30 19:53:57 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Indiański pled.bmp [2012-12-30 19:53:56 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Bąbelki.bmp [2012-12-30 19:53:56 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Pod mikroskopem.bmp [2012-12-30 19:53:56 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Stiuk z Santa Fe.bmp [2012-12-30 19:53:56 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Wachlarze.bmp [2012-12-30 19:53:56 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Nefryt.bmp [2012-12-30 19:53:56 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp [2012-12-30 19:53:56 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Na rybkach.bmp [2012-12-30 19:53:56 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kawa.bmp [2012-12-30 19:53:56 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Puch.bmp [2012-12-30 19:53:56 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Niebieska koronka 16.bmp [2012-12-30 19:53:55 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce [2012-12-30 19:53:55 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce [2012-12-30 19:53:55 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce [2012-12-30 19:53:55 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce [2012-12-30 19:53:55 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce [2012-12-30 19:53:55 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce [2012-12-30 19:53:55 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce [2012-12-30 19:53:55 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce [2012-12-30 19:53:53 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini [2012-12-30 19:53:53 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h [2012-12-30 19:53:53 | 000,001,225 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd [2012-12-30 19:53:52 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini [2012-12-30 19:53:52 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h [2012-12-30 19:53:45 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc [color=#E56717]========== ZeroAccess Check ==========[/color] [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2009-01-07 18:21:32 | 001,497,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2004-08-03 23:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004-08-03 23:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2012-12-31 11:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\GG [2012-12-31 11:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenOffice.org [2012-12-30 20:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera [2012-12-30 22:41:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Tibia [2013-01-18 15:26:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ArcaBit [2012-12-31 10:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\GG [2013-01-18 12:21:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2013-01-05 18:43:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Opera [2013-01-11 18:28:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Altaron [2013-01-06 13:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piootrek\Dane aplikacji\dll-files.com [2013-01-05 18:31:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Opera [2013-01-06 16:10:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Remere's Map Editor [2013-01-05 19:11:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Tibia [2013-01-14 18:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piootrek\Dane aplikacji\YDP [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2012-12-30 19:52:14 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2001-07-21 23:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2012-12-30 19:58:55 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2012-12-30 19:58:55 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-03 21:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2004-08-03 21:59:54 | 000,250,624 | RHS- | M] () -- C:\ntldr [2013-01-18 11:24:40 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys [2013-01-02 16:07:15 | 000,173,141 | ---- | M] () -- C:\result.txt [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys [2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 231 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B < End of report > [/log] [log] OTL Extras logfile created on: 2013-01-18 15:12:43 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Piootrek\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1015,48 Mb Total Physical Memory | 509,61 Mb Available Physical Memory | 50,18% Memory free 2,39 Gb Paging File | 1,99 Gb Available in Paging File | 83,32% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 58,59 Gb Total Space | 49,26 Gb Free Space | 84,07% Space Free | Partition Type: NTFS Drive D: | 48,83 Gb Total Space | 46,79 Gb Free Space | 95,83% Space Free | Partition Type: NTFS Drive E: | 41,62 Gb Total Space | 38,54 Gb Free Space | 92,61% Space Free | Partition Type: NTFS Computer Name: PIOTREK | User Name: Piootrek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [HKEY_USERS\S-1-5-21-436374069-2049760794-1417001333-1004\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML.G4EHL74QSLVOMH4CVX3CGXCZ5U] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "2729:TCP" = 2729:TCP:*:Enabled:kffmn "50000:TCP" = 50000:TCP:*:Enabled:ArcaVir CommunicationPort (A) "50001:TCP" = 50001:TCP:*:Enabled:ArcaVir CommunicationPort (S) [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "C:\Program Files\WapSter\WapSter AQQ\AQQ.exe" = C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ -- () [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0141D498-16DA-4221-A529-1D7A64BE8B05}" = OpenOffice.org 3.3 "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0C0FE292-E7D0-4938-AA41-E6E5F72D21BC}" = Remere's Map Editor "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10 "{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{4849E74C-3408-467A-AF8B-F3DEC3C07542}" = Niezbędnik rowerzysty "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver "{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver "{9FE65E62-D027-47F7-B32D-8CAC60026D75}" = ArcaVir "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC1E4C93-C1E7-11D6-9D10-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.0_03 "{F41B3F68-C137-477A-9DD5-E231F512D84F}" = ArcaVir Prerequistes "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "AQQ" = WapSter AQQ "Dll-Files Fixer_is1" = Dll-Files Fixer "E.M. Total Video Player 1.31_is1" = E.M. Total Video Player 1.31 "ElfBot NG_is1" = ElfBot NG 4.5.9 "Google Chrome" = Google Chrome "ie8" = Windows Internet Explorer 8 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "Opera 12.12.1707" = Opera 12.12 "Piszę poprawnie 4" = Piszę poprawnie 4 "StmAdsl" = ADSL Modem "Szkoła podstawowa klasa 4 - Tajemnice przyrody" = Szkoła podstawowa klasa 4 - Tajemnice przyrody "Szkoła podstawowa klasa 4 - Wczoraj i dziś" = Szkoła podstawowa klasa 4 - Wczoraj i dziś "Szkoła podstawowa klasy 4-6 - Muzyka na ekranie" = Szkoła podstawowa klasy 4-6 - Muzyka na ekranie "Tibia_is1" = Tibia "TMIPC" = Tibia MULTI-ip changer "WIC" = Windows Imaging Component "WinRAR archiver" = WinRAR 4.20 (32-bitowy) [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-01-05 17:26:01 | Computer Name = PIOTREK | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2013-01-05 17:41:58 | Computer Name = PIOTREK | Source = Userenv | ID = 1041 Description = System Windows nie może wykonać kwerendy wpisu rejestru DllName dla aplikacji {7B849a69-220F-451E-B3FE-2CB811AF94AE}, która nie zostanie załadowana. Prawdopodobną przyczyną jest błąd rejestracji. Error - 2013-01-05 17:41:58 | Computer Name = PIOTREK | Source = Userenv | ID = 1041 Description = System Windows nie może wykonać kwerendy wpisu rejestru DllName dla aplikacji {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}, która nie zostanie załadowana. Prawdopodobną przyczyną jest błąd rejestracji. Error - 2013-01-05 17:42:02 | Computer Name = PIOTREK | Source = Userenv | ID = 1041 Description = System Windows nie może wykonać kwerendy wpisu rejestru DllName dla aplikacji {7B849a69-220F-451E-B3FE-2CB811AF94AE}, która nie zostanie załadowana. Prawdopodobną przyczyną jest błąd rejestracji. Error - 2013-01-05 17:42:02 | Computer Name = PIOTREK | Source = Userenv | ID = 1041 Description = System Windows nie może wykonać kwerendy wpisu rejestru DllName dla aplikacji {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}, która nie zostanie załadowana. Prawdopodobną przyczyną jest błąd rejestracji. Error - 2013-01-06 07:52:26 | Computer Name = PIOTREK | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2013-01-14 12:00:58 | Computer Name = PIOTREK | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: The server name or address could not be resolved Error - 2013-01-14 12:00:58 | Computer Name = PIOTREK | Source = crypt32 | ID = 131077 Description = Nie można automatycznie pobrać aktualizacji głównego certyfikatu innej firmy z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/6252DC40F71143A22FDE9EF7348E064251B18118.crt>, wystąpił błąd: The server name or address could not be resolved Error - 2013-01-14 12:00:59 | Computer Name = PIOTREK | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: To połączenie sieciowe nie istnieje. Error - 2013-01-18 06:27:43 | Computer Name = PIOTREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd explorer.exe, wersja 6.2900.0.2180, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x71a5664d. [ System Events ] Error - 2013-01-16 10:20:24 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023 Description = Usługa jnjajl zakończyła działanie; wystąpił następujący błąd: %%1114 Error - 2013-01-17 10:37:51 | Computer Name = PIOTREK | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie E:. Error - 2013-01-17 10:37:51 | Computer Name = PIOTREK | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie E:. Error - 2013-01-17 10:39:10 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu następującego błędu: %%3 Error - 2013-01-17 10:39:10 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023 Description = Usługa jnjajl zakończyła działanie; wystąpił następujący błąd: %%1114 Error - 2013-01-18 06:24:57 | Computer Name = PIOTREK | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie E:. Error - 2013-01-18 06:24:57 | Computer Name = PIOTREK | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie E:. Error - 2013-01-18 06:26:16 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu następującego błędu: %%3 Error - 2013-01-18 06:26:16 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023 Description = Usługa jnjajl zakończyła działanie; wystąpił następujący błąd: %%1114 Error - 2013-01-18 10:00:06 | Computer Name = PIOTREK | Source = PSched | ID = 14107 Description = QoS [Karta NDISWANIP]: Harmonogram pakietów nie mógł zainicjować wirtualnego portu za pomocą NDIS. < End of report > [/log]
Natsuki Kuga komentarz 19 stycznia 2013 komentarz 19 stycznia 2013 Z pena i Karty usuniete. Nie jestem przekonana, ponieważ w logach nadal widnieją szkodliwe wpisy (chyba, że log był wykonany przed użyciem USBFix? Jeśli tak, wykonaj i pokaż nowe logi).
Soul_bullock komentarz 21 stycznia 2013 Autor komentarz 21 stycznia 2013 (edytowane) Ale jesli to miałem na kompie przed uzyciem USBfix to i tak usunęło mi to tylko z pena i karty a na dysku zostało. Tak to przynajmniej rozumiem, że miałem to usunąc z moich pamięci przenośnych, które (jak uważam, poniważ znikneły takie "skróty do folderów" a foldery zawierające dane pojawiły się normlane) są już czyste, a na dysku to pozostało bo USBfix chyba tego z dysku by nie usunął a potrzebowałem pilnie zkopiować dane i przenie,śc nowe może dlatego ponownie się zainfekwoało. Log wykonałem po uzyciu USBfix. W sumie najbardziej zalezy mi na tym, aby mój komputer nie chodził jak czołg, tego pendriva moge sobie odpuśić.
Natsuki Kuga komentarz 22 stycznia 2013 komentarz 22 stycznia 2013 USBfix chyba tego z dysku by nie usunął On usuwa infekcję również z dysków twardych. W sumie najbardziej zalezy mi na tym, aby mój komputer nie chodził jak czołg, tego pendriva moge sobie odpuśić. Skoro infekcja przyszła z pendrive, to nie można go sobie odpuścić. Jaki sens ma usuwanie wirusa na komputerze skoro zaraz po tym podepniesz pamięć przenośną i wszystko zacznie się od nowa? Pokaż raport z usuwania USBFix i nowe logi.
Soul_bullock komentarz 22 stycznia 2013 Autor komentarz 22 stycznia 2013 Z USBfix [log] ############################## | UsbFix V 7.085 | [Deletion] User: Piootrek (Administrator) # PIOTREK Updated 25/03/2012 by El Desaparecido Started at 16:31:13 | 22/01/2013 Website: http://eldesaparecido.com Suspicious file ? : http://eldesaparecido.com/upload.html Contact: contact@eldesaparecido.com PC: GBT___ (AWRDACPI) (X86-based PC) # Desktop Computer CPU: Intel(R) Celeron(R) CPU 2.00GHz (2019) RAM -> [ Total : 1015 | Free : 758 ] BIOS: Award Modular BIOS v6.00PG BOOT: Normal boot OS: Microsoft Windows XP Professional (5.1.2600 32-Bit) # Dodatek Service Pack 2 WB: Windows Internet Explorer 8.0.6001.18702 SC: Security Center Service [ (!) Disabled ] WU: Windows Update Service [ (!) Disabled ] FW: Windows FireWall Service [ (!) Disabled ] C:\ (%systemdrive%) -> Fixed drive # 59 Gb (46 Mb free - 79%) [] # NTFS D:\ -> Fixed drive # 49 Gb (46 Mb free - 95%) [] # NTFS E:\ -> Fixed drive # 42 Gb (38 Mb free - 91%) [Dysk lokalny] # NTFS F:\ -> CD-ROM G:\ -> Removable drive # 4 Gb (4 Mb free - 100%) [PIOTREK] # FAT32 ################## | Active Processes | C:\WINDOWS\System32\smss.exe (460) C:\WINDOWS\system32\winlogon.exe (560) C:\WINDOWS\system32\services.exe (604) C:\WINDOWS\system32\lsass.exe (616) C:\WINDOWS\system32\svchost.exe (768) C:\WINDOWS\System32\svchost.exe (876) C:\WINDOWS\system32\spoolsv.exe (1176) C:\WINDOWS\EXPLORER.EXE (1368) C:\WINDOWS\system32\igfxtray.exe (1560) C:\WINDOWS\system32\hkcmd.exe (1652) C:\WINDOWS\SOUNDMAN.EXE (1660) C:\WINDOWS\system32\rundll32.exe (1668) C:\WINDOWS\system32\ctfmon.exe (1692) C:\Program Files\Messenger\msmsgs.exe (1708) C:\Program Files\Java\jre7\bin\jqs.exe (852) C:\WINDOWS\system32\svchost.exe (980) C:\WINDOWS\system32\wbem\wmiapsrv.exe (256) C:\UsbFix\Go.exe (3912) ################## | Stopped processes | Stopped! C:\WINDOWS\system32\spoolsv.exe (1176) Stopped! C:\WINDOWS\EXPLORER.EXE (1368) Stopped! C:\WINDOWS\system32\igfxtray.exe (1560) Stopped! C:\WINDOWS\system32\hkcmd.exe (1652) Stopped! C:\WINDOWS\SOUNDMAN.EXE (1660) Stopped! C:\WINDOWS\system32\rundll32.exe (1668) Stopped! C:\WINDOWS\system32\ctfmon.exe (1692) Stopped! C:\Program Files\Messenger\msmsgs.exe (1708) Stopped! C:\Program Files\Java\jre7\bin\jqs.exe (852) Stopped! C:\WINDOWS\system32\wbem\wmiapsrv.exe (256) ################## | Files # Infected Folders | Deleted ! G:\gbei.pif Deleted ! C:\Recycler\S-1-5-21-436374069-2049760794-1417001333-1004 Deleted ! D:\Recycler\S-1-5-21-436374069-2049760794-1417001333-1004 Deleted ! E:\Recycler\S-1-5-21-436374069-2049760794-1417001333-1004 Deleted ! G:\Recycler\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx Deleted ! G:\Recycler\S-5-3-42-2819952290-8240758988-879315005-3665 Deleted ! G:\Recycler\S-1-5-21-1482476501-1644491937-682003330-1013 Deleted ! G:\krhic.pif Deleted ! G:\oxnlnk.pif Not deleted ! G:\autorun.inf (!) Temporary files deleted. ################## | Registry | Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|EXPLORER.EXE Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|wsctf.exe ################## | Mountpoints2 | Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{cefa68fd-571f-11e2-be0b-00051c1cdbc8} ################## | Listing | [30/12/2012 - 19:58:55 | N | 0] C:\AUTOEXEC.BAT [30/12/2012 - 21:35:19 | AD ] C:\autorun.inf [30/12/2012 - 19:52:14 | N | 211] C:\boot.ini [21/07/2001 - 23:13:54 | N | 4952] C:\Bootfont.bin [30/12/2012 - 19:58:55 | N | 0] C:\CONFIG.SYS [05/01/2013 - 18:42:55 | D ] C:\Documents and Settings [30/12/2012 - 20:09:10 | D ] C:\Intel [30/12/2012 - 19:58:55 | N | 0] C:\IO.SYS [30/12/2012 - 19:58:55 | N | 0] C:\MSDOS.SYS [03/08/2004 - 21:38:34 | N | 47564] C:\NTDETECT.COM [03/08/2004 - 21:59:54 | N | 250624] C:\ntldr [06/01/2013 - 14:29:16 | D ] C:\NVIDIA [22/01/2013 - 16:26:06 | ASH | 1598029824] C:\pagefile.sys [18/01/2013 - 16:25:20 | D ] C:\Program Files [22/01/2013 - 16:36:19 | SHD ] C:\RECYCLER [02/01/2013 - 16:07:15 | N | 173141] C:\result.txt [14/01/2013 - 18:20:51 | SHD ] C:\System Volume Information [22/01/2013 - 16:36:19 | D ] C:\UsbFix [22/01/2013 - 16:42:28 | A | 3151] C:\UsbFix.txt [21/01/2013 - 18:49:17 | D ] C:\WINDOWS [02/01/2013 - 15:33:53 | D ] C:\_OTL [13/06/2012 - 23:15:42 | D ] D:\5e61ca34df1367e97b315abce33a2b [30/12/2011 - 11:44:32 | D ] D:\7e33a63a4c69af3283dfee4a595b0d [11/11/2011 - 15:06:30 | N | 171815304] D:\ArcaSetup2011-PL-32bit.exe [30/12/2012 - 21:35:20 | AD ] D:\autorun.inf [28/12/2011 - 12:54:22 | D ] D:\b5069d17efa95ab62b54cce16387 [31/12/2011 - 10:39:50 | D ] D:\bdf0d7f8d45d58503e1520a862cb [06/01/2013 - 16:46:49 | D ] D:\Filmy [20/01/2013 - 10:13:16 | N | 27548040] D:\lineage2eu-4game.exe [30/12/2012 - 21:53:14 | D ] D:\OTs [22/01/2013 - 16:36:19 | SHD ] D:\RECYCLER [06/06/2012 - 18:25:22 | D ] D:\Runes_of_Magic_4_0_8_2506_slim_eu [06/06/2012 - 18:18:50 | N | 1135520] D:\Runes_of_Magic_4_0_8_2506_slim_eu.exe [05/10/2011 - 18:37:43 | SHD ] D:\System Volume Information [31/12/2012 - 20:53:39 | N | 3919161] D:\tvpsetup.exe [30/12/2012 - 21:35:20 | AD ] E:\autorun.inf [22/01/2013 - 16:36:19 | SHD ] E:\RECYCLER [30/08/2012 - 13:51:54 | D ] E:\Slub Oli [30/12/2012 - 20:07:01 | D ] E:\sterowniki [31/12/2012 - 11:00:41 | SHD ] E:\System Volume Information [30/12/2012 - 21:51:24 | RSHD ] G:\RECYCLER [03/08/2004 - 23:44:02 | N | 232] G:\autorun.inf [22/01/2013 - 16:35:02 | A | 103140] G:\gbei.pif ################## | Vaccin | C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) E:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) ################## | Upload | Please send the file: C:\UsbFix_Upload_Me_PIOTREK.ziphttp://eldesaparecido.com/upload.php Thank you for your contribution. ################## | E.O.F | [/log] OTL [log] OTL logfile created on: 2013-01-22 17:57:02 - Run 4 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Piootrek\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1015,48 Mb Total Physical Memory | 691,58 Mb Available Physical Memory | 68,10% Memory free 2,39 Gb Paging File | 2,15 Gb Available in Paging File | 89,83% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 58,59 Gb Total Space | 44,78 Gb Free Space | 76,42% Space Free | Partition Type: NTFS Drive D: | 48,83 Gb Total Space | 46,39 Gb Free Space | 95,01% Space Free | Partition Type: NTFS Drive E: | 41,62 Gb Total Space | 37,85 Gb Free Space | 90,94% Space Free | Partition Type: NTFS Drive G: | 3,63 Gb Total Space | 3,63 Gb Free Space | 100,00% Space Free | Partition Type: FAT32 Computer Name: PIOTREK | User Name: Piootrek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2013-01-01 17:56:30 | 000,672,256 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piootrek\Pulpit\OTL.exe PRC - [2012-12-30 20:51:47 | 000,879,080 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2004-08-03 23:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2004-08-03 23:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004-08-03 23:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2004-08-03 23:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2013-01-01 17:56:30 | 000,672,256 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piootrek\Pulpit\OTL.exe MOD - [2012-12-30 20:51:47 | 016,185,832 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.dll MOD - [2012-12-30 20:51:47 | 000,879,080 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe MOD - [2012-06-05 10:41:30 | 001,232,896 | ---- | M] (GG Network S.A.) -- C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll MOD - [2009-03-08 04:39:48 | 011,063,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieframe.dll MOD - [2009-03-08 04:34:58 | 000,914,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll MOD - [2009-03-08 04:34:56 | 001,206,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll MOD - [2009-03-08 04:34:48 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll MOD - [2009-03-08 04:32:22 | 001,985,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iertutil.dll MOD - [2009-01-07 18:21:32 | 001,497,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll MOD - [2009-01-07 18:21:32 | 001,022,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll MOD - [2009-01-07 18:21:32 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-01-07 18:20:36 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\normaliz.dll MOD - [2005-05-04 14:45:32 | 002,890,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll MOD - [2004-08-03 23:54:52 | 000,359,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll MOD - [2004-08-03 23:54:52 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll MOD - [2004-08-03 23:54:52 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll MOD - [2004-08-03 23:54:52 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv MOD - [2004-08-03 23:54:52 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll MOD - [2004-08-03 23:54:52 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll MOD - [2004-08-03 23:44:32 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\h323.tsp MOD - [2004-08-03 23:44:32 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp MOD - [2004-08-03 23:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2004-08-03 23:44:32 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ndptsp.tsp MOD - [2004-08-03 23:44:32 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp MOD - [2004-08-03 23:44:32 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp MOD - [2004-08-03 23:44:32 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipconf.tsp MOD - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe MOD - [2004-08-03 23:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe MOD - [2004-08-03 23:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe MOD - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe MOD - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe MOD - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe MOD - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe MOD - [2004-08-03 23:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe MOD - [2004-08-03 23:44:16 | 000,437,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll MOD - [2004-08-03 23:44:16 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll MOD - [2004-08-03 23:44:16 | 000,333,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wiaservc.dll MOD - [2004-08-03 23:44:16 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll MOD - [2004-08-03 23:44:16 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll MOD - [2004-08-03 23:44:16 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2004-08-03 23:44:16 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll MOD - [2004-08-03 23:44:16 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll MOD - [2004-08-03 23:44:16 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll MOD - [2004-08-03 23:44:16 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll MOD - [2004-08-03 23:44:16 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll MOD - [2004-08-03 23:44:16 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll MOD - [2004-08-03 23:44:16 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll MOD - [2004-08-03 23:44:16 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll MOD - [2004-08-03 23:44:16 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll MOD - [2004-08-03 23:44:16 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll MOD - [2004-08-03 23:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll MOD - [2004-08-03 23:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll MOD - [2004-08-03 23:44:16 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll MOD - [2004-08-03 23:44:16 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll MOD - [2004-08-03 23:44:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2004-08-03 23:44:14 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll MOD - [2004-08-03 23:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2004-08-03 23:44:14 | 000,530,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll MOD - [2004-08-03 23:44:14 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll MOD - [2004-08-03 23:44:14 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll MOD - [2004-08-03 23:44:14 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll MOD - [2004-08-03 23:44:14 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll MOD - [2004-08-03 23:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll MOD - [2004-08-03 23:44:14 | 000,246,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapisrv.dll MOD - [2004-08-03 23:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2004-08-03 23:44:14 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll MOD - [2004-08-03 23:44:14 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll MOD - [2004-08-03 23:44:14 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll MOD - [2004-08-03 23:44:14 | 000,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll MOD - [2004-08-03 23:44:14 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll MOD - [2004-08-03 23:44:14 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll MOD - [2004-08-03 23:44:14 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll MOD - [2004-08-03 23:44:14 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll MOD - [2004-08-03 23:44:14 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemsvc.dll MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemprox.dll MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2004-08-03 23:44:14 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll MOD - [2004-08-03 23:44:14 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uniplat.dll MOD - [2004-08-03 23:44:12 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll MOD - [2004-08-03 23:44:12 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll MOD - [2004-08-03 23:44:12 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll MOD - [2004-08-03 23:44:12 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll MOD - [2004-08-03 23:44:12 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll MOD - [2004-08-03 23:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2004-08-03 23:44:12 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll MOD - [2004-08-03 23:44:12 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll MOD - [2004-08-03 23:44:10 | 008,412,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2004-08-03 23:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2004-08-03 23:44:10 | 000,675,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll MOD - [2004-08-03 23:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2004-08-03 23:44:10 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll MOD - [2004-08-03 23:44:10 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll MOD - [2004-08-03 23:44:10 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll MOD - [2004-08-03 23:44:10 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll MOD - [2004-08-03 23:44:10 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasppp.dll MOD - [2004-08-03 23:44:10 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll MOD - [2004-08-03 23:44:10 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll MOD - [2004-08-03 23:44:10 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll MOD - [2004-08-03 23:44:10 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasmans.dll MOD - [2004-08-03 23:44:10 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll MOD - [2004-08-03 23:44:10 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll MOD - [2004-08-03 23:44:10 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll MOD - [2004-08-03 23:44:10 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll MOD - [2004-08-03 23:44:10 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll MOD - [2004-08-03 23:44:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2004-08-03 23:44:10 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll MOD - [2004-08-03 23:44:10 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll MOD - [2004-08-03 23:44:10 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastapi.dll MOD - [2004-08-03 23:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2004-08-03 23:44:10 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll MOD - [2004-08-03 23:44:10 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll MOD - [2004-08-03 23:44:10 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll MOD - [2004-08-03 23:44:10 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll MOD - [2004-08-03 23:44:10 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll MOD - [2004-08-03 23:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2004-08-03 23:44:10 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll MOD - [2004-08-03 23:44:10 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll MOD - [2004-08-03 23:44:10 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll MOD - [2004-08-03 23:44:10 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll MOD - [2004-08-03 23:44:10 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll MOD - [2004-08-03 23:44:08 | 001,714,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll MOD - [2004-08-03 23:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2004-08-03 23:44:08 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netcfgx.dll MOD - [2004-08-03 23:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2004-08-03 23:44:08 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll MOD - [2004-08-03 23:44:08 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll MOD - [2004-08-03 23:44:08 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll MOD - [2004-08-03 23:44:08 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll MOD - [2004-08-03 23:44:08 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll MOD - [2004-08-03 23:44:08 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll MOD - [2004-08-03 23:44:08 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll MOD - [2004-08-03 23:44:08 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2004-08-03 23:44:08 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mydocs.dll MOD - [2004-08-03 23:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2004-08-03 23:44:08 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll MOD - [2004-08-03 23:44:08 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll MOD - [2004-08-03 23:44:08 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll MOD - [2004-08-03 23:44:08 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll MOD - [2004-08-03 23:44:08 | 000,038,912 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll MOD - [2004-08-03 23:44:08 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll MOD - [2004-08-03 23:44:08 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll MOD - [2004-08-03 23:44:08 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll MOD - [2004-08-03 23:44:08 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlsapi.dll MOD - [2004-08-03 23:44:06 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll MOD - [2004-08-03 23:44:06 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll MOD - [2004-08-03 23:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-03 23:44:06 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll MOD - [2004-08-03 23:44:06 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll MOD - [2004-08-03 23:44:06 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll MOD - [2004-08-03 23:44:06 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll MOD - [2004-08-03 23:44:06 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll MOD - [2004-08-03 23:44:06 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msidle.dll MOD - [2004-08-03 23:44:06 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll MOD - [2004-08-03 23:44:04 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll MOD - [2004-08-03 23:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll MOD - [2004-08-03 23:44:04 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll MOD - [2004-08-03 23:44:04 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll MOD - [2004-08-03 23:44:04 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll MOD - [2004-08-03 23:44:04 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll MOD - [2004-08-03 23:44:04 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll MOD - [2004-08-03 23:44:04 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2004-08-03 23:44:02 | 001,012,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2004-08-03 23:44:02 | 000,723,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll MOD - [2004-08-03 23:44:02 | 000,343,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll MOD - [2004-08-03 23:44:02 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll MOD - [2004-08-03 23:44:02 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll MOD - [2004-08-03 23:44:02 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll MOD - [2004-08-03 23:44:02 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll MOD - [2004-08-03 23:44:02 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll MOD - [2004-08-03 23:44:02 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll MOD - [2004-08-03 23:44:00 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll MOD - [2004-08-03 23:44:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2004-08-03 23:44:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll MOD - [2004-08-03 23:44:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2004-08-03 23:44:00 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll MOD - [2004-08-03 23:43:58 | 001,092,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll MOD - [2004-08-03 23:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll MOD - [2004-08-03 23:43:58 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll MOD - [2004-08-03 23:43:58 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll MOD - [2004-08-03 23:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll MOD - [2004-08-03 23:43:56 | 001,251,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comsvcs.dll MOD - [2004-08-03 23:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2004-08-03 23:43:56 | 000,611,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll MOD - [2004-08-03 23:43:56 | 000,601,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll MOD - [2004-08-03 23:43:56 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll MOD - [2004-08-03 23:43:56 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll MOD - [2004-08-03 23:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-03 23:43:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll MOD - [2004-08-03 23:43:56 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll MOD - [2004-08-03 23:43:56 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll MOD - [2004-08-03 23:43:56 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll MOD - [2004-08-03 23:43:56 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\colbact.dll MOD - [2004-08-03 23:43:56 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll MOD - [2004-08-03 23:43:56 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\devenum.dll MOD - [2004-08-03 23:43:56 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll MOD - [2004-08-03 23:43:56 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll MOD - [2004-08-03 23:43:56 | 000,024,064 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\system32\dmserver.dll MOD - [2004-08-03 23:43:56 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll MOD - [2004-08-03 23:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2004-08-03 23:43:54 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll MOD - [2004-08-03 23:43:54 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll MOD - [2004-08-03 23:43:54 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll MOD - [2004-08-03 23:43:54 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll MOD - [2004-08-03 23:43:54 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll MOD - [2004-08-03 23:43:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll MOD - [2004-08-03 23:43:54 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll MOD - [2004-08-03 23:43:54 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll MOD - [2004-08-03 23:43:52 | 001,852,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcGenral.dll MOD - [2004-08-03 23:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2004-08-03 23:43:52 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll MOD - [2004-08-03 23:43:52 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll MOD - [2004-08-03 23:43:52 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll MOD - [2004-08-03 23:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2004-08-03 23:43:42 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll MOD - [2004-08-03 23:43:30 | 002,953,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll MOD - [2004-08-03 23:43:14 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll MOD - [2004-08-03 23:43:08 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll MOD - [2004-08-03 23:42:58 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME MOD - [2004-08-03 23:42:42 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cfgmgr32.dll MOD - [2004-08-03 23:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2004-08-03 22:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2004-08-03 21:31:44 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll MOD - [2004-08-03 21:31:44 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll MOD - [2001-10-26 18:30:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv MOD - [2001-10-26 18:29:40 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc -- (gupdatem) SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /svc -- (gupdate) SRV - [2013-01-09 17:28:15 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-12-31 11:42:51 | 000,170,408 | ---- | M] (Oracle Corporation) [Auto | Stopped] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2004-08-03 23:44:02 | 000,174,326 | RHS- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\omepcb.dll -- (nfipqs) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCAMPR5.SYS -- (PCAMPR5) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\khlnlg.sys -- (amsint32) DRV - [2006-08-18 06:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) DRV - [2006-05-25 16:28:44 | 000,684,265 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb) DRV - [2004-08-04 00:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2003-08-12 15:51:00 | 000,060,255 | R--- | M] (STMicroelectronics ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm) DRV - [2003-08-04 13:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5) DRV - [2001-08-17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) DRV - [2001-08-17 21:12:40 | 000,019,017 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8029.sys -- (rtl8029) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-436374069-2049760794-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKU\S-1-5-21-436374069-2049760794-1417001333-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-436374069-2049760794-1417001333-1004\..\SearchScopes\${searchCLSID}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\S-1-5-21-436374069-2049760794-1417001333-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-436374069-2049760794-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll File not found [color=#E56717]========== Chrome ==========[/color] CHR - homepage: CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Piootrek\Moje dokumenty\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Piootrek\Moje dokumenty\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Piootrek\Moje dokumenty\Google\Chrome\Application\23.0.1271.97\pdf.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Java(TM) Platform SE 7 U10 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll CHR - plugin: Java Deployment Toolkit 7.0.100.18 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [ABREGMON] C:\Program Files\ArcaBit\ArcaVir\ABregmon.exe File not found O4 - HKLM..\Run: [AdslTaskBar] C:\WINDOWS\System32\stmctrl.dll (STMicroelectronics ) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKLM..\RunOnce: [] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-436374069-2049760794-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKU\S-1-5-21-436374069-2049760794-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1357469666125 (WUWebControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1357470585531 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C623AF4C-8D95-491C-9A29-24DCEC5B7DCF}: NameServer = 194.204.159.1 194.204.152.34 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2013-01-22 16:42:33 | 000,000,000 | ---D | M] - C:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2013-01-22 16:42:33 | 000,000,000 | ---D | M] - D:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2013-01-22 16:42:33 | 000,000,000 | ---D | M] - E:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2004-08-03 23:44:02 | 000,000,232 | ---- | M] () - G:\autorun.inf -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: 6to4 - File not found NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: ojumdcjt - File not found NetSvcs: nfipqs - C:\WINDOWS\system32\omepcb.dll () [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2013-01-22 16:42:33 | 000,000,000 | ---D | C] -- C:\Autorun.inf [2013-01-21 18:39:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt [2013-01-18 16:25:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Recuva [2013-01-18 16:25:20 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva [2013-01-18 15:55:10 | 000,000,000 | ---D | C] -- C:\UsbFix [2013-01-18 14:57:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ArcaBit [2013-01-18 14:50:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2013-01-17 18:52:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Pulpit\Nowy folder [2013-01-14 18:34:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Piszę poprawnie 4 [2013-01-14 18:34:40 | 000,000,000 | ---D | C] -- C:\Program Files\Pisze poprawnie 4 [2013-01-14 18:33:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Niezbędnik rowerzysty [2013-01-14 18:27:38 | 000,000,000 | ---D | C] -- C:\Program Files\Niezbednik rowerzysty [2013-01-14 18:27:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\YDP [2013-01-14 18:24:36 | 000,000,000 | ---D | C] -- C:\Program Files\Szkola podstawowa klasa 4 - Wczoraj i dzis [2013-01-14 18:22:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Szkola podstawowa klasy 4-6 [2013-01-14 18:22:46 | 000,000,000 | ---D | C] -- C:\Program Files\Szkola podstawowa - Muzyka na ekranie [2013-01-14 16:36:29 | 001,341,831 | ---- | C] (El Desaparecido) -- C:\Documents and Settings\Piootrek\Pulpit\UsbFix.exe [2013-01-13 19:46:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Szkola podstawowa klasa 4 [2013-01-13 19:46:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\YDP [2013-01-13 19:46:57 | 000,000,000 | ---D | C] -- C:\Program Files\Szkola podstawowa klasa 4 - Tajemnice przyrody [2013-01-13 13:35:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2013-01-13 13:34:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ElfBot NG [2013-01-13 13:34:07 | 000,000,000 | ---D | C] -- C:\Program Files\ElfBot NG [2013-01-13 13:33:26 | 002,184,565 | ---- | C] (NGSoft, LLC ) -- C:\Documents and Settings\Piootrek\Moje dokumenty\setup-4.5.9.exe [2013-01-11 22:58:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\Identities [2013-01-11 18:26:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Altaron [2013-01-06 16:10:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Remere's Map Editor [2013-01-06 16:10:26 | 000,000,000 | ---D | C] -- C:\Program Files\Remere's Map Editor [2013-01-06 16:10:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Remere's Map Editor [2013-01-06 14:29:16 | 000,000,000 | ---D | C] -- C:\NVIDIA [2013-01-06 13:36:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\dll-files.com [2013-01-06 13:35:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Dll-Files Fixer [2013-01-06 13:35:50 | 000,000,000 | ---D | C] -- C:\Program Files\Dll-Files.com Fixer [2013-01-06 13:09:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\assembly [2013-01-06 13:07:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US [2013-01-06 13:06:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2013-01-06 13:06:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET [2013-01-06 12:48:59 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$ [2013-01-06 11:31:50 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Piootrek\PrivacIE [2013-01-06 10:53:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\WinRAR [2013-01-06 10:53:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty\Tibia + inne [2013-01-05 22:52:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Menu Start\Programy\WapSter [2013-01-05 22:51:52 | 000,000,000 | ---D | C] -- C:\Program Files\WapSter [2013-01-05 22:44:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2013-01-05 22:20:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\WapSter [2013-01-05 21:02:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Macromedia [2013-01-05 21:02:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Adobe [2013-01-05 19:11:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Tibia [2013-01-05 18:37:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\Google [2013-01-05 18:31:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\Opera [2013-01-05 18:31:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Opera [2013-01-05 18:30:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Identities [2013-01-05 18:30:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty\Moje obrazy [2013-01-05 18:30:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty\Moja muzyka [2013-01-05 18:29:59 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Piootrek\IETldCache [2013-01-05 18:29:52 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Microsoft [2013-01-05 18:29:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Piootrek\SendTo [2013-01-05 18:29:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Piootrek\Recent [2013-01-05 18:29:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Piootrek\Dane aplikacji [2013-01-05 18:29:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Ulubione [2013-01-05 18:29:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty [2013-01-05 18:29:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Menu Start [2013-01-05 18:29:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Autostart [2013-01-05 18:29:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Akcesoria [2013-01-05 18:29:52 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Piootrek\Cookies [2013-01-05 18:29:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Piootrek\Szablony [2013-01-05 18:29:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Piootrek\PrintHood [2013-01-05 18:29:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Piootrek\NetHood [2013-01-05 18:29:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Pulpit [2013-01-05 18:29:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Piootrek\Ustawienia lokalne [2013-01-05 18:29:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\Microsoft [2013-01-05 08:44:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2013-01-04 15:33:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2013-01-04 15:31:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-PL [2013-01-02 15:33:53 | 000,000,000 | ---D | C] -- C:\_OTL [2013-01-01 17:56:25 | 000,672,256 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Piootrek\Pulpit\OTL.exe [2012-12-31 20:54:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Total Video Player [2012-12-31 20:54:23 | 000,000,000 | ---D | C] -- C:\Program Files\Total Video Player [2012-12-31 11:43:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun [2012-12-31 11:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012-12-31 11:03:04 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\OpenOffice.org 3.3 [2012-12-31 11:02:06 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3 [2012-12-31 10:04:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\GG [2012-12-31 00:13:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe [2012-12-30 22:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Tibia [2012-12-30 22:27:55 | 000,000,000 | ---D | C] -- C:\Program Files\Tibia [2012-12-30 22:20:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Asprate [2012-12-30 22:20:07 | 000,000,000 | ---D | C] -- C:\Program Files\Asprate [2012-12-30 22:19:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\WinRAR [2012-12-30 22:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2012-12-30 21:33:56 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2012-12-30 20:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2012-12-30 20:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start [2012-12-30 20:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty [2012-12-30 20:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart [2012-12-30 20:47:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Szablony [2012-12-30 20:47:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Ulubione [2012-12-30 20:47:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Pulpit [2012-12-30 20:46:27 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft [2012-12-30 20:46:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji [2012-12-30 20:41:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads [2012-12-30 20:38:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty\Google Chrome [2012-12-30 20:33:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piootrek\Moje dokumenty\Google [2012-12-30 20:28:11 | 000,032,768 | ---- | C] (France Télécom R&D) -- C:\WINDOWS\System32\WooDial2000.dll [2012-12-30 20:28:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\neostrada tp [2012-12-30 20:27:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\InsFiles [2012-12-30 20:27:43 | 000,102,400 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\stmtrace.exe [2012-12-30 20:27:43 | 000,065,536 | R--- | C] (STMicroelectronics) -- C:\WINDOWS\DSLTest.exe [2012-12-30 20:27:42 | 000,446,464 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmadsl.cpl [2012-12-30 20:27:42 | 000,060,255 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\drivers\stmatm.sys [2012-12-30 20:26:18 | 000,425,984 | ---- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmcfg32.dll [2012-12-30 20:26:18 | 000,151,552 | R--- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmctrl.dll [2012-12-30 20:26:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ZXDSL 852 [2012-12-30 20:26:12 | 000,000,000 | ---D | C] -- C:\Program Files\ZTE ZXDSL 852 [2012-12-30 20:26:02 | 000,094,208 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\W32n50.dll [2012-12-30 20:26:02 | 000,016,128 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCANDIS5.SYS [2012-12-30 20:25:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Java 2 Runtime Environment [2012-12-30 20:25:33 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012-12-30 20:24:13 | 000,000,000 | ---D | C] -- C:\Program Files\neostrada tp [2012-12-30 20:21:00 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache [2012-12-30 20:20:55 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer [2012-12-30 20:20:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC [2012-12-30 20:20:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines [2012-12-30 20:20:50 | 000,000,000 | ---D | C] -- C:\Program Files [2012-12-30 20:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared [2012-12-30 20:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files [2012-12-30 20:20:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2 [2012-12-30 20:20:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot [2012-12-30 20:19:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings [2012-12-30 20:19:40 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012-12-30 20:16:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS [2012-12-30 20:13:50 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts [2012-12-30 20:13:50 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache [2012-12-30 20:13:50 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web [2012-12-30 20:13:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\system [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\security [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\java [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1045 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028 [2012-12-30 20:13:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025 [2012-12-30 20:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek Sound Manager [2012-12-30 20:13:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Realtek Sound Manager [2012-12-30 20:13:25 | 000,000,000 | ---D | C] -- C:\Program Files\AvRack [2012-12-30 20:13:11 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek AC97 [2012-12-30 20:10:56 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2012-12-30 20:10:05 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2012-12-30 20:09:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2012-12-30 20:09:10 | 000,000,000 | ---D | C] -- C:\Intel [2012-12-30 20:08:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups [2012-12-30 20:05:04 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information [2012-12-30 20:04:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution [2012-12-30 20:03:31 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft [2012-12-30 20:03:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2012-12-30 20:03:30 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2012-12-30 20:03:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2012-12-30 20:03:21 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2012-12-30 20:03:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2012-12-30 20:01:30 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll [2012-12-30 20:01:30 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll [2012-12-30 20:01:30 | 000,026,624 | ---- | C] (RICOH Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll [2012-12-30 20:00:00 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys [2012-12-30 19:59:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom [2012-12-30 19:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\xerox [2012-12-30 19:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage [2012-12-30 19:57:32 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM [2012-12-30 19:57:17 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages [2012-12-30 19:57:16 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files [2012-12-30 19:57:01 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate [2012-12-30 19:56:57 | 000,000,000 | ---D | C] -- C:\Program Files\Usługi online [2012-12-30 19:56:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX [2012-12-30 19:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services [2012-12-30 19:56:04 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks [2012-12-30 19:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap [2012-12-30 19:55:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst [2012-12-30 19:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed [2012-12-30 19:55:51 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker [2012-12-30 19:55:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore [2012-12-30 19:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting [2012-12-30 19:55:37 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express [2012-12-30 19:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System [2012-12-30 19:55:29 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer [2012-12-30 19:55:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy [2012-12-30 19:54:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Gry [2012-12-30 19:54:38 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications [2012-12-30 19:54:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Narzędzia administracyjne [2012-12-30 19:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration [2012-12-30 19:54:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka [2012-12-30 19:54:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player [2012-12-30 19:54:17 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger [2012-12-30 19:54:13 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone [2012-12-30 19:53:44 | 000,283,136 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe [2012-12-30 19:53:43 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT [2012-12-30 19:53:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc [2012-12-30 19:53:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com [2012-12-30 19:53:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo [2012-12-30 19:52:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2013-01-22 17:48:06 | 1792,917,834 | ---- | M] () -- C:\UsbFix_Upload_Me_PIOTREK.zip [2013-01-22 17:38:00 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013-01-22 17:24:24 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013-01-22 16:26:39 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013-01-22 16:26:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013-01-21 15:52:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013-01-19 14:08:02 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\DLL-Files.Com Fixer_Updates.job [2013-01-18 16:48:42 | 000,005,632 | ---- | M] () -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-01-18 16:25:35 | 000,001,512 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Recuva.lnk [2013-01-14 16:36:40 | 001,341,831 | ---- | M] (El Desaparecido) -- C:\Documents and Settings\Piootrek\Pulpit\UsbFix.exe [2013-01-14 15:32:59 | 000,126,112 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013-01-13 13:34:12 | 000,000,623 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\ElfBot NG.lnk [2013-01-13 13:33:40 | 002,184,565 | ---- | M] (NGSoft, LLC ) -- C:\Documents and Settings\Piootrek\Moje dokumenty\setup-4.5.9.exe [2013-01-13 13:33:23 | 001,932,288 | ---- | M] () -- C:\Documents and Settings\Piootrek\Moje dokumenty\ElfCrack.exe [2013-01-06 14:07:35 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\DLL-Files.Com Fixer_MONTHLY.job [2013-01-06 13:35:57 | 000,000,763 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Dll-Files Fixer.lnk [2013-01-06 13:26:43 | 000,501,498 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2013-01-06 13:26:43 | 000,088,124 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2013-01-06 13:26:42 | 000,442,636 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013-01-06 13:26:42 | 000,069,670 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013-01-06 12:49:55 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013-01-05 22:52:08 | 000,000,591 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\AQQ.lnk [2013-01-05 19:07:08 | 000,006,091 | ---- | M] () -- C:\WINDOWS\stsetup.htm [2013-01-05 19:07:05 | 000,001,414 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ZTE ZXDSL 852.lnk [2013-01-05 18:47:43 | 000,001,875 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\Google Chrome.lnk [2013-01-05 18:31:52 | 000,000,348 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\Moje dokumenty.lnk [2013-01-05 18:31:37 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\Mój komputer.lnk [2013-01-01 17:56:30 | 000,672,256 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piootrek\Pulpit\OTL.exe [2012-12-31 20:54:28 | 000,000,661 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\Total Video Player.lnk [2012-12-31 11:03:05 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.3.lnk [2012-12-30 22:27:59 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\Tibia.lnk [2012-12-30 22:20:09 | 000,001,856 | ---- | M] () -- C:\Documents and Settings\Piootrek\Pulpit\Tibia MULTI-IP Changer.lnk [2012-12-30 20:13:26 | 000,001,519 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AvRack.lnk [2012-12-30 20:03:24 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD [2012-12-30 20:02:20 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2012-12-30 19:58:55 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\MSDOS.SYS [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\IO.SYS [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2012-12-30 19:58:45 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2012-12-30 19:58:44 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2012-12-30 19:58:44 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2012-12-30 19:58:32 | 000,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2012-12-30 19:54:47 | 000,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2012-12-30 19:52:14 | 000,000,211 | ---- | M] () -- C:\boot.ini [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-01-22 17:09:32 | 1792,917,834 | ---- | C] () -- C:\UsbFix_Upload_Me_PIOTREK.zip [2013-01-18 16:25:34 | 000,001,512 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Recuva.lnk [2013-01-13 13:34:12 | 000,000,623 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\ElfBot NG.lnk [2013-01-13 13:33:13 | 001,932,288 | ---- | C] () -- C:\Documents and Settings\Piootrek\Moje dokumenty\ElfCrack.exe [2013-01-06 15:01:39 | 000,000,661 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\Total Video Player.lnk [2013-01-06 13:36:44 | 000,000,286 | ---- | C] () -- C:\WINDOWS\tasks\DLL-Files.Com Fixer_Updates.job [2013-01-06 13:36:43 | 000,000,270 | ---- | C] () -- C:\WINDOWS\tasks\DLL-Files.Com Fixer_MONTHLY.job [2013-01-06 13:35:57 | 000,000,763 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Dll-Files Fixer.lnk [2013-01-06 12:40:50 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Piootrek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-01-05 22:52:08 | 000,000,591 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\AQQ.lnk [2013-01-05 19:07:05 | 000,001,414 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ZTE ZXDSL 852.lnk [2013-01-05 18:34:17 | 000,001,875 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\Google Chrome.lnk [2013-01-05 18:34:05 | 000,001,856 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\Tibia MULTI-IP Changer.lnk [2013-01-05 18:31:52 | 000,000,348 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\Moje dokumenty.lnk [2013-01-05 18:31:37 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\Mój komputer.lnk [2013-01-05 18:30:19 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Internet Explorer.lnk [2013-01-05 18:30:08 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Outlook Express.lnk [2013-01-05 18:29:52 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Pomoc zdalna.lnk [2013-01-05 18:29:52 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Piootrek\Menu Start\Programy\Windows Media Player.lnk [2012-12-31 11:03:05 | 000,000,923 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.3.lnk [2012-12-31 00:28:19 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-12-30 22:27:59 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\Piootrek\Pulpit\Tibia.lnk [2012-12-30 20:51:52 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk [2012-12-30 20:33:50 | 000,001,050 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012-12-30 20:33:49 | 000,001,046 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-12-30 20:31:54 | 000,000,643 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Messenger.lnk [2012-12-30 20:27:43 | 000,000,902 | R--- | C] () -- C:\WINDOWS\System32\setup.ini [2012-12-30 20:27:43 | 000,000,161 | R--- | C] () -- C:\WINDOWS\DSLSetup.ini [2012-12-30 20:27:42 | 000,684,265 | R--- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys [2012-12-30 20:27:42 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\stmclean.exe [2012-12-30 20:27:42 | 000,018,498 | R--- | C] () -- C:\WINDOWS\System32\CSALogo.bmp [2012-12-30 20:26:11 | 000,006,091 | ---- | C] () -- C:\WINDOWS\stsetup.htm [2012-12-30 20:25:34 | 000,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll [2012-12-30 20:20:59 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2012-12-30 20:20:54 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2012-12-30 20:20:51 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd [2012-12-30 20:20:51 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa [2012-12-30 20:20:51 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa [2012-12-30 20:20:51 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf [2012-12-30 20:20:33 | 000,001,734 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT [2012-12-30 20:20:21 | 000,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat [2012-12-30 20:20:21 | 000,102,826 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat [2012-12-30 20:20:21 | 000,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat [2012-12-30 20:20:21 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT [2012-12-30 20:20:21 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT [2012-12-30 20:20:20 | 000,808,524 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT [2012-12-30 20:20:20 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2012-12-30 20:20:20 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT [2012-12-30 20:20:20 | 000,030,983 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT [2012-12-30 20:20:20 | 000,014,043 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT [2012-12-30 20:20:20 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT [2012-12-30 20:20:20 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT [2012-12-30 20:20:20 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT [2012-12-30 20:20:20 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat [2012-12-30 20:20:19 | 001,896,400 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT [2012-12-30 20:20:19 | 001,014,483 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT [2012-12-30 20:20:19 | 000,620,500 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT [2012-12-30 20:19:40 | 000,126,112 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-12-30 20:18:25 | 000,000,211 | ---- | C] () -- C:\boot.ini [2012-12-30 20:18:21 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf [2012-12-30 20:13:48 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2012-12-30 20:13:26 | 000,001,519 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AvRack.lnk [2012-12-30 20:13:25 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini [2012-12-30 20:13:06 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\alsndmgr.wav [2012-12-30 20:13:02 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2012-12-30 20:07:02 | 000,067,380 | ---- | C] () -- C:\WINDOWS\System32\igfxhhun.lhp [2012-12-30 20:07:02 | 000,065,087 | ---- | C] () -- C:\WINDOWS\System32\igfxhkor.lhp [2012-12-30 20:07:02 | 000,063,938 | ---- | C] () -- C:\WINDOWS\System32\igfxhtrk.lhp [2012-12-30 20:07:02 | 000,062,815 | ---- | C] () -- C:\WINDOWS\System32\igfxhplk.lhp [2012-12-30 20:07:02 | 000,062,509 | ---- | C] () -- C:\WINDOWS\System32\igfxhdeu.lhp [2012-12-30 20:07:02 | 000,061,984 | ---- | C] () -- C:\WINDOWS\System32\igfxhsve.lhp [2012-12-30 20:07:02 | 000,061,950 | ---- | C] () -- C:\WINDOWS\System32\igfxhfrc.lhp [2012-12-30 20:07:02 | 000,061,869 | ---- | C] () -- C:\WINDOWS\System32\igfxhtha.lhp [2012-12-30 20:07:02 | 000,061,799 | ---- | C] () -- C:\WINDOWS\System32\igfxhfin.lhp [2012-12-30 20:07:02 | 000,061,511 | ---- | C] () -- C:\WINDOWS\System32\igfxhfra.lhp [2012-12-30 20:07:02 | 000,061,388 | ---- | C] () -- C:\WINDOWS\System32\igfxhptg.lhp [2012-12-30 20:07:02 | 000,060,848 | ---- | C] () -- C:\WINDOWS\System32\igfxhesp.lhp [2012-12-30 20:07:02 | 000,060,758 | ---- | C] () -- C:\WINDOWS\System32\igfxhjpn.lhp [2012-12-30 20:07:02 | 000,060,547 | ---- | C] () -- C:\WINDOWS\System32\igfxhell.lhp [2012-12-30 20:07:02 | 000,060,476 | ---- | C] () -- C:\WINDOWS\System32\igfxhdan.lhp [2012-12-30 20:07:02 | 000,060,436 | ---- | C] () -- C:\WINDOWS\System32\igfxhptb.lhp [2012-12-30 20:07:02 | 000,060,216 | ---- | C] () -- C:\WINDOWS\System32\igfxhrus.lhp [2012-12-30 20:07:02 | 000,059,861 | ---- | C] () -- C:\WINDOWS\System32\igfxharb.lhp [2012-12-30 20:07:02 | 000,059,760 | ---- | C] () -- C:\WINDOWS\System32\igfxhcsy.lhp [2012-12-30 20:07:02 | 000,059,753 | ---- | C] () -- C:\WINDOWS\System32\igfxhara.lhp [2012-12-30 20:07:02 | 000,059,448 | ---- | C] () -- C:\WINDOWS\System32\igfxhnld.lhp [2012-12-30 20:07:02 | 000,059,350 | ---- | C] () -- C:\WINDOWS\System32\igfxhnor.lhp [2012-12-30 20:07:02 | 000,059,095 | ---- | C] () -- C:\WINDOWS\System32\igfxhita.lhp [2012-12-30 20:07:02 | 000,059,064 | ---- | C] () -- C:\WINDOWS\System32\igfxhheb.lhp [2012-12-30 20:07:02 | 000,058,394 | ---- | C] () -- C:\WINDOWS\System32\igfxhcht.lhp [2012-12-30 20:07:02 | 000,057,559 | ---- | C] () -- C:\WINDOWS\System32\igfxheng.lhp [2012-12-30 20:07:02 | 000,057,430 | ---- | C] () -- C:\WINDOWS\System32\igfxhchs.lhp [2012-12-30 20:07:02 | 000,056,937 | ---- | C] () -- C:\WINDOWS\System32\igfxhenu.lhp [2012-12-30 20:03:24 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD [2012-12-30 20:02:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012-12-30 20:01:21 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll [2012-12-30 20:00:55 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex [2012-12-30 20:00:44 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe [2012-12-30 20:00:43 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe [2012-12-30 20:00:41 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex [2012-12-30 20:00:29 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll [2012-12-30 20:00:23 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex [2012-12-30 20:00:18 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll [2012-12-30 20:00:03 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll [2012-12-30 19:58:55 | 000,002,596 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT [2012-12-30 19:58:55 | 000,000,000 | ---- | C] () -- C:\MSDOS.SYS [2012-12-30 19:58:55 | 000,000,000 | ---- | C] () -- C:\IO.SYS [2012-12-30 19:58:55 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS [2012-12-30 19:58:55 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT [2012-12-30 19:58:44 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb [2012-12-30 19:58:44 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb [2012-12-30 19:58:42 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx [2012-12-30 19:57:00 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Movie Maker.lnk [2012-12-30 19:56:46 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex [2012-12-30 19:56:14 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp [2012-12-30 19:56:14 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp [2012-12-30 19:56:09 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf [2012-12-30 19:55:56 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe [2012-12-30 19:55:45 | 000,379,904 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll [2012-12-30 19:54:47 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2012-12-30 19:53:57 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Indiański pled.bmp [2012-12-30 19:53:56 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Bąbelki.bmp [2012-12-30 19:53:56 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Pod mikroskopem.bmp [2012-12-30 19:53:56 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Stiuk z Santa Fe.bmp [2012-12-30 19:53:56 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Wachlarze.bmp [2012-12-30 19:53:56 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Nefryt.bmp [2012-12-30 19:53:56 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp [2012-12-30 19:53:56 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Na rybkach.bmp [2012-12-30 19:53:56 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kawa.bmp [2012-12-30 19:53:56 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Puch.bmp [2012-12-30 19:53:56 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Niebieska koronka 16.bmp [2012-12-30 19:53:53 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h [2012-12-30 19:53:53 | 000,001,225 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd [2012-12-30 19:53:52 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h [2012-12-30 19:53:45 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc [color=#E56717]========== ZeroAccess Check ==========[/color] [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2009-01-07 18:21:32 | 001,497,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2004-08-03 23:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004-08-03 23:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2012-12-31 11:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\GG [2012-12-31 11:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenOffice.org [2012-12-30 20:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera [2012-12-30 22:41:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Tibia [2013-01-18 15:26:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ArcaBit [2012-12-31 10:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\GG [2013-01-21 21:01:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2013-01-05 18:43:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Opera [2013-01-11 18:28:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Altaron [2013-01-06 13:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piootrek\Dane aplikacji\dll-files.com [2013-01-05 18:31:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Opera [2013-01-06 16:10:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Remere's Map Editor [2013-01-05 19:11:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piootrek\Dane aplikacji\Tibia [2013-01-14 18:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piootrek\Dane aplikacji\YDP [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2012-12-30 19:52:14 | 000,000,211 | ---- | M] () -- C:\boot.ini [2001-07-21 23:13:54 | 000,004,952 | ---- | M] () -- C:\Bootfont.bin [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\IO.SYS [2012-12-30 19:58:55 | 000,000,000 | ---- | M] () -- C:\MSDOS.SYS [2004-08-03 21:38:34 | 000,047,564 | ---- | M] () -- C:\NTDETECT.COM [2004-08-03 21:59:54 | 000,250,624 | ---- | M] () -- C:\ntldr [2013-01-22 16:26:06 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys [2013-01-02 16:07:15 | 000,173,141 | ---- | M] () -- C:\result.txt [2013-01-22 17:48:31 | 000,005,970 | ---- | M] () -- C:\UsbFix.txt [2013-01-22 17:48:06 | 1792,917,834 | ---- | M] () -- C:\UsbFix_Upload_Me_PIOTREK.zip [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys [2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 231 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B < End of report > [/log] Extras [log] OTL Extras logfile created on: 2013-01-22 17:57:02 - Run 4 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Piootrek\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1015,48 Mb Total Physical Memory | 691,58 Mb Available Physical Memory | 68,10% Memory free 2,39 Gb Paging File | 2,15 Gb Available in Paging File | 89,83% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 58,59 Gb Total Space | 44,78 Gb Free Space | 76,42% Space Free | Partition Type: NTFS Drive D: | 48,83 Gb Total Space | 46,39 Gb Free Space | 95,01% Space Free | Partition Type: NTFS Drive E: | 41,62 Gb Total Space | 37,85 Gb Free Space | 90,94% Space Free | Partition Type: NTFS Drive G: | 3,63 Gb Total Space | 3,63 Gb Free Space | 100,00% Space Free | Partition Type: FAT32 Computer Name: PIOTREK | User Name: Piootrek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [HKEY_USERS\S-1-5-21-436374069-2049760794-1417001333-1004\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML.G4EHL74QSLVOMH4CVX3CGXCZ5U] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 1 "AntiVirusOverride" = 1 "FirewallOverride" = 1 "UacDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 1 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "FirewallOverride" = 1 "UpdatesDisableNotify" = 1 "UacDisableNotify" = 1 [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "2729:TCP" = 2729:TCP:*:Enabled:kffmn "50000:TCP" = 50000:TCP:*:Enabled:ArcaVir CommunicationPort (A) "50001:TCP" = 50001:TCP:*:Enabled:ArcaVir CommunicationPort (S) [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "C:\Program Files\WapSter\WapSter AQQ\AQQ.exe" = C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ -- (AQQ Sp. z o.o.) "C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\UsbFix.exe" = C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\UsbFix.exe:*:Enabled:ipsec "C:\Program Files\ArcaBit\ArcaVir\AVMenu.exe" = C:\Program Files\ArcaBit\ArcaVir\AVMenu.exe:*:Enabled:ipsec "C:\UsbFix\Go.exe" = C:\UsbFix\Go.exe:*:Enabled:ipsec -- () "C:\WINDOWS\system32\igfxtray.exe" = C:\WINDOWS\system32\igfxtray.exe:*:Enabled:ipsec -- (Intel Corporation) "C:\Program Files\ArcaBit\ArcaAgent\ArcaRemoteSvc.exe" = C:\Program Files\ArcaBit\ArcaAgent\ArcaRemoteSvc.exe:*:Enabled:ipsec "C:\Program Files\Tibia\Tibia.exe" = C:\Program Files\Tibia\Tibia.exe:*:Enabled:ipsec -- (CipSoft GmbH) "C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:ipsec -- (Microsoft Corporation) "C:\Program Files\ArcaBit\ArcaUpdate\update.exe" = C:\Program Files\ArcaBit\ArcaUpdate\update.exe:*:Enabled:ipsec "C:\Program Files\Asprate\Tibia Multi IP Changer\Tibia MULTI-ip changer.exe" = C:\Program Files\Asprate\Tibia Multi IP Changer\Tibia MULTI-ip changer.exe:*:Enabled:ipsec -- (Asprate) "C:\WINDOWS\EXPLORER.EXE" = C:\WINDOWS\Explorer.EXE:*:Enabled:ipsec -- (Microsoft Corporation) "C:\WINDOWS\SOUNDMAN.EXE" = C:\WINDOWS\SOUNDMAN.EXE:*:Enabled:ipsec -- (Realtek Semiconductor Corp.) "C:\Program Files\ArcaBit\Common\ArcaConfSV.exe" = C:\Program Files\ArcaBit\Common\ArcaConfSV.exe:*:Enabled:ipsec "C:\WINDOWS\system32\hkcmd.exe" = C:\WINDOWS\system32\hkcmd.exe:*:Enabled:ipsec -- (Intel Corporation) "C:\WINDOWS\system32\ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe:*:Enabled:ipsec -- (Microsoft Corporation) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0141D498-16DA-4221-A529-1D7A64BE8B05}" = OpenOffice.org 3.3 "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0C0FE292-E7D0-4938-AA41-E6E5F72D21BC}" = Remere's Map Editor "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10 "{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{4849E74C-3408-467A-AF8B-F3DEC3C07542}" = Niezbędnik rowerzysty "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver "{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC1E4C93-C1E7-11D6-9D10-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.0_03 "{F41B3F68-C137-477A-9DD5-E231F512D84F}" = ArcaVir Prerequistes "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "AQQ" = WapSter AQQ "Dll-Files Fixer_is1" = Dll-Files Fixer "E.M. Total Video Player 1.31_is1" = E.M. Total Video Player 1.31 "ElfBot NG_is1" = ElfBot NG 4.5.9 "Google Chrome" = Google Chrome "ie8" = Windows Internet Explorer 8 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "Opera 12.12.1707" = Opera 12.12 "Piszę poprawnie 4" = Piszę poprawnie 4 "Recuva" = Recuva "StmAdsl" = ADSL Modem "Szkoła podstawowa klasa 4 - Tajemnice przyrody" = Szkoła podstawowa klasa 4 - Tajemnice przyrody "Szkoła podstawowa klasa 4 - Wczoraj i dziś" = Szkoła podstawowa klasa 4 - Wczoraj i dziś "Szkoła podstawowa klasy 4-6 - Muzyka na ekranie" = Szkoła podstawowa klasy 4-6 - Muzyka na ekranie "Tibia_is1" = Tibia "TMIPC" = Tibia MULTI-ip changer "Usbfix" = UsbFix By El Desaparecido "WIC" = Windows Imaging Component "WinRAR archiver" = WinRAR 4.20 (32-bitowy) [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-01-14 12:00:59 | Computer Name = PIOTREK | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: To połączenie sieciowe nie istnieje. Error - 2013-01-18 06:27:43 | Computer Name = PIOTREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd explorer.exe, wersja 6.2900.0.2180, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x71a5664d. Error - 2013-01-18 11:08:17 | Computer Name = PIOTREK | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2013-01-19 06:52:02 | Computer Name = PIOTREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd rundll32.exe, wersja 5.1.2600.2180, moduł powodujący błąd , wersja 0.0.0.0, adres błędu 0x00000000. Error - 2013-01-19 09:34:41 | Computer Name = PIOTREK | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2013-01-20 04:08:13 | Computer Name = PIOTREK | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2013-01-21 10:54:13 | Computer Name = PIOTREK | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2013-01-21 13:06:01 | Computer Name = PIOTREK | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2013-01-21 13:32:34 | Computer Name = PIOTREK | Source = EventSystem | ID = 4618 Description = System zdarzeń modelu COM+ spowodował nieoczekiwane naruszenie praw dostępu 0x774E2E03, próbując uzyskać dostęp do adresu 0x00000018. Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błąd. ole32!StringFromGUID2+0x109 ole32!StringFromGUID2+0x98 ole32!CoMarshalInterface+0x658 ole32!CoMarshalInterface+0x7d2 RPCRT4!IUnknown_Release_Proxy+0x11 es!DllGetClassObject+0x33ca es!DllGetClassObject+0x3b06 msmsgs!+0x105991 msvcrt!_cexit+0xf ntdll!LdrInitializeThunk+0x29 ntdll!LdrShutdownProcess+0x142 kernel32!IsValidLocale+0x8eb kernel32!ExitProcess+0x14 kernel32!FindAtomW+0x112a Error - 2013-01-21 13:43:12 | Computer Name = PIOTREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd msiexec.exe, wersja 3.1.4000.1823, moduł powodujący błąd , wersja 0.0.0.0, adres błędu 0x00000000. [ System Events ] Error - 2013-01-21 13:54:26 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023 Description = Usługa Przeglądarka komputera zakończyła działanie; wystąpił następujący błąd: %%1460 Error - 2013-01-21 17:10:11 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu następującego błędu: %%3 Error - 2013-01-21 17:10:11 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023 Description = Usługa jnjajl zakończyła działanie; wystąpił następujący błąd: %%1114 Error - 2013-01-21 17:15:05 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023 Description = Usługa Przeglądarka komputera zakończyła działanie; wystąpił następujący błąd: %%1460 Error - 2013-01-22 11:28:02 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu następującego błędu: %%3 Error - 2013-01-22 11:28:02 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023 Description = Usługa jnjajl zakończyła działanie; wystąpił następujący błąd: %%1114 Error - 2013-01-22 11:32:19 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7031 Description = Usługa Bufor wydruku niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2013-01-22 11:32:19 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7034 Description = Usługa Karta wydajności WMI niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2013-01-22 11:32:20 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7034 Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2013-01-22 11:32:44 | Computer Name = PIOTREK | Source = Service Control Manager | ID = 7023 Description = Usługa Przeglądarka komputera zakończyła działanie; wystąpił następujący błąd: %%1460 < End of report > [/log]
Natsuki Kuga komentarz 24 stycznia 2013 komentarz 24 stycznia 2013 W systemie ujawniła się o wiele groźniejsza infekcja niż te, które były widoczne wcześniej - mianowicie Sality, czyli infekcja plików wykonywalnych.1. Do OTL wklej: [spoiler] :Files C:\WINDOWS\system32\omepcb.dll C:\WINDOWS\system32\drivers\khlnlg.sys :Services nfipqs amsint32 [/spoiler]Wykonaj skrypt.2. Wykonaj pełne skanowanie wszystkich partycji następującymi skanerami: Rmslt: http://download.avgfree.com/filedir/util/avg_rem_sup.dir/rmsality/rmslt.exe SalityKiller: http://support.kaspersky.com/pl/faq/?qid=208279886 DrWeb CureIT!: http://www.freedrweb.com/download+cureit/ Uwaga: Pliki mają być leczone, nie usuwane! Usuwać masz tylko wtedy, kiedy leczenie będzie niemożliwe. Należy skanować dotąd, aż narzędzia nie znajdą zagrożeń. Pokaż potem rapoty ze skanowań.3. Uruchom ComboFix, przed właściwym skanowaniem zainstaluj konsolę odzyskiwania: http://www.fixitpc.pl/topic/7-dezynfekcja-narzedzie-combofix/ Pokaż raport.Ważne: Jeśli napotkasz trudności z wykonaniem któregoś kroku, koniecznie o tym napisz.
Soul_bullock komentarz 24 stycznia 2013 Autor komentarz 24 stycznia 2013 (edytowane) /Edit: Póki co To po wykonaniu 1 kroku [log]========== FILES ========== File move failed. C:\WINDOWS\system32\omepcb.dll scheduled to be moved on reboot. File\Folder C:\WINDOWS\system32\drivers\khlnlg.sys not found. File\Folder :Services not found. File\Folder nfipqs not found. File\Folder amsint32 not found. OTL by OldTimer - Version 3.2.69.0 log created on 01242013_203807 Files\Folders moved on Reboot... C:\WINDOWS\system32\omepcb.dll moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot... [/log] Raporty z każdego pojedyńczego skanowania ?
Soul_bullock komentarz 24 stycznia 2013 Autor komentarz 24 stycznia 2013 [quote name='Natsuki Kuga' timestamp='1359050012' post='1683742'] SalityKiller: http://support.kaspe.../?qid=208279886 DrWeb CureIT!: http://www.freedrweb...ownload cureit/ [/quote] Niestety nie mogę tego pobrać. Jeden sie nie otwiera a stronka sie nie ładuje. Jedyne co pobrałem to Rmslt
Natsuki Kuga komentarz 24 stycznia 2013 komentarz 24 stycznia 2013 W takim razie skanuj nim (chyba że się nie uruchamia?).
Soul_bullock komentarz 25 stycznia 2013 Autor komentarz 25 stycznia 2013 Skanowanie trwa od wczoraj do tej pory i trwa nadal. Wgl zeby zaczęło działać trzeba bylo ponownie uruchomić komputer. Czy to dobrze czy zle ze tak dlugo to trwa?Pisze z telefonu bo przez ten skan nie mam dostępu do komputera
Natsuki Kuga komentarz 25 stycznia 2013 komentarz 25 stycznia 2013 To może potrwać dość długo. Ile plików jest już zainfekowanych?
Soul_bullock komentarz 28 stycznia 2013 Autor komentarz 28 stycznia 2013 (edytowane) Póki co jest tylko 1. Pisze ze 2 sie otwierają. Teraz znowu zaczyna sie skan. Jest podana ścieżka potem "scanning" i cleaned po zakończeniu ścieżki. Trwa to bardzo dlugo i zastanawiam sie czy to normalne. Bo komputer nie włączył sie normalnie tylko skan odbywa sie na niebieskim ekranie i to tez nie wiem czy jest normalne. tak to wygląda i troche mnie niepokoi bo każda linijka wygląda tak samo i nie wiem czy sie zawiesiło czy co. A skan tak jak sie zaczął tak i trwa. Mam nadzieje ze zdjęcie jest chociaz troche czytelne.//Edit Raport z Rmslt [log]Log from virus remover (Win32/Sality) C:\Documents and Settings\Administrator\Dane aplikacji\GG\ggdrive\unggdrive-menu.exe Cleaned C:\Documents and Settings\Administrator\Dane aplikacji\GG\ggdrive\unggdrive-overlay-admin.exe Cleaned C:\Documents and Settings\Administrator\Pulpit\k35ficdl.exe Cleaned C:\Documents and Settings\Administrator\Pulpit\OpenOffice.org 3.3 (pl) Installation Files\redist\vcredist_x64.exe Cleaned C:\Documents and Settings\Administrator\Pulpit\OpenOffice.org 3.3 (pl) Installation Files\redist\vcredist_x86.exe Cleaned C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GG\Application\ggdrive\ggdrive-menu.exe Cleaned C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GG\Application\ggdrive\ggdrive-overlay.exe Cleaned C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GG\Application\ggdrive\ggdrive-update.exe Cleaned C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GG\Application\ggdrive\ggdrive.exe Cleaned C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GG\Application\gghub.exe Cleaned C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GG\Application\uninstall.exe Cleaned C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-autoplay.exe Cleaned C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\_ISTMP1.DIR\_ISTMP0.DIR\IsUninst.Exe Cleaned C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\_ISTMP1.DIR\_ISTMP0.DIR\regsvr32.exe Cleaned C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\_ISTMP2.DIR\_ISTMP0.DIR\IsUninst.Exe Cleaned C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\_ISTMP2.DIR\_ISTMP0.DIR\regsvr32.exe Cleaned C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\_ISTMP3.DIR\_ISTMP0.DIR\IsUninst.Exe Cleaned C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\_ISTMP3.DIR\_ISTMP0.DIR\regsvr32.exe Cleaned C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\_ISTMP4.DIR\_ISTMP0.DIR\IsUninst.Exe Cleaned C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\_ISTMP4.DIR\_ISTMP0.DIR\regsvr32.exe Cleaned C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\_ISTMP5.DIR\_ISTMP0.DIR\IsUninst.Exe Cleaned C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\_ISTMP5.DIR\_ISTMP0.DIR\regsvr32.exe Cleaned C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\_ISTMP6.DIR\_ISTMP0.DIR\IsUninst.Exe Cleaned C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\_ISTMP6.DIR\_ISTMP0.DIR\regsvr32.exe Cleaned C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\AQQ_PX_24370-x86.exe Cleaned C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\chromeinstall-7u10.exe Cleaned C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\dffsetup-msvcp100.exe Cleaned C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\dxwebsetup.exe Cleaned C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\Flash_Disinfector.exe Cleaned C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\KillBox_[www.programosy.pl].exe Cleaned C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\newestAltaron\Altaron.exe Cleaned C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\otloader\Installer.exe Cleaned C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\reglooks.exe Cleaned C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\vcredist_x86.exe Cleaned C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\wic_x86_enu.exe Cleaned C:\Documents and Settings\Piootrek\Moje dokumenty\Downloads\WindowsInstaller-KB893803-v2-x86.exe Cleaned C:\Documents and Settings\Piootrek\Moje dokumenty\ElfCrack.exe Cleaned C:\Documents and Settings\Piootrek\Moje dokumenty\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\23.0.1271.97\23.0.1271.97_chrome_installer.exe Cleaned C:\Documents and Settings\Piootrek\Moje dokumenty\setup-4.5.9.exe Cleaned C:\Documents and Settings\Piootrek\Pulpit\OTL.exe Cleaned C:\Documents and Settings\Piootrek\Pulpit\UsbFix.exe Cleaned C:\Documents and Settings\Piootrek\Ustawienia lokalne\Temp\is1095167443\bundlesweetimsetup.exe Cleaned C:\Documents and Settings\Piootrek\Ustawienia lokalne\Temporary Internet Files\Content.IE5\CSY4A8GM\AQQ_PX_24410-x86[1].exe Cleaned C:\Documents and Settings\Piootrek\WapSter\AQQ Folder\Profiles\Piotrek\Data\Temp\UpdateAQQ.exe Cleaned C:\NVIDIA\DisplayDriver\197.44\WinXP\International\hdaudio_1.0.9.1_xp_vista_win7.exe Cleaned C:\NVIDIA\DisplayDriver\197.44\WinXP\International\nviewsetup.exe Cleaned C:\NVIDIA\DisplayDriver\197.44\WinXP\International\nvudisp.exe Cleaned C:\NVIDIA\DisplayDriver\197.44\WinXP\International\setup.exe Cleaned C:\Program Files\Asprate\Tibia Multi IP Changer\Ip Changer Updater.exe Cleaned C:\Program Files\Asprate\Tibia Multi IP Changer\Tibia MULTI-ip changer.exe Cleaned C:\Program Files\Asprate\Tibia Multi IP Changer\UNinstaller.exe Cleaned C:\Program Files\AvRack\rtlrack.exe Cleaned C:\Program Files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe Cleaned C:\Program Files\Common Files\Java\Java Update\jucheck.exe Cleaned C:\Program Files\Common Files\Java\Java Update\jusched.exe Cleaned C:\Program Files\Dll-Files.com Fixer\CleanSchedule.exe Cleaned C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe Cleaned C:\Program Files\Dll-Files.com Fixer\unins000.exe Cleaned C:\Program Files\ElfBot NG\navserv.exe Cleaned C:\Program Files\ElfBot NG\unins000.exe Cleaned C:\Program Files\InstallShield Installation Information\{4849E74C-3408-467A-AF8B-F3DEC3C07542}\setup.exe Cleaned C:\Program Files\InstallShield Installation Information\{7C21EEE0-E6FD-11D4-BD19-00D0B702AEC0}\Setup.exe Cleaned C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe Cleaned C:\Program Files\InstallShield Installation Information\{AC1E4C93-C1E7-11D6-9D10-00010240CE95}\Setup.exe Cleaned C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe Cleaned C:\Program Files\Java\j2re1.4.0_03\bin\java.exe Cleaned C:\Program Files\Java\j2re1.4.0_03\bin\javaw.exe Cleaned C:\Program Files\Java\j2re1.4.0_03\bin\jinstall.exe Cleaned C:\Program Files\Java\j2re1.4.0_03\bin\keytool.exe Cleaned C:\Program Files\Java\j2re1.4.0_03\bin\orbd.exe Cleaned C:\Program Files\Java\j2re1.4.0_03\bin\policytool.exe Cleaned C:\Program Files\Java\j2re1.4.0_03\bin\rmid.exe Cleaned C:\Program Files\Java\j2re1.4.0_03\bin\rmiregistry.exe Cleaned C:\Program Files\Java\j2re1.4.0_03\bin\servertool.exe Cleaned C:\Program Files\Java\j2re1.4.0_03\bin\tnameserv.exe Cleaned C:\Program Files\Messenger\msmsgs.exe Cleaned C:\Program Files\neostrada tp\SafeInstall\neostrada.exe Cleaned C:\Program Files\Niezbednik rowerzysty\data\content\course\unit_vc\media\vc.exe Cleaned C:\Program Files\Niezbednik rowerzysty\data\fscommand\flashex.exe Cleaned C:\Program Files\Niezbednik rowerzysty\data\fscommand\flashrec.exe Cleaned C:\Program Files\Niezbednik rowerzysty\data\fscommand\flsearch.exe Cleaned C:\Program Files\OpenOffice.org 3\Basis\program\python-core-2.6.1\bin\python.exe Cleaned C:\Program Files\OpenOffice.org 3\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-6.0.exe Cleaned C:\Program Files\OpenOffice.org 3\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-7.1.exe Cleaned C:\Program Files\OpenOffice.org 3\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-8.0.exe Cleaned C:\Program Files\OpenOffice.org 3\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-9.0.exe Cleaned C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe Cleaned C:\Program Files\Real Alternative\settings.exe Cleaned C:\Program Files\Realtek AC97\alcrmv.exe Cleaned C:\Program Files\Realtek AC97\ChCfg.exe Cleaned C:\Program Files\Realtek AC97\SoundMan.exe Cleaned C:\Program Files\Recuva\recuva.exe Cleaned C:\Program Files\SweetIM\Messenger\SweetIM.exe Cleaned C:\Program Files\Tibia\Patch.exe Cleaned C:\Program Files\Tibia\Tibia.exe Cleaned C:\Program Files\Tibia\unins000.exe Cleaned C:\Program Files\Total Video Player\tvp.exe Cleaned C:\Program Files\Total Video Player\unins000.exe Cleaned C:\Program Files\WapSter\WapSter AQQ\AQQ.exe Cleaned C:\Program Files\WapSter\WapSter AQQ\uninstall.exe Cleaned C:\Program Files\Windows NT\hypertrm.exe Cleaned C:\Program Files\ZTE ZXDSL 852\Disk1\DSLTest.exe Cleaned C:\Program Files\ZTE ZXDSL 852\Disk1\setup.exe Cleaned C:\Program Files\ZTE ZXDSL 852\Disk1\StmClean.exe Cleaned C:\Program Files\ZTE ZXDSL 852\Disk1\stmtrace.exe Cleaned C:\Program Files\ZTE ZXDSL 852\Disk1\usbenum.exe Cleaned C:\rmslt.log Can't open C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001076.exe Cleaned Log from virus remover (Win32/Sality) Log from virus remover (Win32/Sality) C:\Program Files\ElfBot NG\playerinfo\M\MocnY SqurwysyN Can't open C:\rmslt.log Can't open C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001077.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001079.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001081.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001082.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001086.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001088.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001109.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001111.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001114.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001119.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001155.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001357.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001358.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001359.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001360.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001364.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001366.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001367.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001368.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001369.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002356.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002359.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002360.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002361.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002364.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002366.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002393.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002395.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002397.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002400.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002402.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002403.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002404.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002405.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002407.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002409.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002411.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002424.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002425.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002426.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002431.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002432.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002433.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002434.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002435.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002436.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002440.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002447.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002449.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002450.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002451.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002452.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002453.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002454.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002455.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002456.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002457.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002458.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002459.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002460.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002461.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002462.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002463.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002464.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002465.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002466.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002467.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002468.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002469.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002470.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002471.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002472.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002473.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002474.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002475.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002476.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002477.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002479.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002480.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002481.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002482.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002483.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002484.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002488.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002489.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002490.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002491.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002492.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002493.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002494.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002495.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002496.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002497.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002498.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002500.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002501.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002502.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002503.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002504.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002505.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002506.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002508.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002509.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002530.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002532.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002533.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002534.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002535.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002541.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002542.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002543.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002544.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002546.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002566.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002568.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002571.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002578.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002579.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002580.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002583.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002586.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002588.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002620.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002622.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002623.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002624.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002625.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002626.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002627.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002628.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002630.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002631.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002632.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002646.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002647.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002648.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002653.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002654.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002655.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002656.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002657.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002658.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002662.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002669.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002670.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002671.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002672.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002673.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002674.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002675.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002676.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002677.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002678.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002679.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002680.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002681.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002682.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002683.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002684.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002685.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002686.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002687.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002688.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002689.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002690.exe Cleaned Log from virus remover (Win32/Sality) C:\Program Files\ElfBot NG\playerinfo\M\MocnY SqurwysyN Can't open C:\rmslt.log Can't open C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002691.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002692.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002693.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002694.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002695.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002696.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002697.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002699.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002700.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002701.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002702.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002703.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002704.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002708.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002709.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002710.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002711.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002712.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002713.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002714.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002715.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002716.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002717.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002718.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002720.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002721.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002722.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002723.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002724.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002725.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002726.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002727.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002728.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002729.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002749.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002750.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002751.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002752.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002753.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002758.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002759.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002760.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002761.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002763.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002783.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002785.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002788.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002790.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002791.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002792.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002793.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002794.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002798.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002799.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002800.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002801.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002802.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002803.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002804.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002805.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002806.EXE Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002807.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002808.EXE Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002809.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002810.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002815.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002816.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002817.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002818.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002819.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002823.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002824.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002826.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002827.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002829.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002830.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002842.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002843.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002854.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002873.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002874.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002875.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002876.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002877.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002879.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002880.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002881.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002892.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002893.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002894.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002899.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002900.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002901.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002902.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002903.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002904.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002908.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002915.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002916.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002917.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002918.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002919.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002920.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002921.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002922.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002923.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002924.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002925.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002926.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002927.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002928.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002929.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002930.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002931.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002932.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002933.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002934.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002935.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002936.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002937.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002938.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002939.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002940.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002941.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002942.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002943.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002944.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002945.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002946.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002947.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002948.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002949.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002950.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002954.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002955.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002956.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002957.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002958.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002959.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002960.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002961.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002962.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002963.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002964.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002966.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002967.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002968.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002969.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002970.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002971.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002972.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002973.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002974.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002975.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002998.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002999.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003000.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003001.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003003.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003023.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003025.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003028.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003030.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003031.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003032.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003033.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003034.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003038.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003039.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003040.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003041.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003042.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003043.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003044.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003045.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003046.EXE Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003047.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003048.EXE Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003058.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003059.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003060.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003061.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003062.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003065.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003066.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003067.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003068.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003069.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003070.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003071.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003112.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003114.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003115.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003120.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003121.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003122.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003123.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003124.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003125.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003129.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003134.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003135.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003136.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003137.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003138.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003139.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003141.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003143.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003145.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004134.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004135.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004136.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004137.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004139.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004140.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004141.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004143.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004145.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004188.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004189.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004190.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004195.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004196.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004197.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004198.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004199.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004200.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005134.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005136.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005137.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005138.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005139.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005140.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005143.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005145.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005146.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005196.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005197.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005199.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005200.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005202.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005203.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005204.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005205.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005206.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005207.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005208.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005210.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005211.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005212.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005213.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005214.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005217.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005219.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005221.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005222.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005227.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005229.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005233.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005236.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005250.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005255.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005272.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005297.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005301.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005302.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005306.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005308.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005309.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005310.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0005311.rbf Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006136.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006137.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006138.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006142.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006145.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006147.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006174.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006180.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006182.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006183.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006185.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006187.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006202.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006203.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006204.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006209.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006210.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006211.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006212.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006213.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006214.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006218.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006225.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006226.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006227.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006228.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006229.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006230.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006231.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006235.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006236.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006237.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006238.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006239.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006240.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006241.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006242.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006243.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006244.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006245.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006247.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006248.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006249.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006250.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006251.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006252.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006253.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006254.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006255.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006256.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006276.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006277.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006278.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006279.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006280.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006284.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006285.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006286.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006287.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006289.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006309.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006311.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006314.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006316.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006317.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006318.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006319.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006328.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006329.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006330.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006333.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006336.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006338.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006370.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006371.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006374.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006375.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006376.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006378.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006389.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006390.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006391.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006396.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006397.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006398.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006399.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006400.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006401.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006410.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006411.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006412.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006415.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006418.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006420.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006451.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006453.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006455.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006456.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006458.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006464.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006466.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006473.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006474.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006475.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006476.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006477.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006478.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006490.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006503.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006504.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006505.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006510.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006511.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006512.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006513.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006514.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006515.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006519.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006526.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006527.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006528.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006529.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006530.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006531.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006532.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006536.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006537.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006538.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006539.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006540.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006541.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006542.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006543.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006544.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006545.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006546.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006548.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006549.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006550.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006551.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006552.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006553.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006554.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006555.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006556.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006557.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006578.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006579.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006580.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006581.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006582.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006586.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006587.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006588.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006589.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006591.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006611.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006613.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006616.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006618.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006619.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006620.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006621.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006622.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006626.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006627.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006628.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006629.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006630.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006631.EXE Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006632.EXE Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006638.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006639.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006640.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006643.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006646.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006648.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006680.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006682.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006684.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006685.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006686.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006688.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006689.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006700.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006701.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006702.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006707.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006708.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006709.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006710.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006711.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006712.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006717.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006718.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006720.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006721.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006722.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006724.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006725.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006726.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006727.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006728.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006729.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006730.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006740.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006751.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006752.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006753.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006754.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006755.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006756.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006757.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006761.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006762.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006763.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006764.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006765.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006766.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006767.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006768.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006769.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006770.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006772.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006773.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006774.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006775.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006776.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006777.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006778.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006779.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006780.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006781.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006801.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006802.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006803.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006804.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006805.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006809.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006810.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006811.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006812.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006814.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006834.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006836.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006839.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006841.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006842.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006843.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006844.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006845.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006849.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006850.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006851.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006852.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006853.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006854.EXE Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006855.EXE Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006856.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006857.EXE Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006865.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006866.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006906.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006907.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006908.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006913.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006914.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006915.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006916.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006917.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006918.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006925.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006926.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006927.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006930.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006933.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006935.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006966.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006968.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006971.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006973.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006974.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006976.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006977.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006978.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006993.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006994.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006995.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007000.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007001.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007002.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007003.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007004.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007005.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007011.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007018.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007019.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007020.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007021.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007022.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007023.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007024.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007028.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007029.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007030.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007031.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007032.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007033.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007034.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007035.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007036.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007037.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007039.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007040.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007041.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007042.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007043.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007044.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007045.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007046.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007047.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007048.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007068.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007069.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007070.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007071.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007072.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007076.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007077.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007078.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007079.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007081.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007107.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007109.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007112.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007115.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007116.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007117.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007118.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007119.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007123.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007124.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007125.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007126.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007127.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007128.EXE Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007129.EXE Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007130.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007131.EXE Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007140.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007141.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007142.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007143.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0007144.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008139.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008140.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008141.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008142.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008143.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008152.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008153.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008155.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008157.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008161.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008163.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008193.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008195.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008197.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008198.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008200.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008201.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008202.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008203.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008204.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008218.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008219.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008220.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008223.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008226.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008228.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008260.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008261.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008264.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008265.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008266.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008268.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008269.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008270.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008271.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008272.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008285.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008286.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008287.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008292.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008293.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008294.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008295.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008296.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008297.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008301.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008303.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008304.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008305.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008306.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008307.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008308.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008309.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008310.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008311.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008312.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008313.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008314.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008315.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008316.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008317.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008318.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008319.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008320.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008321.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008322.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008323.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008324.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008325.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008326.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008327.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008328.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008329.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008330.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008331.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008332.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008333.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008334.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008335.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008336.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008337.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008338.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008339.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008340.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008341.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008342.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008343.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008344.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008345.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008346.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008347.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008348.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008349.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008350.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008351.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008352.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008353.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008354.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008355.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008356.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008357.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008358.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008359.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008360.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008361.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008362.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008363.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008364.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008365.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008366.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008367.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008368.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008369.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008370.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008371.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008372.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008373.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008374.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008375.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008376.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008377.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008378.exe Cleaned C:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008379.exe Cleaned C:\UsbFix\Backup\Registry-2013-01-18\ERDNT.EXE Cleaned C:\UsbFix\Backup\Registry-2013-01-22\ERDNT.EXE Cleaned C:\UsbFix\Go.exe Cleaned C:\UsbFix\Quarantine\C\Recycler\S-1-5-21-1482476501-1644491937-682003330-1013\iuhx32.exe.vir Cleaned C:\UsbFix\Quarantine\C\Recycler\S-1-5-21-436374069-2049760794-1417001333-1004\Dc1\ElfCrack.exe.vir Cleaned C:\UsbFix\Quarantine\C\Recycler\S-1-5-21-436374069-2049760794-1417001333-1004\Dc1\setup-4.5.9.exe.vir Cleaned C:\UsbFix\Quarantine\C\Recycler\S-1-5-21-436374069-2049760794-1417001333-1004\Dc3\[000010]\Mega Evo by Help3R NEW UPDATE 2012\Silnik\TheForgottenServer.exe.vir Cleaned C:\UsbFix\Quarantine\G\EXPLORER.EXE.vir Cleaned C:\UsbFix\Quarantine\G\Recycler\e621ca05.exe.vir Cleaned C:\UsbFix\Un-UsbFix.exe Cleaned C:\WINDOWS\soundman.exe Cleaned C:\WINDOWS\system32\hkcmd.exe Cleaned C:\WINDOWS\system32\igfxtray.exe Cleaned C:\WINDOWS\system32\rundll32.exe.tmp Cleaned C:\_OTL\MovedFiles\01022013_153353\C_WINDOWS\system32\EXPLORER.EXE Cleaned D:\lineage2eu-4game.exe Cleaned D:\OTs\TFS 8.6\TheForgottenServer8.60V3.exe Cleaned D:\Runes_of_Magic_4_0_8_2506_slim_eu.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000115.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001094.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001133.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001134.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001135.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002372.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002421.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002422.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002423.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002596.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002643.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002644.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002645.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002841.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002889.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002890.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002891.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003084.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003110.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003111.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003113.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003154.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004154.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004185.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004186.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004187.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005158.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006157.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006198.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006199.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006200.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006354.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006386.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006387.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006388.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006434.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006498.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006499.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006500.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006664.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006697.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006698.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006699.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006880.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006903.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006904.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006905.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006940.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006989.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006990.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006991.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008174.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008244.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008281.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008282.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008283.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0009311.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0009312.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0009313.exe Cleaned D:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\change.log Can't open D:\tvpsetup.exe Cleaned E:\sterowniki\Drivers\Setup.exe Cleaned E:\sterowniki\Drivers\SetupRtl8139.exe Cleaned E:\sterowniki\INFUpdate\infinst_autol.exe Cleaned E:\sterowniki\motherboard_driver_audio_realtek_whql.exe Cleaned E:\sterowniki\motherboard_driver_chipset_intel_inf.exe Cleaned E:\sterowniki\motherboard_driver_lan_realtek_81xx.exe Cleaned E:\sterowniki\motherboard_driver_vga_intel_2kxp.exe Cleaned E:\sterowniki\Realtek\Ap\MPIE4STD.EXE Cleaned E:\sterowniki\Realtek\Ap\Mpstd.exe Cleaned E:\sterowniki\Realtek\setup.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000103.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000104.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000106.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000107.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000109.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000111.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000114.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000116.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000117.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000119.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000120.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000124.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000127.EXE Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000129.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000131.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000132.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000133.EXE Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000134.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000135.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000136.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0000138.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001078.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001080.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001083.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001084.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001087.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001089.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001091.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001106.EXE Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001107.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001115.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001362.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001363.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001371.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0001372.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002357.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002358.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002362.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002363.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002365.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002367.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002369.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002380.EXE Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002382.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002391.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002581.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002582.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002584.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002585.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002587.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002589.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002591.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002602.EXE Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002603.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002611.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002825.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002828.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002832.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002834.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002835.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002837.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002838.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002851.EXE Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002852.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0002860.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003072.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003073.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003074.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003075.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003077.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003078.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003079.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003089.EXE Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003090.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003095.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003142.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003144.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003147.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003148.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003151.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003152.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003153.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003163.EXE Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003164.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0003169.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004142.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004144.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004147.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004148.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004151.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004152.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004153.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004163.EXE Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004164.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0004169.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005142.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005144.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005150.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005151.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005153.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005154.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005155.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005165.EXE Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005166.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP7\A0005171.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006139.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006140.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006143.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006144.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006146.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006148.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006150.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006163.EXE Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006165.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006172.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006331.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006332.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006334.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006335.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006337.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006339.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006341.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006351.EXE Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006352.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006359.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006413.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006414.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006416.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006417.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006419.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006421.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006423.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006433.EXE Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006435.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006444.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006641.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006642.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006644.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006645.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006647.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006649.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006651.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006661.EXE Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006662.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP8\A0006669.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006867.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006868.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006869.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006870.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006871.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006872.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006873.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006883.EXE Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006884.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006889.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006928.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006929.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006931.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006932.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006934.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006937.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006939.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006950.EXE Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006951.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0006960.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008154.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008156.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008159.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008160.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008162.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008164.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008166.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008177.EXE Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008179.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008187.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008221.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008222.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008224.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008225.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008227.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008229.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008231.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008241.EXE Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008242.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0008249.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0009315.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0009316.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0009317.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0009318.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0009319.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0009320.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0009321.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0009322.EXE Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0009323.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\A0009324.exe Cleaned E:\System Volume Information\_restore{347BA2C3-B6C3-4022-91B1-B2B029411508}\RP9\change.log Can't open [/log] Jednak on nie usunął wiekszości. Zrobił to Sality Killer (ten od kasperskiego, jednak tu nie pokazał sie żaden raport) a po skanie Dr. Web ujawniły się już tylko trojany w sumie coś ok 36. //Edit2: Log z Combofixa [log] ComboFix 13-01-28.02 - Piootrek 2013-01-28 20:48:07.1.1 - x86 Uruchomiony z: c:\documents and settings\Piootrek\Pulpit\ComboFix.exe . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Dane aplikacji\TEMP c:\windows\EventSystem.log c:\windows\IsUn0415.exe c:\windows\msmqinst.log c:\windows\regopt.log c:\windows\system32\rundll32.exe.tmp c:\windows\system32\setup.ini . . ((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_AMSINT32 -------\Service_amsint32 . . ((((((((((((((((((((((((( Pliki utworzone od 2012-12-28 do 2013-01-28 ))))))))))))))))))))))))))))))) . . 2013-01-28 19:00 . 2013-01-28 19:18 -------- d-----w- C:\xampp 2013-01-18 14:55 . 2013-01-22 16:51 -------- d-----w- C:\UsbFix 2013-01-06 13:29 . 2013-01-06 13:29 -------- d-----w- C:\NVIDIA 2013-01-02 14:33 . 2013-01-02 14:33 -------- d-----w- C:\_OTL . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-01-22 16:48 . 2013-01-22 16:09 1792917834 ----a-w- C:\UsbFix_Upload_Me_PIOTREK.zip . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay1] @="{E68D0A50-3C40-4712-B90D-DCFA93FF2534}" [HKEY_CLASSES_ROOT\CLSID\{E68D0A50-3C40-4712-B90D-DCFA93FF2534}] 2012-06-05 09:41 1232896 ----a-w- c:\documents and settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay2] @="{E68D0A51-3C40-4712-B90D-DCFA93FF2534}" [HKEY_CLASSES_ROOT\CLSID\{E68D0A51-3C40-4712-B90D-DCFA93FF2534}] 2012-06-05 09:41 1232896 ----a-w- c:\documents and settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay3] @="{E68D0A52-3C40-4712-B90D-DCFA93FF2534}" [HKEY_CLASSES_ROOT\CLSID\{E68D0A52-3C40-4712-B90D-DCFA93FF2534}] 2012-06-05 09:41 1232896 ----a-w- c:\documents and settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay4] @="{E68D0A53-3C40-4712-B90D-DCFA93FF2534}" [HKEY_CLASSES_ROOT\CLSID\{E68D0A53-3C40-4712-B90D-DCFA93FF2534}] 2012-06-05 09:41 1232896 ----a-w- c:\documents and settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-07-01 155648] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-07-01 118784] "SoundMan"="SOUNDMAN.EXE" [2006-08-02 577536] "AdslTaskBar"="stmctrl.dll" [2006-06-02 151552] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 247296] "SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2012-10-04 106496] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableNotifications"= 1 (0x1) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Opera\\opera.exe"= "c:\\Program Files\\WapSter\\WapSter AQQ\\AQQ.exe"= "c:\\UsbFix\\Go.exe"= "c:\\WINDOWS\\system32\\igfxtray.exe"= "c:\\Program Files\\Tibia\\Tibia.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Asprate\\Tibia Multi IP Changer\\Tibia MULTI-ip changer.exe"= "c:\\WINDOWS\\SOUNDMAN.EXE"= "c:\\WINDOWS\\system32\\hkcmd.exe"= "c:\\Documents and Settings\\Piootrek\\Pulpit\\OTL.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "2729:TCP"= 2729:TCP:kffmn "50000:TCP"= 50000:TCP:ArcaVir CommunicationPort (A) "50001:TCP"= 50001:TCP:ArcaVir CommunicationPort (S) . R3 Stmatm;ATM/ADSL miniport;c:\windows\system32\drivers\stmatm.sys [2012-12-30 60255] R3 TaurusUsb;ADSL Modem USB Service;c:\windows\system32\drivers\torususb.sys [2012-12-30 684265] S2 nfipqs;jnjajl;c:\windows\system32\svchost.exe -k netsvcs [2004-08-03 14336] . --- Inne Usługi/Sterowniki w Pamięci --- . *NewlyCreated* - WS2IFSL . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ojumdcjt nfipqs . Zawartość folderu 'Zaplanowane zadania' . 2013-01-28 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-30 16:28] . 2013-01-23 c:\windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job - c:\program files\Dll-Files.com Fixer\DLLFixer.exe [2013-01-06 09:56] . 2013-01-19 c:\windows\Tasks\DLL-Files.Com Fixer_Updates.job - c:\program files\Dll-Files.com Fixer\DLLFixer.exe [2013-01-06 09:56] . . ------- Skan uzupełniający ------- . TCP: Interfaces\{C623AF4C-8D95-491C-9A29-24DCEC5B7DCF}: NameServer = 194.204.159.1 194.204.152.34 . - - - - USUNIĘTO PUSTE WPISY - - - - . HKLM-Run-ABREGMON - c:\program files\ArcaBit\ArcaVir\ABregmon.exe AddRemove-Google Chrome - c:\program files\Google\Chrome\Application\23.0.1271.97\Installer\setup.exe AddRemove-Piszę poprawnie 4 - c:\windows\IsUn0415.exe AddRemove-Szkoła podstawowa klasa 4 - Tajemnice przyrody - c:\windows\IsUn0415.exe AddRemove-Szkoła podstawowa klasa 4 - Wczoraj i dziś - c:\windows\IsUn0415.exe AddRemove-Szkoła podstawowa klasy 4-6 - Muzyka na ekranie - c:\windows\IsUn0415.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2013-01-28 21:04 Windows 5.1.2600 Dodatek Service Pack 2 NTFS . skanowanie ukrytych procesów ... . skanowanie ukrytych wpisów autostartu ... . skanowanie ukrytych plików ... . skanowanie pomyślnie ukończone ukryte pliki: 0 . ************************************************************************** . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- . - - - - - - - > 'explorer.exe'(2700) c:\windows\system32\msi.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\windows\SOUNDMAN.EXE c:\windows\system32\rundll32.exe c:\program files\Java\jre7\bin\jqs.exe c:\windows\system32\wscntfy.exe c:\windows\system32\wbem\wmiapsrv.exe . ************************************************************************** . Czas ukończenia: 2013-01-28 21:11:22 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2013-01-28 20:11 . Przed: 47 323 697 152 bajtów wolnych Po: 47 432 364 032 bajtów wolnych . WindowsXP-KB310994-SP2-Home-BootDisk-PLK.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - BA60231F4F1FFF657EFC5C2D47AF60D2 [/log]
Zayfi komentarz 28 stycznia 2013 komentarz 28 stycznia 2013 Postaw system od nowa usuwając wszystkie partycje. infekcja sality jest trudna do wyleczenia i nigdy nie kończy sie na samym leczeniu. trzeba przeinstalować wszystkie aplikacje od nowa ponieważ pliki wykonywalne są uszkodzone.
Soul_bullock komentarz 28 stycznia 2013 Autor komentarz 28 stycznia 2013 Postaw system od nowa usuwając wszystkie partycje. infekcja sality jest trudna do wyleczenia i nigdy nie kończy sie na samym leczeniu. trzeba przeinstalować wszystkie aplikacje od nowa ponieważ pliki wykonywalne są uszkodzone. Myślę, że odpuszczę sobie Twoją "złotą" radę i poczekam na odpowiedź osoby prowadzącej mnie od początku.
Zayfi komentarz 28 stycznia 2013 komentarz 28 stycznia 2013 Myślę, że odpuszczę sobie Twoją "złotą" radę i poczekam na odpowiedź osoby prowadzącej mnie od początku. Poczekaj. Masz prawo. Tym bardziej że Twoja wiedza o infekcji Sality jest żadna.
Soul_bullock komentarz 31 stycznia 2013 Autor komentarz 31 stycznia 2013 Odświeżam. Log po ComboFixie jest do sprawdzenia.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.