Log z OTL'a (1)
- Kod: Zaznacz wszystko
OTL logfile created on: 2011-11-06 17:27:49 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Marcin S\Pulpit
Windows XP Professional Edition Dodatek Service Pack. 1 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1022,80 Mb Total Physical Memory | 680,63 Mb Available Physical Memory | 66,55% Memory free
2,40 Gb Paging File | 2,16 Gb Available in Paging File | 89,80% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 35,47 Gb Total Space | 32,43 Gb Free Space | 91,44% Space Free | Partition Type: NTFS
Drive D: | 39,06 Gb Total Space | 28,99 Gb Free Space | 74,22% Space Free | Partition Type: NTFS
Computer Name: MARCIN | User Name: Marcin S | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2011-11-06 17:27:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marcin S\Pulpit\OTL.exe
PRC - [2011-11-06 16:09:24 | 000,061,440 | RHS- | M] () -- C:\WINDOWS\system32\csrsc.exe
PRC - [2011-11-05 08:31:55 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2002-09-20 17:05:24 | 001,005,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2011-11-06 16:59:08 | 008,522,400 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011-11-06 16:09:24 | 000,061,440 | RHS- | M] () -- C:\WINDOWS\system32\csrsc.exe
MOD - [2011-11-05 08:31:56 | 001,989,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011-11-06 16:09:24 | 000,061,440 | RHS- | M] () [Auto | Running] -- C:\WINDOWS\System32\csrsc.exe -- (WinSpoolSvc)
SRV - [2001-10-26 18:29:36 | 000,047,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\mspmspsv.dll -- (WmdmPmSp)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2001-08-17 20:12:42 | 000,023,070 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.startup.homepage: "http://www.wp.pl"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\System32\Macromed\Flash\NPSWF32.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-11-06 16:39:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2011-11-06 16:41:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Marcin S\Dane aplikacji\Mozilla\Extensions
[2011-11-06 16:39:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-11-05 08:31:56 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-11-05 04:41:38 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2011-11-05 04:41:38 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2011-11-05 04:41:38 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2011-11-05 04:41:38 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2011-11-05 04:41:38 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-11-05 04:41:39 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKLM\..\Toolbar: (&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx (Microsoft Corporation)
O4 - HKLM..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKCU..\Run: [NvMediaCenter] C:\WINDOWS\System32\NVMCTRAY.DLL (NVIDIA Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\Web\related.htm ()
O9 - Extra 'Tools' menuitem : @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\Web\related.htm ()
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 94.251.160.14 94.251.182.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B2FC0727-D166-43C3-ACCF-FD23FB57730F}: DhcpNameServer = 94.251.160.14 94.251.182.11
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\msdxm.ocx (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-11-06 15:36:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2011-11-06 17:27:13 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Marcin S\Pulpit\OTL.exe
[2011-11-06 17:07:44 | 000,000,000 | ---D | C] -- C:\Przyspiesz
[2011-11-06 16:59:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marcin S\Dane aplikacji\Macromedia
[2011-11-06 16:59:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marcin S\Dane aplikacji\Adobe
[2011-11-06 16:58:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee
[2011-11-06 16:56:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Narzędzia Microsoft Office
[2011-11-06 16:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Designer
[2011-11-06 16:55:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\ShellNew
[2011-11-06 16:53:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marcin S\Dane aplikacji\Microsoft Web Folders
[2011-11-06 16:53:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011-11-06 16:45:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marcin S\Moje dokumenty\Pobieranie
[2011-11-06 16:41:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marcin S\Ustawienia lokalne\Dane aplikacji\Mozilla
[2011-11-06 16:41:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marcin S\Dane aplikacji\Mozilla
[2011-11-06 16:39:52 | 002,596,864 | R--- | C] (C-Media Corporation) -- C:\WINDOWS\System\cmicnfg.cpl
[2011-11-06 16:39:52 | 001,458,176 | R--- | C] (C-Media Electronics Inc.) -- C:\WINDOWS\System\SmWizard.exe
[2011-11-06 16:39:52 | 000,917,504 | R--- | C] (C-Media Electronics Inc.) -- C:\WINDOWS\System\cmids3d.dll
[2011-11-06 16:39:52 | 000,167,936 | R--- | C] (C-Media) -- C:\WINDOWS\System32\cmuda.dll
[2011-11-06 16:39:52 | 000,032,768 | R--- | C] (C-Media Corporation) -- C:\WINDOWS\System32\udaprop.dll
[2011-11-06 16:39:36 | 000,000,000 | ---D | C] -- C:\Program Files\C-Media 3D Audio
[2011-11-06 16:39:35 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2011-11-06 16:39:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011-11-06 16:33:39 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Marcin S\UserData
[2011-11-06 16:26:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2011-11-06 16:18:28 | 000,098,304 | ---- | C] (NVIDIA) -- C:\WINDOWS\System32\nvudisp.exe
[2011-11-06 16:18:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2011-11-06 16:18:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2011-11-06 16:18:00 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011-11-06 16:15:36 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2011-11-06 16:06:58 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011-11-06 16:06:21 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2011-11-06 16:06:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marcin S\Dane aplikacji\Identities
[2011-11-06 16:06:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Marcin S\Moje dokumenty\Moja muzyka
[2011-11-06 16:06:13 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2011-11-06 16:06:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Marcin S\Moje dokumenty\Moje obrazy
[2011-11-06 16:06:09 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Marcin S\Cookies
[2011-11-06 16:06:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marcin S\Ustawienia lokalne\Dane aplikacji\Microsoft
[2011-11-06 16:06:08 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Marcin S\Dane aplikacji\Microsoft
[2011-11-06 16:06:08 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Marcin S\SendTo
[2011-11-06 16:06:08 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Marcin S\Recent
[2011-11-06 16:06:08 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Marcin S\Dane aplikacji
[2011-11-06 16:06:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Marcin S\Ulubione
[2011-11-06 16:06:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Marcin S\Moje dokumenty
[2011-11-06 16:06:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Marcin S\Menu Start
[2011-11-06 16:06:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Marcin S\Menu Start\Programy\Autostart
[2011-11-06 16:06:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Marcin S\Menu Start\Programy\Akcesoria
[2011-11-06 16:06:08 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Marcin S\Ustawienia lokalne
[2011-11-06 16:06:08 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Marcin S\Szablony
[2011-11-06 16:06:08 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Marcin S\PrintHood
[2011-11-06 16:06:08 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Marcin S\NetHood
[2011-11-06 16:06:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marcin S\Pulpit
[2011-11-06 16:04:53 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011-11-06 16:04:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011-11-06 16:04:44 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2011-11-06 16:04:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2011-11-06 16:04:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2011-11-06 16:04:43 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2011-11-06 15:38:01 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011-11-06 15:38:01 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011-11-06 15:38:01 | 000,026,624 | ---- | C] (RICOH Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2011-11-06 15:37:02 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011-11-06 15:36:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2011-11-06 15:36:41 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2011-11-06 15:36:41 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2011-11-06 15:35:32 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2011-11-06 15:35:22 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2011-11-06 15:35:22 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2011-11-06 15:34:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2011-11-06 15:34:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2011-11-06 15:34:23 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2011-11-06 15:34:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2011-11-06 15:34:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2011-11-06 15:34:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2011-11-06 15:34:16 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2011-11-06 15:34:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHealth
[2011-11-06 15:34:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2011-11-06 15:34:10 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2011-11-06 15:34:08 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2011-11-06 15:34:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2011-11-06 15:34:03 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2011-11-06 15:34:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy
[2011-11-06 15:34:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka
[2011-11-06 15:33:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Gry
[2011-11-06 15:33:28 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2011-11-06 15:33:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2011-11-06 15:33:22 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Narzędzia administracyjne
[2011-11-06 15:33:17 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2011-11-06 15:33:17 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2011-11-06 15:33:17 | 000,000,000 | ---D | C] -- C:\Program Files\Usługi online
[2011-11-06 15:33:12 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2011-11-06 15:33:08 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2011-11-06 15:33:05 | 000,274,944 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2011-11-06 15:32:39 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2011-11-06 15:32:39 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2011-11-06 15:32:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2011-11-06 15:32:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2011-11-06 15:31:59 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria
[2011-11-06 15:16:57 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2011-11-06 15:16:57 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2011-11-06 15:16:57 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2011-11-06 15:16:57 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1045
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2011-11-06 15:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2011-11-06 14:23:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2011-11-06 14:23:22 | 000,000,000 | R--D | C] -- C:\Program Files
[2011-11-06 14:23:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2011-11-06 14:23:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2011-11-06 14:23:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2011-11-06 14:23:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start
[2011-11-06 14:23:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty
[2011-11-06 14:23:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
[2011-11-06 14:23:02 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Szablony
[2011-11-06 14:23:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Ulubione
[2011-11-06 14:23:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Pulpit
[2011-11-06 14:22:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2011-11-06 14:22:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2011-11-06 14:22:44 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
[2011-11-06 14:22:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji
[2011-11-06 14:22:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2011-11-06 17:27:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marcin S\Pulpit\OTL.exe
[2011-11-06 17:25:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-11-06 17:24:59 | 000,114,968 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-11-06 17:07:59 | 000,000,348 | ---- | M] () -- C:\Documents and Settings\Marcin S\Pulpit\Moje dokumenty.lnk
[2011-11-06 16:58:51 | 000,001,619 | ---- | M] () -- C:\Documents and Settings\Marcin S\Moje dokumenty\McAfee Security Scan Plus.lnk
[2011-11-06 16:56:38 | 000,000,427 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2011-11-06 16:56:04 | 000,001,745 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk
[2011-11-06 16:39:45 | 000,000,092 | ---- | M] () -- C:\WINDOWS\CMISETUP.INI
[2011-11-06 16:39:44 | 000,000,026 | ---- | M] () -- C:\WINDOWS\CMCDPLAY.INI
[2011-11-06 16:39:42 | 000,000,171 | ---- | M] () -- C:\WINDOWS\System\CmiCnfg.ini
[2011-11-06 16:39:42 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Wininit.ini
[2011-11-06 16:39:04 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2011-11-06 16:38:59 | 000,003,541 | ---- | M] () -- C:\WINDOWS\Ascd_tmp.ini
[2011-11-06 16:11:54 | 000,355,830 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-11-06 16:11:54 | 000,311,740 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-11-06 16:11:54 | 000,049,712 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-11-06 16:11:54 | 000,040,128 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-11-06 16:09:24 | 000,061,440 | RHS- | M] () -- C:\WINDOWS\System32\csrsc.exe
[2011-11-06 16:06:19 | 000,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2011-11-06 16:06:07 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-11-06 15:39:19 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2011-11-06 15:38:29 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011-11-06 15:36:25 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011-11-06 15:36:25 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011-11-06 15:36:25 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011-11-06 15:36:25 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011-11-06 15:36:25 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011-11-06 15:36:22 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011-11-06 15:36:22 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011-11-06 15:36:21 | 000,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2011-11-06 15:36:12 | 000,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011-11-06 15:33:36 | 000,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011-11-06 15:31:29 | 000,000,194 | -HS- | M] () -- C:\boot.ini
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2011-11-06 17:07:59 | 000,000,348 | ---- | C] () -- C:\Documents and Settings\Marcin S\Pulpit\Moje dokumenty.lnk
[2011-11-06 16:58:51 | 000,001,619 | ---- | C] () -- C:\Documents and Settings\Marcin S\Moje dokumenty\McAfee Security Scan Plus.lnk
[2011-11-06 16:56:38 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011-11-06 16:56:04 | 000,002,092 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Excel.lnk
[2011-11-06 16:56:04 | 000,002,086 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Outlook.lnk
[2011-11-06 16:56:04 | 000,002,064 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Word.lnk
[2011-11-06 16:56:04 | 000,002,032 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft PowerPoint.lnk
[2011-11-06 16:56:04 | 000,002,010 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Access.lnk
[2011-11-06 16:56:04 | 000,001,745 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk
[2011-11-06 16:39:52 | 000,233,472 | R--- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe
[2011-11-06 16:39:52 | 000,028,672 | R--- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2011-11-06 16:39:45 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2011-11-06 16:39:44 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2011-11-06 16:39:42 | 000,000,171 | ---- | C] () -- C:\WINDOWS\System\CmiCnfg.ini
[2011-11-06 16:39:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2011-11-06 16:39:36 | 000,266,240 | ---- | C] () -- C:\WINDOWS\CMIUninstall.exe
[2011-11-06 16:39:36 | 000,225,280 | ---- | C] () -- C:\WINDOWS\CmiRmRedundDir.exe
[2011-11-06 16:39:36 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
[2011-11-06 16:39:04 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk
[2011-11-06 16:39:04 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2011-11-06 16:28:53 | 000,003,541 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2011-11-06 16:28:52 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2011-11-06 16:25:40 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2011-11-06 16:25:40 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2011-11-06 16:25:40 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2011-11-06 16:25:40 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2011-11-06 16:25:39 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax
[2011-11-06 16:25:39 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2011-11-06 16:25:39 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2011-11-06 16:25:38 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll
[2011-11-06 16:25:38 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\mpg2splt.ax
[2011-11-06 16:25:38 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax
[2011-11-06 16:25:38 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll
[2011-11-06 16:25:38 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll
[2011-11-06 16:25:38 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll
[2011-11-06 16:18:28 | 000,009,801 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2011-11-06 16:09:24 | 000,061,440 | RHS- | C] () -- C:\WINDOWS\System32\csrsc.exe
[2011-11-06 16:06:18 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Marcin S\Menu Start\Programy\Outlook Express.lnk
[2011-11-06 16:06:14 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Marcin S\Menu Start\Programy\Internet Explorer.lnk
[2011-11-06 16:06:09 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Marcin S\Menu Start\Programy\Pomoc zdalna.lnk
[2011-11-06 16:06:09 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Marcin S\Menu Start\Programy\Windows Media Player.lnk
[2011-11-06 15:39:18 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2011-11-06 15:38:29 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011-11-06 15:37:56 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2011-11-06 15:37:40 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011-11-06 15:37:33 | 000,196,666 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2011-11-06 15:37:33 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2011-11-06 15:37:31 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011-11-06 15:37:22 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2011-11-06 15:37:17 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011-11-06 15:37:14 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2011-11-06 15:37:05 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2011-11-06 15:36:25 | 000,002,596 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2011-11-06 15:36:25 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011-11-06 15:36:25 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011-11-06 15:36:25 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2011-11-06 15:36:25 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2011-11-06 15:36:23 | 000,025,065 | ---- | C] () -- C:\WINDOWS\System32\wmpscheme.xml
[2011-11-06 15:36:22 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2011-11-06 15:36:22 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2011-11-06 15:36:21 | 000,299,552 | ---- | C] () -- C:\WINDOWS\WMSysPrx.prx
[2011-11-06 15:35:03 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2011-11-06 15:34:35 | 000,351,744 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2011-11-06 15:34:34 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2011-11-06 15:34:34 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2011-11-06 15:34:29 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2011-11-06 15:33:41 | 000,000,863 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Messenger.lnk
[2011-11-06 15:33:36 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011-11-06 15:33:17 | 000,001,890 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\MSN Explorer.lnk
[2011-11-06 15:32:56 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Pod mikroskopem.bmp
[2011-11-06 15:32:56 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Stiuk z Santa Fe.bmp
[2011-11-06 15:32:56 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Wachlarze.bmp
[2011-11-06 15:32:56 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Nefryt.bmp
[2011-11-06 15:32:56 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp
[2011-11-06 15:32:56 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Na rybkach.bmp
[2011-11-06 15:32:56 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Indiański pled.bmp
[2011-11-06 15:32:55 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Bąbelki.bmp
[2011-11-06 15:32:55 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kawa.bmp
[2011-11-06 15:32:55 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Puch.bmp
[2011-11-06 15:32:55 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Niebieska koronka 16.bmp
[2011-11-06 15:32:53 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2011-11-06 15:32:53 | 000,001,225 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2011-11-06 15:32:51 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2011-11-06 15:32:43 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2011-11-06 15:21:36 | 000,000,194 | -HS- | C] () -- C:\boot.ini
[2011-11-06 15:21:33 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2011-11-06 14:23:25 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011-11-06 14:23:23 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2011-11-06 14:23:23 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2011-11-06 14:23:23 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2011-11-06 14:23:22 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2011-11-06 14:23:09 | 000,001,734 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2011-11-06 14:23:01 | 000,390,168 | ---- | C] () -- C:\WINDOWS\System32\dllcache\WFC.CAT
[2011-11-06 14:23:01 | 000,085,754 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2011-11-06 14:23:01 | 000,052,311 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DX3.CAT
[2011-11-06 14:23:01 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2011-11-06 14:23:01 | 000,031,405 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2011-11-06 14:23:01 | 000,022,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\TCLASSES.CAT
[2011-11-06 14:23:01 | 000,021,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\XMLDSOC.CAT
[2011-11-06 14:23:01 | 000,014,031 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSJDBC.CAT
[2011-11-06 14:23:01 | 000,013,923 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2011-11-06 14:23:01 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011-11-06 14:23:01 | 000,010,881 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2011-11-06 14:23:01 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011-11-06 14:23:01 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011-11-06 14:23:01 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2011-11-06 14:23:00 | 001,901,593 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2011-11-06 14:23:00 | 000,808,524 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011-11-06 14:23:00 | 000,657,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\CLASSES.CAT
[2011-11-06 14:23:00 | 000,584,202 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2011-11-06 14:23:00 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011-11-06 14:23:00 | 000,056,081 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DAJAVAC.CAT
[2011-11-06 14:22:27 | 000,114,968 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2003-10-06 14:16:00 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\nvcod.dll
[2002-09-20 17:19:46 | 000,001,740 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2002-09-20 17:04:04 | 000,162,155 | RHS- | C] () -- C:\WINDOWS\System32\trmnki.dll
[2002-04-10 17:18:00 | 000,004,573 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2002-03-25 19:02:14 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2001-10-26 17:15:16 | 000,355,830 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2001-10-26 17:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2001-10-26 17:15:16 | 000,049,712 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2001-10-26 17:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2001-08-23 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-08-23 14:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-08-17 22:30:24 | 000,311,740 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-08-17 22:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-08-17 22:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-08-17 22:30:22 | 000,040,128 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-08-17 22:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-07-21 23:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-07-21 23:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001-07-21 23:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1999-01-22 18:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[color=#E56717]========== LOP Check ==========[/color]
[color=#E56717]========== Purity Check ==========[/color]
< End of report >
Log z OTL'a (2)
- Kod: Zaznacz wszystko
OTL Extras logfile created on: 2011-11-06 17:27:49 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Marcin S\Pulpit
Windows XP Professional Edition Dodatek Service Pack. 1 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1022,80 Mb Total Physical Memory | 680,63 Mb Available Physical Memory | 66,55% Memory free
2,40 Gb Paging File | 2,16 Gb Available in Paging File | 89,80% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 35,47 Gb Total Space | 32,43 Gb Free Space | 91,44% Space Free | Partition Type: NTFS
Drive D: | 39,06 Gb Total Space | 28,99 Gb Free Space | 74,22% Space Free | Partition Type: NTFS
Computer Name: MARCIN | User Name: Marcin S | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL %1,%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL %1,%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[color=#E56717]========== System Restore Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
[color=#E56717]========== Firewall Settings ==========[/color]
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010415-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"C-Media Audio" = C-Media 3D Audio
"Mozilla Firefox 8.0 (x86 pl)" = Mozilla Firefox 8.0 (x86 pl)
"NVIDIA Display Driver" = NVIDIA Display Driver
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ System Events ]
Error - 2011-11-06 11:21:19 | Computer Name = MARCIN | Source = Service Control Manager | ID = 7023
Description = Usługa Universal Shell zakończyła działanie; wystąpił następujący
błąd: %%1114
Error - 2011-11-06 11:29:06 | Computer Name = MARCIN | Source = Service Control Manager | ID = 7023
Description = Usługa Universal Shell zakończyła działanie; wystąpił następujący
błąd: %%1114
Error - 2011-11-06 11:40:52 | Computer Name = MARCIN | Source = atapi | ID = 262153
Description = Urządzenie \Device\Ide\IdePort0 nie odpowiedziało w ramach ustalonego
limitu czasu.
Error - 2011-11-06 11:46:09 | Computer Name = MARCIN | Source = Service Control Manager | ID = 7023
Description = Usługa Universal Shell zakończyła działanie; wystąpił następujący
błąd: %%1114
Error - 2011-11-06 12:26:48 | Computer Name = MARCIN | Source = Service Control Manager | ID = 7023
Description = Usługa Universal Shell zakończyła działanie; wystąpił następujący
błąd: %%1114
< End of report >
Log z GMER'a
- Kod: Zaznacz wszystko
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-11-06 17:53:08
Windows 5.1.2600 Dodatek Service Pack. 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 WDC_WD800BB-00JHA0 rev.05.01C05
Running: xqoj0mst.exe; Driver: C:\DOCUME~1\MARCIN~1\USTAWI~1\Temp\pxtdypog.sys
---- Kernel code sections - GMER 1.0.15 ----
.text ntoskrnl.exe!KeInitializeInterrupt + B67 804DA23C 1 Byte [06]
.text C:\WINDOWS\System32\DRIVERS\nv4_mini.sys section is writeable [0xF7505340, 0x121A5F, 0xF8000020]
.text C:\WINDOWS\System32\nv4_disp.dll section is writeable [0xBF9BB380, 0x25BA81, 0xF8000020]
---- User code sections - GMER 1.0.15 ----
.text C:\WINDOWS\System32\svchost.exe[832] ntdll.dll!NtQueryInformationProcess 77F76035 5 Bytes JMP 01659DC2
.text C:\WINDOWS\System32\svchost.exe[832] NETAPI32.dll!NetpwPathCanonicalize 71BD2B51 5 Bytes JMP 01659D62
.text C:\WINDOWS\System32\svchost.exe[992] ntdll.dll!NtQueryInformationProcess 77F76035 5 Bytes JMP 00759DC2
.text C:\Program Files\Mozilla Firefox\firefox.exe[3932] ntdll.dll!LdrLoadDll 77F55669 5 Bytes JMP 01262EC0 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\ControlSet002\Services\zuegak@DisplayName Universal Shell
Reg HKLM\SYSTEM\ControlSet002\Services\zuegak@Type 32
Reg HKLM\SYSTEM\ControlSet002\Services\zuegak@Start 2
Reg HKLM\SYSTEM\ControlSet002\Services\zuegak@ErrorControl 0
Reg HKLM\SYSTEM\ControlSet002\Services\zuegak@ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Reg HKLM\SYSTEM\ControlSet002\Services\zuegak@ObjectName LocalSystem
Reg HKLM\SYSTEM\ControlSet002\Services\zuegak@Description W??cza obs?ug? systemu NetBIOS w us?udze TCP/IP (NetBT) i rozpoznawanie nazw systemu NetBIOS.
Reg HKLM\SYSTEM\ControlSet002\Services\zuegak\Parameters (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\zuegak\Parameters@ServiceDll C:\WINDOWS\System32\trmnki.dll
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 PE file @ sector 156296385
---- EOF - GMER 1.0.15 ----