OTL logfile created on: 2012-03-10 11:45:57 - Run 1 OTL by OldTimer - Version 3.2.36.2 Folder = C:\Documents and Settings\Kamil\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1023,36 Mb Total Physical Memory | 344,45 Mb Available Physical Memory | 33,66% Memory free 2,40 Gb Paging File | 1,90 Gb Available in Paging File | 78,94% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 25,42 Gb Free Space | 52,05% Space Free | Partition Type: NTFS Drive D: | 100,21 Gb Total Space | 81,09 Gb Free Space | 80,92% Space Free | Partition Type: NTFS Computer Name: HALKO-C00CEE088 | User Name: Kamil | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-03-10 11:43:16 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kamil\Pulpit\OTL.exe PRC - [2012-02-24 02:43:50 | 000,070,136 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\NLSSRV32.EXE PRC - [2012-02-18 09:09:10 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011-10-08 05:50:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe PRC - [2011-09-22 12:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe PRC - [2011-04-22 13:21:10 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe PRC - [2008-04-14 18:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-02-18 09:09:10 | 001,911,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2012-01-03 16:17:40 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll MOD - [2009-02-27 19:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL MOD - [2008-06-19 20:53:03 | 000,060,416 | ---- | M] () -- C:\WINDOWS\system32\antiwpa.dll MOD - [2004-08-04 11:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-02-24 02:43:50 | 000,070,136 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\NLSSRV32.EXE -- (nlsX86cc) SRV - [2011-10-08 05:50:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn) SRV - [2011-04-22 13:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (kwgyqfog) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2011-08-09 14:24:52 | 000,154,136 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2011-08-09 09:37:28 | 000,039,824 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis) DRV - [2011-08-04 09:20:38 | 000,147,480 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw) DRV - [2011-08-04 09:20:38 | 000,061,936 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi) DRV - [2011-08-04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2009-07-01 10:52:02 | 000,015,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2009-07-01 10:52:00 | 000,067,328 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2009-06-30 16:31:00 | 000,164,896 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts) DRV - [2008-04-13 19:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2006-03-17 01:51:00 | 000,099,840 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\NvAtaBus.sys -- (nvatabus) DRV - [2004-08-11 05:44:32 | 000,370,382 | R--- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmaudio.sys -- (cmpci) C-Media PCI Audio Driver (WDM) DRV - [2001-08-17 22:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=9ba27c08-0019-11e1-a90a-0016176fe488 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{DB913F3E-666E-42F9-B7E5-C9B67837AD55}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1482476501-343818398-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=9ba27c08-0019-11e1-a90a-0016176fe488 IE - HKU\S-1-5-21-1482476501-343818398-839522115-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-1482476501-343818398-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=9ba27c08-0019-11e1-a90a-0016176fe488&q={searchTerms} IE - HKU\S-1-5-21-1482476501-343818398-839522115-1003\..\SearchScopes\{DB913F3E-666E-42F9-B7E5-C9B67837AD55}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-1482476501-343818398-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Web Search" FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.order.1: "Web Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..keyword.URL: "http://startsear.ch/?aff=1&src=sp&cf=9ba27c08-0019-11e1-a90a-0016176fe488&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-02-18 09:09:11 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-03-10 10:14:16 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-01-25 15:57:25 | 000,000,000 | ---D | M] [2012-01-06 12:17:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Extensions [2012-01-06 12:17:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Extensions\home2@tomtom.com [2012-02-09 21:49:05 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\znqhyp0k.default\searchplugins\startsear.xml [2012-01-06 23:20:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-10-15 11:15:11 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2012-02-18 09:09:11 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012-02-04 22:20:59 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-02-04 22:20:59 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-02-04 22:20:59 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-02-04 22:20:59 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-02-04 22:20:59 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-02-04 22:20:59 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\17.0.963.78\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\17.0.963.78\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\17.0.963.78\pdf.dll CHR - plugin: vShare.tv plug-in (Enabled) = C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll CHR - plugin: vShare.tv plug-in (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npvsharetvplg.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\npGoogleUpdate3.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2011-10-31 12:14:31 | 000,000,789 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O3 - HKU\S-1-5-21-1482476501-343818398-839522115-1003\..\Toolbar\WebBrowser: (no name) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - No CLSID value found. O4 - HKLM..\Run: [C-Media Mixer] C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw)) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4 - HKLM..\Run: [hpqSRMon] File not found O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe () O4 - HKU\S-1-5-21-1482476501-343818398-839522115-1003..\Run: [AQQ] C:\Program Files\WapSter\WapSter AQQ\AQQ.exe (Creative Team S.A.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1482476501-343818398-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1482476501-343818398-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O7 - HKU\S-1-5-21-1482476501-343818398-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O7 - HKU\S-1-5-21-1482476501-343818398-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1482476501-343818398-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.160.170.92 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{61C0F7BB-779E-492B-A13D-B09D65B9FDF5}: DhcpNameServer = 95.160.170.92 192.168.0.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\Antiwpa: DllName - (antiwpa.dll) - C:\WINDOWS\System32\antiwpa.dll () O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-10-10 13:43:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2011-10-11 15:12:44 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011-10-11 15:12:44 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-03-10 11:43:02 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kamil\Pulpit\OTL.exe [2012-03-09 17:55:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamil\Pulpit\Adobe.Photoshop.CS4.PL [2012-03-05 21:37:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamil\Dane aplikacji\Nitro PDF [2012-03-05 21:36:44 | 000,027,640 | ---- | C] (Nitro PDF Software) -- C:\WINDOWS\System32\nitrolocalmon2.dll [2012-03-05 21:36:44 | 000,018,936 | ---- | C] (Nitro PDF Software) -- C:\WINDOWS\System32\nitrolocalui2.dll [2012-03-05 21:36:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Nitro PDF [2012-03-05 21:35:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamil\Dane aplikacji\Downloaded Installations [2012-03-04 21:04:18 | 000,000,000 | ---D | C] -- C:\Program Files\Damian Pasternak [2012-02-24 02:43:50 | 000,070,136 | ---- | C] (Nalpeiron Ltd.) -- C:\WINDOWS\System32\NLSSRV32.EXE [2012-02-21 20:28:08 | 145,114,136 | ---- | C] (NVIDIA Corporation) -- C:\Documents and Settings\Kamil\Pulpit\295.73-desktop-winxp-32bit-international-whql.exe [2012-02-17 17:49:17 | 000,000,000 | ---D | C] -- C:\PIT Format 2011 [2012-02-17 14:57:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamil\Pulpit\anf egzamin [2012-02-15 16:17:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamil\Pulpit\krowka1 [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-03-10 11:43:16 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kamil\Pulpit\OTL.exe [2012-03-10 11:09:00 | 000,001,132 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-343818398-839522115-1003UA.job [2012-03-10 10:28:39 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Kamil\Pulpit\z4h1qxqh.exe [2012-03-10 08:49:03 | 000,507,436 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2012-03-10 08:49:03 | 000,448,042 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012-03-10 08:49:03 | 000,092,698 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2012-03-10 08:49:03 | 000,074,024 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012-03-10 08:46:26 | 000,002,300 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-03-10 08:44:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-03-08 21:09:00 | 000,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-343818398-839522115-1003Core.job [2012-03-05 21:46:16 | 000,317,703 | ---- | M] () -- C:\Documents and Settings\Kamil\Pulpit\Mirosław Halko - PIT-37.pdf [2012-03-04 21:04:18 | 000,000,845 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\CWK.lnk [2012-03-04 13:55:38 | 000,000,574 | ---- | M] () -- C:\Documents and Settings\Kamil\Pulpit\Tennis Elbow 2011.lnk [2012-02-25 08:36:04 | 000,031,232 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-02-25 07:16:30 | 000,320,432 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-02-24 14:19:00 | 000,000,982 | ---- | M] () -- C:\Documents and Settings\Kamil\Pulpit\projekt.html [2012-02-24 14:17:55 | 000,358,912 | ---- | M] () -- C:\Documents and Settings\Kamil\Pulpit\projekt.fla [2012-02-24 02:43:50 | 000,070,136 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\System32\NLSSRV32.EXE [2012-02-24 02:43:08 | 000,018,936 | ---- | M] (Nitro PDF Software) -- C:\WINDOWS\System32\nitrolocalui2.dll [2012-02-23 23:23:48 | 000,027,640 | ---- | M] (Nitro PDF Software) -- C:\WINDOWS\System32\nitrolocalmon2.dll [2012-02-21 20:32:06 | 145,114,136 | ---- | M] (NVIDIA Corporation) -- C:\Documents and Settings\Kamil\Pulpit\295.73-desktop-winxp-32bit-international-whql.exe [2012-02-19 19:16:47 | 000,005,993 | ---- | M] () -- C:\Documents and Settings\Kamil\.recently-used.xbel [2012-02-18 12:43:41 | 000,105,961 | ---- | M] () -- C:\Documents and Settings\Kamil\Pulpit\MB_2010.pdf [2012-02-16 16:27:37 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-03-10 10:28:38 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Kamil\Pulpit\z4h1qxqh.exe [2012-03-05 20:55:04 | 000,317,703 | ---- | C] () -- C:\Documents and Settings\Kamil\Pulpit\Mirosław Halko - PIT-37.pdf [2012-03-04 21:04:18 | 000,000,845 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\CWK.lnk [2012-02-24 14:19:00 | 000,000,982 | ---- | C] () -- C:\Documents and Settings\Kamil\Pulpit\projekt.html [2012-02-20 16:18:01 | 000,358,912 | ---- | C] () -- C:\Documents and Settings\Kamil\Pulpit\projekt.fla [2012-02-19 19:16:47 | 000,005,993 | ---- | C] () -- C:\Documents and Settings\Kamil\.recently-used.xbel [2012-02-18 12:43:39 | 000,105,961 | ---- | C] () -- C:\Documents and Settings\Kamil\Pulpit\MB_2010.pdf [2012-02-16 16:02:08 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012-02-16 16:02:08 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll [2012-01-08 11:37:08 | 000,000,234 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\burnaware.ini [2011-11-24 15:10:30 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat [2011-11-12 20:22:56 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-11-07 23:08:38 | 000,508,224 | ---- | C] () -- C:\WINDOWS\System32\ICCProfiles.dll [2011-10-31 12:13:56 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\antiwpa.dll [2011-10-25 18:11:31 | 000,031,232 | ---- | C] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-10-16 10:12:19 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2011-10-16 10:12:17 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2011-10-16 10:12:13 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2011-10-16 10:12:13 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2011-10-16 10:12:13 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2011-10-10 20:44:05 | 000,178,099 | ---- | C] () -- C:\WINDOWS\hpoins21.dat [2011-10-10 20:44:05 | 000,007,262 | ---- | C] () -- C:\WINDOWS\hpomdl21.dat [2011-10-10 15:37:23 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011-10-10 15:34:37 | 000,320,432 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-10-10 15:28:17 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll [2011-10-10 15:28:17 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll [2011-10-10 15:28:17 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2011-10-10 15:28:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2011-10-10 15:23:41 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini [2011-10-10 14:06:34 | 000,285,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2011-10-10 14:06:34 | 000,285,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2011-10-10 14:06:34 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [2011-10-10 14:06:12 | 002,130,002 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data [2011-10-10 14:04:23 | 000,005,876 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin [2011-10-10 13:45:59 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011-10-10 13:40:58 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [color=#E56717]========== LOP Check ==========[/color] [2012-01-12 21:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2012-01-25 15:57:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2012-03-10 10:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nitro PDF [2011-10-10 14:02:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Panda Security [2011-10-10 17:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tlen.pl [2012-01-06 12:17:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TomTom [2012-02-20 19:44:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\DAEMON Tools Lite [2011-12-13 16:12:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Dev-Cpp [2012-03-05 21:40:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Downloaded Installations [2011-11-10 15:59:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\ESET [2012-02-16 17:46:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\gtk-2.0 [2012-03-05 21:42:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Nitro PDF [2012-01-13 15:43:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Sports Interactive [2011-10-10 17:37:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Tlen.pl [2012-01-06 12:17:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\TomTom [color=#E56717]========== Purity Check ==========[/color] < End of report >