OTL logfile created on: 2012-08-24 17:32:35 - Run 2 OTL by OldTimer - Version 3.2.58.1 Folder = C:\Documents and Settings\TAP-POL\Pulpit\krygiel Windows XP Professional Edition Dodatek Service Pack. 1 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2800.1106) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 127,48 Mb Total Physical Memory | 18,60 Mb Available Physical Memory | 14,59% Memory free 307,66 Mb Paging File | 190,28 Mb Available in Paging File | 61,85% Paging File free Paging file location(s): C:\pagefile.sys 192 384 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 11,24 Gb Total Space | 3,19 Gb Free Space | 28,40% Space Free | Partition Type: NTFS Computer Name: TPP-U3DFGJ3JZV1 | User Name: TAP-POL | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-08-22 11:25:20 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\TAP-POL\Pulpit\krygiel\OTL.exe PRC - [2009-01-08 17:00:30 | 000,751,136 | ---- | M] (EnTech Taiwan) -- C:\Program Files\PowerStrip\PStrip.exe PRC - [2007-01-09 13:57:02 | 000,212,992 | ---- | M] () -- C:\WINDOWS\VMSnap23.exe PRC - [2007-01-09 13:56:16 | 000,049,152 | ---- | M] (Vimicro) -- C:\WINDOWS\Domino.exe PRC - [2004-12-14 14:44:06 | 000,029,696 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe PRC - [2004-07-08 17:13:42 | 000,106,496 | ---- | M] (Sony Corporation.) -- C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe PRC - [2003-11-21 22:02:42 | 000,151,552 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe PRC - [2002-09-20 19:05:24 | 001,005,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2007-01-09 13:57:02 | 000,212,992 | ---- | M] () -- C:\WINDOWS\VMSnap23.exe MOD - [2004-07-08 17:13:44 | 001,032,192 | ---- | M] () -- C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\ResidenceRes.dll MOD - [2002-12-12 00:14:32 | 000,013,312 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2007-07-15 04:37:04 | 000,027,992 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pstrip.sys -- (PStrip) DRV - [2007-04-03 17:22:12 | 000,260,224 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbvm323.sys -- (ZSMC326) DRV - [2007-03-16 21:41:42 | 000,105,280 | ---- | M] (Your Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Mach3.sys -- (Mach3) DRV - [2006-09-18 15:59:08 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27unic.sys -- (se27unic) DRV - [2006-09-18 15:59:02 | 000,086,560 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27obex.sys -- (SE27obex) DRV - [2006-09-18 15:59:00 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27nd5.sys -- (se27nd5) DRV - [2006-09-18 15:58:58 | 000,088,688 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mgmt.sys -- (SE27mgmt) DRV - [2006-09-18 15:58:54 | 000,097,184 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdm.sys -- (SE27mdm) DRV - [2006-09-18 15:58:52 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdfl.sys -- (SE27mdfl) DRV - [2006-09-18 15:58:48 | 000,061,600 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27bus.sys -- (SE27bus) DRV - [2006-08-08 12:25:40 | 000,476,672 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vmfilter323.sys -- (vmfilter323) DRV - [2004-12-16 15:45:14 | 000,020,992 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\drivers\GMFilter.sys -- (GMFilter) DRV - [2004-12-16 12:20:44 | 000,010,880 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SKBusEnum.sys -- (skbusenum) DRV - [2004-03-08 13:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv) DRV - [2003-12-08 11:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) DRV - [2003-12-08 11:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl) DRV - [2003-11-27 19:48:50 | 000,003,968 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\VirtualK.sys -- (VirtualK) DRV - [2002-09-20 18:43:42 | 000,608,128 | ---- | M] (LT) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5) DRV - [2002-08-29 02:32:44 | 000,009,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2002-08-29 00:00:54 | 000,137,088 | ---- | M] (ESS Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\essm2e.sys -- (Maestro) DRV - [2001-10-26 17:49:56 | 000,289,664 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atimpab.sys -- (atimpab) DRV - [2001-08-17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) DRV - [2001-08-17 22:02:32 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame) DRV - [2001-08-17 21:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir) DRV - [2000-11-28 22:47:16 | 000,004,256 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\UserPort.sys -- (UserPort) DRV - [1996-12-12 14:30:00 | 000,064,512 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\SENTINEL.SYS -- (Sentinel) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1645522239-688789844-1708537768-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKU\S-1-5-21-1645522239-688789844-1708537768-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKU\S-1-5-21-1645522239-688789844-1708537768-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1645522239-688789844-1708537768-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-1645522239-688789844-1708537768-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-1645522239-688789844-1708537768-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{20978f0f-2978-4992-ae97-7d373c44e04e}: C:\Program Files\Techland\English Translator XT\MozillaTranslator [2012-03-04 17:42:58 | 000,000,000 | ---D | M] O1 HOSTS File: ([2001-10-26 17:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx (Microsoft Corporation) O4 - HKLM..\Run: [BigDogPath323Domino] C:\WINDOWS\Domino.exe (Vimicro) O4 - HKLM..\Run: [BigDogPath323VMSnap] C:\WINDOWS\VMSnap23.exe () O4 - HKLM..\Run: [PowerStrip] c:\Program Files\PowerStrip\PStrip.exe (EnTech Taiwan) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-21-1645522239-688789844-1708537768-1003..\Run: [IVONA Reader] "C:\Program Files\IVONA\IVONA Reader\IVONA Reader.exe.exe" -t -nosplash File not found O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe (Sony Corporation) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe (Sony Corporation.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 [2012-08-23 22:45:11 | 000,000,000 | ---D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 [2012-08-23 22:45:11 | 000,000,000 | ---D | M] O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1645522239-688789844-1708537768-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data] O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\Web\related.htm () O9 - Extra 'Tools' menuitem : @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\Web\related.htm () O15 - HKU\S-1-5-21-1645522239-688789844-1708537768-1003\..Trusted Domains: ([]msn in Mój komputer) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\msdxm.ocx (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012-08-23 23:34:24 | 000,000,007 | -HS- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-08-23 22:46:50 | 000,000,000 | ---D | C] -- C:\_OTL [2012-08-22 13:57:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TAP-POL\Pulpit\krygiel [2012-07-27 15:39:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TAP-POL\Dane aplikacji\Pointstone [2012-07-27 15:16:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TAP-POL\Pulpit\pclab2000lt_v1_10 [2012-07-27 13:59:16 | 001,533,512 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WUDFUpdate_01007.dll [2012-07-27 13:59:11 | 001,490,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WdfCoInstaller01007.dll [2012-07-27 13:59:08 | 000,708,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WinUSBCoInstaller.dll [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-08-24 17:29:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-08-24 17:29:03 | 133,746,688 | -HS- | M] () -- C:\hiberfil.sys [2012-08-23 23:34:24 | 000,000,007 | -HS- | M] () -- C:\autoexec.bat [2012-08-23 21:17:27 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-07-26 21:22:58 | 000,169,984 | ---- | M] () -- C:\Documents and Settings\TAP-POL\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-08-24 17:20:02 | 133,746,688 | -HS- | C] () -- C:\hiberfil.sys [2012-06-24 22:03:08 | 000,003,808 | ---- | C] () -- C:\WINDOWS\scad3.INI [2012-03-04 18:02:16 | 000,000,105 | ---- | C] () -- C:\WINDOWS\Mach3.INI [2012-03-04 17:58:09 | 000,000,090 | ---- | C] () -- C:\Documents and Settings\TAP-POL\Dane aplikacji\XTDocSettings_et.ini [2012-02-25 21:18:54 | 000,000,044 | ---- | C] () -- C:\WINDOWS\wininit.ini [2011-12-06 15:18:16 | 000,000,163 | ---- | C] () -- C:\WINDOWS\PConfig.ini [2008-12-27 20:00:09 | 000,000,836 | ---- | C] () -- C:\Documents and Settings\TAP-POL\Dane aplikacji\ViewerApp.dat [2005-10-07 10:25:33 | 000,169,984 | ---- | C] () -- C:\Documents and Settings\TAP-POL\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2005-04-03 16:14:31 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\TAP-POL\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [color=#E56717]========== LOP Check ==========[/color] [2009-01-20 14:34:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk [2010-06-03 16:42:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ [2012-04-05 22:02:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Schematica [2012-03-11 18:32:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\VOWSoft [2012-02-25 16:55:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TAP-POL\Dane aplikacji\ArcaVirMicroScan [2005-04-03 16:42:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TAP-POL\Dane aplikacji\Autodesk [2012-03-03 22:10:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TAP-POL\Dane aplikacji\CadSoft [2012-04-05 22:30:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TAP-POL\Dane aplikacji\EurekaLog [2008-03-29 20:11:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TAP-POL\Dane aplikacji\GetSolar Vaillant [2006-10-13 18:40:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TAP-POL\Dane aplikacji\Grundfos [2008-12-26 19:41:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TAP-POL\Dane aplikacji\Leadertech [2012-07-27 15:39:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TAP-POL\Dane aplikacji\Pointstone [2008-11-19 20:11:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TAP-POL\Dane aplikacji\Teleca [color=#E56717]========== Purity Check ==========[/color] < End of report >