OTL logfile created on: 2011-06-10 08:58:46 - Run 1 OTL by OldTimer - Version 3.2.23.0 Folder = C:\drivers Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3.00 Gb Total Physical Memory | 2.16 Gb Available Physical Memory | 72.07% Memory free 5.84 Gb Paging File | 5.26 Gb Available in Paging File | 90.07% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74.44 Gb Total Space | 23.57 Gb Free Space | 31.67% Space Free | Partition Type: NTFS Computer Name: POZPC009 | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-06-08 00:56:50 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\drivers\OTL.exe PRC - [2010-12-14 16:49:16 | 000,653,120 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe PRC - [2010-12-14 16:47:48 | 001,517,376 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe PRC - [2009-05-11 10:45:18 | 000,024,576 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\HP UT\bin\hppusg.exe PRC - [2007-07-06 14:14:02 | 005,730,304 | ---- | M] () -- C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe PRC - [2007-06-13 15:23:49 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2005-11-07 06:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE PRC - [2004-10-06 18:56:52 | 000,161,096 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\VPTray.exe PRC - [2004-10-06 18:56:48 | 000,173,392 | ---- | M] (symantec) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe PRC - [2004-10-06 18:56:44 | 001,275,216 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe PRC - [2004-10-06 18:56:36 | 000,030,024 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe PRC - [2004-06-09 21:31:14 | 000,242,808 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe PRC - [2004-06-09 21:31:08 | 000,255,096 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe PRC - [2004-06-09 21:31:06 | 000,066,680 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-06-08 00:56:50 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\drivers\OTL.exe MOD - [2006-08-25 09:51:14 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-12-14 16:47:48 | 001,517,376 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2010-12-14 16:45:42 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp) SRV - [2010-03-03 10:37:50 | 000,306,432 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2007-07-06 14:14:02 | 005,730,304 | ---- | M] () [Auto | Running] -- C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe -- (MySQL) SRV - [2004-10-06 18:56:48 | 000,173,392 | ---- | M] (symantec) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam) SRV - [2004-10-06 18:56:44 | 001,275,216 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus) SRV - [2004-10-06 18:56:36 | 000,030,024 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch) SRV - [2004-06-11 19:28:30 | 000,201,944 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc) SRV - [2004-06-09 21:31:14 | 000,242,808 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr) SRV - [2004-06-09 21:31:12 | 000,087,160 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe -- (ccPwdSvc) SRV - [2004-06-09 21:31:08 | 000,255,096 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-04-07 15:40:53 | 001,393,144 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110406.048\NAVEX15.SYS -- (NAVEX15) DRV - [2011-04-07 15:40:53 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110406.048\NAVENG.SYS -- (NAVENG) DRV - [2010-11-29 20:27:40 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2009-06-16 12:17:33 | 000,241,280 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\cdudf_xp.sys -- (cdudf_xp) DRV - [2008-01-18 14:45:49 | 000,385,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2006-08-25 05:47:00 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k) DRV - [2006-08-25 05:47:00 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp) DRV - [2006-01-30 09:27:42 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt) DRV - [2005-11-18 13:02:50 | 000,005,660 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM) DRV - [2005-11-18 13:02:10 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N) DRV - [2005-11-16 16:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) DRV - [2005-11-07 06:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM) DRV - [2005-11-07 06:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M) DRV - [2005-11-07 06:20:00 | 000,086,652 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M) DRV - [2005-11-07 06:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM) DRV - [2005-11-07 06:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM) DRV - [2005-11-07 06:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM) DRV - [2005-11-07 06:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN) DRV - [2005-08-09 12:27:26 | 000,263,871 | ---- | M] (PEAK-System Technik GmbH, Darmstadt, Germany) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Pcan_usb.sys -- (Pcan_usb) DRV - [2005-07-28 08:18:40 | 000,685,056 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock) DRV - [2005-07-20 18:08:28 | 000,100,096 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aksusb.sys -- (aksusb) DRV - [2005-07-20 18:08:26 | 000,327,808 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\akshasp.sys -- (akshasp) DRV - [2005-03-17 17:30:10 | 000,132,608 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k) DRV - [2004-06-11 19:28:10 | 000,263,736 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI) DRV - [2004-06-11 19:28:08 | 000,016,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV) DRV - [2004-03-05 00:46:46 | 000,082,832 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent) DRV - [2004-02-09 16:43:56 | 000,301,200 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Symantec AntiVirus\savrt.sys -- (SAVRT) DRV - [2004-02-09 16:43:56 | 000,037,008 | R--- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys -- (SAVRTPEL) DRV - [2002-12-17 12:29:46 | 000,025,930 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K) DRV - [2002-12-17 12:29:44 | 000,030,630 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K) DRV - [2002-12-17 12:29:42 | 000,139,674 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k) DRV - [2002-12-17 12:27:58 | 000,206,464 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\udfreadr_xp.sys -- (UdfReadr_xp) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1123561945-688789844-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-1123561945-688789844-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-1123561945-688789844-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1645522239-261903793-682003330-70289\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ IE - HKU\S-1-5-21-1645522239-261903793-682003330-70289\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2011-06-02 16:43:03 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions) O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions) O4 - HKLM..\Run: [HP AutoIndexer] C:\Program Files\Hewlett-Packard\LaserJet 33xx\hppautoindexer.exe (Hewlett-Packard) O4 - HKLM..\Run: [HP SchedIndexer] C:\Program Files\Hewlett-Packard\LaserJet 33xx\hppschedindexer.exe (Hewlett-Packard) O4 - HKLM..\Run: [HPUsageTracking] C:\Program Files\HP\HP UT\bin\hppusg.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation) O4 - HKU\S-1-5-21-1645522239-261903793-682003330-70289..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-1645522239-261903793-682003330-70289..\Run: [Ywlwlu] File not found O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP LaserJet Director.lnk = C:\Program Files\Hewlett-Packard\LaserJet 33xx\hppdirector.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1123561945-688789844-839522115-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1123561945-688789844-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-1123561945-688789844-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-1123561945-688789844-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-1645522239-261903793-682003330-70289\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1645522239-261903793-682003330-70289\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1645522239-261903793-682003330-70289\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogOff = 1 O7 - HKU\S-1-5-21-1645522239-261903793-682003330-70289\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 1 O15 - HKU\S-1-5-21-1645522239-261903793-682003330-70289\..Trusted Domains: arvinmeritor.com ([]* in Zaufane witryny) O15 - HKU\S-1-5-21-1645522239-261903793-682003330-70289\..Trusted Domains: meritor.com ([]* in Lokalny intranet) O15 - HKU\S-1-5-21-1645522239-261903793-682003330-70289\..Trusted Ranges: Range1 ([http] in Zaufane witryny) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab (Java Plug-in 1.5.0_02) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: eMatrixAppletXMLClasses http://10.172.4.38:7101/WebClient/java/classes/eMatrixAppletXML.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O16 - DPF: SwingClasses http://10.172.4.38:7101/WebClient/java/classes/Swing.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.128.1.10 10.128.1.12 10.68.253.101 10.68.253.100 10.128.1.30 161.63.10.110 10.128.1.31 161.63.10.111 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = eu.autoedir.com O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Value error. File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-01-27 14:36:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009-12-22 12:12:46 | 000,000,000 | ---D | M] - C:\Autotune -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-06-07 09:38:53 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache [2011-06-07 09:27:09 | 000,000,000 | ---D | C] -- C:\Program Files\GPLGS [2011-06-07 09:26:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PDFCreator [2011-06-07 09:26:20 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMAPI32.OCX [2011-06-07 09:26:16 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMPIDE.DLL [2011-06-07 09:26:16 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator [2011-06-07 09:24:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CutePDF [2011-06-07 09:24:25 | 000,000,000 | ---D | C] -- C:\Program Files\Acro Software [2011-06-03 12:29:24 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2011-06-02 16:29:17 | 000,000,000 | RHSD | C] -- C:\cmdcons [2011-06-02 16:21:09 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2011-06-02 16:21:09 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2011-06-02 16:21:09 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2011-06-02 16:21:09 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2011-06-02 16:20:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2011-06-02 16:20:45 | 000,000,000 | ---D | C] -- C:\Qoobox [2011-06-02 16:20:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moje wideo [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-06-10 08:50:21 | 000,056,585 | ---- | M] () -- C:\WINDOWS\System32\nvwsapps.xml [2011-06-10 08:50:21 | 000,029,204 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2011-06-10 08:44:37 | 008,405,015 | ---- | M] () -- C:\WINDOWS\TempFile [2011-06-10 08:44:33 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-06-10 08:44:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-06-09 16:05:26 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat [2011-06-07 09:54:59 | 000,226,408 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-06-07 09:26:25 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\PDFCreator.lnk [2011-06-02 16:43:03 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2011-06-02 16:29:23 | 000,000,327 | RHS- | M] () -- C:\boot.ini [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-06-07 09:26:25 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\PDFCreator.lnk [2011-06-07 09:26:18 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2011-06-07 09:24:40 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll [2011-06-02 16:29:23 | 000,000,211 | ---- | C] () -- C:\Boot.bak [2011-06-02 16:29:20 | 000,262,400 | RHS- | C] () -- C:\cmldr [2011-06-02 16:21:10 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2011-06-02 16:21:09 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2011-06-02 16:21:09 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2011-06-02 16:21:09 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2011-06-02 16:21:09 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2010-12-09 09:51:12 | 000,000,012 | ---- | C] () -- C:\WINDOWS\bthservsdp.dat [2010-09-01 14:02:58 | 000,176,107 | ---- | C] () -- C:\WINDOWS\hpwins25.dat [2010-09-01 14:02:58 | 000,000,403 | ---- | C] () -- C:\WINDOWS\hpwmdl25.dat [2010-09-01 13:59:04 | 000,000,608 | -HS- | C] () -- C:\WINDOWS\System32\winzvprt5.sys [2010-09-01 13:56:08 | 000,000,665 | R--- | C] () -- C:\WINDOWS\System32\hppapr11.dat [2010-09-01 13:55:33 | 000,000,705 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini [2010-09-01 13:50:20 | 000,182,962 | ---- | C] () -- C:\WINDOWS\hppins11.dat [2010-09-01 13:50:19 | 000,005,707 | ---- | C] () -- C:\WINDOWS\hppmdl11.dat [2010-05-05 12:47:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010-03-03 10:19:49 | 000,000,035 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini [2008-09-16 12:04:15 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\hdsuinst.exe [2008-03-13 17:08:28 | 000,323,584 | R--- | C] () -- C:\WINDOWS\System32\ZSHP2600.EXE [2008-03-13 17:08:28 | 000,114,688 | R--- | C] () -- C:\WINDOWS\System32\VSHP2600.DLL [2008-03-13 17:08:27 | 000,241,664 | R--- | C] () -- C:\WINDOWS\System32\ZHHP2600.EXE [2008-03-13 17:08:24 | 011,206,656 | R--- | C] () -- C:\WINDOWS\System32\ZHHP_RES.DLL [2008-03-13 17:08:23 | 000,749,568 | R--- | C] () -- C:\WINDOWS\System32\AGISSI.DLL [2007-06-21 11:20:32 | 000,000,727 | ---- | C] () -- C:\WINDOWS\deaconf.ini [2007-06-21 08:47:11 | 000,299,084 | ---- | C] () -- C:\WINDOWS\System32\DsmLibrary.dll [2007-06-21 08:47:07 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\SnsmntLib.dll [2007-03-01 17:59:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI [2007-01-08 10:43:42 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2006-12-21 16:44:06 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\PROTOCOL.INI [2006-06-02 11:22:58 | 000,006,505 | ---- | C] () -- C:\WINDOWS\MTB13.INI [2006-04-06 20:11:20 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2006-04-06 20:10:27 | 000,536,576 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe [2006-03-21 21:13:33 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll [2006-02-15 16:12:20 | 000,000,083 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\sversion.ini [2006-02-15 16:11:23 | 000,077,896 | ---- | C] () -- C:\WINDOWS\uinst001.exe [2006-02-15 16:02:31 | 000,000,331 | ---- | C] () -- C:\WINDOWS\FMTMSAM.INI [2006-02-15 16:02:18 | 000,000,179 | ---- | C] () -- C:\WINDOWS\hpbafd.ini [2006-02-15 16:01:55 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\irisco32.dll [2006-02-15 16:01:51 | 000,000,032 | ---- | C] () -- C:\WINDOWS\hppLangChoice.ini [2006-02-15 16:01:50 | 000,343,040 | R--- | C] () -- C:\WINDOWS\System32\lffpx7.dll [2006-02-15 16:01:50 | 000,116,736 | R--- | C] () -- C:\WINDOWS\System32\lfkodak.dll [2006-02-15 15:51:21 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHealr.dll [2006-02-15 15:51:14 | 000,003,234 | R--- | C] () -- C:\WINDOWS\System32\hptcpmon.ini [2006-02-15 15:51:14 | 000,000,142 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini [2006-02-11 01:34:58 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006-01-30 14:30:50 | 000,066,817 | ---- | C] () -- C:\WINDOWS\pvwm.ini [2006-01-30 12:22:33 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat [2006-01-30 09:27:42 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\hdduinst.exe [2006-01-30 09:27:42 | 000,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys [2006-01-30 09:27:41 | 000,164,864 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.EXE [2006-01-27 17:38:29 | 000,000,222 | ---- | C] () -- C:\WINDOWS\wininit.ini [2006-01-27 15:27:59 | 000,004,508 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2006-01-27 15:26:55 | 000,226,408 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2006-01-27 15:18:57 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006-01-27 15:18:57 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini [2006-01-27 15:18:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI [2006-01-27 15:08:43 | 000,000,971 | ---- | C] () -- C:\WINDOWS\wincmd.ini [2006-01-27 14:38:12 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2006-01-27 14:33:36 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2005-08-02 17:35:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2005-08-02 17:35:00 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2005-08-02 17:35:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2005-08-02 17:35:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2005-08-02 17:35:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2005-08-02 17:35:00 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll [2005-08-02 17:35:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2005-08-02 17:35:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2005-08-02 17:35:00 | 000,393,216 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2005-08-02 17:35:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2005-07-15 20:57:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2004-08-04 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2004-08-04 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2004-08-04 14:00:00 | 000,448,348 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2004-08-04 14:00:00 | 000,392,432 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2004-08-04 14:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2004-08-04 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2004-08-04 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2004-08-04 14:00:00 | 000,074,450 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2004-08-04 14:00:00 | 000,058,732 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2004-08-04 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2004-08-04 14:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2004-08-04 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2004-08-04 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004-08-04 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2004-08-04 14:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2004-08-04 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2003-01-07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002-10-04 08:01:42 | 000,503,808 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll [2001-10-28 17:42:30 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll [1999-01-22 08:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [color=#E56717]========== LOP Check ==========[/color] [2010-03-23 13:01:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\QPrinter [2011-05-13 14:32:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\TuneUp Software [2006-06-01 09:53:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ICAClient [2006-01-27 17:39:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Leadertech [2007-05-29 11:02:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\QPrinter [2011-03-08 16:42:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\TuneUp Software [2011-03-08 16:42:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software [2011-03-08 16:41:28 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} [2010-04-28 10:55:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\QPrinter [2011-03-15 17:00:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\TuneUp Software [2008-07-15 13:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\troinsm\Dane aplikacji\ICAClient [2008-06-06 08:09:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\troinsm\Dane aplikacji\Leadertech [2008-06-17 09:48:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\troinsm\Dane aplikacji\QPrinter [2011-03-08 17:41:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\troinsm\Dane aplikacji\TuneUp Software [2010-03-03 10:38:54 | 000,000,392 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job [color=#E56717]========== Purity Check ==========[/color] < End of report >