OTL logfile created on: 2012-02-08 17:51:58 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Alina\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,68 Gb Available Physical Memory | 84,14% Memory free 3,85 Gb Paging File | 3,71 Gb Available in Paging File | 96,34% Paging File free Paging file location(s): C:\pagefile.sys 2046 2046 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 77,62 Gb Total Space | 49,81 Gb Free Space | 64,17% Space Free | Partition Type: NTFS Drive D: | 77,62 Gb Total Space | 58,44 Gb Free Space | 75,29% Space Free | Partition Type: NTFS Drive E: | 77,63 Gb Total Space | 76,98 Gb Free Space | 99,16% Space Free | Partition Type: NTFS Drive F: | 30,54 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: DOM-D894ECAE84F | User Name: Alina | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012-02-08 17:44:47 | 000,584,192 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Alina\Pulpit\OTL.exe PRC - [2008-04-14 18:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\explorer.exe PRC - [2008-04-14 18:21:12 | 000,180,224 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\dwwin.exe ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] – -- (NIS) SRV - File not found [On_Demand | Stopped] – -- (AppMgmt) SRV - [2010-11-17 12:45:44 | 001,942,416 | ---- | M] (Bandoo Media Inc.) [Disabled | Stopped] – C:\Program Files\Bandoo\Bandoo.exe – (Bandoo Coordinator) SRV - [2010-08-17 14:17:06 | 000,058,880 | ---- | M] () [Auto | Stopped] – C:\WINDOWS\System32\spoolsv.exe – (Spooler) ========== Driver Services (SafeList) ========== DRV - [2012-02-04 14:11:00 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] – C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys – (eeCtrl) DRV - [2012-02-04 14:11:00 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] – C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys – (EraserUtilRebootDrv) DRV - [2012-02-04 01:00:00 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] – C:\Documents and Settings\All Users\Dane aplikacji\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20120205.009\NAVEX15.SYS – (NAVEX15) DRV - [2012-02-04 01:00:00 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] – C:\Documents and Settings\All Users\Dane aplikacji\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20120205.009\NAVENG.SYS – (NAVENG) DRV - [2012-02-03 16:29:00 | 000,356,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] – C:\Documents and Settings\All Users\Dane aplikacji\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20120203.002\IDSXpx86.sys – (IDSxpx86) DRV - [2011-11-28 21:48:56 | 000,820,344 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] – C:\Documents and Settings\All Users\Dane aplikacji\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20120121.002\BHDrvx86.sys – (BHDrvx86) DRV - [2011-11-23 19:23:48 | 000,905,336 | R— | M] (Symantec Corporation) [File_System | Boot | Running] – C:\WINDOWS\system32\drivers\NIS\1305000.091\SYMEFA.SYS – (SymEFA) DRV - [2011-11-23 18:50:26 | 000,574,584 | R— | M] (Symantec Corporation) [File_System | On_Demand | Stopped] – C:\WINDOWS\System32\Drivers\NIS\1305000.091\SRTSP.SYS – (SRTSP) DRV - [2011-11-23 18:50:26 | 000,032,888 | R— | M] (Symantec Corporation) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\NIS\1305000.091\SRTSPX.SYS – (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV - [2011-11-16 20:38:00 | 000,388,216 | R— | M] (Symantec Corporation) [Kernel | System | Stopped] – C:\WINDOWS\System32\Drivers\NIS\1305000.091\SYMTDI.SYS – (SYMTDI) DRV - [2011-11-16 20:17:48 | 000,149,624 | R— | M] (Symantec Corporation) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\NIS\1305000.091\Ironx86.SYS – (SymIRON) DRV - [2011-11-04 16:59:36 | 000,132,744 | R— | M] (Symantec Corporation) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\NIS\1305000.091\ccSetx86.sys – (ccSet_NIS) DRV - [2011-08-15 23:51:40 | 000,340,088 | R— | M] (Symantec Corporation) [Kernel | Boot | Running] – C:\WINDOWS\system32\drivers\NIS\1305000.091\SYMDS.SYS – (SymDS) DRV - [2008-06-17 09:26:19 | 000,016,376 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] – C:\WINDOWS\gdrv.sys – (gdrv) DRV - [2007-09-19 14:44:46 | 000,101,504 | R— | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\Rtenicxp.sys – (RTLE8023xp) DRV - [2007-09-19 10:16:32 | 004,617,728 | R— | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\RtkHDAud.sys – (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2002-07-17 08:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Running] – C:\WINDOWS\System32\drivers\ASPI32.SYS – (Aspi32) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0 ========== FireFox ========== FF - prefs.js…browser.search.defaultenginename: “Web Search” FF - prefs.js…browser.search.order.1: “Web Search” FF - prefs.js…browser.search.selectedEngine: “Google” FF - prefs.js…browser.startup.homepage: “http://www.google.pl/” FF - prefs.js…extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js…extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js…extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js…extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0 FF - prefs.js…extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.6 FF - prefs.js…extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:2.0 FF - prefs.js…extensions.enabledItems: firefox@bandoo.com:5.0 FF - prefs.js…extensions.enabledItems: {7FF99715-3016-4381-84CE-E4E4C9673020}:1.0 FF - prefs.js…extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js…keyword.URL: “http://www.searchqu.com/web?src=ffb&systemid=101&q=” FF - HKLM\Software\MozillaPlugins@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKCU\Software\MozillaPlugins@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Alina\Dane aplikacji\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins@talk.google.com/O3DPlugin: C:\Documents and Settings\Alina\Dane aplikacji\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins@tools.google.com/Google Update;version=3: C:\Documents and Settings\Alina\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins@tools.google.com/Google Update;version=9: C:\Documents and Settings\Alina\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Dane aplikacji\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn\ [2012-02-05 15:30:32 | 000,000,000 | —D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Dane aplikacji\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\ [2012-02-08 16:48:28 | 000,000,000 | —D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\Components: C:\Program Files\Mozilla Firefox\components [2012-02-02 16:40:53 | 000,000,000 | —D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-10-08 19:18:57 | 000,000,000 | —D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\firefox@bandoo.com: C:\Documents and Settings\Alina\Dane aplikacji\Mozilla\Firefox\Profiles/oynwuqgb.default\extensions\firefox@bandoo.com [2011-03-25 14:45:14 | 000,000,000 | —D | M] [2008-12-17 15:00:22 | 000,000,000 | —D | M] (No name found) – C:\Documents and Settings\Alina\Dane aplikacji\Mozilla\Extensions [2011-06-30 11:50:11 | 000,000,000 | —D | M] (No name found) – C:\Documents and Settings\Alina\Dane aplikacji\Mozilla\Firefox\Profiles\oynwuqgb.default\extensions [2010-05-01 09:45:06 | 000,000,000 | —D | M] (Microsoft .NET Framework Assistant) – C:\Documents and Settings\Alina\Dane aplikacji\Mozilla\Firefox\Profiles\oynwuqgb.default\extensions{20a82645-c095-46ed-80e3-08825760534b} [2011-03-25 14:45:14 | 000,000,000 | —D | M] (Bandoo for Firefox) – C:\Documents and Settings\Alina\Dane aplikacji\Mozilla\Firefox\Profiles\oynwuqgb.default\extensions\firefox@bandoo.com [2010-10-04 07:29:12 | 000,010,017 | ---- | M] () – C:\Documents and Settings\Alina\Dane aplikacji\Mozilla\Firefox\Profiles\oynwuqgb.default\searchplugins\mywebsearch.xml [2010-08-12 12:12:24 | 000,005,529 | ---- | M] () – C:\Documents and Settings\Alina\Dane aplikacji\Mozilla\Firefox\Profiles\oynwuqgb.default\searchplugins\SearchquWebSearch.xml [2011-11-25 10:39:38 | 000,000,000 | —D | M] (No name found) – C:\Program Files\Mozilla Firefox\extensions [2011-10-27 11:51:24 | 000,000,000 | —D | M] (Skype Click to Call) – C:\Program Files\Mozilla Firefox\extensions{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-02-08 16:48:28 | 000,000,000 | —D | M] (Norton Toolbar) – C:\DOCUMENTS AND SETTINGS\ALL USERS\DANE APLIKACJI\NORTON{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\COFFPLGN [2012-02-05 15:30:32 | 000,000,000 | —D | M] (Norton Vulnerability Protection) – C:\DOCUMENTS AND SETTINGS\ALL USERS\DANE APLIKACJI\NORTON{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPLGN [2010-03-31 12:21:19 | 000,000,000 | —D | M] (Java Quick Starter) – C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2012-02-02 16:40:51 | 000,134,104 | ---- | M] (Mozilla Foundation) – C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-02-02 20:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) – C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012-01-17 11:19:29 | 000,002,767 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-01-17 11:19:29 | 000,001,406 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-01-17 11:19:29 | 000,000,917 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-01-17 11:19:29 | 000,000,858 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2010-08-12 12:12:24 | 000,005,529 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\SearchquWebSearch.xml [2012-01-17 11:19:29 | 000,001,183 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-01-17 11:19:29 | 000,001,683 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-03-02 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O3 - HKCU…\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.5.0.145\coIEPlg.dll File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = FF 00 00 00 [binary data] O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces{525A01E3-EB2E-4E9E-AE18-ECE755425EFE}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40 O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Alina\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper2.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Alina\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper2.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-06-16 19:14:12 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT – [NTFS] O32 - AutoRun File - [2011-12-29 13:49:26 | 000,000,046 | R— | M] () - F:\autorun.inf – [CDFS] O33 - MountPoints2{b4670e52-e0ec-11de-85db-001d7dc7c275}\Shell - “” = AutoRun O33 - MountPoints2{b4670e52-e0ec-11de-85db-001d7dc7c275}\Shell\AutoRun\command - “” = K:\LaunchU3.exe -a O33 - MountPoints2{b4670e53-e0ec-11de-85db-001d7dc7c275}\Shell\AutoRun\command - “” = ime/moje.exe O33 - MountPoints2{b4670e53-e0ec-11de-85db-001d7dc7c275}\Shell\explore\command - “” = ime/moje.exe O33 - MountPoints2{b4670e53-e0ec-11de-85db-001d7dc7c275}\Shell\open\command - “” = ime/moje.exe O33 - MountPoints2\F\Shell - “” = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - “” = F:\PitySetup.exe – [2012-01-16 13:01:46 | 031,505,200 | R— | M] (Infonetax ) O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM…comfile [open] – “%1” %* O35 - HKLM…exefile [open] – “%1” %* O37 - HKLM…com [@ = comfile] – “%1” %* O37 - HKLM…exe [@ = exefile] – “%1” %* ========== Files/Folders - Created Within 30 Days ========== [2012-02-08 17:43:55 | 000,584,192 | ---- | C] (OldTimer Tools) – C:\Documents and Settings\Alina\Pulpit\OTL.exe [2012-02-08 17:25:09 | 000,000,000 | —D | C] – C:\Program Files\Trend Micro [2012-02-08 17:25:09 | 000,000,000 | —D | C] – C:\Documents and Settings\Alina\Menu Start\Programy\HiJackThis [2012-02-05 15:21:39 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Dokumenty\Norton [2012-02-05 15:21:39 | 000,000,000 | —D | C] – C:\Documents and Settings\Alina\Menu Start\Programy\Norton [2012-02-05 15:08:18 | 000,000,000 | -H-D | C] – C:\WINDOWS\ie8 [2012-02-05 10:54:34 | 000,000,000 | —D | C] – C:\Documents and Settings\Alina\Dane aplikacji\Tific [5 C:\WINDOWS*.tmp files -> C:\WINDOWS*.tmp ->] [1 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->] ========== Files - Modified Within 30 Days ========== [2012-02-08 17:44:47 | 000,584,192 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Alina\Pulpit\OTL.exe [2012-02-08 17:40:29 | 000,002,443 | ---- | M] () – C:\Documents and Settings\Alina\Pulpit\HiJackThis.lnk [2012-02-08 17:36:10 | 000,001,132 | ---- | M] () – C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-1592454029-682003330-1004UA.job [2012-02-08 17:30:00 | 000,002,048 | --S- | M] () – C:\WINDOWS\bootstat.dat [2012-02-08 17:22:07 | 000,160,100 | ---- | M] () – C:\WINDOWS\System32\nvapps.xml [2012-02-08 16:41:32 | 000,000,211 | -HS- | M] () – C:\boot.ini [2012-02-08 15:48:08 | 000,000,056 | ---- | M] () – C:{EFC1F361-0A3F-4AB5-8F95-65C90A54391B} [2012-02-08 08:36:54 | 000,001,080 | ---- | M] () – C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-1592454029-682003330-1004Core1cb735e319b25c4.job [2012-02-07 16:14:43 | 000,000,056 | ---- | M] () – C:{59733DCC-6F30-4D02-BA5E-3579EC4D1CC3} [2012-02-07 14:30:11 | 000,000,056 | ---- | M] () – C:{4E47424A-8018-422E-BC80-214E0E72FDA5} [2012-02-07 09:44:43 | 000,000,056 | ---- | M] () – C:{C550D9BC-A2E1-403D-89CE-D5F3CC09DC13} [2012-02-05 19:26:01 | 000,002,265 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2012-02-05 19:16:21 | 000,004,782 | ---- | M] () – C:\WINDOWS\System32\drivers\NIS\1305000.091\VT20111023.022 [2012-02-05 16:19:12 | 000,659,980 | ---- | M] () – C:\WINDOWS\System32\drivers\NIS\1305000.091\Cat.DB [2012-02-05 16:19:05 | 000,001,355 | ---- | M] () – C:\WINDOWS\imsins.BAK [2012-02-05 15:29:15 | 000,000,756 | ---- | M] () – C:\Documents and Settings\Alina\Pulpit\Pliki instalacyjne Norton.lnk [2012-02-01 14:41:15 | 000,000,069 | ---- | M] () – C:\WINDOWS\NeroDigital.ini [2012-01-30 09:59:06 | 000,053,248 | ---- | M] () – C:\Documents and Settings\Alina\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-01-27 08:41:05 | 000,000,172 | ---- | M] () – C:\WINDOWS\System32\drivers\NIS\1305000.091\isolate.ini [2012-01-26 10:30:58 | 000,013,646 | ---- | M] () – C:\WINDOWS\System32\wpa.dbl [2012-01-12 09:30:19 | 000,500,386 | ---- | M] () – C:\WINDOWS\System32\perfh015.dat [2012-01-12 09:30:19 | 000,441,552 | ---- | M] () – C:\WINDOWS\System32\perfh009.dat [2012-01-12 09:30:19 | 000,089,046 | ---- | M] () – C:\WINDOWS\System32\perfc015.dat [2012-01-12 09:30:19 | 000,071,488 | ---- | M] () – C:\WINDOWS\System32\perfc009.dat [5 C:\WINDOWS*.tmp files -> C:\WINDOWS*.tmp ->] [1 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->] ========== Files Created - No Company Name ========== [2012-02-08 17:25:09 | 000,002,443 | ---- | C] () – C:\Documents and Settings\Alina\Pulpit\HiJackThis.lnk [2012-02-08 15:48:00 | 000,000,056 | ---- | C] () – C:{EFC1F361-0A3F-4AB5-8F95-65C90A54391B} [2012-02-07 16:13:19 | 000,000,056 | ---- | C] () – C:{59733DCC-6F30-4D02-BA5E-3579EC4D1CC3} [2012-02-07 14:30:11 | 000,000,056 | ---- | C] () – C:{4E47424A-8018-422E-BC80-214E0E72FDA5} [2012-02-07 09:44:26 | 000,000,056 | ---- | C] () – C:{C550D9BC-A2E1-403D-89CE-D5F3CC09DC13} [2012-02-05 15:22:52 | 000,000,756 | ---- | C] () – C:\Documents and Settings\Alina\Pulpit\Pliki instalacyjne Norton.lnk [2009-12-02 11:23:51 | 000,000,754 | ---- | C] () – C:\WINDOWS\WORDPAD.INI [2009-03-28 18:18:55 | 000,000,521 | ---- | C] () – C:\WINDOWS\wldtlk1.ini [2008-12-17 15:00:22 | 000,000,000 | ---- | C] () – C:\WINDOWS\nsreg.dat [2008-08-05 08:34:30 | 000,053,248 | ---- | C] () – C:\Documents and Settings\Alina\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008-06-17 15:48:37 | 000,000,069 | ---- | C] () – C:\WINDOWS\NeroDigital.ini [2008-06-17 10:24:59 | 000,000,130 | ---- | C] () – C:\Documents and Settings\Alina\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2008-06-17 09:25:11 | 000,049,152 | R— | C] () – C:\WINDOWS\System32\ChCfg.exe [2008-06-17 02:58:33 | 000,004,293 | ---- | C] () – C:\WINDOWS\ODBCINST.INI [2008-06-17 02:57:33 | 000,149,992 | ---- | C] () – C:\WINDOWS\System32\FNTCACHE.DAT [2008-06-16 19:15:43 | 000,002,048 | --S- | C] () – C:\WINDOWS\bootstat.dat [2008-06-16 19:12:03 | 000,021,856 | ---- | C] () – C:\WINDOWS\System32\emptyregdb.dat [2008-01-10 02:37:45 | 001,703,936 | ---- | C] () – C:\WINDOWS\System32\nvwdmcpl.dll [2008-01-10 02:37:45 | 001,626,112 | ---- | C] () – C:\WINDOWS\System32\nwiz.exe [2008-01-10 02:37:45 | 001,474,560 | ---- | C] () – C:\WINDOWS\System32\nview.dll [2008-01-10 02:37:45 | 001,339,392 | ---- | C] () – C:\WINDOWS\System32\nvdspsch.exe [2008-01-10 02:37:45 | 001,019,904 | ---- | C] () – C:\WINDOWS\System32\nvwimg.dll [2008-01-10 02:37:45 | 000,466,944 | ---- | C] () – C:\WINDOWS\System32\nvshell.dll [2008-01-10 02:37:45 | 000,442,368 | ---- | C] () – C:\WINDOWS\System32\nvappbar.exe [2008-01-10 02:37:45 | 000,425,984 | ---- | C] () – C:\WINDOWS\System32\keystone.exe [2008-01-10 02:37:45 | 000,286,720 | ---- | C] () – C:\WINDOWS\System32\nvnt4cpl.dll [2006-03-02 13:00:00 | 013,107,200 | ---- | C] () – C:\WINDOWS\System32\oembios.bin [2006-03-02 13:00:00 | 000,673,088 | ---- | C] () – C:\WINDOWS\System32\mlang.dat [2006-03-02 13:00:00 | 000,586,240 | ---- | C] () – C:\WINDOWS\System32\mlang.dll [2006-03-02 13:00:00 | 000,500,386 | ---- | C] () – C:\WINDOWS\System32\perfh015.dat [2006-03-02 13:00:00 | 000,441,552 | ---- | C] () – C:\WINDOWS\System32\perfh009.dat [2006-03-02 13:00:00 | 000,313,828 | ---- | C] () – C:\WINDOWS\System32\perfi015.dat [2006-03-02 13:00:00 | 000,272,128 | ---- | C] () – C:\WINDOWS\System32\perfi009.dat [2006-03-02 13:00:00 | 000,218,003 | ---- | C] () – C:\WINDOWS\System32\dssec.dat [2006-03-02 13:00:00 | 000,210,944 | ---- | C] () – C:\WINDOWS\System32\rasppp.dll [2006-03-02 13:00:00 | 000,089,046 | ---- | C] () – C:\WINDOWS\System32\perfc015.dat [2006-03-02 13:00:00 | 000,071,488 | ---- | C] () – C:\WINDOWS\System32\perfc009.dat [2006-03-02 13:00:00 | 000,060,928 | ---- | C] () – C:\WINDOWS\System32\miglibnt.dll [2006-03-02 13:00:00 | 000,058,880 | ---- | C] () – C:\WINDOWS\System32\spoolsv.exe [2006-03-02 13:00:00 | 000,046,258 | ---- | C] () – C:\WINDOWS\System32\mib.bin [2006-03-02 13:00:00 | 000,034,990 | ---- | C] () – C:\WINDOWS\System32\perfd015.dat [2006-03-02 13:00:00 | 000,029,696 | ---- | C] () – C:\WINDOWS\System32\mimefilt.dll [2006-03-02 13:00:00 | 000,028,626 | ---- | C] () – C:\WINDOWS\System32\perfd009.dat [2006-03-02 13:00:00 | 000,004,569 | ---- | C] () – C:\WINDOWS\System32\secupd.dat [2006-03-02 13:00:00 | 000,004,461 | ---- | C] () – C:\WINDOWS\System32\oembios.dat [2006-03-02 13:00:00 | 000,001,804 | ---- | C] () – C:\WINDOWS\System32\dcache.bin [2006-03-02 13:00:00 | 000,000,741 | ---- | C] () – C:\WINDOWS\System32\noise.dat ========== LOP Check ========== [2011-03-25 14:49:36 | 000,000,000 | —D | M] – C:\Documents and Settings\Alina\Dane aplikacji\Bandoo [2010-12-10 18:23:31 | 000,000,000 | —D | M] – C:\Documents and Settings\Alina\Dane aplikacji\EurekaLog [2011-07-22 14:45:34 | 000,000,000 | —D | M] – C:\Documents and Settings\Alina\Dane aplikacji\OpenOffice.org [2011-01-06 15:05:31 | 000,000,000 | —D | M] – C:\Documents and Settings\Alina\Dane aplikacji\PhotoScape [2012-02-05 10:54:34 | 000,000,000 | —D | M] – C:\Documents and Settings\Alina\Dane aplikacji\Tific [2011-02-05 13:35:31 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2011-04-26 06:48:48 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\Bandoo [2009-08-06 12:50:01 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\BigStage [2010-03-31 11:58:45 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\ESET [2008-06-21 14:12:18 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\phenomedia ========== Purity Check ========== < End of report >