OTL logfile created on: 2010-08-10 21:40:50 - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = D:\czyszczenie i optymalizacja\logi Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 511,00 Mb Total Physical Memory | 92,00 Mb Available Physical Memory | 18,00% Memory free 1,00 Gb Paging File | 1,00 Gb Available in Paging File | 55,00% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 35,50 Gb Total Space | 2,63 Gb Free Space | 7,40% Space Free | Partition Type: NTFS Drive D: | 39,05 Gb Total Space | 16,65 Gb Free Space | 42,63% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MAREKA-427D4558 Current User Name: Marek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010-08-10 21:37:27 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\czyszczenie i optymalizacja\logi\OTL.exe PRC - [2010-08-10 21:32:57 | 000,013,312 | ---- | M] () -- C:\WINDOWS\system32\35DDF5\NV305472.EXE PRC - [2010-07-07 07:55:10 | 003,687,736 | ---- | M] (Ghisler Software GmbH) -- C:\totalcmd\TOTALCMD.EXE PRC - [2010-02-08 12:02:10 | 002,343,632 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe PRC - [2009-10-17 22:20:08 | 001,406,935 | RHS- | M] () -- C:\WINDOWS\system32\AC58E3\A15F39.EXE PRC - [2009-02-19 15:23:24 | 000,202,064 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe PRC - [2009-01-17 02:28:31 | 000,618,232 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe PRC - [2009-01-17 02:28:30 | 001,797,880 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe PRC - [2008-12-10 23:32:46 | 000,098,816 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2008-11-13 14:06:30 | 000,541,976 | ---- | M] (PIXELA CORPORATION) -- C:\Program Files\PIXELA\Everio MediaBrowser HD Edition\MBCameraMonitor.exe PRC - [2008-04-14 23:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-11-13 15:57:16 | 001,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe PRC - [2006-11-13 15:57:06 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe PRC - [2006-10-26 21:24:54 | 000,098,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE PRC - [2003-05-08 12:00:58 | 000,049,152 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe PRC - [2003-05-05 09:57:30 | 000,143,360 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMTray.exe PRC - [2002-09-20 17:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-08-10 21:37:27 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\czyszczenie i optymalizacja\logi\OTL.exe MOD - [2010-08-10 21:17:23 | 000,082,944 | RHS- | M] () -- C:\Documents and Settings\Marek\Ustawienia lokalne\Temp\dsoqq0.dll MOD - [2009-01-17 02:28:31 | 000,147,192 | ---- | M] () -- C:\WINDOWS\system32\guard32.dll MOD - [2008-04-14 23:50:58 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll MOD - [2008-04-14 23:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2003-05-08 12:00:46 | 000,159,744 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE2.0\OpHookSE2.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-01-17 02:28:31 | 000,618,232 | ---- | M] () [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV - [2002-09-20 17:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default)) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009-01-17 02:28:31 | 000,101,776 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdguard.sys -- (cmdGuard) DRV - [2009-01-17 02:28:31 | 000,079,504 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect) DRV - [2009-01-17 02:28:31 | 000,031,504 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp) DRV - [2008-12-02 00:13:40 | 003,452,928 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2008-04-03 14:36:14 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5) DRV - [2003-07-02 05:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1) DRV - [2000-09-18 13:00:00 | 000,160,073 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\omcamvid.sys -- (OVT511Plus) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1390067357-362288127-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1390067357-362288127-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/ IE - HKU\S-1-5-21-1390067357-362288127-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-1390067357-362288127-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-03-13 22:18:48 | 000,000,000 | ---D | M] O1 HOSTS File: ([2001-10-26 15:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.) O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Reg Error: Value error. File not found O3 - HKU\S-1-5-21-1390067357-362288127-682003330-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Reg Error: Value error. File not found O4 - HKLM..\Run: [A15F39] C:\WINDOWS\system32\AC58E3\A15F39.EXE () O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe () O4 - HKLM..\Run: [Make A Voozie] C:\Documents and Settings\All Users\Dane aplikacji\Make A Voozie\VoozieMaker.exe (Smiling Giant Inc.) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [OpwareSE2] C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe (ScanSoft, Inc.) O4 - HKLM..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-21-1390067357-362288127-682003330-1003..\Run: [Advanced SystemCare 3] C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit) O4 - HKU\S-1-5-21-1390067357-362288127-682003330-1003..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - HKU\S-1-5-21-1390067357-362288127-682003330-1003..\Run: [dso32] C:\Documents and Settings\Marek\Ustawienia lokalne\Temp\dsoqq.exe () O4 - HKU\S-1-5-21-1390067357-362288127-682003330-1003..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) O4 - HKU\S-1-5-21-1390067357-362288127-682003330-1003..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\Wcescomm.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1390067357-362288127-682003330-1003..\Run: [SmartRAM] C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe (IObit) O4 - HKU\S-1-5-21-1390067357-362288127-682003330-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Camera Monitor HD.lnk = C:\Program Files\PIXELA\Everio MediaBrowser HD Edition\MBCameraMonitor.exe (PIXELA CORPORATION) O4 - Startup: C:\Documents and Settings\Marek\Menu Start\Programy\Autostart\A15F39.lnk = C:\WINDOWS\system32\AC58E3\A15F39.EXE () O4 - Startup: C:\Documents and Settings\Marek\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1390067357-362288127-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Utwórz Ulubione dla urządzenia przenośnego... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {2AD0C02D-3A2E-4192-BD8A-19C89BD0DFF1} file://C:\Documents and Settings\All Users\Dane aplikacji\Skype\Plugins\Plugins\263AF18BA8E6473194D1E386FDADB7DE\4USclub.cab (connectionClub Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.) O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: F:\zdjęcia\Sesja\IMG_5793 copy.jpg O24 - Desktop BackupWallPaper: C:\Documents and Settings\Marek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-01-17 00:42:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009-06-06 00:24:28 | 000,017,217 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O32 - AutoRun File - [2010-07-20 13:18:34 | 000,000,061 | RHS- | M] () - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2007-07-16 19:24:42 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-07-20 13:18:35 | 000,000,061 | RHS- | M] () - D:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{2e8cee54-e8d0-11dd-a9c8-0013d4645ca9}\Shell\AutoRun\command - "" = G:\hc3hvi0.exe -- File not found O33 - MountPoints2\{2e8cee54-e8d0-11dd-a9c8-0013d4645ca9}\Shell\open\Command - "" = G:\hc3hvi0.exe -- File not found O33 - MountPoints2\{45c34efa-f87f-11de-aba0-0013d4645ca9}\Shell - "" = AutoRun O33 - MountPoints2\{45c34efa-f87f-11de-aba0-0013d4645ca9}\Shell\1\Command - "" = G:\Recycle.exe -- File not found O33 - MountPoints2\{45c34efa-f87f-11de-aba0-0013d4645ca9}\Shell\2\Command - "" = G:\Recycle.exe -- File not found O33 - MountPoints2\{4c1443ea-419f-11df-ac3f-0013d4645ca9}\Shell\AutoRun\command - "" = F:\ysyjq1bs.exe -- File not found O33 - MountPoints2\{4c1443ea-419f-11df-ac3f-0013d4645ca9}\Shell\open\Command - "" = F:\ysyjq1bs.exe -- File not found O33 - MountPoints2\{686b9100-7122-11de-aad9-0013d4645ca9}\Shell\AutoRun\command - "" = G:\bu8.exe -- File not found O33 - MountPoints2\{686b9100-7122-11de-aad9-0013d4645ca9}\Shell\open\Command - "" = G:\bu8.exe -- File not found O33 - MountPoints2\{68f0b2a2-4b70-11de-aa98-0013d4645ca9}\Shell\AutoRun\command - "" = G:\bu8.exe -- File not found O33 - MountPoints2\{68f0b2a2-4b70-11de-aa98-0013d4645ca9}\Shell\open\Command - "" = G:\bu8.exe -- File not found O33 - MountPoints2\{68f6fbd0-17e2-11df-abe7-0013d4645ca9}\Shell\AutoRun\command - "" = G:\12gn6id2.exe -- File not found O33 - MountPoints2\{68f6fbd0-17e2-11df-abe7-0013d4645ca9}\Shell\open\Command - "" = G:\12gn6id2.exe -- File not found O33 - MountPoints2\{87aaa463-e4af-11dd-a9ba-0013d4645ca9}\Shell\AutoRun\command - "" = F:\i8gcgmg.exe -- File not found O33 - MountPoints2\{87aaa463-e4af-11dd-a9ba-0013d4645ca9}\Shell\open\Command - "" = F:\i8gcgmg.exe -- File not found O33 - MountPoints2\{885d68f8-fed9-11de-abac-0013d4645ca9}\Shell\AutoRun\command - "" = G:\8xcrbho6.exe -- File not found O33 - MountPoints2\{885d68f8-fed9-11de-abac-0013d4645ca9}\Shell\open\Command - "" = G:\8xcrbho6.exe -- File not found O33 - MountPoints2\{bb33651f-f9d6-11de-aba2-0013d4645ca9}\Shell - "" = AutoRun O33 - MountPoints2\{bb33651f-f9d6-11de-aba2-0013d4645ca9}\Shell\1\Command - "" = G:\Recycle.exe -- File not found O33 - MountPoints2\{bb33651f-f9d6-11de-aba2-0013d4645ca9}\Shell\2\Command - "" = G:\Recycle.exe -- File not found O33 - MountPoints2\{c4fa73f8-1362-11df-abdd-0013d4645ca9}\Shell\AutoRun\command - "" = G:\ws.exe -- File not found O33 - MountPoints2\{c4fa73f8-1362-11df-abdd-0013d4645ca9}\Shell\open\Command - "" = G:\ws.exe -- File not found O33 - MountPoints2\{e1145d72-bc0c-11de-ab3a-0013d4645ca9}\Shell\AutoRun\command - "" = F:\ggb6w.exe -- File not found O33 - MountPoints2\{e1145d72-bc0c-11de-ab3a-0013d4645ca9}\Shell\open\Command - "" = F:\ggb6w.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-08-10 21:33:17 | 000,000,000 | ---D | C] -- C:\totalcmd [2010-08-10 21:33:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marek\Dane aplikacji\GHISLER [2010-07-30 22:11:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marek\Pulpit\Nowy folder [2010-07-14 09:40:42 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe [2004-11-24 21:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-08-10 21:33:27 | 000,000,548 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Total Commander.lnk [2010-08-10 21:33:00 | 000,000,677 | ---- | M] () -- C:\Documents and Settings\Marek\Menu Start\Programy\Autostart\A15F39.lnk [2010-08-10 21:17:06 | 000,000,376 | ---- | M] () -- C:\WINDOWS\tasks\AWC AutoSweep.job [2010-08-10 21:16:24 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-08-10 21:16:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-08-10 21:16:07 | 536,137,728 | -HS- | M] () -- C:\hiberfil.sys [2010-08-10 20:24:02 | 005,767,168 | -H-- | M] () -- C:\Documents and Settings\Marek\NTUSER.DAT [2010-08-10 20:23:56 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Marek\ntuser.ini [2010-08-10 15:03:42 | 000,000,558 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Marek.job [2010-08-10 14:28:30 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-07-27 08:30:33 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll [2010-07-20 13:18:34 | 000,000,061 | RHS- | M] () -- C:\autorun.inf [2010-07-14 12:18:24 | 000,000,118 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI [2010-07-14 12:13:32 | 002,112,470 | -H-- | M] () -- C:\Documents and Settings\Marek\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-07-14 09:36:30 | 000,117,248 | RHS- | M] () -- C:\i8gcgmg.exe [2010-07-12 20:02:00 | 000,116,736 | RHS- | M] () -- C:\r3x0k.exe [2010-07-12 13:45:09 | 000,116,224 | RHS- | M] () -- C:\ggb6w.exe [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-08-10 21:33:27 | 000,000,548 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Total Commander.lnk [2010-08-10 21:33:19 | 000,000,545 | ---- | C] () -- C:\WINDOWS\UC.PIF [2010-08-10 21:33:19 | 000,000,545 | ---- | C] () -- C:\WINDOWS\RAR.PIF [2010-08-10 21:33:19 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKZIP.PIF [2010-08-10 21:33:18 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKUNZIP.PIF [2010-08-10 21:33:18 | 000,000,545 | ---- | C] () -- C:\WINDOWS\LHA.PIF [2010-08-10 21:33:18 | 000,000,545 | ---- | C] () -- C:\WINDOWS\ARJ.PIF [2010-07-14 09:36:58 | 000,117,248 | RHS- | C] () -- C:\i8gcgmg.exe [2010-07-12 20:02:30 | 000,116,736 | RHS- | C] () -- C:\r3x0k.exe [2010-01-25 17:39:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\BBCAuto.INI [2010-01-09 22:00:38 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-12-09 21:54:44 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2009-03-30 21:11:38 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI [2009-02-23 18:56:30 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll [2009-02-20 20:54:58 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll [2009-02-07 10:56:26 | 000,004,127 | ---- | C] () -- C:\WINDOWS\disney.ini [2009-02-07 10:56:11 | 000,000,370 | ---- | C] () -- C:\WINDOWS\disneysy.ini [2009-01-23 22:23:42 | 000,225,280 | ---- | C] () -- C:\WINDOWS\System32\qtmlClient.dll [2009-01-23 22:10:52 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll [2009-01-23 22:10:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll [2009-01-23 22:10:45 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2009-01-23 22:10:40 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2009-01-23 22:10:01 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2009-01-23 22:09:48 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009-01-23 00:02:19 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-01-17 18:13:56 | 000,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI [2009-01-17 17:56:44 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL [2009-01-17 02:28:33 | 000,147,192 | ---- | C] () -- C:\WINDOWS\System32\guard32.dll [2009-01-17 01:14:38 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll [2009-01-17 01:11:21 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll [2009-01-17 01:05:38 | 000,004,005 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2009-01-17 01:05:36 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2008-07-05 13:14:48 | 000,456,192 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2008-07-05 13:14:44 | 003,591,168 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2008-07-05 13:13:16 | 000,708,096 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll [2008-06-22 19:34:00 | 000,177,664 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll [2008-06-13 13:39:38 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2008-06-12 20:36:38 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2007-07-10 18:10:12 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2004-10-03 19:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll [2001-07-06 16:30:02 | 000,003,234 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI [color=#E56717]========== LOP Check ==========[/color] [2010-06-01 13:43:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamow\Dane aplikacji\The Bat! [2009-02-07 10:56:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Disney Interactive [2009-01-25 23:31:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Make A Voozie [2010-04-02 20:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PIXELA [2009-05-06 22:56:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ScanSoft [2009-05-06 23:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SSScanAppDataDir [2009-01-17 18:13:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SSScanWizard [2009-01-17 18:22:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Dane aplikacji\Canon [2010-02-06 19:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Dane aplikacji\DMCache [2009-01-17 14:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Dane aplikacji\Gadu-Gadu [2009-06-05 22:12:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Dane aplikacji\GetRightToGo [2010-08-10 21:33:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Dane aplikacji\GHISLER [2010-01-09 21:48:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Dane aplikacji\IObit [2009-12-07 13:00:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Dane aplikacji\Mikrotik [2009-01-17 14:18:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Dane aplikacji\Opera [2009-01-17 18:14:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Dane aplikacji\ScanSoft [2010-08-10 21:19:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Dane aplikacji\The Bat! [2010-08-10 20:01:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Dane aplikacji\VoozieMaker [2010-08-10 21:17:06 | 000,000,376 | ---- | M] () -- C:\WINDOWS\Tasks\AWC AutoSweep.job [color=#E56717]========== Purity Check ==========[/color] < End of report >