OTL logfile created on: 2011-09-16 13:00:20 - Run 1
OTL by OldTimer - Version 3.2.28.0     Folder = C:\Documents and Settings\Wieclaw\Pulpit\testy
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
511,48 Mb Total Physical Memory | 290,75 Mb Available Physical Memory | 56,85% Memory free
1,22 Gb Paging File | 1,02 Gb Available in Paging File | 83,34% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 11,98 Gb Total Space | 2,30 Gb Free Space | 19,21% Space Free | Partition Type: FAT32
Drive D: | 62,52 Gb Total Space | 43,97 Gb Free Space | 70,32% Space Free | Partition Type: NTFS
 
Computer Name: WIECLAW-0B40B18 | User Name: Wieclaw | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011-09-16 12:56:18 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Wieclaw\Pulpit\testy\OTL.exe
PRC - [2011-06-30 22:58:34 | 001,379,816 | ---- | M] (CPUID) -- C:\Documents and Settings\Wieclaw\Pulpit\testy\hwmonitor_1.18-32bit\HWMonitor.exe
PRC - [2006-10-25 08:32:36 | 000,114,688 | RHS- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\EXPLORER.EXE
PRC - [2006-04-20 18:58:54 | 003,874,871 | ---- | M] (Johnny Lee) -- C:\Documents and Settings\Wieclaw\Pulpit\testy\orthos_exe_20060420\ORTHOS.exe
PRC - [2004-08-04 12:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2011-09-16 12:49:00 | 000,084,992 | RHS- | M] () -- C:\WINDOWS\system32\cvnmhg0.dll
MOD - [2010-09-22 21:12:20 | 000,016,832 | ---- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\ViewerPS.dll
MOD - [2009-02-27 20:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL
MOD - [2006-07-20 12:05:42 | 000,126,464 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2006-04-20 18:57:50 | 003,789,879 | ---- | M] () -- C:\Documents and Settings\Wieclaw\Pulpit\testy\orthos_exe_20060420\worker.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [On_Demand | Stopped] --  -- (AppMgmt)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Running] --  -- (cpuz135)
DRV - File not found [Kernel | On_Demand | Running] --  -- (asc3360pr)
DRV - [2008-01-15 21:50:50 | 000,459,520 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2005-04-19 04:40:00 | 002,317,504 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004-08-03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2003-12-11 17:54:14 | 000,391,424 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2000-10-25 14:27:24 | 000,003,000 | R--- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\SetupNT.sys -- (SetupNT)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1644491937-1060284298-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
IE - HKU\S-1-5-21-1644491937-1060284298-839522115-1004\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1644491937-1060284298-839522115-1004\..\URLSearchHook: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1644491937-1060284298-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files\RelevantKnowledge [2011-01-22 16:57:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-08-04 21:04:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-08-04 21:04:00 | 000,000,000 | ---D | M]
 
[2010-08-04 21:04:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wieclaw\Dane aplikacji\Mozilla\Firefox\Profiles\yc7xzxa2.default\extensions
[2011-01-20 17:11:34 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\Wieclaw\Dane aplikacji\Mozilla\Firefox\Profiles\yc7xzxa2.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011-01-22 16:54:56 | 000,000,000 | ---D | M] (Softonic-Polska Community Toolbar) -- C:\Documents and Settings\Wieclaw\Dane aplikacji\Mozilla\Firefox\Profiles\yc7xzxa2.default\extensions\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}
[2011-02-05 18:55:38 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Documents and Settings\Wieclaw\Dane aplikacji\Mozilla\Firefox\Profiles\yc7xzxa2.default\extensions\DTToolbar@toolbarnet.com
[2011-01-20 17:11:34 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Wieclaw\Dane aplikacji\Mozilla\Firefox\Profiles\yc7xzxa2.default\extensions\engine@conduit.com
[2011-02-05 18:55:28 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\Wieclaw\Dane aplikacji\Mozilla\Firefox\Profiles\yc7xzxa2.default\searchplugins\daemon-search.xml
[2010-08-04 21:04:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-10-26 17:58:34 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010-08-04 21:04:02 | 000,000,000 | ---D | M] (Talkback) -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
[2011-01-22 16:57:06 | 000,000,000 | ---D | M] (RelevantKnowledge) -- C:\PROGRAM FILES\RELEVANTKNOWLEDGE
[2011-02-01 17:24:10 | 000,046,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\spellchk.dll
[2011-02-01 17:24:10 | 000,172,136 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\xpinstal.dll
[2011-02-01 17:24:08 | 000,067,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jar50.dll
[2011-02-01 17:24:08 | 000,054,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jsd3250.dll
[2011-02-01 17:24:08 | 000,034,944 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\myspell.dll
[2011-02-01 17:24:20 | 000,000,904 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2011-02-01 17:24:20 | 000,001,419 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2011-02-01 17:24:20 | 000,000,926 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2011-02-01 17:24:20 | 000,000,866 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2011-02-01 17:24:20 | 000,001,198 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-02-01 17:24:20 | 000,001,693 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2004-08-04 12:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O2 - BHO: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1644491937-1060284298-839522115-1004\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1644491937-1060284298-839522115-1004\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1644491937-1060284298-839522115-1004\..\Toolbar\WebBrowser: (Softonic-Polska Toolbar) - {C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKU\S-1-5-21-1644491937-1060284298-839522115-1004..\Run: [amva] C:\WINDOWS\system32\amvo.exe ()
O4 - HKU\S-1-5-21-1644491937-1060284298-839522115-1004..\Run: [EXPLORER.EXE] C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-1644491937-1060284298-839522115-1004..\Run: [IPLA!] C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.)
O4 - HKU\S-1-5-21-1644491937-1060284298-839522115-1004..\Run: [wsctf.exe] wsctf.exe File not found
O4 - HKU\S-1-5-21-1644491937-1060284298-839522115-1004..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10l_Plugin.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Wireless Utility.lnk = C:\Program Files\EDIMAX\Common\RaUI.exe (Edimax Technology Co., Ltd)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1644491937-1060284298-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1644491937-1060284298-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\S-1-5-21-1644491937-1060284298-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O9 - Extra Button: Kolekcja wycinków HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Zaznaczanie HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (EXPLORER.EXE) -C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation)
O20 - Winlogon\Notify\RelevantKnowledge: DllName - (C:\program files\relevantknowledge\rlls.dll) - C:\Program Files\RelevantKnowledge\rlls.dll (TMRG, Inc.)
O24 - Desktop Components:0 () - file:///C:/DOCUME~1/Wieclaw/USTAWI~1/Temp/msoclip1/01/clip_image002.jpg
O24 - Desktop Components:1 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Wieclaw\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Wieclaw\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-08-04 20:37:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2011-09-16 13:01:50 | 000,000,358 | RHS- | M] () - C:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2011-03-19 13:35:11 | 000,000,358 | RHS- | M] () - D:\AUTORUN.FCB -- [ NTFS ]
O32 - AutoRun File - [2011-09-16 13:01:49 | 000,000,358 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{6d6a9344-67f2-11e0-bfe0-001f1f3d021a}\Shell\AutOPLay\coMmanD - "" = F:\qxpjk.exe
O33 - MountPoints2\{6d6a9344-67f2-11e0-bfe0-001f1f3d021a}\Shell\AutoRun\command - "" = F:\qxpjk.exe
O33 - MountPoints2\{6d6a9344-67f2-11e0-bfe0-001f1f3d021a}\Shell\explore\ComMand - "" = F:\qxpjk.exe
O33 - MountPoints2\{6d6a9344-67f2-11e0-bfe0-001f1f3d021a}\Shell\open\cOMMand - "" = F:\qxpjk.exe
O33 - MountPoints2\{6f6449d8-a003-11df-9b23-806d6172696f}\Shell\AutoRun\command - "" = C:\wqesvxa.exe -- [2009-01-09 08:40:12 | 000,190,976 | RHS- | M] ()
O33 - MountPoints2\{6f6449d8-a003-11df-9b23-806d6172696f}\Shell\open\Command - "" = C:\wqesvxa.exe -- [2009-01-09 08:40:12 | 000,190,976 | RHS- | M] ()
O33 - MountPoints2\{6f6449d9-a003-11df-9b23-806d6172696f}\Shell\AutoRun\command - "" = D:\wqesvxa.exe -- [2009-01-09 08:40:12 | 000,190,976 | RHS- | M] ()
O33 - MountPoints2\{6f6449d9-a003-11df-9b23-806d6172696f}\Shell\open\Command - "" = D:\wqesvxa.exe -- [2009-01-09 08:40:12 | 000,190,976 | RHS- | M] ()
O33 - MountPoints2\{7c1404e8-c8d0-11df-bea0-001f1f3d021a}\Shell\AutOplAY\ComMand - "" = G:\bjbac.pif
O33 - MountPoints2\{7c1404e8-c8d0-11df-bea0-001f1f3d021a}\Shell\AutoRun\command - "" = G:\bjbac.pif
O33 - MountPoints2\{7c1404e8-c8d0-11df-bea0-001f1f3d021a}\Shell\expLOre\ComManD - "" = G:\bjbac.pif
O33 - MountPoints2\{7c1404e8-c8d0-11df-bea0-001f1f3d021a}\Shell\open\coMmaNd - "" = G:\bjbac.pif
O33 - MountPoints2\{9d60b4b2-df97-11e0-bff1-001f1f3d021a}\Shell\AutoRun\command - "" = F:\wqesvxa.exe
O33 - MountPoints2\{9d60b4b2-df97-11e0-bff1-001f1f3d021a}\Shell\open\Command - "" = F:\wqesvxa.exe
O33 - MountPoints2\{c618e90e-a94e-11df-be5b-001f1f3d021a}\Shell\AutoRun\command - "" = F:\wqesvxa.exe
O33 - MountPoints2\{c618e90e-a94e-11df-be5b-001f1f3d021a}\Shell\open\Command - "" = F:\wqesvxa.exe
O33 - MountPoints2\{d648f1c6-2d41-11e0-bf6c-001f1f3d021a}\Shell\AutoplaY\coMmaNd - "" = F:\kvhul.exe
O33 - MountPoints2\{d648f1c6-2d41-11e0-bf6c-001f1f3d021a}\Shell\AutoRun\command - "" = F:\kvhul.exe
O33 - MountPoints2\{d648f1c6-2d41-11e0-bf6c-001f1f3d021a}\Shell\eXpLoRE\Command - "" = F:\kvhul.exe
O33 - MountPoints2\{d648f1c6-2d41-11e0-bf6c-001f1f3d021a}\Shell\opEn\commanD - "" = F:\kvhul.exe
O33 - MountPoints2\{f8f2fd5e-9ffa-11df-be4f-00115bfc8c1a}\Shell\AUtoPlaY\CommanD - "" = G:\rghwha.exe
O33 - MountPoints2\{f8f2fd5e-9ffa-11df-be4f-00115bfc8c1a}\Shell\AutoRun\command - "" = G:\rghwha.exe
O33 - MountPoints2\{f8f2fd5e-9ffa-11df-be4f-00115bfc8c1a}\Shell\eXPloRE\COmMAnd - "" = G:\rghwha.exe
O33 - MountPoints2\{f8f2fd5e-9ffa-11df-be4f-00115bfc8c1a}\Shell\OpEn\COmmAnD - "" = G:\rghwha.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011-09-16 12:54:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Wieclaw\Pulpit\testy
[2011-09-16 12:40:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011-09-16 12:38:56 | 000,000,000 | -HSD | C] -- C:\FOUND.031
[2011-08-19 18:14:22 | 000,000,000 | -HSD | C] -- C:\FOUND.030
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011-09-16 13:02:42 | 000,000,358 | RHS- | M] () -- C:\autorun.inf
[2011-09-16 12:58:06 | 000,001,717 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk
[2011-09-16 12:54:10 | 000,531,258 | ---- | M] () -- C:\Documents and Settings\Wieclaw\Pulpit\hwmonitor_1.18-32bit.zip
[2011-09-16 12:49:00 | 000,084,992 | RHS- | M] () -- C:\WINDOWS\System32\cvnmhg0.dll
[2011-09-16 12:45:14 | 000,017,145 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011-09-16 12:45:00 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011-09-16 12:44:58 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2011-09-16 12:44:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-09-16 12:43:06 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011-09-15 14:37:46 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2011-09-15 14:33:24 | 000,013,724 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-08-19 17:45:16 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011-09-16 12:54:10 | 000,531,258 | ---- | C] () -- C:\Documents and Settings\Wieclaw\Pulpit\hwmonitor_1.18-32bit.zip
[2011-09-16 12:40:09 | 000,000,358 | RHS- | C] () -- C:\autorun.inf
[2011-08-31 16:18:51 | 000,190,976 | RHS- | C] () -- C:\wqesvxa.exe
[2011-04-14 20:03:07 | 000,002,959 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011-03-22 20:45:52 | 000,000,252 | ---- | C] () -- C:\WINDOWS\System32\drivers\anzrgyrw.dat
[2011-02-06 21:11:47 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-11-17 20:04:21 | 000,155,442 | ---- | C] () -- C:\WINDOWS\hpoins21.dat.temp
[2010-11-17 20:04:20 | 000,008,138 | ---- | C] () -- C:\WINDOWS\hpomdl21.dat.temp
[2010-11-16 15:09:14 | 000,001,122 | ---- | C] () -- C:\WINDOWS\System32\ddr.exe
[2010-11-08 15:24:47 | 000,084,992 | RHS- | C] () -- C:\WINDOWS\System32\cvnmhg1.dll
[2010-11-04 20:03:37 | 000,190,976 | RHS- | C] () -- C:\WINDOWS\System32\amvo.exe
[2010-11-04 20:03:37 | 000,084,992 | RHS- | C] () -- C:\WINDOWS\System32\cvnmhg0.dll
[2010-10-26 17:59:17 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010-10-06 20:38:22 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010-10-06 20:38:18 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\Wieclaw\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-09-27 17:00:57 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010-08-21 11:22:44 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010-08-04 21:24:18 | 000,155,442 | ---- | C] () -- C:\WINDOWS\hpoins21.dat
[2010-08-04 21:24:18 | 000,008,138 | ---- | C] () -- C:\WINDOWS\hpomdl21.dat
[2010-08-04 21:13:18 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\rt73.bin
[2010-08-04 21:04:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010-08-04 21:00:01 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2010-08-04 20:59:48 | 000,001,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxinit.dat
[2010-08-04 20:59:14 | 000,003,000 | R--- | C] () -- C:\WINDOWS\System32\SetupNT.sys
[2010-08-04 20:48:53 | 000,156,672 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2010-08-04 20:45:35 | 000,007,424 | R--- | C] () -- C:\WINDOWS\System32\drivers\MMIOPORT.SYS
[2010-08-04 20:41:34 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010-08-04 20:35:02 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010-08-04 20:14:50 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010-08-04 20:13:40 | 000,114,176 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004-08-04 12:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004-08-04 12:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004-08-04 12:00:00 | 000,355,486 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2004-08-04 12:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2004-08-04 12:00:00 | 000,311,604 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004-08-04 12:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004-08-04 12:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004-08-04 12:00:00 | 000,049,492 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2004-08-04 12:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004-08-04 12:00:00 | 000,039,992 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004-08-04 12:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2004-08-04 12:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004-08-04 12:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004-08-04 12:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004-08-04 12:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004-08-04 12:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004-08-04 12:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1999-01-22 19:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010-08-15 21:36:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-08-30 18:50:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-09-08 17:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2011-02-05 18:55:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-08-15 21:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wieclaw\Dane aplikacji\Gadu-Gadu 10
[2010-08-30 18:50:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wieclaw\Dane aplikacji\ipla
[2010-09-05 13:31:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wieclaw\Dane aplikacji\PhotoScape
[2010-09-08 17:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wieclaw\Dane aplikacji\OpenFM
[2010-11-20 17:35:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wieclaw\Dane aplikacji\RDRM
[2011-01-20 17:10:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wieclaw\Dane aplikacji\uTorrent
[2011-02-05 18:55:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wieclaw\Dane aplikacji\DAEMON Tools Lite
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >