OTL logfile created on: 2012-07-17 14:59:56 - Run 1
OTL by OldTimer - Version 3.2.54.0     Folder = H:\
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
895,36 Mb Total Physical Memory | 536,75 Mb Available Physical Memory | 59,95% Memory free
2,12 Gb Paging File | 1,91 Gb Available in Paging File | 90,11% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 33,20 Gb Total Space | 20,12 Gb Free Space | 60,61% Space Free | Partition Type: NTFS
Drive D: | 39,29 Gb Total Space | 0,11 Gb Free Space | 0,28% Space Free | Partition Type: NTFS
Drive E: | 39,29 Gb Total Space | 23,04 Gb Free Space | 58,64% Space Free | Partition Type: NTFS
Drive H: | 1,87 Gb Total Space | 0,26 Gb Free Space | 13,88% Space Free | Partition Type: FAT
 
Computer Name: PAFKA-888AB655D | User Name: paf | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-07-17 12:15:26 | 000,596,480 | ---- | M] (OldTimer Tools) -- H:\OTL.exe
PRC - [2012-05-28 11:30:24 | 002,152,720 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011-11-03 13:06:56 | 001,187,072 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2004-08-04 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-02-05 13:41:50 | 000,181,616 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Defs\Extended\libMachoUniv.dll
MOD - [2012-02-05 13:41:48 | 000,210,288 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Defs\Extended\libBase64.dll
MOD - [2012-01-27 11:26:37 | 000,508,776 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Defs\thorax.aaw
MOD - [2011-11-03 13:06:56 | 000,591,232 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\RPAPI.dll
MOD - [2011-11-03 13:06:56 | 000,430,568 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\Viprebridge.dll
MOD - [2011-11-03 13:06:56 | 000,308,560 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\Vipre.dll
MOD - [2011-11-03 13:06:56 | 000,173,504 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\unrar.dll
MOD - [2010-03-11 00:19:43 | 000,148,480 | ---- | M] () -- C:\Program Files\ALLPlayer\LIVE\HAALI\mkx.dll
MOD - [2010-03-11 00:19:26 | 000,079,360 | ---- | M] () -- C:\WINDOWS\system32\mkzlib.dll
MOD - [2010-03-11 00:19:22 | 000,023,552 | ---- | M] () -- C:\WINDOWS\system32\mkunicode.dll
MOD - [2010-03-10 05:14:39 | 000,536,576 | ---- | M] () -- C:\WINDOWS\system32\splitter.ax
MOD - [2010-03-10 05:14:14 | 000,159,744 | ---- | M] () -- C:\WINDOWS\system32\mmfinfo.dll
MOD - [2010-03-03 21:52:52 | 000,108,032 | ---- | M] () -- C:\Program Files\ALLPlayer\LIVE\HAALI\avi.dll
MOD - [2007-09-20 19:34:58 | 000,129,024 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2004-10-11 12:19:00 | 000,092,672 | ---- | M] () -- C:\WINDOWS\system32\ASUSASV2.DLL
MOD - [2004-08-04 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Plus Internet\Drivers\driver\globeSurferIcon\GtFlashSwitch.exe -- (GtFlashSwitch)
SRV - [2012-06-16 10:36:36 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-05-28 11:30:24 | 002,152,720 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2007-12-04 16:36:33 | 000,017,272 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2007-12-04 15:00:16 | 000,140,664 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2007-12-04 14:59:53 | 000,247,160 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2007-12-04 14:59:01 | 000,345,464 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2005-06-17 17:09:24 | 000,870,400 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\gtscser.sys -- (GTSCSER)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\gtptser.sys -- (GTPTSER)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\gtf32bus.sys -- (GTF32BUS)
DRV - [2011-11-03 13:06:56 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd)
DRV - [2011-07-04 20:58:18 | 000,072,576 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2011-07-04 20:58:16 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2011-07-04 20:58:16 | 000,106,496 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2011-07-04 20:58:16 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2011-07-04 20:58:16 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - [2011-06-24 17:12:45 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) WinPcap Packet Driver (NPF)
DRV - [2010-03-02 18:34:03 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2007-12-04 16:55:46 | 000,094,544 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2007-12-04 16:53:39 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2007-12-04 16:51:52 | 000,042,912 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2007-12-04 16:49:02 | 000,026,624 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2006-05-04 10:13:52 | 004,271,616 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-03-08 16:49:20 | 001,506,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006-01-20 06:44:42 | 000,862,340 | R--- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2006-01-18 12:41:58 | 000,080,512 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005-10-03 11:26:36 | 000,720,470 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SynMini.sys -- (SynMini)
DRV - [2005-10-03 11:26:14 | 000,008,278 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SynScan.sys -- (SynScan)
DRV - [2005-07-14 13:14:34 | 000,027,904 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\risdptsk.sys -- (risdptsk)
DRV - [2005-07-12 20:00:30 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005-06-17 17:01:24 | 000,008,704 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec)
DRV - [2005-06-17 17:01:22 | 000,099,584 | ---- | M] (Nero AG) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2005-06-17 17:00:58 | 000,029,696 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass)
DRV - [2005-06-17 16:00:52 | 000,028,160 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm)
DRV - [2005-02-18 00:07:48 | 000,005,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2005-02-11 22:46:22 | 000,371,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004-08-04 14:00:00 | 000,004,224 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2004-08-04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2004-08-03 23:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\Changer.sys -- (Changer)
DRV - [2004-08-03 22:59:34 | 000,034,688 | ---- | M] (Toshiba Corp.) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\lbrtfdc.sys -- (lbrtfdc)
DRV - [2002-09-09 20:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\asndis5.sys -- (ASNDIS5)
DRV - [2001-08-17 23:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = wyborcza.pl/0,0.html?p=020
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1
IE - HKLM\..\SearchScopes,DefaultScope = {BE28C22E-F666-424d-B5FD-125C4AFEE34E}
IE - HKLM\..\SearchScopes\{922D990A-6F16-406E-8C10-2D593C0E5599}: "URL" = http://search.myheritage.com?orig=ds&q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://o2.pl/
IE - HKCU\..\SearchScopes,DefaultScope = {BE28C22E-F666-424d-B5FD-125C4AFEE34E}
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=PTV&o=15184&src=crm&q={searchTerms}&locale=en_US
IE - HKCU\..\SearchScopes\{922D990A-6F16-406E-8C10-2D593C0E5599}: "URL" = http://search.myheritage.com?orig=ds&q={searchTerms}
IE - HKCU\..\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E}: "URL" = http://startsear.ch/?aff=1&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:59192
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "http://o2.pl/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..keyword.URL: "http://startsear.ch/?aff=1&q="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 59192
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.17: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.17: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-06-16 10:36:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-01-25 19:10:42 | 000,000,000 | ---D | M]
 
[2010-03-02 19:29:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\paf\Dane aplikacji\Mozilla\Extensions
[2011-07-11 20:04:02 | 000,000,633 | ---- | M] () -- C:\Documents and Settings\paf\Dane aplikacji\Mozilla\Firefox\Profiles\gnazuaa8.default\searchplugins\startsear.xml
[2012-01-25 19:10:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-08-01 02:57:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}-trash
[2010-04-16 11:07:41 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012-06-16 10:36:43 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010-04-16 11:07:41 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011-06-09 13:41:48 | 000,081,920 | ---- | M] (vShare.tv ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll
[2012-02-15 00:13:39 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-02-15 00:13:39 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-02-15 00:13:39 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2010-08-01 02:42:13 | 000,003,803 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MyHeritage.xml
[2012-02-15 00:13:39 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-02-15 00:13:39 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-02-15 00:13:39 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
Hosts file not found
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O4 - HKLM..\Run: [Plus Internet] C:\Program Files\Plus Internet\PlusInternetChecker.exe ()
O4 - HKCU..\Run: [Jkodoxulodipok] rundll32.exe  "C:\WINDOWS\rdhede2.dll",Startup File not found
O4 - HKCU..\Run: [piuhwwcwkakgmzh] C:\Documents and Settings\All Users\Dane aplikacji\piuhwwcw.exe ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Documents and Settings\paf\Dane aplikacji\dwm.exe) -  File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\cryptnet32: DllName - (cryptnet32.dll) -  File not found
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\paf\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\paf\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-03-02 17:54:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009-03-07 22:08:13 | 000,000,000 | ---D | M] - E:\autocad -- [ NTFS ]
O33 - MountPoints2\{089114e7-2621-11df-ac8f-0018f350fb41}\Shell\AutoRun\command - "" = G:\SamsungSoftware\APPInst.exe
O33 - MountPoints2\{0ba4c7ee-f1b1-11e0-af48-0018f3461aad}\Shell - "" = AutoRun
O33 - MountPoints2\{0ba4c7ee-f1b1-11e0-af48-0018f3461aad}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{27218148-ee82-11e0-af47-0018f350fb41}\Shell - "" = AutoRun
O33 - MountPoints2\{27218148-ee82-11e0-af47-0018f350fb41}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{2721814c-ee82-11e0-af47-0018f350fb41}\Shell - "" = AutoRun
O33 - MountPoints2\{2721814c-ee82-11e0-af47-0018f350fb41}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{2b5dbdf0-1f70-11e1-af69-0018f350fb41}\Shell - "" = AutoRun
O33 - MountPoints2\{2b5dbdf0-1f70-11e1-af69-0018f350fb41}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{5b64ebb1-261a-11df-ac8b-0018f350fb41}\Shell - "" = AutoRun
O33 - MountPoints2\{5b64ebb1-261a-11df-ac8b-0018f350fb41}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{b50eeb96-fe6f-11e0-af52-0018f350fb41}\Shell - "" = AutoRun
O33 - MountPoints2\{b50eeb96-fe6f-11e0-af52-0018f350fb41}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{b50eeb9a-fe6f-11e0-af52-0018f350fb41}\Shell - "" = AutoRun
O33 - MountPoints2\{b50eeb9a-fe6f-11e0-af52-0018f350fb41}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{d9f5bcd4-559d-11e1-af89-0018f350fb41}\Shell - "" = AutoRun
O33 - MountPoints2\{d9f5bcd4-559d-11e1-af89-0018f350fb41}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-07-17 14:10:37 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\paf\Recent
[2012-07-17 13:30:17 | 004,556,274 | R--- | C] (Swearware) -- C:\Documents and Settings\paf\Pulpit\ComboFix.exe
[2012-07-17 11:44:56 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2012-07-17 10:13:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ovopejkekvdjtvg
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-07-17 14:11:03 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012-07-17 14:01:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-07-17 13:14:44 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\userinit.exe
[2012-07-17 13:14:29 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2012-07-17 13:14:29 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2012-07-17 13:11:44 | 000,192,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-07-17 12:12:12 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2012-07-17 10:24:18 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-07-17 10:13:12 | 000,000,051 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\rnkgxoijgmikswk
[2012-07-17 10:13:02 | 000,049,152 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\piuhwwcw.exe
[2012-07-17 10:13:02 | 000,049,152 | ---- | M] () -- C:\Documents and Settings\paf\ms.exe
[2012-07-15 17:00:06 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012-06-30 00:17:00 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012-06-29 20:07:22 | 000,150,016 | ---- | M] () -- C:\Documents and Settings\paf\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-07-17 10:13:11 | 000,049,152 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\piuhwwcw.exe
[2012-07-17 10:13:03 | 000,000,051 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\rnkgxoijgmikswk
[2012-07-17 10:13:01 | 000,049,152 | ---- | C] () -- C:\Documents and Settings\paf\ms.exe
[2012-06-08 11:25:16 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012-01-30 15:16:50 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2012-01-30 15:16:50 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2012-01-27 13:23:19 | 000,016,432 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2011-04-03 01:03:41 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\crt.dat
[2011-04-03 01:03:40 | 000,296,641 | ---- | C] () -- C:\WINDOWS\System32\shimg.dll
[2010-11-27 00:01:35 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010-11-26 19:53:04 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010-05-15 16:49:44 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\paf\Dane aplikacji\qvjsge.dat
[2010-05-09 12:36:26 | 000,000,016 | ---- | C] () -- C:\Documents and Settings\paf\Dane aplikacji\avdrn.dat
[2010-03-02 20:30:13 | 000,150,016 | ---- | C] () -- C:\Documents and Settings\paf\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-03-02 20:14:01 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat
 
[color=#E56717]========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========[/color]
[C:\WINDOWS\$NtUninstallKB9546$] -> Error: Cannot create file handle -> Unknown point type

< End of report >