OTL logfile created on: 12/28/2012 6:58:17 PM - Run OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE Microsoft Windows XP Dodatek Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 88.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29.55 Gb Total Space | 5.15 Gb Free Space | 17.42% Space Free | Partition Type: NTFS Drive D: | 25.12 Gb Total Space | 1.75 Gb Free Space | 6.99% Space Free | Partition Type: NTFS Drive E: | 59.76 Gb Total Space | 3.38 Gb Free Space | 5.65% Space Free | Partition Type: NTFS Drive F: | 24.70 Gb Total Space | 6.80 Gb Free Space | 27.53% Space Free | Partition Type: NTFS Drive G: | 59.74 Gb Total Space | 0.50 Gb Free Space | 0.84% Space Free | Partition Type: NTFS Drive H: | 24.71 Gb Total Space | 3.34 Gb Free Space | 13.52% Space Free | Partition Type: NTFS Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days Using ControlSet: ControlSet001 [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled] -- -- (HidServ) SRV - File not found [On_Demand] -- -- (AppMgmt) SRV - [2012/12/28 07:18:19 | 000,204,712 | ---- | M] (Корпорация Майкрософт) [Auto] -- C:\Documents and Settings\Jarek\wgsdgsdgdsgsd.dll -- (winmgmt) SRV - [2012/12/20 03:55:44 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/12/07 12:17:22 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/11/08 15:30:53 | 000,711,112 | ---- | M] () [Auto] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0) SRV - [2012/11/06 13:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent) SRV - [2012/10/22 07:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd) SRV - [2012/09/24 17:12:59 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012/06/22 08:55:48 | 000,265,952 | ---- | M] () [Auto] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar) SRV - [2007/06/25 01:47:12 | 001,552,680 | ---- | M] (Nero AG) [Auto] -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand] -- -- (WDICA) DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP) DRV - File not found [Kernel | System] -- -- (PCIDump) DRV - File not found [Kernel | System] -- -- (lbrtfdc) DRV - File not found [Kernel | System] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand] -- -- (h648103) DRV - File not found [Kernel | On_Demand] -- -- (h648101) DRV - File not found [Kernel | On_Demand] -- -- (h647906) DRV - File not found [Kernel | System] -- -- (Changer) DRV - [2012/11/08 15:30:55 | 000,026,984 | ---- | M] (AVG Technologies) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp) DRV - [2012/10/22 07:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver) DRV - [2012/10/14 21:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX) DRV - [2012/10/04 21:32:50 | 000,093,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2012/10/01 20:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2012/09/22 06:17:18 | 000,611,064 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2012/09/20 20:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2012/09/20 20:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx) DRV - [2012/09/20 20:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim) DRV - [2012/09/16 08:55:39 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2012/09/13 20:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86) DRV - [2008/08/08 08:31:18 | 000,043,192 | ---- | M] (Your Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hid8101.sys -- (hid8101) DRV - [2008/08/08 08:31:18 | 000,040,856 | ---- | M] (Your Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hid8103.sys -- (hid8103) DRV - [2008/08/08 08:31:16 | 000,041,272 | ---- | M] (Your Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hid7906.sys -- (hid7906) DRV - [2007/08/07 04:40:38 | 000,098,944 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2007/07/18 06:26:04 | 004,547,584 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007/06/25 01:47:12 | 000,038,440 | ---- | M] (Nero AG) [Kernel | System] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm) DRV - [2007/06/25 01:47:12 | 000,036,776 | ---- | M] (Nero AG) [Kernel | System] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass) DRV - [2007/06/25 01:47:12 | 000,016,040 | ---- | M] (Nero AG) [Recognizer | System] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec) DRV - [2007/06/25 01:47:02 | 000,119,080 | ---- | M] (Nero AG) [File_System | Disabled] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs) DRV - [2007/03/16 03:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel) DRV - [2007/03/16 03:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Jarek_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://klit.startnow.com/?src=startpage&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=PL&install_date=20120916&user_guid=436FAB12309643F9BD0CE32AC8A69CFD&machine_id=8b8ea2a7532c03f32944e73e88bde076&browser=IE&os=win&os_version=5.1-x86-SP2 IE - HKU\Jarek_ON_C\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.) IE - HKU\Jarek_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\SW_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search\FireFoxExt\13.2.0.5 [2012/11/08 15:32:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/07 12:17:23 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/07 12:17:15 | 000,000,000 | ---D | M] [2012/09/16 09:11:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jarek\Dane aplikacji\mozilla\Extensions [2012/11/11 14:19:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jarek\Dane aplikacji\mozilla\Firefox\Profiles\vl9op5hh.default\extensions [2012/11/13 09:41:52 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Documents and Settings\Jarek\Dane aplikacji\mozilla\Firefox\Profiles\vl9op5hh.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F} [2012/12/07 12:17:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012/12/07 12:17:23 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012/06/28 10:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012/09/05 21:57:09 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012/11/08 15:31:13 | 000,003,572 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml [2012/09/05 21:57:10 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012/09/05 21:57:10 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012/09/05 21:57:10 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012/09/05 21:57:10 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012/09/05 21:57:09 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2012/10/08 12:16:50 | 000,000,789 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll () O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll () O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll () O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKU\Jarek_ON_C\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. O3 - HKU\Jarek_ON_C\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKU\SW_ON_C\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.) O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe (HP) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [ROC_ROC_NT] C:\Program Files\AVG Secure Search\ROC_ROC_NT.exe () O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [USB Gamepad] File not found O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe () O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKU\Jarek_ON_C..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKU\SW_ON_C..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKU\Administrator_ON_C..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe (Nero AG) O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\runctf.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\Jarek\Menu Start\Programy\Autostart\runctf.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation) O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\Jarek_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\SW_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\Antiwpa: DllName - antiwpa.dll - C:\WINDOWS\System32\antiwpa.dll () O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012/09/16 08:41:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2012/09/22 06:25:35 | 000,000,702 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O32 - AutoRun File - [2011/06/29 05:19:49 | 000,000,000 | ---D | M] - G:\AutoMapa.6.6.2.FINAL.EU-cracked -- [ NTFS ] O32 - AutoRun File - [2010/11/21 17:17:20 | 000,000,000 | ---D | M] - G:\AutoMapa.6.6.2.FINAL.PL-cracked -- [ NTFS ] O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{65308304-0a3b-11e2-a9f6-001d7da30639}\Shell - "" = AutoRun O33 - MountPoints2\{65308304-0a3b-11e2-a9f6-001d7da30639}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wincsa.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG2013\avgrsx.exe (AVG Technologies CZ, s.r.o.) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/12/28 07:52:44 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft [2012/12/28 07:52:44 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Cookies [2012/12/28 07:52:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji [2012/12/28 07:52:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start [2012/12/28 07:52:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart [2012/12/28 07:52:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Akcesoria [2012/12/28 07:52:44 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\PrintHood [2012/12/28 07:52:44 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\NetHood [2012/12/28 07:52:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\TuneUp Software [2012/12/28 07:52:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit [2012/12/28 07:52:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty [2012/12/28 07:52:43 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\SendTo [2012/12/28 07:52:43 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne [2012/12/28 07:52:43 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Szablony [2012/12/28 07:52:43 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Recent [2012/12/28 07:52:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ulubione [2012/12/28 07:52:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft [2012/12/28 07:18:19 | 000,204,712 | ---- | C] (Корпорация Майкрософт) -- C:\Documents and Settings\Jarek\wgsdgsdgdsgsd.dll [2012/12/28 07:18:14 | 000,204,712 | ---- | C] (Корпорация Майкрософт) -- C:\Documents and Settings\Jarek\c493.exe [2012/12/16 16:42:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jarek\Moje dokumenty\FIFA 11 [2012/12/16 16:38:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jarek\Pulpit\Fifa 12 GamePad [2012/12/16 16:34:37 | 000,000,000 | ---D | C] -- C:\Program Files\GoforFiles [2012/12/16 16:34:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jarek\Dane aplikacji\GoforFiles [2012/12/16 12:36:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jarek\Ustawienia lokalne\Dane aplikacji\Identities [2012/12/16 12:26:14 | 000,059,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys [2012/12/16 12:26:11 | 000,031,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys [2012/12/10 14:33:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jarek\Menu Start\Programy\PokerStars.EU [2012/12/09 11:11:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AVG [2012/12/07 12:17:14 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012/12/05 02:15:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jarek\Pulpit\D-R_Limited_Edition_2012 [2012/12/04 16:28:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jarek\Pulpit\Słoń_&_Mikser-Demonologia [2012/12/03 16:19:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jarek\Pulpit\Medium - Graal (2012) [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/12/28 12:02:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012/12/28 11:43:05 | 095,023,320 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\dsgsdgdsgdsgw.pad [2012/12/28 07:52:55 | 000,002,958 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\dsgsdgdsgdsgw.js [2012/12/28 07:52:55 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\runctf.lnk [2012/12/28 07:49:00 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\Go for FilesUpdate.job [2012/12/28 07:18:27 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\Jarek\Menu Start\Programy\Autostart\runctf.lnk [2012/12/28 07:18:19 | 000,204,712 | ---- | M] (Корпорация Майкрософт) -- C:\Documents and Settings\Jarek\wgsdgsdgdsgsd.dll [2012/12/28 07:18:14 | 000,204,712 | ---- | M] (Корпорация Майкрософт) -- C:\Documents and Settings\Jarek\c493.exe [2012/12/27 18:55:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012/12/21 04:01:44 | 000,002,300 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012/12/20 03:55:43 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012/12/20 03:55:43 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012/12/19 15:19:00 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012/12/17 13:07:58 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Word.lnk [2012/12/16 15:40:15 | 000,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI [2012/12/10 14:33:18 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\Jarek\Pulpit\PokerStars.eu.lnk [2012/12/09 11:11:58 | 000,000,732 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AVG 2013.lnk [2012/12/09 11:11:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Start\Programy\AVG [2012/12/05 14:17:29 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\SW\Pulpit\Microsoft Word.lnk [2012/12/04 16:39:12 | 005,234,841 | ---- | M] () -- C:\Documents and Settings\Jarek\Pulpit\Mlody M ft. Slon - Nikt Mi Tego Nie Da-- Nikt Mi Tego Nie Zabierze -prod. Donde-.mp3 [2012/12/04 15:37:02 | 004,084,067 | ---- | M] () -- C:\Documents and Settings\Jarek\Pulpit\B.R.O - Sam na sam -prod. BeatBastardz-.mp3 [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/12/28 07:52:55 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\runctf.lnk [2012/12/28 07:52:44 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Pomoc zdalna.lnk [2012/12/28 07:52:44 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Windows Media Player.lnk [2012/12/28 07:18:27 | 000,002,958 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\dsgsdgdsgdsgw.js [2012/12/28 07:18:27 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\Jarek\Menu Start\Programy\Autostart\runctf.lnk [2012/12/28 07:18:20 | 095,023,320 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\dsgsdgdsgdsgw.pad [2012/12/20 03:13:16 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012/12/16 16:34:39 | 000,000,282 | ---- | C] () -- C:\WINDOWS\tasks\Go for FilesUpdate.job [2012/12/10 14:33:18 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\Jarek\Pulpit\PokerStars.eu.lnk [2012/12/04 16:38:39 | 005,234,841 | ---- | C] () -- C:\Documents and Settings\Jarek\Pulpit\Mlody M ft. Slon - Nikt Mi Tego Nie Da-- Nikt Mi Tego Nie Zabierze -prod. Donde-.mp3 [2012/12/04 15:36:27 | 004,084,067 | ---- | C] () -- C:\Documents and Settings\Jarek\Pulpit\B.R.O - Sam na sam -prod. BeatBastardz-.mp3 [2012/11/23 14:01:19 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\SW\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/10/28 13:24:04 | 000,000,087 | ---- | C] () -- C:\Documents and Settings\Jarek\default.pls [2012/10/28 13:23:55 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2012/10/28 06:10:25 | 000,072,512 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2012/10/08 12:30:50 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\antiwpa.dll [2012/09/27 09:05:00 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012/09/24 15:52:51 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2012/09/16 17:10:52 | 000,178,688 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2012/09/16 12:58:31 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2012/09/16 12:18:57 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Jarek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/09/16 10:30:49 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2012/09/16 10:28:07 | 000,117,360 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012/09/16 09:08:59 | 000,000,558 | ---- | C] () -- C:\WINDOWS\DFC.INI [2012/09/16 08:54:16 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2012/09/16 08:43:15 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012/09/16 08:39:20 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2007/11/28 03:45:31 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2007/11/28 03:45:31 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2007/11/28 03:45:31 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2007/11/28 03:45:31 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2007/11/28 03:45:31 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2007/11/28 03:45:31 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2007/11/28 03:45:31 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2007/11/28 03:45:31 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2007/11/28 03:45:31 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2006/03/02 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2006/03/02 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2006/03/02 07:00:00 | 000,484,634 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2006/03/02 07:00:00 | 000,427,592 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2006/03/02 07:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2006/03/02 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2006/03/02 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2006/03/02 07:00:00 | 000,082,010 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2006/03/02 07:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2006/03/02 07:00:00 | 000,066,376 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2006/03/02 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2006/03/02 07:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2006/03/02 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2006/03/02 07:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2006/03/02 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2006/03/02 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2006/03/02 07:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2006/03/02 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [1999/01/22 11:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [color=#E56717]========== LOP Check ==========[/color] [2012/09/21 01:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\TuneUp Software [2012/09/24 14:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jarek\Dane aplikacji\.minecraft [2012/09/16 09:47:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jarek\Dane aplikacji\AVG Secure Search [2012/09/16 09:48:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jarek\Dane aplikacji\AVG2013 [2012/12/27 08:14:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jarek\Dane aplikacji\GG [2012/12/16 16:34:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jarek\Dane aplikacji\GoforFiles [2012/09/16 09:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jarek\Dane aplikacji\TuneUp Software [2012/10/02 11:59:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SW\Dane aplikacji\AVG Secure Search [2012/09/16 12:40:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SW\Dane aplikacji\AVG2013 [2012/11/08 15:32:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search [2012/09/22 06:20:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2013 [2012/11/25 07:31:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Boss Media [2012/09/16 09:44:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files [2012/09/16 09:14:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\GG [2012/09/16 12:29:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe [2012/12/27 14:41:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData [2012/11/21 10:07:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SweetIM [2012/12/28 07:49:00 | 000,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\Go for FilesUpdate.job [color=#E56717]========== Purity Check ==========[/color] < End of report >