OTL logfile created on: 19.11.2013 21:30:01 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\DG\Moje dokumenty\Programy(fixit pc) Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Niemcy | Language: DEU | Date Format: dd.MM.yyyy 984,76 Mb Total Physical Memory | 513,76 Mb Available Physical Memory | 52,17% Memory free 2,31 Gb Paging File | 1,88 Gb Available in Paging File | 81,21% Paging File free Paging file location(s): C:\pagefile.sys 1476 2952 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 52,09 Gb Total Space | 9,91 Gb Free Space | 19,02% Space Free | Partition Type: NTFS Drive D: | 96,96 Gb Total Space | 2,21 Gb Free Space | 2,28% Space Free | Partition Type: NTFS Computer Name: G-7 | User Name: DG | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013.11.17 21:19:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DG\Moje dokumenty\Programy(fixit pc)\OTL.scr PRC - [2013.10.08 07:48:23 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2013.10.07 19:54:20 | 004,908,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe PRC - [2013.10.03 22:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe PRC - [2013.09.25 21:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe PRC - [2013.09.15 23:08:30 | 000,895,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe PRC - [2013.09.03 22:22:16 | 000,588,336 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe PRC - [2013.09.02 11:19:00 | 000,669,232 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgemcx.exe PRC - [2013.08.20 23:03:42 | 000,728,624 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgrsx.exe PRC - [2011.08.05 11:29:56 | 000,057,056 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Zune\ZuneBusEnum.exe PRC - [2010.06.15 13:05:58 | 000,719,688 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe PRC - [2010.06.15 13:04:28 | 001,051,976 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe PRC - [2009.05.20 10:04:32 | 000,176,128 | ---- | M] (Fujitsu Technology Solutions) -- C:\Program Files\Fujitsu\Mobile Software Suite\Common\UiMdmTip\UIMdmTip.exe PRC - [2009.05.20 09:57:14 | 000,557,056 | ---- | M] (Fujitsu Technology Solutions) -- C:\Program Files\Common Files\Fujitsu\Manageability\HaMDevMg.exe\1.01\HaMDevMg.exe PRC - [2009.05.20 09:56:04 | 000,335,872 | ---- | M] (Fujitsu Technology Solutions) -- C:\Program Files\Common Files\Fujitsu\Manageability\CnMdKHkH.exe\1.01\CnMdKHkH.exe PRC - [2008.10.10 23:17:50 | 000,132,456 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe PRC - [2008.04.15 12:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006.11.16 19:04:20 | 000,139,264 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2006.11.16 18:58:32 | 000,884,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013.10.11 19:25:44 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\1b7600e7fe5e152f21ba6d79f3c0c3b6\System.Configuration.ni.dll MOD - [2013.10.11 19:15:53 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\02257c6b67db33c194fa3beccf977afb\System.Windows.Forms.ni.dll MOD - [2013.08.23 10:01:32 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\f93600ac836b9140e1df13bb0f6bfccf\System.Xml.ni.dll MOD - [2013.08.23 10:01:18 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b34cb206ab0cec687c3730b14cdff57\System.Drawing.ni.dll MOD - [2013.08.23 09:57:10 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\10df39542df7d48462451fc39bce8418\System.ni.dll MOD - [2013.07.13 19:55:06 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2013.10.29 22:44:16 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.10.11 19:42:49 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.10.08 07:48:23 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2013.10.03 22:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent) SRV - [2013.09.25 21:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd) SRV - [2013.02.28 17:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011.08.05 11:30:02 | 000,444,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc) SRV - [2011.08.05 11:30:02 | 000,268,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm) SRV - [2011.08.05 11:29:56 | 006,363,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc) SRV - [2011.08.05 11:29:56 | 000,057,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Zune\ZuneBusEnum.exe -- (ZuneBusEnum) SRV - [2010.06.24 22:17:35 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2010.06.15 13:04:28 | 001,051,976 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2010.06.15 13:01:36 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp) SRV - [2009.05.20 09:57:14 | 000,557,056 | ---- | M] (Fujitsu Technology Solutions) [Auto | Running] -- C:\Program Files\Common Files\Fujitsu\Manageability\HaMDevMg.exe\1.01\HaMDevMg.exe -- (HaMDevMg.1.01) SRV - [2008.10.10 23:17:50 | 000,132,456 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (Tosrfcom) DRV - File not found [Kernel | Disabled | Stopped] -- System32\Drivers\sptd.sys -- (sptd) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2013.09.25 20:57:14 | 000,120,632 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgdiskx.sys -- (Avgdiskx) DRV - [2013.09.10 22:11:44 | 000,022,840 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim) DRV - [2013.09.08 22:12:16 | 000,027,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86) DRV - [2013.09.02 10:39:32 | 000,176,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2013.09.02 10:28:06 | 000,145,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX) DRV - [2013.09.02 10:28:04 | 000,209,208 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver) DRV - [2013.09.02 10:28:00 | 000,223,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx) DRV - [2013.08.20 22:54:04 | 000,102,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2013.08.01 16:08:52 | 000,193,848 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2010.02.25 10:18:08 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2009.06.29 17:00:50 | 000,112,640 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet) DRV - [2009.06.29 17:00:50 | 000,102,656 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbfake.sys -- (hwusbfake) DRV - [2009.05.05 12:09:08 | 000,012,288 | ---- | M] (Fujitsu Technology Solutions) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\FscGabi.sys -- (FscGabi) DRV - [2009.04.09 12:38:30 | 000,102,400 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009.03.10 12:51:06 | 000,015,360 | ---- | M] (Fujitsu) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\FSCSLII.sys -- (FSCSLII) DRV - [2008.09.25 09:38:32 | 000,069,408 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\oz776.sys -- (guardian2) DRV - [2008.09.24 11:24:16 | 001,326,528 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416) DRV - [2008.08.13 23:00:00 | 004,749,824 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2008.04.23 00:00:00 | 000,244,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1y5132.sys -- (e1yexpress) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{1287B430-F626-911D-1FC2-36D4FEB61E66}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1715567821-854245398-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKU\S-1-5-21-1715567821-854245398-1801674531-1004\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1715567821-854245398-1801674531-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-1715567821-854245398-1801674531-1004\..\SearchScopes\{1287B430-F626-911D-1FC2-36D4FEB61E66}: "URL" = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F IE - HKU\S-1-5-21-1715567821-854245398-1801674531-1004\..\SearchScopes\{42168F92-DA71-42E6-BC7F-132EAC1F1899}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtBtByD0FyBzz0B0F0E0AyB0Dzz0DtN0D0Tzu0CyCyByCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA&cr=1335229856&ir= IE - HKU\S-1-5-21-1715567821-854245398-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.startup.homepage: "https://www.google.pl" FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21 FF - prefs.js..extensions.enabledAddons: SQLiteManager%40mrinalkant.blogspot.com:0.8.1 FF - prefs.js..extensions.enabledAddons: %7Bad9a41d2-9a49-4fa6-a79e-71a0785364c8%7D:9.5.3 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1410 FF - prefs.js..keyword.URL: "" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.10.29 22:44:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.11.07 23:41:00 | 000,000,000 | ---D | M] [2011.01.11 16:47:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\DG\Dane aplikacji\Mozilla\Extensions [2013.11.07 23:46:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\DG\Dane aplikacji\Mozilla\Firefox\Profiles\n6q71qb0.default\extensions [2011.08.20 00:31:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\DG\Dane aplikacji\Mozilla\Firefox\Profiles\n6q71qb0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.07.30 23:11:47 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\DG\Dane aplikacji\Mozilla\Firefox\Profiles\n6q71qb0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2013.08.29 21:34:50 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\DG\Dane aplikacji\Mozilla\Firefox\Profiles\n6q71qb0.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013.09.23 22:20:46 | 000,248,650 | ---- | M] () (No name found) -- C:\Documents and Settings\DG\Dane aplikacji\Mozilla\Firefox\Profiles\n6q71qb0.default\extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2013.10.11 19:04:38 | 000,915,554 | ---- | M] () (No name found) -- C:\Documents and Settings\DG\Dane aplikacji\Mozilla\Firefox\Profiles\n6q71qb0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.05.09 19:47:37 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\DG\Dane aplikacji\Mozilla\Firefox\Profiles\n6q71qb0.default\searchplugins\secmod.db [2013.10.29 22:44:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013.10.29 22:44:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2013.10.29 22:44:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013.11.15 23:47:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\extensions [2013.11.15 23:47:35 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}(2) [2013.11.15 23:47:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions [2013.11.15 23:47:59 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\DG\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\N6Q71QB0.DEFAULT\EXTENSIONS\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8} O1 HOSTS File: ([2008.04.15 12:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [COMImpersonator] C:\Program Files\Fujitsu\Mobile Software Suite\Common\UiMdmTip\UIMdmTip.exe (Fujitsu Technology Solutions) O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1715567821-854245398-1801674531-1004..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1715567821-854245398-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: 使用快车3下载 - C:\Documents and Settings\DG\Dane aplikacji\FlashGetBHO\GetUrl.htm () O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Documents and Settings\DG\Dane aplikacji\FlashGetBHO\GetAllUrl.htm () O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 10.45.2) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 10.45.2) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CD1DE087-C650-43EB-98ED-525D5BAF9DD4}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: C:\Documents and Settings\DG\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.02.23 20:21:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{1c8c699a-f8d3-11df-b770-00225f78bfea}\Shell - "" = AutoRun O33 - MountPoints2\{1c8c699a-f8d3-11df-b770-00225f78bfea}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{73e9b4ee-d5f4-11e2-9a76-00225f78bfea}\Shell - "" = AutoRun O33 - MountPoints2\{73e9b4ee-d5f4-11e2-9a76-00225f78bfea}\Shell\AutoRun\command - "" = F:\PMCsetup.exe O33 - MountPoints2\{7cce1640-dfc0-11df-b74c-00225f78bfea}\Shell - "" = AutoRun O33 - MountPoints2\{7cce1640-dfc0-11df-b74c-00225f78bfea}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{7cce1641-dfc0-11df-b74c-00225f78bfea}\Shell - "" = AutoRun O33 - MountPoints2\{7cce1641-dfc0-11df-b74c-00225f78bfea}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{d6b81240-8d28-11df-b6cd-00225f78bfea}\Shell - "" = AutoRun O33 - MountPoints2\{d6b81240-8d28-11df-b6cd-00225f78bfea}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{d6b81241-8d28-11df-b6cd-00225f78bfea}\Shell - "" = AutoRun O33 - MountPoints2\{d6b81241-8d28-11df-b6cd-00225f78bfea}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{e3294944-8c39-11df-b6ca-00225f78bfea}\Shell - "" = AutoRun O33 - MountPoints2\{e3294944-8c39-11df-b6ca-00225f78bfea}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{e3294947-8c39-11df-b6ca-00225f78bfea}\Shell - "" = AutoRun O33 - MountPoints2\{e3294947-8c39-11df-b6ca-00225f78bfea}\Shell\AutoRun\command - "" = F:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013.11.18 20:46:18 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2013.11.17 21:26:34 | 000,000,000 | ---D | C] -- C:\FRST [2013.11.17 21:11:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DG\Moje dokumenty\Programy(fixit pc) [2013.11.08 00:22:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DG\Dane aplikacji\AVG2014 [2013.11.08 00:21:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AVG [2013.11.08 00:20:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2014 [2013.11.08 00:17:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DG\Ustawienia lokalne\Dane aplikacji\MFAData [2013.11.08 00:17:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DG\Ustawienia lokalne\Dane aplikacji\Avg2014 [2013.11.08 00:14:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\DG\Recent [2013.11.07 23:40:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2013.11.07 23:40:11 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2013.11.07 23:40:05 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013.11.07 23:40:05 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013.11.07 23:40:05 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2013.11.07 23:39:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Java [2013.10.29 22:44:04 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013.11.19 21:12:46 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013.11.19 21:12:00 | 000,001,024 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013.11.19 21:02:05 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013.11.19 21:02:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.11.19 20:57:32 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2013.11.19 20:42:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013.11.14 20:42:20 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013.11.13 19:52:03 | 000,090,379 | R--- | M] () -- C:\Documents and Settings\DG\Pulpit\Oferta Gdaniec.pdf [2013.11.13 19:51:51 | 000,022,473 | R--- | M] () -- C:\Documents and Settings\DG\Pulpit\Dokument VAT w walucie - 13-FVW 0007.pdf [2013.11.08 00:21:22 | 000,000,732 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AVG 2014.lnk [2013.11.06 15:57:08 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2013.10.31 21:31:53 | 000,055,296 | ---- | M] () -- C:\Documents and Settings\DG\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013.10.29 21:29:22 | 737,188,402 | ---- | M] () -- C:\Documents and Settings\DG\Pulpit\Olimp.w.ogniu.2013.PL.BRRip.XviD-BiDA.avi [2013.10.29 21:28:22 | 1506,227,864 | ---- | M] () -- C:\Documents and Settings\DG\Pulpit\The Smurfs 2 (2013) PLDUB.MD.TS.XviD.Ac3-MORS.avi [2013.10.28 07:15:50 | 000,088,395 | ---- | M] () -- C:\Documents and Settings\DG\Pulpit\Oferta 1 Son.pdf [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013.11.14 20:41:00 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2013.11.13 20:50:46 | 000,090,379 | R--- | C] () -- C:\Documents and Settings\DG\Pulpit\Oferta Gdaniec.pdf [2013.11.13 19:51:53 | 000,022,473 | R--- | C] () -- C:\Documents and Settings\DG\Pulpit\Dokument VAT w walucie - 13-FVW 0007.pdf [2013.11.08 00:21:22 | 000,000,732 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AVG 2014.lnk [2013.10.31 21:35:32 | 1506,227,864 | ---- | C] () -- C:\Documents and Settings\DG\Pulpit\The Smurfs 2 (2013) PLDUB.MD.TS.XviD.Ac3-MORS.avi [2013.10.31 21:32:00 | 737,188,402 | ---- | C] () -- C:\Documents and Settings\DG\Pulpit\Olimp.w.ogniu.2013.PL.BRRip.XviD-BiDA.avi [2013.10.28 07:16:24 | 000,088,395 | ---- | C] () -- C:\Documents and Settings\DG\Pulpit\Oferta 1 Son.pdf [2013.05.14 07:16:15 | 000,000,202 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\svcdotnet.inc [2013.05.14 07:13:59 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\svcdotnet.cfg [2012.02.19 21:08:48 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011.04.24 20:14:34 | 000,101,838 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat [2011.04.24 20:14:34 | 000,101,838 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1715567821-854245398-1801674531-1004-0.dat [2010.05.14 23:43:27 | 000,000,215 | ---- | C] () -- C:\Documents and Settings\DG\default.pls [2010.03.05 23:34:39 | 000,055,296 | ---- | C] () -- C:\Documents and Settings\DG\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.02.23 22:10:26 | 000,098,063 | ---- | C] () -- C:\Documents and Settings\DG\Readme_Turbomemory.pdf [color=#E56717]========== ZeroAccess Check ==========[/color] [2010.02.23 22:15:14 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.15 12:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.15 12:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2013.06.21 23:07:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Applications [2013.01.22 21:28:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG January 2013 Campaign [2013.02.02 17:45:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG10 [2013.11.08 00:21:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2014 [2011.06.14 08:39:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ [2011.02.04 16:26:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files [2010.09.14 23:02:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2011.01.17 21:02:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2013.11.19 20:26:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData [2010.06.24 22:17:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software [2011.03.02 11:54:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Vodafone [2010.06.24 22:16:54 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} [2012.12.13 21:06:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\TuneUp Software [2011.02.04 16:27:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DG\Dane aplikacji\AVG10 [2013.11.08 00:22:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DG\Dane aplikacji\AVG2014 [2011.11.07 22:28:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DG\Dane aplikacji\BITS [2010.10.24 23:46:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DG\Dane aplikacji\Bytemobile [2010.10.06 22:27:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DG\Dane aplikacji\DAEMON Tools Lite [2011.11.07 22:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DG\Dane aplikacji\FlashGet [2011.11.07 22:25:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DG\Dane aplikacji\FlashGetBHO [2013.11.16 22:04:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DG\Dane aplikacji\ipla [2013.05.09 19:51:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DG\Dane aplikacji\MiTeC [2011.01.17 21:02:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DG\Dane aplikacji\RDRM [2013.05.09 20:05:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DG\Dane aplikacji\SQLite Administrator [2010.06.24 22:17:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DG\Dane aplikacji\TuneUp Software [2013.11.19 20:59:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DG\Dane aplikacji\Uniblue [2012.06.13 16:49:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DG\Dane aplikacji\uTorrent [2010.10.24 23:47:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DG\Dane aplikacji\Vodafone [2010.10.24 23:50:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DG\Dane aplikacji\Vodafone Mobile Connect [2010.11.25 21:33:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Bytemobile [2010.10.24 23:46:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Vodafone [2010.10.25 21:01:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Bytemobile [color=#E56717]========== Purity Check ==========[/color] < End of report >