[code] OTS logfile created on: 10/7/2011 7:45:24 PM - Run 2 OTS by OldTimer - Version 3.1.44.6 Folder = C:\Users\grazyna\Downloads Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 69.00% Memory free 6.00 Gb Paging File | 5.00 Gb Available in Paging File | 85.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 456.38 Gb Total Space | 377.91 Gb Free Space | 82.81% Space Free | Partition Type: NTFS Drive D: | 7.37 Gb Total Space | 0.72 Gb Free Space | 9.74% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: GRAZYNA-HP Current User Name: grazyna Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Users\grazyna\Downloads\OTS.exe -> [2011/09/11 11:57:28 | 000,646,656 | ---- | M] (OldTimer Tools) avgtray.exe -> C:\Program Files\AVG\AVG2012\avgtray.exe -> [2011/08/19 06:24:00 | 002,387,296 | ---- | M] (AVG Technologies CZ, s.r.o.) avgnsx.exe -> C:\Program Files\AVG\AVG2012\avgnsx.exe -> [2011/08/19 06:23:54 | 001,220,960 | ---- | M] (AVG Technologies CZ, s.r.o.) avgrsx.exe -> C:\Program Files\AVG\AVG2012\avgrsx.exe -> [2011/08/19 06:23:54 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) avgidsagent.exe -> C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -> [2011/08/16 06:27:28 | 005,264,736 | ---- | M] (AVG Technologies CZ, s.r.o.) avgcsrvx.exe -> C:\Program Files\AVG\AVG2012\avgcsrvx.exe -> [2011/08/15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) avgwdsvc.exe -> C:\Program Files\AVG\AVG2012\avgwdsvc.exe -> [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) explorer.exe -> C:\windows\explorer.exe -> [2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) mscams32.exe -> C:\Program Files\Microsoft LifeCam\MSCamS32.exe -> [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) atieclxx.exe -> C:\windows\System32\atieclxx.exe -> [2009/09/08 20:56:26 | 000,360,448 | ---- | M] (AMD) atiesrxx.exe -> C:\windows\System32\atiesrxx.exe -> [2009/09/08 20:56:00 | 000,172,032 | ---- | M] (AMD) taskhost.exe -> C:\windows\System32\taskhost.exe -> [2009/07/14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) pdfsvc.exe -> C:\Program Files\PDF Complete\pdfsvc.exe -> [2009/06/18 19:29:12 | 000,635,416 | ---- | M] (PDF Complete Inc) psiservice_2.exe -> C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -> [2007/07/24 21:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) iviregmgr.exe -> C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -> [2007/01/05 05:48:50 | 000,112,152 | ---- | M] (InterVideo) [Modules - No Company Name] presentationframework.aero.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\60aa01ac9637903f30ac346c55ce58bb\PresentationFramework.Aero.ni.dll -> [2011/09/15 12:08:49 | 000,368,128 | ---- | M] () uiautomationtypes.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\efadc7a54e78f3755da53c95bdc293fd\UIAutomationTypes.ni.dll -> [2011/09/15 11:45:06 | 000,185,344 | ---- | M] () presentationframework.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\462ca53f84ff85f159d5555d91a5e28d\PresentationFramework.ni.dll -> [2011/09/15 11:45:05 | 014,322,688 | ---- | M] () presentationcore.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\808e41877f992187276492aa2e55e909\PresentationCore.ni.dll -> [2011/09/15 11:44:53 | 012,216,320 | ---- | M] () windowsbase.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cea5d9b8e3d6ff3bf3be32cf5fcbcd02\WindowsBase.ni.dll -> [2011/09/15 11:44:44 | 003,325,952 | ---- | M] () system.management.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\7cc7d753f499e27b4bd8a45c3e81c73e\System.Management.ni.dll -> [2011/09/15 11:34:07 | 000,997,888 | ---- | M] () system.drawing.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eba4ec48e3f7f16864c6d96f510fafd9\System.Drawing.ni.dll -> [2011/09/15 11:32:34 | 001,586,688 | ---- | M] () system.xml.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\155679a9c8991cc33f90d6b27bac1977\System.Xml.ni.dll -> [2011/09/15 11:32:22 | 005,452,800 | ---- | M] () system.configuration.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\0bddc91cbf37d143f08f6684b2919566\System.Configuration.ni.dll -> [2011/09/15 11:32:19 | 000,971,264 | ---- | M] () system.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\System\610374fef100556da252243e673ac64b\System.ni.dll -> [2011/09/15 11:32:17 | 007,949,312 | ---- | M] () mscorlib.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\23bc3936180ff789f44259a211dfc7fc\mscorlib.ni.dll -> [2011/09/15 11:32:13 | 011,490,304 | ---- | M] () presentationframework.resources.dll -> C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_pl_31bf3856ad364e35\PresentationFramework.resources.dll -> [2010/02/25 10:39:52 | 000,249,856 | ---- | M] () mscorlib.resources.dll -> C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll -> [2010/02/25 10:39:44 | 000,311,296 | ---- | M] () pcalertspillar.dll -> C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll -> [2009/09/30 01:25:46 | 000,061,440 | ---- | M] () eclibrary.dll -> C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll -> [2009/09/30 01:25:44 | 000,131,072 | ---- | M] () [Win32 Services - Safe List] (NMIndexingService) NMIndexingService [On_Demand | Stopped] -> -> File not found (AVGIDSAgent) AVGIDSAgent [Auto | Running] -> C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -> [2011/08/16 06:27:28 | 005,264,736 | ---- | M] (AVG Technologies CZ, s.r.o.) (avgwd) AVG WatchDog [Auto | Running] -> C:\Program Files\AVG\AVG2012\avgwdsvc.exe -> [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) (WatAdminSvc) Usługa Technologie aktywacji systemu Windows [Unknown | Stopped] -> C:\windows\System32\Wat\WatAdminSvc.exe -> [2010/08/17 13:21:35 | 001,343,400 | ---- | M] (Microsoft Corporation) (MSCamSvc) MSCamSvc [Auto | Running] -> C:\Program Files\Microsoft LifeCam\MSCamS32.exe -> [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) (AMD External Events Utility) AMD External Events Utility [Auto | Running] -> C:\windows\System32\atiesrxx.exe -> [2009/09/08 20:56:00 | 000,172,032 | ---- | M] (AMD) (SensrSvc) Jasność adaptacyjna [On_Demand | Stopped] -> C:\windows\System32\sensrsvc.dll -> [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) (WinDefend) Windows Defender [On_Demand | Stopped] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) (pdfcDispatcher) PDF Document Manager [Auto | Running] -> C:\Program Files\PDF Complete\pdfsvc.exe -> [2009/06/18 19:29:12 | 000,635,416 | ---- | M] (PDF Complete Inc) (PSI_SVC_2) Protexis Licensing V2 [Auto | Running] -> C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -> [2007/07/24 21:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) (IviRegMgr) IviRegMgr [Auto | Running] -> C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -> [2007/01/05 05:48:50 | 000,112,152 | ---- | M] (InterVideo) [Driver Services - Safe List] (Avgfwfd) AVG network filter service [Kernel | System | Stopped] -> C:\windows\System32\drivers\avgfwd6x.sys -> [2011/10/07 19:14:09 | 000,023,832 | ---- | M] (AVG Technologies CZ, s.r.o.) (Avgmfx86) AVG Mini-Filter Resident Anti-Virus Shield [File_System | System | Running] -> C:\windows\System32\drivers\avgmfx86.sys -> [2011/08/08 06:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) (AvgTdiX) AVG TDI Driver [Kernel | System | Running] -> C:\windows\System32\drivers\avgtdix.sys -> [2011/07/11 01:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) (AVGIDSShim) AVGIDSShim [Kernel | On_Demand | Running] -> C:\windows\System32\drivers\AVGIDSShim.sys -> [2011/07/11 01:14:16 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) (AVGIDSFilter) AVGIDSFilter [Kernel | On_Demand | Running] -> C:\windows\System32\drivers\AVGIDSFilter.sys -> [2011/07/11 01:14:14 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) (AVGIDSDriver) AVGIDSDriver [Kernel | On_Demand | Running] -> C:\windows\System32\drivers\AVGIDSDriver.sys -> [2011/07/11 01:14:12 | 000,134,736 | ---- | M] (AVG Technologies CZ, s.r.o. ) (AVGIDSEH) AVGIDSEH [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -> [2011/07/11 01:14:12 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) (Avgldx86) AVG AVI Loader Driver [Kernel | System | Running] -> C:\windows\System32\drivers\avgldx86.sys -> [2011/07/11 01:13:46 | 000,229,840 | ---- | M] (AVG Technologies CZ, s.r.o.) (AvgRkx86) AVG Anti-Rootkit Driver [File_System | Boot | Running] -> C:\Windows\system32\DRIVERS\avgrkx86.sys -> [2011/07/11 01:13:42 | 000,032,464 | ---- | M] (AVG Technologies CZ, s.r.o.) (MSHUSBVideo) NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver [Kernel | On_Demand | Running] -> C:\windows\System32\drivers\nx6000.sys -> [2010/05/20 15:27:24 | 000,030,576 | ---- | M] (Microsoft Corporation) (AtiHdmiService) ATI Function Driver for High Definition Audio Service [Kernel | On_Demand | Running] -> C:\windows\System32\drivers\AtiHdmi.sys -> [2009/09/29 22:03:58 | 000,104,976 | ---- | M] (ATI Technologies, Inc.) (atikmdag) atikmdag [Kernel | On_Demand | Running] -> C:\windows\System32\drivers\atikmdag.sys -> [2009/09/08 21:31:10 | 005,174,272 | ---- | M] (ATI Technologies Inc.) (mfehidk) McAfee Inc. mfehidk [Kernel | System | Running] -> C:\windows\System32\drivers\mfehidk.sys -> [2009/05/16 04:15:14 | 000,214,024 | ---- | M] (McAfee, Inc.) (MfeAVFK) McAfee Inc. MfeAVFK [Kernel | On_Demand | Stopped] -> C:\windows\System32\drivers\mfeavfk.sys -> [2009/05/16 04:15:14 | 000,079,816 | ---- | M] (McAfee, Inc.) (mfetdik) McAfee Inc. mfetdik [Kernel | System | Running] -> C:\windows\System32\drivers\mfetdik.sys -> [2009/05/16 04:15:14 | 000,055,336 | ---- | M] (McAfee, Inc.) (MfeBOPK) McAfee Inc. MfeBOPK [Kernel | On_Demand | Stopped] -> C:\windows\System32\drivers\mfebopk.sys -> [2009/05/16 04:15:14 | 000,035,272 | ---- | M] (McAfee, Inc.) (MfeRKDK) McAfee Inc. MfeRKDK [Kernel | On_Demand | Stopped] -> C:\windows\System32\drivers\mferkdk.sys -> [2009/05/16 04:15:14 | 000,034,248 | ---- | M] (McAfee, Inc.) (regi) regi [Kernel | Auto | Running] -> C:\windows\System32\drivers\regi.sys -> [2007/04/18 06:09:28 | 000,011,032 | ---- | M] (InterVideo) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://www.bing.com -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> about:blank -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\"Default_Page_URL" -> http://www.bing.com -> HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> < FireFox Settings [Prefs.js] > -> C:\Users\grazyna\AppData\Roaming\Mozilla\FireFox\Profiles\2i58shpt.default\prefs.js -> browser.search.selectedEngine -> "" -> browser.search.useDBForOrder -> true -> browser.startup.homepage -> "" -> extensions.enabledItems -> jqs@sun.com:1.0 -> extensions.enabledItems -> {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0 -> extensions.enabledItems -> {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 -> extensions.enabledItems -> cssreloader@kenneth.io:1.0.2 -> extensions.enabledItems -> {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 -> network.proxy.backup.ftp -> "127.0.0.1" -> network.proxy.backup.ftp_port -> 9666 -> network.proxy.backup.gopher -> "127.0.0.1" -> network.proxy.backup.gopher_port -> 9666 -> network.proxy.backup.socks -> "127.0.0.1" -> network.proxy.backup.socks_port -> 9666 -> network.proxy.backup.ssl -> "127.0.0.1" -> network.proxy.backup.ssl_port -> 9666 -> network.proxy.ftp -> "127.0.0.1" -> network.proxy.ftp_port -> 9666 -> network.proxy.gopher -> "127.0.0.1" -> network.proxy.gopher_port -> 9666 -> network.proxy.http -> "127.0.0.1" -> network.proxy.http_port -> 9666 -> network.proxy.share_proxy_settings -> true -> network.proxy.socks -> "127.0.0.1" -> network.proxy.socks_port -> 9666 -> network.proxy.ssl -> "127.0.0.1" -> network.proxy.ssl_port -> 9666 -> network.proxy.type -> 0 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4} -> C:\PROGRAM FILES\AVG\AVG2012\FIREFOX4\ [C:\PROGRAM FILES\AVG\AVG2012\FIREFOX4\] -> [2011/10/07 19:27:38 | 000,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> -> C:\Users\grazyna\AppData\Roaming\mozilla\Extensions -> [2011/09/09 17:24:37 | 000,000,000 | ---D | M] < FireFox SearchPlugins [User Folders] > -> < HOSTS File > ([2009/06/10 23:39:37 | 000,000,824 | ---- | M] - 21 lines) -> C:\windows\System32\drivers\etc\hosts -> Reset Hosts < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files\AVG\AVG2012\avgssie.dll [AVG Safe Search] -> [2011/08/22 15:10:36 | 002,180,960 | ---- | M] (AVG Technologies CZ, s.r.o.) < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "AVG_TRAY" -> C:\Program Files\AVG\AVG2012\avgtray.exe ["C:\Program Files\AVG\AVG2012\avgtray.exe"] -> [2011/08/19 06:24:00 | 002,387,296 | ---- | M] (AVG Technologies CZ, s.r.o.) "LifeCam" -> C:\Program Files\Microsoft LifeCam\LifeExp.exe ["C:\Program Files\Microsoft LifeCam\LifeExp.exe"] -> [2010/05/20 15:27:24 | 000,119,152 | ---- | M] (Microsoft Corporation) "NortonOnlineBackupReminder" -> C:\Program Files\Symantec\Norton Online Backup\Activation\NobuActivation.exe ["C:\Program Files\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED] -> [2009/06/30 00:01:26 | 000,600,936 | ---- | M] (Symantec Corporation) "PDF Complete" -> C:\Program Files\PDF Complete\pdfsty.exe [C:\Program Files\PDF Complete\pdfsty.exe] -> [2009/06/18 19:29:10 | 000,563,736 | ---- | M] (PDF Complete Inc) < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [28] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"ConsentPromptBehaviorAdmin" -> [5] -> File not found \\"ConsentPromptBehaviorUser" -> [3] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} [HKLM] -> http://www.myheritage.pl/Genoogle/Components/ActiveX/SearchEngineQuery.dll [CSEQueryObject Object] -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab [Java Plug-in 1.6.0_26] -> {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab [Java Plug-in 1.6.0_26] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab [Java Plug-in 1.6.0_26] -> {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Reg Error: Key error.] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 217.172.224.160 89.228.7.228 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {071C80AB-9A9E-46B6-ADC8-A088FB2ADB24}\\DhcpNameServer -> 217.172.224.160 89.228.7.228 (Realtek PCIe FE Family Controller) -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\Windows\explorer.exe -> [2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> C:\Windows\system32\userinit.exe -> C:\windows\System32\userinit.exe -> [2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> SystemPropertiesPerformance.exe -> C:\Windows\System32\SystemPropertiesPerformance.exe -> [2009/07/14 03:14:42 | 000,081,920 | ---- | M] (Microsoft Corporation) /pagefile -> -> File not found *MultiFile Done* -> -> < SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> Sterownik stacji dysków CD-ROM -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\autoexec.bat [REM Dummy file for NTVDM | ] -> C:\autoexec.bat [ NTFS ] -> [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> [Files/Folders - Created Within 30 Days] AVG2012 -> C:\Users\grazyna\AppData\Roaming\AVG2012 -> [2011/10/07 19:28:19 | 000,000,000 | ---D | C] KASPERSKY LAB -> C:\Program Files\KASPERSKY LAB -> [2011/10/07 19:28:18 | 000,000,000 | ---D | C] Common Files -> C:\ProgramData\Common Files -> [2011/10/07 19:27:47 | 000,000,000 | -H-D | C] AVG 2012 -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012 -> [2011/10/07 19:27:38 | 000,000,000 | ---D | C] AVG2012 -> C:\ProgramData\AVG2012 -> [2011/10/07 19:27:10 | 000,000,000 | ---D | C] AVG -> C:\Windows\System32\drivers\AVG -> [2011/10/07 19:27:10 | 000,000,000 | ---D | C] AVG -> C:\Program Files\AVG -> [2011/10/07 19:26:10 | 000,000,000 | ---D | C] avgfwd6x.sys -> C:\Windows\System32\drivers\avgfwd6x.sys -> [2011/10/07 19:14:09 | 000,023,832 | ---- | C] (AVG Technologies CZ, s.r.o.) Config.Msi -> C:\Config.Msi -> [2011/10/07 19:09:00 | 000,000,000 | -HSD | C] _OTS -> C:\_OTS -> [2011/10/07 18:52:12 | 000,000,000 | ---D | C] {D3B41B92-9BC2-43EB-916A-4FA9E8191837} -> C:\ProgramData\{D3B41B92-9BC2-43EB-916A-4FA9E8191837} -> [2011/10/06 09:57:07 | 000,000,000 | ---D | C] Hewlett-Packard -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard -> [2011/10/06 09:56:43 | 000,000,000 | ---D | C] MFAData -> C:\ProgramData\MFAData -> [2011/09/09 15:57:23 | 000,000,000 | ---D | C] pcouffin.sys -> C:\Users\grazyna\AppData\Roaming\pcouffin.sys -> [2011/08/11 10:26:03 | 000,047,360 | ---- | C] (VSO Software) 1 C:\Users\grazyna\Documents\*.tmp files -> C:\Users\grazyna\Documents\*.tmp -> [Files/Folders - Modified Within 30 Days] 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2011/10/07 19:46:20 | 000,009,920 | -H-- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2011/10/07 19:46:20 | 000,009,920 | -H-- | M] () bootstat.dat -> C:\Windows\bootstat.dat -> [2011/10/07 19:43:58 | 000,067,584 | --S- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2011/10/07 19:43:54 | 2415,321,088 | -HS- | M] () incavi.avm -> C:\Windows\System32\drivers\AVG\incavi.avm -> [2011/10/07 19:29:47 | 106,040,092 | ---- | M] () AVG 2012.lnk -> C:\Users\Public\Desktop\AVG 2012.lnk -> [2011/10/07 19:27:39 | 000,000,967 | ---- | M] () GoogleUpdateTaskUserS-1-5-21-1161074108-787105459-3376803242-1001UA.job -> C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1161074108-787105459-3376803242-1001UA.job -> [2011/10/07 19:18:05 | 000,001,066 | ---- | M] () avgfwd6x.sys -> C:\Windows\System32\drivers\avgfwd6x.sys -> [2011/10/07 19:14:09 | 000,023,832 | ---- | M] (AVG Technologies CZ, s.r.o.) GoogleUpdateTaskUserS-1-5-21-1161074108-787105459-3376803242-1001Core.job -> C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1161074108-787105459-3376803242-1001Core.job -> [2011/10/07 16:39:55 | 000,001,014 | ---- | M] () HPCeeScheduleForgrazyna.job -> C:\Windows\tasks\HPCeeScheduleForgrazyna.job -> [2011/10/07 08:45:38 | 000,000,328 | ---- | M] () Skype.lnk -> C:\Users\Public\Desktop\Skype.lnk -> [2011/09/24 11:54:48 | 000,002,505 | ---- | M] () Google.lnk -> C:\Users\grazyna\Desktop\Google.lnk -> [2011/09/21 19:25:42 | 000,002,155 | ---- | M] () perfh015.dat -> C:\Windows\System32\perfh015.dat -> [2011/09/15 01:17:16 | 000,697,674 | ---- | M] () perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2011/09/15 01:17:16 | 000,615,810 | ---- | M] () perfc015.dat -> C:\Windows\System32\perfc015.dat -> [2011/09/15 01:17:16 | 000,134,784 | ---- | M] () perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2011/09/15 01:17:16 | 000,106,190 | ---- | M] () Internet.lnk -> C:\Users\grazyna\Desktop\Internet.lnk -> [2011/09/09 17:24:28 | 000,002,385 | ---- | M] () WebpageIcons.db -> C:\Users\grazyna\AppData\Local\WebpageIcons.db -> [2011/09/09 16:08:48 | 000,017,408 | ---- | M] () 1 C:\Users\grazyna\Documents\*.tmp files -> C:\Users\grazyna\Documents\*.tmp -> [Files - No Company Name] incavi.avm -> C:\Windows\System32\drivers\AVG\incavi.avm -> [2011/10/07 19:29:47 | 106,040,092 | ---- | C] () AVG 2012.lnk -> C:\Users\Public\Desktop\AVG 2012.lnk -> [2011/10/07 19:27:39 | 000,000,967 | ---- | C] () Google.lnk -> C:\Users\grazyna\Desktop\Google.lnk -> [2011/09/21 19:25:35 | 000,002,155 | ---- | C] () Internet.lnk -> C:\Users\grazyna\Desktop\Internet.lnk -> [2011/09/09 17:24:28 | 000,002,385 | ---- | C] () WebpageIcons.db -> C:\Users\grazyna\AppData\Local\WebpageIcons.db -> [2011/09/09 16:08:46 | 000,017,408 | ---- | C] () myClean.bat -> C:\Windows\myClean.bat -> [2011/09/09 15:55:59 | 000,000,434 | ---- | C] () pcouffin.cat -> C:\Users\grazyna\AppData\Roaming\pcouffin.cat -> [2011/08/11 10:26:03 | 000,007,824 | ---- | C] () pcouffin.inf -> C:\Users\grazyna\AppData\Roaming\pcouffin.inf -> [2011/08/11 10:26:03 | 000,001,144 | ---- | C] () unrar.dll -> C:\Windows\System32\unrar.dll -> [2011/08/10 22:07:39 | 000,175,616 | ---- | C] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\grazyna\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2011/08/09 11:53:51 | 000,003,584 | ---- | C] () ezsidmv.dat -> C:\ProgramData\ezsidmv.dat -> [2010/08/16 21:42:08 | 000,000,056 | -H-- | C] () perfh015.dat -> C:\Windows\System32\perfh015.dat -> [2010/02/25 10:40:25 | 000,697,674 | ---- | C] () perfi015.dat -> C:\Windows\System32\perfi015.dat -> [2010/02/25 10:40:25 | 000,337,158 | ---- | C] () perfc015.dat -> C:\Windows\System32\perfc015.dat -> [2010/02/25 10:40:25 | 000,134,784 | ---- | C] () perfd015.dat -> C:\Windows\System32\perfd015.dat -> [2010/02/25 10:40:25 | 000,038,710 | ---- | C] () ativpsrm.bin -> C:\Windows\ativpsrm.bin -> [2010/02/25 09:46:36 | 000,000,000 | ---- | C] () LPRES.DLL -> C:\Windows\LPRES.DLL -> [2009/09/30 01:25:16 | 000,013,312 | ---- | C] () atiicdxx.dat -> C:\Windows\System32\atiicdxx.dat -> [2009/07/14 08:09:14 | 000,197,654 | ---- | C] () bootstat.dat -> C:\Windows\bootstat.dat -> [2009/07/14 06:57:37 | 000,067,584 | --S- | C] () FNTCACHE.DAT -> C:\Windows\System32\FNTCACHE.DAT -> [2009/07/14 06:33:53 | 000,416,320 | ---- | C] () perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2009/07/14 04:05:48 | 000,615,810 | ---- | C] () perfi009.dat -> C:\Windows\System32\perfi009.dat -> [2009/07/14 04:05:48 | 000,291,294 | ---- | C] () perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2009/07/14 04:05:48 | 000,106,190 | ---- | C] () perfd009.dat -> C:\Windows\System32\perfd009.dat -> [2009/07/14 04:05:48 | 000,031,548 | ---- | C] () NOISE.DAT -> C:\Windows\System32\NOISE.DAT -> [2009/07/14 04:05:05 | 000,000,741 | ---- | C] () dssec.dat -> C:\Windows\System32\dssec.dat -> [2009/07/14 04:04:11 | 000,215,943 | ---- | C] () mib.bin -> C:\Windows\mib.bin -> [2009/07/14 01:55:01 | 000,043,131 | ---- | C] () BthpanContextHandler.dll -> C:\Windows\System32\BthpanContextHandler.dll -> [2009/07/14 01:51:43 | 000,073,728 | ---- | C] () BWContextHandler.dll -> C:\Windows\System32\BWContextHandler.dll -> [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () igkrng400.bin -> C:\Windows\System32\igkrng400.bin -> [2009/07/14 00:09:19 | 001,498,564 | ---- | C] () mlang.dat -> C:\Windows\System32\mlang.dat -> [2009/06/10 23:26:10 | 000,673,088 | ---- | C] () RtNicProp32.dll -> C:\Windows\System32\RtNicProp32.dll -> [2009/03/05 11:54:58 | 000,073,728 | ---- | C] () ATIODE.exe -> C:\Windows\System32\ATIODE.exe -> [2009/02/18 10:55:22 | 000,294,912 | ---- | C] () ATIODCLI.exe -> C:\Windows\System32\ATIODCLI.exe -> [2009/02/03 13:52:04 | 000,045,056 | ---- | C] () [Files/Folders - Unicode - All] C:\Users\grazyna\AppData\Roaming\???????sAppData -> C:\Users\grazyna\AppData\Roaming\敎潲䍄敔灭慬整sAppData -> C:\Users\grazyna\AppData\Roaming\???????sAppData -> C:\Users\grazyna\AppData\Roaming\敎潲䍄敔灭慬整sAppData -> [2011/08/10 16:43:14 | 000,000,000 | ---D | M] C:\Users\grazyna\AppData\Roaming\???????sAppData -> C:\Users\grazyna\AppData\Roaming\敎潲䍄敔灭慬整sAppData -> [2011/08/10 16:43:14 | 000,000,000 | ---D | M] < End of report > [/code]