OTL logfile created on: 2012-07-06 19:31:14 - Run 1
OTL by OldTimer - Version 3.2.53.1     Folder = C:\Documents and Settings\Administrator\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1,97 Gb Total Physical Memory | 1,51 Gb Available Physical Memory | 76,98% Memory free
3,82 Gb Paging File | 3,56 Gb Available in Paging File | 93,13% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 2,24 Gb Free Space | 5,74% Space Free | Partition Type: NTFS
Drive D: | 72,72 Gb Total Space | 42,41 Gb Free Space | 58,33% Space Free | Partition Type: NTFS
Drive E: | 3,45 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: SPECIAL-XP | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-07-06 19:30:22 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
PRC - [2012-06-27 12:29:22 | 001,385,896 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2012-06-13 13:53:15 | 001,104,440 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012-02-18 09:10:02 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008-08-17 16:05:22 | 000,977,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-06-23 20:58:40 | 009,459,912 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll
MOD - [2012-06-13 13:53:18 | 000,132,664 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll
MOD - [2012-06-13 13:53:15 | 001,104,440 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012-05-06 12:59:28 | 000,005,632 | ---- | M] () -- C:\WINDOWS\system32\spdg.dll
MOD - [2012-02-18 09:10:01 | 001,911,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012-07-04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012-06-27 12:29:22 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012-06-23 20:58:43 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-06-19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-06-13 13:53:17 | 000,935,480 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe -- (vToolbarUpdater11.1.0)
SRV - [2012-06-07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-05-24 20:51:58 | 003,417,376 | ---- | M] () [Auto | Stopped] -- c:\program files\common files\akamai/netsession_win_80c2ffa.dll -- (Akamai)
SRV - [2012-02-14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011-11-25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011-11-09 14:16:12 | 000,196,376 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011-10-13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011-08-01 18:24:00 | 003,889,424 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012-06-29 19:38:39 | 000,271,360 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2012-06-29 19:38:37 | 000,018,048 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2012-04-19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012-03-19 05:17:28 | 000,301,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012-02-22 05:25:32 | 000,235,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012-01-31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011-12-23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011-12-23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011-12-23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011-12-23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2011-12-01 11:40:16 | 000,056,496 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NBVol.sys -- (NBVol)
DRV - [2011-12-01 11:40:16 | 000,012,464 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NBVolUp.sys -- (NBVolUp)
DRV - [2010-08-04 15:16:54 | 002,127,728 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2009-11-30 08:31:42 | 000,050,176 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008-11-20 23:12:10 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112)
DRV - [2004-11-25 18:36:06 | 000,077,248 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004-11-25 18:32:01 | 000,054,368 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003-12-01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003-09-06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prosync1.sys -- (prosync1)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/video2down/{51A41496-980D-484A-8154-07ABDFCC049C}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/idg/idg_1334683644_395760
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/video2down/{51A41496-980D-484A-8154-07ABDFCC049C}
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKCU\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\SVDownloader DB Toolbar Toolbar\tbhelper.dll ()
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112059&tt=171011_prot~171011_prot&babsrc=SP_ss&mntrId=7090431f0000000000008c89a56008c5
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={DB1CADC2-6D01-4856-8723-B6AB3D34E8D0}&mid=691c340b411947d1bdcc4ee582379184-f23c36709503570db5df0ad3bfa3334e1c96f7b5&lang=pl&ds=AVG&pr=fr&d=2012-06-12 13:24:55&v=11.0.0.9&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpro.com/search/browser/video2down/{51A41496-980D-484A-8154-07ABDFCC049C}?q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1060933&SSPV=IENOSGBR
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb143/?search={searchTerms}&loc=IB_DS&a=6PQw5zF43M&i=26
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..CT1060933.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT1060933&SearchSource=13"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:12.0.0.1912
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=2&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012-07-06 10:01:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012-07-03 08:50:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search\11.1.0.7\ [2012-06-13 13:53:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-04-17 19:21:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-19 07:30:00 | 000,000,000 | ---D | M]
 
[2012-02-04 12:02:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions
[2012-06-26 14:11:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\ga5pnrhx.default\extensions
[2012-06-26 14:11:30 | 000,000,000 | ---D | M] (Freecorder) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\ga5pnrhx.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
[2012-05-24 22:07:41 | 000,000,000 | ---D | M] (Complitly - Speed up your search with your personal search suggestions tool) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\ga5pnrhx.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
[2012-06-17 11:57:24 | 000,000,000 | ---D | M] (SVDownloader DB Toolbar Toolbar) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\ga5pnrhx.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
[2012-05-01 21:41:47 | 000,000,000 | ---D | M] (Bcool) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\ga5pnrhx.default\extensions\4fa0362260822@4fa0362260824.info
[2012-06-25 21:11:14 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\ga5pnrhx.default\extensions\battlefieldheroespatcher@ea.com
[2012-06-02 09:24:50 | 000,000,000 | ---D | M] (Fast Dial) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\ga5pnrhx.default\extensions\fastdial@telega.phpnet.us
[2012-05-01 21:01:46 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\ga5pnrhx.default\extensions\ffxtlbr@incredibar.com
[2012-03-06 15:00:28 | 000,000,000 | ---D | M] (TheBflix) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\ga5pnrhx.default\extensions\info@bflix.info
[2012-05-24 22:11:49 | 000,000,913 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\ga5pnrhx.default\searchplugins\conduit.xml
[2012-05-01 21:01:40 | 000,002,203 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\ga5pnrhx.default\searchplugins\MyStart Search.xml
[2012-04-18 18:21:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-06-23 04:23:38 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-04-18 18:21:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012-05-24 22:08:17 | 000,065,379 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\GA5PNRHX.DEFAULT\EXTENSIONS\YTVDW@PGPORT.COM.XPI
[2012-06-13 13:53:29 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DANE APLIKACJI\AVG SECURE SEARCH\11.1.0.7
[2012-07-03 08:50:37 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX\DONOTTRACK
[2012-07-06 10:01:15 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX4
[2012-04-18 18:20:47 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012-02-18 09:10:02 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-04-18 18:20:47 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012-01-29 16:18:04 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-06-13 13:53:13 | 000,003,766 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012-05-30 15:35:22 | 000,002,366 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012-01-29 16:18:04 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-01-29 16:18:04 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-01-29 16:18:04 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-04-17 19:27:24 | 000,002,415 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml
[2012-01-29 16:18:04 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-01-29 16:18:04 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2008-04-15 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Documents and Settings\Administrator\Dane aplikacji\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\SVDownloader DB Toolbar Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (SVDownloader DB Toolbar Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\SVDownloader DB Toolbar Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
O3 - HKCU\..\Toolbar\WebBrowser: (SVDownloader DB Toolbar Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\SVDownloader DB Toolbar Toolbar\tbcore3.dll ()
O4 - HKLM..\Run: [4StoryPrePatch] D:\gry\4Story\PrePatch.exe File not found
O4 - HKLM..\Run: [Aeria Ignite] C:\Program Files\Aeria Games\Ignite\aeriaignite.exe (Aeria Games & Entertainment)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Freecorder FLV Service] "C:\Program Files\Freecorder\FLVSrvc.exe" /run File not found
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [sppcomapi] C:\Documents and Settings\Chyziu\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\4677\sppcomapi.exe ()
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [WSManHTTPConfig] C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\912\WSManHTTPConfig.exe File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\PicoPhone.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{54BA5C21-2BF8-4D6E-81A2-009248883420}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-02-04 16:40:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006-10-23 22:52:06 | 001,191,936 | R--- | M] () - E:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2006-10-23 22:52:08 | 000,000,108 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{b58420f2-4f44-11e1-a436-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{b58420f2-4f44-11e1-a436-806d6172696f}\Shell\AutoRun\command - "" = E:\DVDSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-07-06 19:30:21 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
[2012-07-06 19:28:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2012-07-06 15:18:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\hellomoto
[2012-07-06 10:01:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AVG
[2012-06-29 19:39:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\gothic3
[2012-06-29 19:29:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Gothic III
[2012-06-27 16:40:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\LogMeIn Hamachi
[2012-06-27 16:40:33 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2012-06-26 19:46:23 | 000,000,000 | ---D | C] -- C:\Temp
[2012-06-26 19:46:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Cool Edit Pro 2.1
[2012-06-26 19:44:35 | 000,000,000 | ---D | C] -- C:\Program Files\coolpro2
[2012-06-24 10:44:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Nostale(PL)
[2012-06-21 21:08:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\Przerobione
[2012-06-17 11:58:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\SMRecorder
[2012-06-17 11:57:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Toolbar4
[2012-06-17 11:57:08 | 000,000,000 | ---D | C] -- C:\Program Files\SVDownloader DB Toolbar Toolbar
[2012-06-13 13:53:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2012-06-12 13:25:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\AVG Secure Search
[2012-06-12 13:24:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\AVG Secure Search
[2012-06-12 13:24:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search
[2012-06-12 13:24:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2012-06-12 13:24:50 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-07-06 19:30:22 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
[2012-07-06 19:28:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-07-06 19:21:52 | 101,200,596 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012-07-06 14:58:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-07-06 13:19:31 | 000,053,760 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-07-06 10:01:15 | 000,000,732 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AVG 2012.lnk
[2012-07-03 21:44:14 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2012-07-01 23:24:20 | 000,008,679 | ---- | M] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2012-06-29 19:38:51 | 000,000,462 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gothic III.lnk
[2012-06-29 19:38:39 | 000,271,360 | ---- | M] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2012-06-29 19:38:37 | 000,018,048 | ---- | M] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2012-06-27 18:15:13 | 000,184,709 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012-06-26 19:46:04 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Cool Edit Pro 2.1.lnk
[2012-06-24 10:44:47 | 000,000,421 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\NosTale.lnk
[2012-06-24 09:03:43 | 000,139,080 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2012-06-24 09:03:26 | 000,270,240 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2012-06-23 20:58:40 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012-06-23 20:58:40 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012-06-22 22:01:38 | 000,139,783 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\MinecraftSP.jar
[2012-06-17 11:28:08 | 000,270,240 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-07-01 23:24:20 | 000,008,679 | ---- | C] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2012-06-29 19:38:51 | 000,000,462 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gothic III.lnk
[2012-06-29 19:38:39 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2012-06-29 19:38:37 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2012-06-26 19:46:04 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Cool Edit Pro 2.1.lnk
[2012-06-24 10:44:47 | 000,000,421 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\NosTale.lnk
[2012-05-13 10:28:23 | 000,139,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2012-05-13 10:28:22 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\PnkBstrK.sys
[2012-05-13 10:28:02 | 000,270,240 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2012-05-13 10:27:59 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2012-05-06 12:59:28 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\spdg.dll
[2012-04-29 10:57:24 | 000,000,032 | R--- | C] () -- C:\Documents and Settings\All Users\hash.dat
[2012-04-08 16:39:06 | 000,000,414 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2012-03-01 23:00:16 | 002,123,122 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1801674531-1326574676-2147225017-500-0.dat
[2012-03-01 23:00:16 | 000,210,242 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
[2012-03-01 09:55:31 | 000,000,632 | ---- | C] () -- C:\WINDOWS\CoD.INI
[2012-02-25 23:19:51 | 000,240,736 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2012-02-20 18:26:42 | 000,053,760 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-02-07 18:50:40 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2012-02-04 18:57:06 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2012-02-04 18:24:19 | 000,122,880 | ---- | C] () -- C:\WINDOWS\UnGins.exe
[2012-02-04 17:32:48 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012-02-04 17:31:32 | 000,203,328 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-02-04 17:28:38 | 000,254,000 | R--- | C] ( ) -- C:\WINDOWS\System32\Audio3D.dll
[2012-02-04 17:28:38 | 000,254,000 | R--- | C] ( ) -- C:\WINDOWS\System32\A3D.dll
[2012-02-04 17:24:25 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v5002.dll
[2012-02-04 17:24:24 | 002,026,604 | R--- | C] () -- C:\WINDOWS\System32\igkrng500.bin
[2012-02-04 17:24:24 | 000,442,964 | R--- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin
[2012-02-04 17:10:09 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012-02-04 17:10:09 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2012-02-04 16:42:26 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012-02-04 16:40:36 | 000,105,462 | ---- | C] () -- C:\WINDOWS\SzukaczWPI.exe
[2012-02-04 16:40:32 | 000,050,105 | ---- | C] () -- C:\WINDOWS\activ.exe
[2012-02-04 16:37:26 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012-02-04 12:02:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:888AFB86

< End of report >