OTL logfile created on: 2012-09-17 20:27:26 - Run 1
OTL by OldTimer - Version 3.2.61.5     Folder = C:\Documents and Settings\Kondix\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1014,42 Mb Total Physical Memory | 623,62 Mb Available Physical Memory | 61,48% Memory free
2,39 Gb Paging File | 2,13 Gb Available in Paging File | 89,34% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50,00 Gb Total Space | 28,42 Gb Free Space | 56,85% Space Free | Partition Type: NTFS
Drive D: | 99,04 Gb Total Space | 84,25 Gb Free Space | 85,07% Space Free | Partition Type: NTFS
Drive J: | 954,66 Mb Total Space | 788,52 Mb Free Space | 82,60% Space Free | Partition Type: FAT
 
Computer Name: KONDIX-2C0F4B2B | User Name: Kondix | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-09-17 15:04:36 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kondix\Pulpit\OTL.com
PRC - [2012-09-16 13:27:53 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-07-09 16:56:59 | 000,323,584 | ---- | M] (Asprate) -- C:\Program Files\Asprate\Tibia Multi IP Changer\Tibia MULTI-ip changer.exe
PRC - [2008-04-15 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-09-16 13:27:53 | 002,244,064 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-08-15 15:46:46 | 009,465,032 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll
MOD - [2012-08-13 10:30:22 | 000,027,958 | ---- | M] () -- C:\Program Files\Common Files\logonInit.dll
MOD - [2012-07-27 22:51:56 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL
MOD - [2012-06-04 22:07:38 | 000,020,296 | ---- | M] () -- C:\Documents and Settings\Kondix\Dane aplikacji\Mozilla\Firefox\Profiles\7b37knks.default\extensions\{8b9fe9be-f7dd-451e-ac96-0e568e0ecc10}\components\winamp.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2012-09-16 13:27:53 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-08-15 15:46:47 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-07-03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-06-22 15:34:12 | 001,118,680 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2012-06-22 14:21:50 | 000,402,368 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2012-06-22 11:38:46 | 000,575,448 | ---- | M] (Threat Expert Ltd.) [Auto | Stopped] -- C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2012-05-04 19:29:46 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Stopped] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012-01-18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011-11-14 14:25:16 | 001,479,488 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012-06-22 15:34:52 | 000,203,120 | ---- | M] (PC Tools) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\PCTSD.sys -- (PCTSD)
DRV - [2012-06-22 11:39:14 | 000,070,768 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PCTBD.sys -- (PCTBD)
DRV - [2012-04-23 12:36:50 | 000,383,368 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2012-02-28 11:43:00 | 000,342,168 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pctDS.sys -- (pctDS)
DRV - [2011-11-08 12:47:38 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010-03-01 11:43:16 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus)
DRV - [2010-03-01 11:43:12 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdm.sys -- (s1039mdm)
DRV - [2010-03-01 11:43:12 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt)
DRV - [2010-03-01 11:43:12 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex)
DRV - [2010-03-01 11:43:12 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV - [2010-03-01 11:43:10 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic)
DRV - [2010-03-01 11:43:10 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5)
DRV - [2008-06-06 09:15:40 | 000,098,816 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\baspxp32.sys -- (Blfp)
DRV - [2006-11-21 17:35:06 | 004,399,104 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService)
DRV - [2001-10-26 17:04:30 | 000,129,024 | ---- | M] (Compaq Computer Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\n100325.sys -- (N100)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {72A48849-567F-4440-ABBE-6BB61342C55E}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{72A48849-567F-4440-ABBE-6BB61342C55E}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={675B5FA6-CCE9-420F-8894-1DEB7E779311}&mid=5af6ba82c7d647d0a7ffd154d4dbeaa8-b7f22f94774fa39e62b65371b90211ccd60a5e97&lang=pl&ds=AVG&pr=pr&d=2012-07-19 20:06:58&v=11.0.0.10&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://isearch.avg.com?cid=%7B0eced82e-b59b-41e7-929b-f6716cf06ccb%7D&mid=5af6ba82c7d647d0a7ffd154d4dbeaa8-b7f22f94774fa39e62b65371b90211ccd60a5e97&ds=AVG&v=11.1.0.12&lang=pl&pr=pr&d=2012-07-19%2020%3A06%3A58&sap=hp"
FF - prefs.js..extensions.enabledAddons: {8b9fe9be-f7dd-451e-ac96-0e568e0ecc10}:5.217.1.8258
FF - prefs.js..extensions.enabledAddons: {f8d46537-88fa-41cd-9f4f-a47ba0346190}:1.5
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p="
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools\PC Tools Security\BDT\Firefox\ [2012-09-17 19:59:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-09-16 13:27:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-09-16 13:27:44 | 000,000,000 | ---D | M]
 
[2012-07-06 11:40:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kondix\Dane aplikacji\Mozilla\Extensions
[2012-07-31 10:44:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kondix\Dane aplikacji\Mozilla\Firefox\Profiles\7b37knks.default\extensions
[2012-07-06 11:45:54 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Documents and Settings\Kondix\Dane aplikacji\Mozilla\Firefox\Profiles\7b37knks.default\extensions\{8b9fe9be-f7dd-451e-ac96-0e568e0ecc10}
[2012-07-18 23:28:37 | 000,000,000 | ---D | M] (Youtube Just The Video) -- C:\Documents and Settings\Kondix\Dane aplikacji\Mozilla\Firefox\Profiles\7b37knks.default\extensions\{f8d46537-88fa-41cd-9f4f-a47ba0346190}
[2012-08-29 09:48:25 | 000,002,357 | ---- | M] () -- C:\Documents and Settings\Kondix\Dane aplikacji\Mozilla\Firefox\Profiles\7b37knks.default\searchplugins\winamp-web-search.xml
[2012-09-16 13:27:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-09-16 13:27:42 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-09-16 13:27:54 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-06-28 17:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012-06-15 01:13:23 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-07-20 20:39:53 | 000,003,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012-06-15 01:13:23 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-06-15 01:13:23 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-06-15 01:13:23 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-06-15 01:13:23 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-06-15 01:13:23 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2008-04-15 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Winamp Toolbar Loader) - {4accc990-3dc7-4456-a734-5cb4b610a7f5} - C:\Program Files\Winamp Toolbar\winamppltb.dll (AOL Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {a0b1221c-a3ff-4f7c-a393-dc63af5301e9} - C:\Program Files\Winamp Toolbar\winamppltb.dll (AOL Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {A0B1221C-A3FF-4F7C-A393-DC63AF5301E9} - C:\Program Files\Winamp Toolbar\winamppltb.dll (AOL Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [btcl] C:\Documents and Settings\Kondix\Dane aplikacji\dist1\btcl.exe ()
O4 - HKCU..\Run: [GG] C:\Documents and Settings\Kondix\Ustawienia lokalne\Dane aplikacji\GG\Application\gghub.exe (GG Network S.A.)
O4 - HKCU..\Run: [Oracle Java] C:\Program Files\Java\jre7\bin\javaw.exe (Oracle Corporation)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\RunOnce: [036DFF9802D0784530CDF5B781CB3EF3] C:\Documents and Settings\All Users\Dane aplikacji\036DFF9802D0784530CDF5B781CB3EF3\036DFF9802D0784530CDF5B781CB3EF3.exe ( )
O4 - Startup: C:\Documents and Settings\Kondix\Menu Start\Programy\Autostart\xpp32.exe ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 109.125.200.1 85.202.96.33 10.0.10.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6C4FB260-2157-4F5D-B070-D67264C5026B}: DhcpNameServer = 109.125.200.1 85.202.96.33 10.0.10.10
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LogonInit: DllName - (logonInit.dll) - C:\Program Files\Common Files\logonInit.dll ()
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Kondix\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Kondix\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-06-27 23:42:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{3c3d7444-cb78-11e1-8426-001d923f035b}\Shell - "" = AutoRun
O33 - MountPoints2\{3c3d7444-cb78-11e1-8426-001d923f035b}\Shell\AutoRun\command - "" = J:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-09-17 20:27:17 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kondix\Pulpit\OTL.com
[2012-09-17 19:59:10 | 000,070,768 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTBD.sys
[2012-09-17 19:59:09 | 002,267,096 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
[2012-09-17 19:59:09 | 001,689,560 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll
[2012-09-17 19:59:09 | 000,149,464 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
[2012-09-17 19:58:24 | 000,254,944 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2012-09-17 19:58:20 | 000,017,880 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctBTFix.sys
[2012-09-17 19:58:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PC Tools Security
[2012-09-17 19:58:16 | 000,070,568 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2012-09-17 19:58:10 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools
[2012-09-17 19:39:48 | 000,909,728 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctEFA.sys
[2012-09-17 19:39:48 | 000,342,168 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctDS.sys
[2012-09-17 19:39:46 | 000,383,368 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2012-09-17 19:39:46 | 000,162,584 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2012-09-17 19:39:45 | 000,203,120 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTSD.sys
[2012-09-17 19:39:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2012-09-17 19:38:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Tools
[2012-09-17 17:25:21 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2012-09-16 20:10:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\036DFF9802D0784530CDF5B781CB3EF3
[2012-09-16 13:27:40 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012-09-14 08:30:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kondix\Moje dokumenty\FIFA 08
[2012-09-14 08:30:30 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2012-09-14 08:30:30 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Kondix\Dane aplikacji\SecuROM
[2012-09-05 20:03:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EA Sports
[2012-09-05 19:53:48 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2012-09-05 19:53:48 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2012-09-05 19:53:48 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2012-09-05 19:53:48 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2012-09-05 19:53:48 | 000,010,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2012-09-05 19:53:47 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2012-09-05 19:53:47 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2012-09-05 19:53:47 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2012-09-05 19:53:47 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2012-09-05 19:53:47 | 000,052,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2012-09-05 19:53:47 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2012-09-05 19:53:47 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2012-09-05 19:53:47 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2012-09-05 19:53:47 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bdaplgin.ax
[2012-09-05 19:53:47 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2012-09-05 19:53:47 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys
[2012-09-05 19:53:47 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2012-09-05 19:53:47 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2012-09-05 19:53:47 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2012-09-05 19:53:47 | 000,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys
[2012-09-05 19:53:47 | 000,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2012-09-05 19:53:46 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksolay.ax
[2012-09-05 19:53:46 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2012-09-05 19:53:45 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdllreg.exe
[2012-09-05 19:53:44 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pid.dll
[2012-09-05 19:43:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Activision
[2012-09-05 19:39:45 | 000,000,000 | ---D | C] -- C:\Program Files\Activision
[2012-09-05 19:38:13 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2012-08-30 14:46:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kondix\Pulpit\Nrtao V.1 Beta
[2012-08-30 14:46:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kondix\Pulpit\naruto legend
[2012-08-30 14:45:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kondix\Dane aplikacji\sqlitestudio
[2012-08-30 14:43:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kondix\Dane aplikacji\Notepad++
[2012-08-30 14:42:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kondix\Pulpit\dev-cpp
[2012-08-30 11:12:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2012-08-30 09:19:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kondix\Pulpit\Altaron
[2012-08-30 09:19:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kondix\Dane aplikacji\Altaron
[2012-08-24 20:55:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kondix\Dane aplikacji\dist1
[2012-08-22 17:10:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kondix\Dane aplikacji\wndnatives
[2012-08-22 13:35:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kondix\Dane aplikacji\Dev-Cpp
[2012-08-22 13:35:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kondix\Pulpit\trunk.r3884
[2012-08-22 13:25:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kondix\Pulpit\The Forgotten Dev-Cpp
[2012-08-22 10:34:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kondix\Pulpit\Spoko OTS
[2012-07-14 06:02:08 | 185,534,112 | ---- | C] (Igor Pavlov) -- C:\Program Files\Nero-7.10.1.0_plk_trial.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-09-17 20:21:28 | 000,000,192 | ---- | M] () -- C:\Program Files\Common Files\userInit.dll
[2012-09-17 20:17:50 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012-09-17 20:11:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-09-17 19:58:21 | 000,001,851 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\PC Tools Spyware Doctor z modułem AntiVirus.lnk
[2012-09-17 15:04:36 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kondix\Pulpit\OTL.com
[2012-09-16 19:46:15 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-09-16 15:24:13 | 000,000,575 | ---- | M] () -- C:\Documents and Settings\Kondix\Pulpit\Skrót do Tibia.lnk
[2012-09-15 08:47:16 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-09-14 08:30:30 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2012-09-05 20:03:53 | 000,001,439 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\FIFA 08.lnk
[2012-09-05 19:43:59 | 000,001,563 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 2 Wielu graczy.lnk
[2012-09-05 19:43:59 | 000,001,563 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 2 Jeden gracz.lnk
[2012-09-05 19:43:58 | 000,000,280 | ---- | M] () -- C:\WINDOWS\game.ini
[2012-09-04 21:43:35 | 003,210,022 | ---- | M] () -- C:\Documents and Settings\Kondix\Pulpit\bez tytułu.bmp
[2012-08-28 19:58:35 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2012-08-25 20:18:44 | 000,031,374 | ---- | M] () -- C:\Documents and Settings\Kondix\Pulpit\zlotko-pokazac-ci-moj-bajceps-pl-3ca118.jpg
[2012-08-22 16:53:48 | 002,619,911 | ---- | M] () -- C:\Documents and Settings\Kondix\Dane aplikacji\btcl.exe
[2012-08-21 17:51:07 | 000,000,042 | ---- | M] () -- C:\Documents and Settings\Kondix\default.pls
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-09-17 19:59:10 | 000,767,960 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2012-09-17 19:59:09 | 000,003,488 | ---- | C] () -- C:\WINDOWS\UDB.zip
[2012-09-17 19:59:09 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml
[2012-09-17 19:59:09 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml
[2012-09-17 19:59:09 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip
[2012-09-17 19:58:21 | 000,001,851 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\PC Tools Spyware Doctor z modułem AntiVirus.lnk
[2012-09-16 15:24:13 | 000,000,575 | ---- | C] () -- C:\Documents and Settings\Kondix\Pulpit\Skrót do Tibia.lnk
[2012-09-05 20:03:53 | 000,001,439 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\FIFA 08.lnk
[2012-09-05 19:53:48 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2012-09-05 19:53:48 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2012-09-05 19:53:48 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2012-09-05 19:53:48 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2012-09-05 19:53:47 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2012-09-05 19:53:47 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2012-09-05 19:43:59 | 000,001,563 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 2 Wielu graczy.lnk
[2012-09-05 19:43:59 | 000,001,563 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 2 Jeden gracz.lnk
[2012-09-05 19:43:58 | 000,000,280 | ---- | C] () -- C:\WINDOWS\game.ini
[2012-09-04 21:43:35 | 003,210,022 | ---- | C] () -- C:\Documents and Settings\Kondix\Pulpit\bez tytułu.bmp
[2012-08-25 20:18:44 | 000,031,374 | ---- | C] () -- C:\Documents and Settings\Kondix\Pulpit\zlotko-pokazac-ci-moj-bajceps-pl-3ca118.jpg
[2012-08-22 17:10:53 | 002,619,911 | ---- | C] () -- C:\Documents and Settings\Kondix\Dane aplikacji\btcl.exe
[2012-08-21 17:51:07 | 000,000,042 | ---- | C] () -- C:\Documents and Settings\Kondix\default.pls
[2012-08-13 10:30:22 | 000,027,958 | ---- | C] () -- C:\Program Files\Common Files\logonInit.dll
[2012-08-08 16:39:49 | 000,769,737 | ---- | C] () -- C:\Documents and Settings\Kondix\Dane aplikacji\java_u.jar
[2012-07-25 17:39:25 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2012-07-10 08:19:49 | 000,000,192 | ---- | C] () -- C:\Program Files\Common Files\userInit.dll
[2012-07-06 12:49:54 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012-07-06 12:48:00 | 001,445,112 | ---- | C] () -- C:\WINDOWS\System32\igkrng400.bin
[2012-07-06 12:48:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4964.dll
[2012-07-06 12:30:09 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012-06-28 14:50:30 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012-06-28 14:43:42 | 000,178,688 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012-06-28 00:59:55 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012-06-28 00:58:30 | 000,096,664 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-06-27 23:45:18 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012-06-27 23:34:20 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2

< End of report >