OTL logfile created on: 2012-10-15 19:45:34 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = H:\Documents and Settings\Greg\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,94 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 75,90% Memory free 4,78 Gb Paging File | 4,14 Gb Available in Paging File | 86,59% Paging File free Paging file location(s): H:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = H: | %SystemRoot% = H:\WINDOWS | %ProgramFiles% = H:\Program Files Drive C: | 4,88 Gb Total Space | 1,67 Gb Free Space | 34,26% Space Free | Partition Type: NTFS Drive D: | 24,40 Gb Total Space | 20,04 Gb Free Space | 82,11% Space Free | Partition Type: FAT32 Drive E: | 15,82 Gb Total Space | 11,21 Gb Free Space | 70,86% Space Free | Partition Type: FAT32 Drive F: | 10,75 Gb Total Space | 10,73 Gb Free Space | 99,79% Space Free | Partition Type: FAT32 Drive H: | 29,29 Gb Total Space | 6,51 Gb Free Space | 22,21% Space Free | Partition Type: NTFS Drive I: | 97,65 Gb Total Space | 58,81 Gb Free Space | 60,23% Space Free | Partition Type: NTFS Drive M: | 0,86 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive Q: | 930,86 Gb Total Space | 279,50 Gb Free Space | 30,03% Space Free | Partition Type: NTFS Computer Name: COMPANY-BB76031 | User Name: Greg | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-10-14 21:59:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- H:\Documents and Settings\Greg\Moje dokumenty\Pobieranie\OTL.exe PRC - [2012-10-13 11:29:32 | 000,917,984 | ---- | M] (Mozilla Corporation) -- H:\Program Files\Mozilla Firefox\firefox.exe PRC - [2012-08-13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Program Files\AVG\AVG2012\avgidsagent.exe PRC - [2012-07-31 03:37:02 | 002,596,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Program Files\AVG\AVG2012\avgtray.exe PRC - [2012-07-26 03:23:08 | 000,758,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Program Files\AVG\AVG2012\avgrsx.exe PRC - [2012-06-13 03:48:24 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Program Files\AVG\AVG2012\avgnsx.exe PRC - [2012-03-19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Program Files\AVG\AVG2012\avgemcx.exe PRC - [2012-02-14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Program Files\AVG\AVG2012\avgwdsvc.exe PRC - [2012-02-14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Program Files\AVG\AVG2012\avgcsrvx.exe PRC - [2011-07-28 17:06:32 | 008,247,264 | ---- | M] () -- H:\Program Files\NETGEAR\WNA1100\WNA1100.exe PRC - [2011-07-28 17:06:20 | 000,297,440 | ---- | M] () -- H:\Program Files\NETGEAR\WNA1100\WifiSvc.exe PRC - [2010-11-10 19:48:50 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- H:\Program Files\Common Files\Real\Update_OB\realsched.exe PRC - [2010-07-01 11:38:26 | 000,083,512 | ---- | M] (ArcSoft, Inc.) -- H:\Documents and Settings\Greg\Dane aplikacji\HP SimpleSave Application\uUACTokenSvc.exe PRC - [2010-03-23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) -- H:\Program Files\Cisco Systems\VPN Client\cvpnd.exe PRC - [2009-05-14 09:01:24 | 004,440,064 | ---- | M] () -- H:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe PRC - [2009-02-20 13:23:26 | 000,495,700 | ---- | M] (Atheros) -- H:\WINDOWS\system32\acs.exe PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\explorer.exe PRC - [2005-10-03 13:24:56 | 000,053,248 | ---- | M] ( Advanced Software Technologies) -- H:\WINDOWS\system32\AstSrv.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-10-13 11:29:31 | 002,294,240 | ---- | M] () -- H:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2011-07-28 17:06:32 | 008,247,264 | ---- | M] () -- H:\Program Files\NETGEAR\WNA1100\WNA1100.exe MOD - [2011-07-28 17:06:20 | 000,297,440 | ---- | M] () -- H:\Program Files\NETGEAR\WNA1100\WifiSvc.exe MOD - [2011-05-11 10:31:00 | 000,204,800 | ---- | M] () -- H:\Program Files\NETGEAR\WNA1100\WifiLib.dll MOD - [2010-11-08 17:15:40 | 000,296,448 | ---- | M] () -- H:\Program Files\Notepad++\NppShell_04.dll MOD - [2010-03-23 13:26:48 | 000,201,512 | ---- | M] () -- H:\WINDOWS\system32\vpnapi.dll MOD - [2009-08-28 16:50:18 | 000,282,624 | ---- | M] () -- H:\Program Files\NETGEAR\WNA1100\WifiSvcLib.dll MOD - [2009-05-14 09:01:24 | 004,440,064 | ---- | M] () -- H:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe MOD - [2008-04-14 19:20:37 | 000,014,336 | ---- | M] () -- H:\WINDOWS\system32\msdmo.dll MOD - [2008-03-29 17:42:20 | 000,159,744 | ---- | M] () -- H:\Program Files\SubEdit-Player\codec\MatroskaSplitter\mmfinfo.dll MOD - [2008-03-29 17:41:52 | 000,023,552 | ---- | M] () -- H:\Program Files\SubEdit-Player\codec\MatroskaSplitter\mkunicode.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2012-10-13 11:29:31 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- H:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-08-13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- H:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent) SRV - [2012-06-07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- H:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-02-14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- H:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2011-07-28 17:06:20 | 000,297,440 | ---- | M] () [Auto | Running] -- H:\Program Files\NETGEAR\WNA1100\WifiSvc.exe -- (WSWNA1100) SRV - [2010-07-01 11:38:26 | 000,083,512 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- H:\Documents and Settings\Greg\Dane aplikacji\HP SimpleSave Application\uUACTokenSvc.exe -- (BackupService) SRV - [2010-03-23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- H:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND) SRV - [2009-11-05 16:08:36 | 000,360,529 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- H:\Program Files\NETGEAR\WNA1100\jswpsapi.exe -- (jswpsapi) SRV - [2009-05-14 09:01:24 | 004,440,064 | ---- | M] () [Auto | Running] -- H:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe -- (NVIDIA Performance Driver Service) SRV - [2009-02-20 13:23:26 | 000,495,700 | ---- | M] (Atheros) [Auto | Running] -- H:\WINDOWS\system32\acs.exe -- (ACS) SRV - [2005-10-03 13:24:56 | 000,053,248 | ---- | M] ( Advanced Software Technologies) [Auto | Running] -- H:\WINDOWS\system32\AstSrv.exe -- (astcc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | Disabled | Stopped] -- H:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2012-08-24 15:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- H:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2012-07-26 03:21:30 | 000,237,408 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- H:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2012-04-19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- H:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX) DRV - [2012-01-31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- H:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86) DRV - [2011-12-23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- H:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2011-12-23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim) DRV - [2011-12-23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter) DRV - [2011-12-23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver) DRV - [2010-11-06 18:34:37 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2010-10-05 18:11:24 | 006,164,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2010-09-30 20:15:00 | 001,759,584 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\athuw.sys -- (AR9271) DRV - [2010-03-23 13:15:36 | 000,308,859 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- H:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA) DRV - [2009-11-18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009-11-18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009-01-30 17:13:20 | 000,058,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD) DRV - [2008-11-16 18:39:44 | 000,131,984 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\dne2000.sys -- (DNE) DRV - [2008-09-25 18:07:00 | 000,057,440 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\jswscimd.sys -- (JSWSCIMD) DRV - [2007-11-14 19:05:16 | 000,394,952 | ---- | M] (Zone Labs, LLC) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\vsdatant.sys -- (vsdatant) DRV - [2007-03-06 13:27:32 | 000,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2007-03-06 13:27:28 | 000,058,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2007-01-18 20:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1547161642-1123561945-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search IE - HKU\S-1-5-21-1547161642-1123561945-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 IE - HKU\S-1-5-21-1547161642-1123561945-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://vshare.toolbarhome.com/?hp=df IE - HKU\S-1-5-21-1547161642-1123561945-725345543-1003\..\SearchScopes,DefaultScope = {043C5167-00BB-4324-AF7E-62013FAEDACF} IE - HKU\S-1-5-21-1547161642-1123561945-725345543-1003\..\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}: "URL" = http://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp IE - HKU\S-1-5-21-1547161642-1123561945-725345543-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=SPC2&o=15000&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=PV&apn_dtid=YYYYYYYYPL&apn_uid=107DDFC5-0A2E-4D26-8E30-851B87220EFC&apn_sauid=800DCAE1-01C5-4F6F-ABCF-26C5DF395F77 IE - HKU\S-1-5-21-1547161642-1123561945-725345543-1003\..\SearchScopes\{2C23B27C-4751-4782-BF1A-AC23C316D614}: "URL" = http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} IE - HKU\S-1-5-21-1547161642-1123561945-725345543-1003\..\SearchScopes\{A91A167D-A892-4DEF-820F-6B2EDEF8AE7C}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 IE - HKU\S-1-5-21-1547161642-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Web Search..." FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "google.pl" FF - prefs.js..extensions.enabledAddons: {dd05fd3d-18df-4ce4-ae53-e795339c5f01}:1.21 FF - prefs.js..extensions.enabledAddons: {F53C93F1-07D5-430c-86D4-C9531B27DFAF}:12.0.0.2189 FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6 FF - prefs.js..keyword.URL: "http://vshare.toolbarhome.com/search.aspx?srch=ku&q=" FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: H:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: H:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Software Company) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: H:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: H:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: H:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: H:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: H:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: H:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: H:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: H:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: H:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: H:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: H:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: H:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: H:\Documents and Settings\Greg\Dane aplikacji\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: H:\Documents and Settings\Greg\Dane aplikacji\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: H:\Documents and Settings\Greg\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: H:\Documents and Settings\Greg\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: H:\Program Files\AVG\AVG2012\Firefox4\ [2012-09-10 18:53:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: H:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012-07-02 18:55:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: H:\Program Files\Mozilla Firefox\components [2012-10-13 11:29:32 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: H:\Program Files\Mozilla Firefox\plugins [2012-10-13 11:29:25 | 000,000,000 | ---D | M] [2010-10-25 22:23:20 | 000,000,000 | ---D | M] (No name found) -- H:\Documents and Settings\Greg\Dane aplikacji\Mozilla\Extensions [2012-07-26 20:49:33 | 000,000,000 | ---D | M] (No name found) -- H:\Documents and Settings\Greg\Dane aplikacji\Mozilla\Firefox\Profiles\49e5junv.default\extensions [2012-07-26 20:49:33 | 000,741,958 | ---- | M] () (No name found) -- H:\Documents and Settings\Greg\Dane aplikacji\Mozilla\Firefox\Profiles\49e5junv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-08-17 20:47:46 | 000,090,116 | ---- | M] () (No name found) -- H:\Documents and Settings\Greg\Dane aplikacji\Mozilla\Firefox\Profiles\49e5junv.default\extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01}.xpi [2010-12-06 22:20:56 | 000,002,568 | ---- | M] () -- H:\Documents and Settings\Greg\Dane aplikacji\Mozilla\Firefox\Profiles\49e5junv.default\searchplugins\askcom.xml [2010-10-26 23:21:35 | 000,002,059 | ---- | M] () -- H:\Documents and Settings\Greg\Dane aplikacji\Mozilla\Firefox\Profiles\49e5junv.default\searchplugins\daemon-search.xml [2011-04-16 21:59:35 | 000,001,583 | ---- | M] () -- H:\Documents and Settings\Greg\Dane aplikacji\Mozilla\Firefox\Profiles\49e5junv.default\searchplugins\web-search.xml [2012-10-13 11:29:24 | 000,000,000 | ---D | M] (No name found) -- H:\Program Files\Mozilla Firefox\extensions [2012-10-13 11:29:24 | 000,000,000 | ---D | M] (No name found) -- H:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2012-10-13 11:29:24 | 000,000,000 | ---D | M] (Java Console) -- H:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-07-02 18:55:53 | 000,000,000 | ---D | M] (AVG Do Not Track) -- H:\PROGRAM FILES\AVG\AVG2012\FIREFOX\DONOTTRACK [2012-10-13 11:29:32 | 000,261,600 | ---- | M] (Mozilla Foundation) -- H:\Program Files\mozilla firefox\components\browsercomps.dll [2010-06-04 11:06:20 | 000,075,208 | ---- | M] (Foxit Software Company) -- H:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll [2011-10-03 11:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- H:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll [2011-10-02 12:51:22 | 000,002,767 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2011-10-02 12:51:22 | 000,001,406 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011-10-02 12:51:22 | 000,000,917 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2011-10-02 12:51:22 | 000,000,858 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011-10-02 12:51:22 | 000,001,183 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-10-02 12:51:22 | 000,001,683 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2001-10-26 19:45:16 | 000,000,742 | ---- | M]) - H:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - H:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - H:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - H:\Program Files\StartSearch plugin\BarLcher.dll (VShare Inc.) O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - H:\Program Files\StartSearch plugin\BarLcher.dll (VShare Inc.) O3 - HKU\S-1-5-21-1547161642-1123561945-725345543-1003\..\Toolbar\WebBrowser: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No CLSID value found. O3 - HKU\S-1-5-21-1547161642-1123561945-725345543-1003\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - H:\Program Files\StartSearch plugin\BarLcher.dll (VShare Inc.) O4 - HKLM..\Run: [AVG_TRAY] H:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [jswtrayutil] "H:\Program Files\NETGEAR\WNA1100\jswtrayutil.exe" File not found O4 - HKLM..\Run: [NvCplDaemon] H:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] H:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] H:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [TkBellExe] H:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-21-1547161642-1123561945-725345543-1003..\Run: [{DCF5AA17-D04F-7D68-E778-867D98EA3E9C}] "H:\Documents and Settings\Greg\Dane aplikacji\Ithezun\zaymid.exe" File not found O4 - HKU\S-1-5-21-1547161642-1123561945-725345543-1003..\Run: [Gadu-Gadu] H:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) O4 - Startup: H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\NETGEAR WNA1100 Genie.lnk = H:\Program Files\NETGEAR\WNA1100\WNA1100.exe () O4 - Startup: H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\VPN Client.lnk = H:\WINDOWS\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1547161642-1123561945-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKU\S-1-5-21-1547161642-1123561945-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O8 - Extra context menu item: Add to Google Photos Screensa&ver - H:\WINDOWS\System32\GPhotos.scr (Google Inc.) O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - H:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1288112117843 (WUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{382B2D2B-A120-485C-9DBC-CD0199412DB5}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - H:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - H:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (H:\WINDOWS\system32\userinit.exe) - H:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop Components:1 () - http://suwaczki.slub-wesele.pl/20120811590113.html O24 - Desktop WallPaper: H:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: H:\WINDOWS\Web\Wallpaper\Idylla.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007-12-08 15:25:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2011-09-04 11:51:26 | 000,000,089 | ---- | M] () - C:\AUTORUN.INF -- [ NTFS ] O32 - AutoRun File - [2007-05-05 09:27:50 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ] O32 - AutoRun File - [2009-06-12 22:56:58 | 000,000,030 | RH-- | M] () - M:\autorun.inf -- [ CDFS ] O32 - AutoRun File - [2009-06-01 19:55:11 | 000,000,038 | -H-- | M] () - Q:\AUTORUN.FCB -- [ NTFS ] O32 - AutoRun File - [2011-09-04 11:36:36 | 000,000,089 | ---- | M] () - Q:\AUTORUN.INF -- [ NTFS ] O33 - MountPoints2\{62ba6484-ecaf-11df-a068-001d7de67837}\Shell\AutoRun\command - "" = S:\iuvvl9f3.exe O33 - MountPoints2\{62ba6484-ecaf-11df-a068-001d7de67837}\Shell\open\Command - "" = S:\iuvvl9f3.exe O33 - MountPoints2\{98e896d1-ed84-11df-a069-001d7de67837}\Shell\AutoRun\command - "" = H:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL h:\Drive Information\NETSVCS.EXE O33 - MountPoints2\{98e896d1-ed84-11df-a069-001d7de67837}\Shell\é_†™\command - "" = h:\Drive Information\NETSVCS.EXE O33 - MountPoints2\M\Shell - "" = AutoRun O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\HPLauncher.exe -- [2009-05-18 18:46:50 | 000,565,248 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (H:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-10-14 22:13:44 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Greg\Pulpit\Logs [2012-10-14 21:43:53 | 000,000,000 | ---D | C] -- H:\UsbFix [2012-10-13 16:41:56 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Greg\Menu Start\Programy\Ubisoft [2012-10-13 11:29:23 | 000,000,000 | ---D | C] -- H:\Program Files\Mozilla Firefox [2012-10-11 07:36:32 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Greg\Pulpit\Studia [2012-09-30 23:03:04 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Greg\Pulpit\panel BH [2012-09-26 19:34:57 | 000,000,000 | -HSD | C] -- H:\Config.Msi [2012-09-24 21:05:38 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Greg\Moje dokumenty\1 [2012-09-19 21:01:52 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Greg\Pulpit\zdjecia_kuchnia [4 H:\WINDOWS\*.tmp files -> H:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-10-15 19:44:00 | 000,001,032 | ---- | M] () -- H:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012-10-15 19:44:00 | 000,001,028 | ---- | M] () -- H:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-10-15 19:43:34 | 000,358,834 | ---- | M] () -- H:\WINDOWS\System32\perfh015.dat [2012-10-15 19:43:34 | 000,314,508 | ---- | M] () -- H:\WINDOWS\System32\perfh009.dat [2012-10-15 19:43:34 | 000,050,748 | ---- | M] () -- H:\WINDOWS\System32\perfc015.dat [2012-10-15 19:43:34 | 000,040,836 | ---- | M] () -- H:\WINDOWS\System32\perfc009.dat [2012-10-15 19:39:45 | 000,002,447 | ---- | M] () -- H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\VPN Client.lnk [2012-10-15 19:39:30 | 000,000,404 | ---- | M] () -- H:\WINDOWS\tasks\RNUpgradeHelperLogonPrompt_Greg.job [2012-10-15 19:39:30 | 000,000,276 | ---- | M] () -- H:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1547161642-1123561945-725345543-1003.job [2012-10-15 19:39:26 | 000,002,048 | --S- | M] () -- H:\WINDOWS\bootstat.dat [2012-10-15 19:34:00 | 000,001,128 | ---- | M] () -- H:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-1123561945-725345543-1003UA.job [2012-10-15 19:26:32 | 097,409,665 | ---- | M] () -- H:\WINDOWS\System32\drivers\AVG\incavi.avm [2012-10-14 21:22:02 | 000,000,394 | ---- | M] () -- H:\WINDOWS\tasks\ReclaimerUpdateXML_Greg.job [2012-10-14 18:34:00 | 000,001,076 | ---- | M] () -- H:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-1123561945-725345543-1003Core.job [2012-10-13 20:20:02 | 000,000,398 | ---- | M] () -- H:\WINDOWS\tasks\ReclaimerUpdateFiles_Greg.job [2012-10-13 16:43:36 | 000,000,548 | ---- | M] () -- H:\Documents and Settings\Greg\Pulpit\Heroes of Might and Magic V.lnk [2012-10-12 18:11:09 | 006,025,931 | ---- | M] () -- H:\Documents and Settings\Greg\Pulpit\CDBurnerXP-4.4.1.3184.zip [2012-10-11 18:48:34 | 000,000,284 | ---- | M] () -- H:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1547161642-1123561945-725345543-1003.job [2012-10-11 07:22:02 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- H:\WINDOWS\System32\FlashPlayerApp.exe [2012-10-11 07:22:02 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- H:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012-10-10 06:28:12 | 000,001,393 | ---- | M] () -- H:\WINDOWS\imsins.BAK [2012-09-30 10:24:47 | 000,002,206 | ---- | M] () -- H:\WINDOWS\System32\wpa.dbl [2012-09-26 21:02:56 | 005,463,067 | ---- | M] () -- H:\Documents and Settings\Greg\Pulpit\fk_badania_01.pdf [2012-09-24 21:07:05 | 000,000,134 | ---- | M] () -- H:\WINDOWS\mp3wavcon.ini [2012-09-24 21:07:05 | 000,000,005 | ---- | M] () -- H:\WINDOWS\System32\SySmp3con.dat [2012-09-24 21:06:51 | 000,934,416 | ---- | M] () -- H:\Documents and Settings\Greg\Pulpit\3p79.mp3 [2012-09-19 16:31:58 | 009,369,755 | ---- | M] () -- H:\Documents and Settings\Greg\Pulpit\global-europe-2050-report_en.pdf [2012-09-18 22:31:40 | 000,102,693 | ---- | M] () -- H:\WINDOWS\System32\drivers\AVG\iavichjg.avm [2012-09-15 22:53:52 | 000,000,490 | ---- | M] () -- H:\Documents and Settings\All Users\Pulpit\wx-nfp.lnk [4 H:\WINDOWS\*.tmp files -> H:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-10-13 16:43:36 | 000,000,548 | ---- | C] () -- H:\Documents and Settings\Greg\Pulpit\Heroes of Might and Magic V.lnk [2012-10-12 18:10:50 | 006,025,931 | ---- | C] () -- H:\Documents and Settings\Greg\Pulpit\CDBurnerXP-4.4.1.3184.zip [2012-10-09 12:22:04 | 000,070,656 | ---- | C] () -- H:\Documents and Settings\Greg\Dane aplikacji\58B.exe [2012-09-27 06:42:16 | 009,369,755 | ---- | C] () -- H:\Documents and Settings\Greg\Pulpit\global-europe-2050-report_en.pdf [2012-09-26 21:02:50 | 005,463,067 | ---- | C] () -- H:\Documents and Settings\Greg\Pulpit\fk_badania_01.pdf [2012-09-24 21:06:42 | 000,934,416 | ---- | C] () -- H:\Documents and Settings\Greg\Pulpit\3p79.mp3 [2012-09-24 20:55:01 | 000,000,404 | ---- | C] () -- H:\WINDOWS\tasks\RNUpgradeHelperLogonPrompt_Greg.job [2012-09-24 20:55:00 | 000,000,398 | ---- | C] () -- H:\WINDOWS\tasks\ReclaimerUpdateFiles_Greg.job [2012-09-24 20:55:00 | 000,000,394 | ---- | C] () -- H:\WINDOWS\tasks\ReclaimerUpdateXML_Greg.job [2012-09-15 22:53:52 | 000,000,490 | ---- | C] () -- H:\Documents and Settings\All Users\Pulpit\wx-nfp.lnk [2012-06-16 18:13:10 | 000,262,216 | ---- | C] () -- H:\WINDOWS\System32\IPTests.dll [2012-05-09 08:02:47 | 000,000,127 | ---- | C] () -- H:\WINDOWS\System32\MRT.INI [2012-02-15 19:56:16 | 000,003,072 | ---- | C] () -- H:\WINDOWS\System32\iacenc.dll [2011-11-22 20:28:19 | 000,000,134 | ---- | C] () -- H:\WINDOWS\mp3wavcon.ini [2011-11-22 20:26:48 | 000,000,005 | ---- | C] () -- H:\WINDOWS\System32\SySmp3con.dat [2011-11-22 20:26:45 | 000,237,568 | ---- | C] () -- H:\WINDOWS\System32\lame_enc.dll [2011-05-16 22:53:12 | 000,164,864 | ---- | C] () -- H:\WINDOWS\System32\patchw32.dll [2011-05-16 22:53:12 | 000,158,720 | ---- | C] () -- H:\WINDOWS\System32\LFCMP61N.DLL [2011-05-16 22:53:12 | 000,110,080 | ---- | C] () -- H:\WINDOWS\System32\Lfpng61n.dll [2011-05-16 22:53:12 | 000,043,008 | ---- | C] () -- H:\WINDOWS\System32\LTFIL61N.DLL [2011-05-16 22:53:12 | 000,017,920 | ---- | C] () -- H:\WINDOWS\System32\MSWTHK32.DLL [2011-05-16 22:53:12 | 000,017,920 | ---- | C] () -- H:\WINDOWS\System32\IMPLODE.DLL [2011-05-16 22:53:12 | 000,003,360 | ---- | C] () -- H:\WINDOWS\System32\MSWTHK16.DLL [2011-03-03 23:09:59 | 000,000,125 | ---- | C] () -- H:\WINDOWS\fd3.INI [2011-03-03 22:40:11 | 000,000,125 | ---- | C] () -- H:\WINDOWS\FlashDecompiler.INI [2011-02-16 21:26:24 | 000,000,166 | ---- | C] () -- H:\WINDOWS\wcx_ftp.ini [2011-02-16 21:24:55 | 000,000,402 | ---- | C] () -- H:\WINDOWS\wincmd.ini [2011-01-04 08:17:10 | 000,000,664 | ---- | C] () -- H:\WINDOWS\System32\d3d9caps.dat [2010-10-29 22:01:29 | 000,188,928 | ---- | C] () -- H:\Documents and Settings\Greg\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-10-25 22:32:24 | 000,165,376 | ---- | C] () -- H:\WINDOWS\System32\unrar.dll [2010-10-25 22:32:23 | 000,000,038 | ---- | C] () -- H:\WINDOWS\avisplitter.ini [2010-10-25 22:32:22 | 000,790,528 | ---- | C] () -- H:\WINDOWS\System32\xvidcore.dll [2010-10-25 22:32:22 | 000,134,144 | ---- | C] () -- H:\WINDOWS\System32\xvidvfw.dll [2010-10-25 22:32:22 | 000,108,032 | ---- | C] () -- H:\WINDOWS\System32\ff_vfw.dll [2010-10-25 22:28:17 | 000,000,056 | -H-- | C] () -- H:\WINDOWS\System32\ezsidmv.dat [2010-10-25 22:27:57 | 000,004,293 | ---- | C] () -- H:\WINDOWS\ODBCINST.INI [2010-10-25 22:27:04 | 000,292,480 | ---- | C] () -- H:\WINDOWS\System32\FNTCACHE.DAT [2010-10-25 22:23:17 | 000,000,000 | ---- | C] () -- H:\WINDOWS\nsreg.dat [2010-10-25 22:11:51 | 000,001,732 | ---- | C] () -- H:\WINDOWS\System32\drivers\nvphy.bin [2010-10-25 22:10:30 | 000,232,968 | ---- | C] () -- H:\WINDOWS\System32\nvdrsdb0.bin [2010-10-25 22:10:28 | 000,232,968 | ---- | C] () -- H:\WINDOWS\System32\nvdrsdb1.bin [2010-10-25 22:10:28 | 000,000,001 | ---- | C] () -- H:\WINDOWS\System32\nvdrssel.bin [2010-10-25 20:37:44 | 000,002,048 | --S- | C] () -- H:\WINDOWS\bootstat.dat [2010-10-25 20:33:45 | 000,021,856 | ---- | C] () -- H:\WINDOWS\System32\emptyregdb.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2010-04-16 18:09:01 | 001,509,888 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = H:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 12:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = H:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 19:20:57 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2011-03-03 22:40:11 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\AutoUpdate [2012-10-09 12:24:31 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\AVG2012 [2011-04-11 23:37:01 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Big Fish Games [2012-05-09 08:16:38 | 000,000,000 | -H-D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Common Files [2010-11-11 22:37:44 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\ConeXware [2010-10-26 23:21:06 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2012-10-15 19:26:01 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\MFAData [2011-03-16 01:25:32 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\TEMP [2012-07-31 21:28:58 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\tmp [2012-05-09 08:19:30 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Greg\Dane aplikacji\AVG2012 [2011-03-16 00:40:20 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Greg\Dane aplikacji\Big Fish Games [2012-02-19 10:13:18 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Greg\Dane aplikacji\DAEMON Tools Lite [2010-10-26 07:29:33 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Greg\Dane aplikacji\Foxit Software [2010-12-18 18:12:12 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Greg\Dane aplikacji\Gadu-Gadu [2010-10-26 22:25:00 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Greg\Dane aplikacji\GetRightToGo [2012-05-09 08:04:33 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Greg\Dane aplikacji\Ithezun [2010-11-15 22:00:12 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Greg\Dane aplikacji\Leadertech [2011-08-28 13:26:35 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Greg\Dane aplikacji\My Games [2011-11-29 00:10:00 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Greg\Dane aplikacji\NapiProjekt [2011-03-03 00:40:41 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Greg\Dane aplikacji\Notepad++ [2010-10-28 07:08:27 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Greg\Dane aplikacji\OpenOffice.org [2012-07-14 20:11:21 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Greg\Dane aplikacji\Opera [2010-10-26 18:44:33 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Greg\Dane aplikacji\Uniblue [2012-03-19 21:37:37 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Greg\Dane aplikacji\Vaito [2012-09-15 22:57:28 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Greg\Dane aplikacji\wx-nfp [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 162 bytes -> H:\Documents and Settings\All Users\Dane aplikacji\TEMP:98781370 @Alternate Data Stream - 135 bytes -> H:\Documents and Settings\All Users\Dane aplikacji\TEMP:DED17083 @Alternate Data Stream - 128 bytes -> H:\Documents and Settings\All Users\Dane aplikacji\TEMP:9D6EAEC3 < End of report >