OTL logfile created on: 2012-12-13 12:00:47 - Run 2
OTL by OldTimer - Version 3.2.65.1     Folder = C:\Users\Paweł\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1,37 Gb Total Physical Memory | 0,90 Gb Available Physical Memory | 65,22% Memory free
3,00 Gb Paging File | 2,35 Gb Available in Paging File | 78,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 1,30 Gb Free Space | 6,66% Space Free | Partition Type: NTFS
Drive D: | 29,29 Gb Total Space | 0,80 Gb Free Space | 2,72% Space Free | Partition Type: NTFS
Drive E: | 25,69 Gb Total Space | 10,42 Gb Free Space | 40,57% Space Free | Partition Type: NTFS
Drive G: | 7,47 Gb Total Space | 0,19 Gb Free Space | 2,61% Space Free | Partition Type: NTFS
 
Computer Name: PAWEŁ-PC | User Name: Paweł | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-09-21 12:27:03 | 000,600,576 | ---- | M] (OldTimer Tools) -- C:\Users\Paweł\Desktop\OTL.exe
PRC - [2012-01-24 17:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\Nowy folder\avgtray.exe
PRC - [2011-11-28 01:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\Nowy folder\avgnsx.exe
PRC - [2011-11-23 02:36:24 | 002,391,832 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\Nowy folder\avgfws.exe
PRC - [2011-08-02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\Nowy folder\avgwdsvc.exe
PRC - [2011-05-07 21:43:25 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007-01-26 09:10:48 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006-12-29 04:11:00 | 004,317,184 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2007-01-08 05:08:56 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2011-11-23 02:36:24 | 002,391,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- E:\Nowy folder\avgfws.exe -- (avgfws)
SRV - [2011-10-12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- E:\Nowy folder\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011-08-02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- E:\Nowy folder\avgwdsvc.exe -- (avgwd)
SRV - [2007-01-26 09:10:48 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2011-10-07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011-10-04 06:21:16 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011-09-13 06:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011-08-08 06:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011-07-11 01:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011-07-11 01:14:02 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011-07-11 01:14:00 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011-07-11 01:13:58 | 000,134,736 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010-05-28 07:25:04 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2007-01-26 09:10:48 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2007-01-08 05:16:50 | 002,313,216 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006-12-12 16:51:20 | 000,147,968 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2006-11-10 13:38:22 | 000,506,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2006-11-06 03:01:20 | 000,051,200 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2003-04-03 00:54:16 | 000,020,648 | ---- | M] (Thomson Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netrcacm.sys -- (netrcacm)
 
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-12-13 11:53:52 | 000,000,000 | ---D | C] -- C:\Users\Paweł\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
[2012-12-13 11:36:19 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-12-12 19:19:51 | 000,600,576 | ---- | C] (OldTimer Tools) -- C:\Users\Paweł\Desktop\OTL.exe
[2012-12-12 19:01:45 | 000,020,648 | ---- | C] (Thomson Inc.) -- C:\Windows\System32\drivers\netrcacm.sys
[2012-12-07 17:04:54 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012-12-07 11:17:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012-12-07 11:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-12-13 11:58:00 | 000,662,112 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-12-13 11:58:00 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-12-13 11:58:00 | 000,126,908 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-12-13 11:58:00 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-12-13 11:53:40 | 000,004,768 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-12-13 11:53:38 | 000,004,768 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-12-13 11:53:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-12-13 11:53:14 | 1474,412,544 | -HS- | M] () -- C:\hiberfil.sys
[2012-12-13 11:42:07 | 000,545,819 | ---- | M] () -- C:\Users\Paweł\Desktop\AdwCleaner.exe
[2012-12-13 11:39:03 | 000,372,496 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-12-13 11:36:21 | 000,000,914 | ---- | M] () -- C:\Users\Paweł\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
[2012-12-07 16:43:30 | 052,217,344 | ---- | M] () -- C:\Users\Paweł\Desktop\eav_nt32_plk.msi
[2012-12-07 11:17:21 | 000,000,764 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-12-13 11:43:39 | 000,545,819 | ---- | C] () -- C:\Users\Paweł\Desktop\AdwCleaner.exe
[2012-12-12 19:15:46 | 1474,412,544 | -HS- | C] () -- C:\hiberfil.sys
[2012-12-07 16:48:11 | 052,217,344 | ---- | C] () -- C:\Users\Paweł\Desktop\eav_nt32_plk.msi
[2012-12-07 11:17:20 | 000,000,764 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-12-05 11:13:43 | 000,000,914 | ---- | C] () -- C:\Users\Paweł\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
[2012-02-12 21:22:54 | 000,000,848 | ---- | C] () -- C:\Users\Paweł\.recently-used.xbel
[2012-01-04 18:47:25 | 000,000,680 | ---- | C] () -- C:\Users\Paweł\AppData\Local\d3d9caps.dat
[2011-12-16 08:17:04 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011-05-18 10:09:26 | 000,100,043 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011-05-09 20:32:20 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2011-05-09 20:32:20 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2011-05-07 20:26:11 | 000,079,360 | ---- | C] () -- C:\Users\Paweł\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-05-06 20:33:24 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011-05-06 20:33:23 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011-05-06 20:33:18 | 000,631,808 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011-05-06 20:33:18 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011-05-06 20:33:17 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011-05-05 22:40:12 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2010-10-15 14:48:59 | 000,002,048 | -HS- | M] () -- C:\Windows\Installer\{35b0d047-9622-d3b3-4633-303aecfcb323}\@
[2010-10-15 14:48:59 | 000,053,248 | -HS- | M] () -- C:\Windows\Installer\{35b0d047-9622-d3b3-4633-303aecfcb323}\n
[2010-10-15 14:48:59 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{35b0d047-9622-d3b3-4633-303aecfcb323}\L
[2012-11-09 09:08:16 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{35b0d047-9622-d3b3-4633-303aecfcb323}\U
[2012-11-09 09:08:16 | 000,000,928 | ---- | M] () -- C:\Windows\Installer\{35b0d047-9622-d3b3-4633-303aecfcb323}\U\00000001.@
[2012-10-28 06:23:21 | 000,011,776 | ---- | M] () -- C:\Windows\Installer\{35b0d047-9622-d3b3-4633-303aecfcb323}\U\80000000.@
[2012-09-23 09:20:13 | 000,021,504 | ---- | M] () -- C:\Windows\Installer\{35b0d047-9622-d3b3-4633-303aecfcb323}\U\800000cb.@
[2012-12-13 12:04:47 | 000,002,048 | -HS- | M] () -- C:\Users\Paweł\AppData\Local\{35b0d047-9622-d3b3-4633-303aecfcb323}\@
[2010-10-15 14:48:59 | 000,053,248 | -HS- | M] () -- C:\Users\Paweł\AppData\Local\{35b0d047-9622-d3b3-4633-303aecfcb323}\n
[2010-10-15 14:48:59 | 000,000,000 | -HSD | M] -- C:\Users\Paweł\AppData\Local\{35b0d047-9622-d3b3-4633-303aecfcb323}\L
[2010-10-15 14:48:59 | 000,000,000 | -HSD | M] -- C:\Users\Paweł\AppData\Local\{35b0d047-9622-d3b3-4633-303aecfcb323}\U
[2006-11-02 13:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011-09-06 08:33:05 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\Ashampoo
[2012-02-26 21:37:15 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\AVG2012
[2012-07-30 19:55:04 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\BESTplayer
[2012-01-02 13:47:36 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\Cream Software
[2012-02-06 12:38:31 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\e-pity
[2012-02-12 21:22:54 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\gtk-2.0
[2011-12-06 20:46:15 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\MusicNet
[2012-01-02 13:53:06 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\Samsung
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >