OTL logfile created on: 2013-08-09 09:02:09 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = F:\ Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1014,22 Mb Total Physical Memory | 366,80 Mb Available Physical Memory | 36,17% Memory free 2,38 Gb Paging File | 1,67 Gb Available in Paging File | 70,11% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 101,54 Gb Total Space | 29,34 Gb Free Space | 28,89% Space Free | Partition Type: NTFS Drive D: | 47,51 Gb Total Space | 14,63 Gb Free Space | 30,80% Space Free | Partition Type: NTFS Drive F: | 7,19 Gb Total Space | 7,19 Gb Free Space | 99,95% Space Free | Partition Type: FAT32 Computer Name: DOMOWY | User Name: Tata | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-08-09 03:52:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\OTL.exe PRC - [2013-08-05 14:04:40 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2013-08-01 08:31:10 | 002,285,232 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe PRC - [2013-08-01 08:31:10 | 001,616,048 | ---- | M] (AVG Secure Search) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe PRC - [2013-08-01 08:31:09 | 000,161,968 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\loggingserver.exe PRC - [2013-07-08 22:59:39 | 004,801,304 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe PRC - [2013-07-08 22:59:06 | 009,044,696 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cis.exe PRC - [2013-07-08 22:59:06 | 001,464,536 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cistray.exe PRC - [2013-06-18 17:15:27 | 002,054,872 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdupd.exe PRC - [2013-06-18 17:15:26 | 001,839,832 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe PRC - [2012-10-02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2011-07-25 23:14:00 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\System Update\SUService.exe PRC - [2011-02-04 02:35:00 | 000,128,360 | ---- | M] (Lenovo.) -- C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE PRC - [2011-02-04 02:35:00 | 000,053,608 | ---- | M] (Lenovo Group Limited) -- C:\PROGRA~1\ThinkPad\UTILIT~1\SCHTASK.exe PRC - [2010-12-03 19:19:50 | 000,137,656 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Zoom\TpScrex.exe PRC - [2010-12-03 19:19:32 | 000,258,920 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe PRC - [2010-12-03 11:57:38 | 000,099,328 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe PRC - [2010-12-02 13:55:54 | 000,064,440 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe PRC - [2010-11-29 17:32:44 | 000,069,560 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe PRC - [2010-10-19 15:25:18 | 000,866,576 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe PRC - [2010-10-19 15:16:10 | 000,966,656 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe PRC - [2010-10-19 15:02:42 | 000,477,456 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe PRC - [2010-09-11 14:56:38 | 001,118,208 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe PRC - [2010-09-11 14:41:04 | 001,029,432 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe PRC - [2010-07-23 12:34:54 | 000,975,360 | ---- | M] (ActMask Co.,Ltd - http://www.all2pdf.com) -- C:\WINDOWS\System32\PrintDisp.exe PRC - [2010-04-10 09:45:46 | 000,979,344 | ---- | M] (The Eraser Project) -- C:\PROGRA~1\Eraser\Eraser.exe PRC - [2010-04-01 15:50:44 | 000,043,960 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe PRC - [2010-03-26 05:08:00 | 000,062,312 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe PRC - [2010-03-05 00:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe PRC - [2009-12-01 03:39:00 | 000,256,576 | ---- | M] (Lenovo Group Ltd.) -- C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe PRC - [2009-10-28 20:59:48 | 000,065,536 | ---- | M] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) -- C:\WINDOWS\System32\PrintCtrl.exe PRC - [2009-07-23 04:11:00 | 000,185,688 | ---- | M] (Lenovo Group Limited) -- C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe PRC - [2009-07-23 04:11:00 | 000,124,248 | ---- | M] (Lenovo Group Limited) -- C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE PRC - [2007-03-02 17:48:00 | 000,098,304 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe PRC - [2007-01-30 13:05:02 | 000,108,080 | ---- | M] (Lenovo Group Limited) -- C:\WINDOWS\System32\IPSSVC.EXE PRC - [2006-06-29 22:57:50 | 000,032,768 | ---- | M] () -- C:\WINDOWS\System32\TpKmpSVC.exe PRC - [2005-10-11 13:54:48 | 000,339,968 | ---- | M] () -- C:\WINDOWS\vsnpstd.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-08-01 08:31:10 | 002,285,232 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe MOD - [2013-08-01 08:31:10 | 000,521,904 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\log4cplusU.dll MOD - [2013-08-01 08:31:10 | 000,145,072 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.4.0\SiteSafety.dll MOD - [2013-08-01 08:31:09 | 000,161,968 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\loggingserver.exe MOD - [2013-07-14 10:16:31 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\b22afb5424455b579511b925aa1563c9\System.Management.ni.dll MOD - [2013-07-14 10:15:09 | 001,711,616 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\a1434aebf13ff1e4c5de2840a06b7c38\Microsoft.VisualBasic.ni.dll MOD - [2013-07-14 10:14:28 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8f3e54440f3742da409131428ad1bce1\System.ServiceProcess.ni.dll MOD - [2013-07-14 08:36:46 | 000,060,928 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\fce142e7009d7cd587b5d8fbc20f5448\UIAutomationProvider.ni.dll MOD - [2013-07-14 08:36:43 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\a1d221960bf7a0cbfd1f355595f77e83\System.Xml.ni.dll MOD - [2013-07-14 08:36:30 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\efecb20c44117df86f2eb5f93592fdd8\System.Windows.Forms.ni.dll MOD - [2013-07-14 08:36:03 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\82a53e923936d5f62d9af4cdfe50a4f8\System.Drawing.ni.dll MOD - [2013-07-14 08:34:52 | 002,295,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\4bcddb1b8314edc004a69a5fd85b1146\System.Core.ni.dll MOD - [2013-07-14 08:34:13 | 000,539,648 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e729dd9b653def0664bf0efcf22dc112\PresentationFramework.Luna.ni.dll MOD - [2013-07-14 08:32:47 | 012,218,880 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\98081ec306b59320c26f94983fec7a89\PresentationCore.ni.dll MOD - [2013-07-14 08:32:08 | 003,325,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\37136d6a9a5a7c5d7816d7e0ef3c4d45\WindowsBase.ni.dll MOD - [2013-07-14 08:31:21 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\16562c54978851e92db8fec6f759bba1\System.ni.dll MOD - [2013-07-14 08:30:19 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll MOD - [2013-07-12 18:28:48 | 005,283,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll MOD - [2013-07-08 22:59:12 | 002,463,448 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\cmdavcen.dll MOD - [2011-02-04 02:35:00 | 000,054,272 | ---- | M] () -- C:\Program Files\ThinkPad\Utilities\US\PWRMGRRO.DLL MOD - [2011-02-04 02:35:00 | 000,041,984 | ---- | M] () -- C:\Program Files\ThinkPad\Utilities\US\PWRMGRRT.DLL MOD - [2010-11-15 21:02:34 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL MOD - [2010-09-11 14:56:38 | 001,118,208 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe MOD - [2010-09-11 14:48:30 | 000,139,264 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\CDRecord.dll MOD - [2010-09-11 14:48:30 | 000,139,264 | ---- | M] () -- C:\Program Files\Common Files\Lenovo\CDRecord.dll MOD - [2010-03-05 00:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe MOD - [2006-06-29 22:57:50 | 000,032,768 | ---- | M] () -- C:\WINDOWS\System32\TpKmpSVC.exe MOD - [2005-10-11 13:54:48 | 000,339,968 | ---- | M] () -- C:\WINDOWS\vsnpstd.exe [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- -- (MSDTC) SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2013-08-05 14:04:40 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2013-08-01 08:31:10 | 001,616,048 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe -- (vToolbarUpdater15.4.0) SRV - [2013-07-08 22:59:39 | 004,801,304 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV - [2013-06-18 17:15:27 | 000,127,192 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth) SRV - [2013-06-11 21:42:02 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-06-03 16:34:46 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-10-02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-06-11 11:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2011-07-25 23:14:00 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\System Update\SUService.exe -- (SUService) SRV - [2011-02-04 02:35:00 | 000,128,360 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE -- (DozeSvc) SRV - [2011-02-04 02:35:00 | 000,061,440 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE -- (Power Manager DBC Service) SRV - [2010-12-03 11:57:38 | 000,099,328 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe -- (TPHKLOAD) SRV - [2010-12-02 13:55:54 | 000,064,440 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe -- (TPHKSVC) SRV - [2010-11-24 17:34:24 | 000,045,496 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe -- (LENOVO.MICMUTE) SRV - [2010-10-19 15:25:18 | 000,866,576 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2010-10-19 15:16:10 | 000,966,656 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor) SRV - [2010-10-19 15:02:42 | 000,477,456 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2010-09-11 14:56:38 | 001,118,208 | ---- | M] () [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service) SRV - [2010-09-11 14:41:04 | 001,029,432 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service) SRV - [2010-03-05 00:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) SRV - [2009-10-28 20:59:48 | 000,065,536 | ---- | M] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) [Auto | Running] -- C:\WINDOWS\System32\PrintCtrl.exe -- (Printer Control) SRV - [2007-01-30 13:05:02 | 000,108,080 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\WINDOWS\System32\IPSSVC.EXE -- (IPSSVC) SRV - [2006-06-29 22:57:50 | 000,032,768 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\TpKmpSVC.exe -- (TpKmpSVC) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\zd1211Bu.sys -- (ZD1211BU(Atheros) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Tata\USTAWI~1\Temp\catchme.sys -- (catchme) DRV - [2013-08-01 08:31:10 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgtpx86.sys -- (avgtp) DRV - [2013-07-08 22:59:42 | 000,587,352 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\System32\DRIVERS\cmdguard.sys -- (cmdGuard) DRV - [2013-06-18 17:16:22 | 000,099,520 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect) DRV - [2013-06-18 17:16:22 | 000,032,816 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\System32\DRIVERS\cmdhlp.sys -- (cmdHlp) DRV - [2013-06-18 17:16:20 | 000,018,528 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\System32\DRIVERS\cmderd.sys -- (cmderd) DRV - [2012-11-23 15:10:07 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\ZDPSp50.sys -- (ZDPSp50) DRV - [2012-06-11 11:33:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\pccsmcfd.sys -- (pccsmcfd) DRV - [2011-03-24 13:21:22 | 000,030,144 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\psadd.sys -- (psadd) DRV - [2011-02-04 02:35:00 | 000,025,968 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\DozeHDD.sys -- (DozeHDD) DRV - [2011-02-04 02:35:00 | 000,012,144 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\Tppwrif.sys -- (TPPWRIF) DRV - [2010-10-07 06:11:38 | 006,609,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\NETwLx32.sys -- (NETwLx32) DRV - [2010-09-07 15:09:06 | 000,013,680 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\WINDOWS\System32\DRIVERS\smiif32.sys -- (lenovo.smi) DRV - [2010-06-16 14:44:38 | 000,120,432 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\Apsx86.sys -- (Shockprf) DRV - [2010-06-16 14:44:38 | 000,020,592 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ApsHM86.sys -- (TPDIGIMN) DRV - [2010-05-19 23:15:04 | 000,013,952 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\DRIVERS\s24trans.sys -- (s24trans) DRV - [2010-03-26 05:08:00 | 000,004,608 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS -- (TSMAPIP) DRV - [2010-01-27 04:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\npf.sys -- (npf) DRV - [2009-11-12 15:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009-09-09 17:10:16 | 000,154,672 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\Apfiltr.sys -- (ApfiltrService) DRV - [2009-03-13 14:47:26 | 000,012,560 | ---- | M] (UPEK Inc.) [Kernel | Auto | Running] -- C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys -- (smihlp) DRV - [2008-04-04 12:02:10 | 000,087,424 | ---- | M] (Gemalto) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\GemCCID.sys -- (GemCCID) DRV - [2008-02-22 16:54:40 | 000,037,312 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\Tvti2c.sys -- (TVTI2C) DRV - [2008-02-15 19:01:18 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\DRIVERS\rimmptsk.sys -- (rimmptsk) DRV - [2007-11-29 18:35:44 | 000,163,328 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\b57xp32.sys -- (b57w2k) DRV - [2007-07-30 12:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\DRIVERS\rixdptsk.sys -- (rismxdp) DRV - [2007-07-30 11:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\DRIVERS\rimsptsk.sys -- (rimsptsk) DRV - [2007-04-27 17:00:58 | 000,666,112 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CHDAudN.sys -- (HdAudAddService) DRV - [2006-11-06 18:24:56 | 000,012,080 | ---- | M] (Lenovo Group Limited) [Kernel | Auto | Running] -- C:\WINDOWS\System32\DRIVERS\PROCDD.SYS -- (PROCDD) DRV - [2005-11-18 10:44:04 | 000,390,656 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\snpstd.sys -- (snpstd) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=HITACHI_HTS541616J9SA00_SB3441GRJZ6PGEJZ6PGEX&ts=1351506495 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://pl.yahoo.com?fr=fp-comodo IE - HKCU\..\SearchScopes,DefaultScope = {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.v9.com/web/?q={searchTerms} IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.v9.com/web/?q={searchTerms} IE - HKCU\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://pl.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={DD6875B5-0F2E-4739-B46B-C2E940866790}&mid=1ab012523c6047d0b4ccd155f976e396-1a13bbe4f5613cd3d3c673f2096976fce82be711&lang=pl&ds=xn011&pr=sa&d=2012-09-29 20:17:53&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.order.1: "v9" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledAddons: autoproxy@autoproxy.org:0.4b2.2011041023 FF - prefs.js..extensions.enabledAddons: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.4.6.3 FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1" FF - prefs.js..network.proxy.socks: "127.0.0.1" FF - prefs.js..network.proxy.socks_port: 9050 FF - prefs.js..network.proxy.socks_remote_dns: true FF - prefs.js..network.proxy.type: 1 FF - prefs.js..browser.startup.homepage: "http://pl.yahoo.com?fr=fp-comodo" FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.selectedEngine: "Yahoo" FF - prefs.js..keyword.URL: "http://pl.search.yahoo.com/search?fr=ytff-comodo&p=" FF - prefs.js..browser.search.param.yahoo-fr: "chrf-comodo" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-comodo" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.4.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@adobe.com/Acrobat,version=5.1: C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Tata\Ustawienia lokalne\Dane aplikacji\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search\FireFoxExt\15.4.0.5 [2013-08-01 08:31:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-04-22 16:43:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-22 16:43:33 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-04-22 16:43:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012-04-22 16:43:33 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011-04-09 20:40:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tata\Dane aplikacji\Mozilla\Extensions [2011-04-09 20:40:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tata\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2013-02-01 04:02:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tata\Dane aplikacji\Mozilla\Firefox\Profiles\oayckntn.default\extensions [2011-12-17 19:35:15 | 000,191,192 | ---- | M] () (No name found) -- C:\Documents and Settings\Tata\Dane aplikacji\Mozilla\Firefox\Profiles\oayckntn.default\extensions\autoproxy@autoproxy.org.xpi [2013-02-01 04:02:02 | 000,844,878 | ---- | M] () (No name found) -- C:\Documents and Settings\Tata\Dane aplikacji\Mozilla\Firefox\Profiles\oayckntn.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}.xpi [2011-04-09 19:54:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-11-01 14:27:20 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2011-11-19 15:36:54 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-11-19 15:36:46 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2013-08-01 08:31:58 | 000,003,717 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml [2011-11-19 15:36:46 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011-11-19 15:36:46 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2011-11-19 15:36:46 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-10-29 12:28:30 | 000,000,402 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml [2011-11-19 15:36:46 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-11-19 15:36:46 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR - homepage: http://pl.yahoo.com?fr=fpc-comodo CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: YouTube = C:\Documents and Settings\Tata\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Szukaj w Google = C:\Documents and Settings\Tata\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Skype Click to Call = C:\Documents and Settings\Tata\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\ CHR - Extension: AVG Secure Search = C:\Documents and Settings\Tata\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\15.4.0.5_0\ CHR - Extension: Gmail = C:\Documents and Settings\Tata\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2013-07-19 17:59:35 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.4.0.5\AVG Secure Search_toolbar.dll (AVG Secure Search) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.4.0.5\AVG Secure Search_toolbar.dll (AVG Secure Search) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited) O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (COMODO) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [Eraser] "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart File not found O4 - HKLM..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe (Lenovo Group Ltd.) O4 - HKLM..\Run: [LenovoAutoScrollUtility] C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe (Lenovo Group Limited) O4 - HKLM..\Run: [LPMailChecker] C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe (Lenovo Group Limited) O4 - HKLM..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe (Lenovo Group Limited) O4 - HKLM..\Run: [PrintDisp] C:\WINDOWS\System32\PrintDisp.exe (ActMask Co.,Ltd - http://www.all2pdf.com) O4 - HKLM..\Run: [PWRMGRTR] C:\Program Files\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited) O4 - HKLM..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe () O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited) O4 - HKLM..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe (Lenovo) O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe () O4 - HKCU..\Run: [Facebook Update] C:\Documents and Settings\Tata\Ustawienia lokalne\Dane aplikacji\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1364632451859 (MUWebControl Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 120.10.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{597ED249-4B05-48E5-BBA4-E6BB4ECC2FDB}: DhcpNameServer = 120.10.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.4.0\ViProtocol.dll (AVG Secure Search) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\psfus: DllName - (C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll) - C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\web\wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\web\wallpaper\Idylla.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-03-24 12:13:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-08-07 12:19:48 | 000,000,000 | ---D | C] -- C:\FRST [2013-08-06 14:31:27 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0 [2013-08-05 14:31:55 | 000,000,000 | -H-D | C] -- C:\VTRoot [2013-08-05 14:05:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2013-08-05 14:05:14 | 000,144,896 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2013-08-05 14:05:13 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2013-08-05 14:05:05 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013-08-05 14:05:05 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013-08-05 14:05:05 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2013-08-05 14:04:33 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2013-08-05 13:49:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\COMODO [2013-08-05 13:49:41 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Shared Space [2013-08-05 13:48:42 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO [2013-08-05 13:48:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Comodo [2013-08-05 13:48:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Comodo Downloader [2013-08-01 08:31:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache [2013-07-21 14:01:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-08-09 09:30:56 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job [2013-08-09 09:30:00 | 000,000,528 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job [2013-08-09 09:28:50 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job [2013-08-09 09:24:00 | 000,000,466 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job [2013-08-09 09:18:26 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013-08-09 09:18:13 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013-08-09 08:57:04 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job [2013-08-09 08:57:04 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job [2013-08-09 08:52:51 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job [2013-08-09 08:52:47 | 000,025,229 | ---- | M] () -- C:\WINDOWS\System32\PROCDB.INI [2013-08-09 08:52:02 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013-08-09 08:51:53 | 000,000,380 | ---- | M] () -- C:\WINDOWS\System32\IPSCtrl.INI [2013-08-09 08:51:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013-08-08 20:33:54 | 000,669,488 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat [2013-08-08 20:23:31 | 000,001,006 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1275210071-879983540-682003330-1004UA.job [2013-08-08 02:40:01 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013-08-07 13:07:18 | 000,000,998 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1275210071-879983540-682003330-1005UA.job [2013-08-05 14:33:56 | 000,006,914 | ---- | M] () -- C:\WINDOWS\System32\drivers\fvstore.dat [2013-08-05 14:31:50 | 000,001,828 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\COMODO Internet Security.lnk [2013-08-05 14:23:00 | 000,000,984 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1275210071-879983540-682003330-1004Core.job [2013-08-05 14:04:42 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2013-08-05 14:04:40 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2013-08-05 14:04:40 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013-08-05 14:04:40 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013-08-05 14:04:40 | 000,144,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2013-08-05 14:04:39 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2013-08-05 14:04:39 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2013-08-05 13:49:48 | 000,000,739 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Shared Space.lnk [2013-08-01 08:31:10 | 000,037,664 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys [2013-07-31 22:24:30 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk [2013-07-29 19:06:04 | 000,000,976 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1275210071-879983540-682003330-1005Core.job [2013-07-19 17:59:35 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2013-07-19 17:40:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2013-07-15 03:36:00 | 000,153,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013-07-14 11:41:25 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013-07-12 18:54:46 | 000,491,314 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2013-07-12 18:54:46 | 000,433,138 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013-07-12 18:54:46 | 000,084,526 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2013-07-12 18:54:46 | 000,068,094 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-08-05 14:33:56 | 000,006,914 | ---- | C] () -- C:\WINDOWS\System32\drivers\fvstore.dat [2013-08-05 13:52:00 | 000,000,440 | ---- | C] () -- C:\WINDOWS\tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job [2013-08-05 13:51:58 | 000,000,440 | ---- | C] () -- C:\WINDOWS\tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job [2013-08-05 13:51:57 | 000,000,440 | ---- | C] () -- C:\WINDOWS\tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job [2013-08-05 13:51:55 | 000,000,440 | ---- | C] () -- C:\WINDOWS\tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job [2013-08-05 13:49:49 | 000,001,828 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\COMODO Internet Security.lnk [2013-08-05 13:49:48 | 000,000,739 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Shared Space.lnk [2013-07-31 20:03:25 | 000,800,608 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2013-05-03 16:15:44 | 000,001,134 | ---- | C] () -- C:\WINDOWS\cce.INI [2013-05-03 15:25:26 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2013-05-03 15:25:26 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2013-05-03 15:25:26 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2013-05-03 15:25:26 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2013-05-03 15:25:26 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2013-05-01 12:34:32 | 000,000,252 | ---- | C] () -- C:\WINDOWS\KillSwitch.INI [2013-05-01 10:56:49 | 000,669,488 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat [2013-02-22 11:50:22 | 001,391,616 | ---- | C] () -- C:\WINDOWS\System32\ActPDF.dll [2013-02-22 11:50:07 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\PrtPass.exe [2013-02-22 11:50:06 | 000,691,200 | ---- | C] () -- C:\WINDOWS\System32\PrintLog.exe [2012-11-28 15:17:18 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll [2012-11-28 15:17:18 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll [2012-11-28 15:17:18 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll [2012-11-28 15:17:18 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll [2012-11-15 14:53:59 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Tata\Dane aplikacji\$_hpcst$.hpc [2012-11-12 17:20:11 | 000,717,080 | ---- | C] () -- C:\WINDOWS\unins001.exe [2012-11-12 17:16:40 | 000,348,010 | ---- | C] () -- C:\WINDOWS\unins001.dat [2012-02-15 04:18:18 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011-08-27 12:45:25 | 000,009,728 | ---- | C] () -- C:\Documents and Settings\Tata\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-08-27 10:36:29 | 000,000,598 | ---- | C] () -- C:\WINDOWS\System32\secushr.dat [2011-08-15 11:57:45 | 000,000,204 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat [2011-08-15 11:57:02 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI [color=#E56717]========== ZeroAccess Check ==========[/color] [2011-03-24 12:48:36 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-14 19:20:47 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-02-09 12:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008-04-14 19:20:57 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2012-06-30 14:15:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2013-07-02 02:11:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search [2011-03-24 18:52:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Canneverbe Limited [2012-09-29 20:16:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files [2011-03-26 17:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2012-10-13 11:52:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2011-08-27 17:49:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IsolatedStorage [2011-03-24 16:16:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Lenovo [2011-11-19 15:31:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2011-08-09 18:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2012-11-15 15:26:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PCDr [2013-08-05 13:42:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung [2011-03-24 21:05:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ScanSoft [2013-08-05 13:49:48 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Shared Space [2011-03-24 13:08:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\UIB [2011-04-03 12:38:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tata\Dane aplikacji\Avaya [2012-09-30 19:53:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tata\Dane aplikacji\AVG Secure Search [2013-06-18 16:57:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tata\Dane aplikacji\BESTplayer [2011-12-31 21:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tata\Dane aplikacji\BITS [2011-03-24 18:52:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tata\Dane aplikacji\Canneverbe Limited [2013-06-22 15:09:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tata\Dane aplikacji\ESET [2012-09-24 15:31:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tata\Dane aplikacji\Gadu-Gadu 10 [2013-05-11 10:45:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tata\Dane aplikacji\HoolappForAndroid [2013-03-22 11:33:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tata\Dane aplikacji\ImgBurn [2011-08-09 17:57:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tata\Dane aplikacji\InterTrust [2011-03-24 19:02:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tata\Dane aplikacji\Lenovo [2012-01-07 10:15:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tata\Dane aplikacji\Nokia [2011-04-10 15:16:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tata\Dane aplikacji\OpenFM [2012-07-02 12:56:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tata\Dane aplikacji\PC Suite [2013-02-25 18:44:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tata\Dane aplikacji\PEM-HEART [2012-10-15 07:20:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tata\Dane aplikacji\PhotoScape [2011-03-24 16:41:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tata\Dane aplikacji\PwrMgr [2011-04-09 20:40:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tata\Dane aplikacji\Thunderbird [2012-05-05 18:09:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tata\Dane aplikacji\Update [2012-08-15 12:10:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tata\Dane aplikacji\VDownloader [color=#E56717]========== Purity Check ==========[/color] < End of report >