OTL logfile created on: 2013-01-10 07:54:05 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Jacek.DOM.000\Pulpit
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,00 Gb Total Physical Memory | 1,55 Gb Available Physical Memory | 77,53% Memory free
3,85 Gb Paging File | 3,55 Gb Available in Paging File | 92,36% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 131,88 Gb Total Space | 79,87 Gb Free Space | 60,56% Space Free | Partition Type: NTFS
Drive D: | 100,99 Gb Total Space | 20,24 Gb Free Space | 20,04% Space Free | Partition Type: NTFS
Drive E: | 645,22 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: DOM | User Name: Jacek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013-01-08 16:07:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jacek.DOM.000\Pulpit\otl-32690.exe
PRC - [2013-01-08 16:05:18 | 000,711,112 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
PRC - [2012-12-20 07:52:20 | 000,295,072 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012-09-12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012-09-12 16:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012-09-03 19:33:42 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012-08-30 20:10:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2011-07-29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2008-04-15 13:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-05-28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013-01-08 16:05:18 | 000,711,112 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
MOD - [2011-07-29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011-07-29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013-01-09 09:06:09 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-01-08 16:05:18 | 000,711,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)
SRV - [2013-01-08 12:56:07 | 000,177,248 | ---- | M] (Корпорация Майкрософт) [On_Demand | Stopped] -- C:\Documents and Settings\Jacek.DOM.000\wgsdgsdgdsgsd.exe -- (winmgmt)
SRV - [2012-11-29 20:31:04 | 000,038,608 | ---- | M] () [Auto | Stopped] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012-11-29 09:26:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-09-29 13:05:53 | 000,316,888 | ---- | M] (Protection Technology) [Auto | Stopped] -- C:\WINDOWS\System32\appdrvrem01.exe -- (appdrvrem01)
SRV - [2012-09-12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012-09-03 19:33:42 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012-08-30 20:10:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-07-13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2007-05-28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ynbixbfu.sys -- (ynbixbfu)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\wkdtssku.sys -- (wkdtssku)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\raofpqfi.sys -- (raofpqfi)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\qvngyukt.sys -- (qvngyukt)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\qhytgvpu.sys -- (qhytgvpu)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\qcjbauhr.sys -- (qcjbauhr)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\prgtflum.sys -- (prgtflum)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\orjagalp.sys -- (orjagalp)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\okfrtcwd.sys -- (okfrtcwd)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\metsnljf.sys -- (metsnljf)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\meqycaoz.sys -- (meqycaoz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\lzulglzb.sys -- (lzulglzb)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\leamqyvs.sys -- (leamqyvs)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\kadpimcr.sys -- (kadpimcr)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\JACEKD~1.000\USTAWI~1\Temp\iMSPCLOj.sys -- (iMSPCLOj)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\igefwtwj.sys -- (igefwtwj)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\gmvuhjha.sys -- (gmvuhjha)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\etzvnuxt.sys -- (etzvnuxt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\bqthipoy.sys -- (bqthipoy)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\bnknqphx.sys -- (bnknqphx)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\beqbbxey.sys -- (beqbbxey)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (apkeilpb)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\afuqijck.sys -- (afuqijck)
DRV - [2013-01-08 16:05:19 | 000,026,984 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012-09-29 13:05:53 | 003,332,784 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\appdrv01.sys -- (appdrv01)
DRV - [2012-01-23 08:24:45 | 000,715,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2011-12-08 14:09:16 | 000,327,400 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2011-06-17 19:41:18 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2009-08-05 16:38:22 | 005,874,176 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008-08-05 19:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008-06-18 16:49:16 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2007-02-16 03:27:10 | 000,044,928 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\jraid.sys -- (JRAID)
DRV - [2006-02-07 12:52:58 | 000,006,912 | R--- | M] (JMicron ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\JGOGO.sys -- (JGOGO)
DRV - [2006-01-04 14:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2002-09-16 16:14:32 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\SearchScopes,DefaultScope = {8442D8B1-8129-4741-A45E-0248F46BCA36}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{8442D8B1-8129-4741-A45E-0248F46BCA36}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={5480B5A5-8F8E-417F-9F79-2E59086F1EAC}&mid=94e132887dc04fcb82b2500eb990e029-5167cd3b95b74979fce4a10d9b44278efc5c39bb&lang=pl&ds=ax011&pr=&d=2013-01-08 16:05:37&v=13.2.0.5&sap=hp
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{01D8E5BF-86AC-40AD-96C4-43DDE2929DBB}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{8442D8B1-8129-4741-A45E-0248F46BCA36}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={5480B5A5-8F8E-417F-9F79-2E59086F1EAC}&mid=94e132887dc04fcb82b2500eb990e029-5167cd3b95b74979fce4a10d9b44278efc5c39bb&lang=pl&ds=ax011&pr=&d=2013-01-08 16:05:37&v=13.2.0.5&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "http://isearch.avg.com/?cid={5480B5A5-8F8E-417F-9F79-2E59086F1EAC}&mid=94e132887dc04fcb82b2500eb990e029-5167cd3b95b74979fce4a10d9b44278efc5c39bb&lang=pl&ds=ax011&pr=&d=2013-01-08 16:05:37&v=13.2.0.5&sap=hp"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..keyword.URL: "http://isearch.avg.com/search?cid={5480B5A5-8F8E-417F-9F79-2E59086F1EAC}&mid=94e132887dc04fcb82b2500eb990e029-5167cd3b95b74979fce4a10d9b44278efc5c39bb&lang=pl&ds=ax011&pr=&d=2013-01-08 16:05:37&v=13.2.0.5&sap=ku&q="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-18 01:16:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2012-12-20 07:53:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\AVG Secure Search\FireFoxExt\13.2.0.5 [2013-01-10 07:52:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2012-12-20 07:53:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-12-18 17:03:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-12-20 07:52:35 | 000,000,000 | ---D | M]
 
[2012-11-28 08:26:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jacek.DOM.000\Dane aplikacji\Mozilla\Extensions
[2012-12-18 17:03:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-11-29 09:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-12-20 07:52:28 | 000,124,056 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2012-11-29 11:00:09 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2013-01-10 07:51:53 | 000,003,571 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012-01-23 08:17:08 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012-11-29 11:00:09 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-11-29 11:00:09 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-11-29 11:00:09 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-02-18 01:14:53 | 000,000,158 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search the web.src
[2012-11-29 11:00:09 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-11-29 11:00:09 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2008-04-15 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Help the General-Search Project) - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Documents and Settings\Jacek.DOM.000\Dane aplikacji\Media Finder\Extensions\gencrawler_gc.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (toolplugin) - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - C:\Documents and Settings\Jacek.DOM.000\Dane aplikacji\toolplugin\toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (toolplugin) - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - C:\Documents and Settings\Jacek.DOM.000\Dane aplikacji\toolplugin\toolbar.dll ()
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\JMRaidSetup.exe (Gigabyte Technology Corp.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe ()
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [ROC_roc_ssl_v12] C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [Media Finder] "C:\Program Files\Media Finder\Media Finder.exe" /opentotray File not found
O4 - HKCU..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent File not found
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html File not found
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D823268D-BB35-4A71-B33B-C092F0250EF3}: DhcpNameServer = 62.179.1.63 62.179.1.62
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Jacek.DOM.000\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jacek.DOM.000\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-10-05 13:36:57 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011-01-03 16:39:23 | 000,000,074 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[8210-02-01 18:40:32 | 000,000,000 | ---D | C] -- C:\SHADOW
[2013-01-10 07:51:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2013-01-09 09:06:05 | 016,369,160 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2013-01-08 16:07:49 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jacek.DOM.000\Pulpit\otl-32690.exe
[2013-01-08 16:05:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek.DOM.000\Ustawienia lokalne\Dane aplikacji\AVG Secure Search
[2013-01-08 16:05:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\AVG Secure Search
[2013-01-08 16:05:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek.DOM.000\Dane aplikacji\AVG Secure Search
[2013-01-08 16:05:35 | 000,026,984 | ---- | C] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2013-01-08 16:05:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2013-01-08 16:05:32 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2013-01-08 12:56:07 | 000,177,248 | ---- | C] (Корпорация Майкрософт) -- C:\Documents and Settings\Jacek.DOM.000\wgsdgsdgdsgsd.exe
[2012-12-20 07:53:16 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks
[2012-12-20 07:53:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\RealNetworks
[2012-12-20 07:52:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2012-12-20 07:52:34 | 000,201,424 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2012-12-20 07:52:23 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2012-12-20 07:52:23 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2012-12-20 07:52:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\RealNetworks
[2012-12-18 17:05:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek.DOM.000\Moje dokumenty\Pobieranie
[2012-12-18 17:03:36 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012-12-18 17:03:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Mozilla
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013-01-10 07:56:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2013-01-10 07:51:21 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-507921405-1547161642-1417001333-1004.job
[2013-01-10 07:51:17 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-507921405-1547161642-1417001333-1004.job
[2013-01-10 07:51:13 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-507921405-1547161642-1417001333-1004.job
[2013-01-10 07:51:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-01-09 13:06:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013-01-09 09:06:09 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013-01-09 09:06:09 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013-01-09 09:06:05 | 016,369,160 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2013-01-09 08:57:15 | 095,023,320 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\dsgsdgdsgdsgw.pad
[2013-01-09 08:23:25 | 000,000,406 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013-01-09 08:13:42 | 000,003,130 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\dsgsdgdsgdsgw.js
[2013-01-08 16:07:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jacek.DOM.000\Pulpit\otl-32690.exe
[2013-01-08 16:06:51 | 000,033,792 | ---- | M] () -- C:\Documents and Settings\Jacek.DOM.000\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-01-08 16:05:19 | 000,026,984 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2013-01-08 15:14:31 | 001,094,868 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013-01-08 15:14:31 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013-01-08 15:04:21 | 001,094,868 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013-01-08 12:56:07 | 000,177,248 | ---- | M] (Корпорация Майкрософт) -- C:\Documents and Settings\Jacek.DOM.000\wgsdgsdgdsgsd.exe
[2013-01-08 11:07:21 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013-01-04 18:25:06 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-507921405-1547161642-1417001333-1004.job
[2012-12-20 07:53:31 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\RealPlayer.lnk
[2012-12-20 07:52:34 | 000,201,424 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2012-12-20 07:52:23 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2012-12-20 07:52:23 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2012-12-20 07:52:22 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2012-12-18 17:03:37 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Mozilla Firefox.lnk
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013-01-08 12:56:10 | 000,003,130 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\dsgsdgdsgdsgw.js
[2013-01-08 12:56:07 | 095,023,320 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\dsgsdgdsgdsgw.pad
[2012-12-20 07:53:53 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-507921405-1547161642-1417001333-1004.job
[2012-12-20 07:53:52 | 000,000,286 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-507921405-1547161642-1417001333-1004.job
[2012-12-20 07:53:31 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\RealPlayer.lnk
[2012-12-18 17:03:37 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Mozilla Firefox.lnk
[2012-12-18 17:03:37 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Mozilla Firefox.lnk
[2012-02-16 07:49:40 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012-01-23 08:17:17 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2012-01-23 08:12:16 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2011-06-17 20:58:12 | 001,094,868 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011-06-17 20:58:12 | 001,094,868 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011-06-17 20:58:12 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011-06-17 20:57:59 | 002,811,988 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2011-06-17 20:14:57 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-06-17 20:07:45 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011-06-17 20:06:37 | 000,149,200 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-06-17 19:59:07 | 000,033,792 | ---- | C] () -- C:\Documents and Settings\Jacek.DOM.000\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-06-17 18:17:52 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011-06-17 18:14:01 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010-09-17 19:30:00 | 000,279,994 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1133613238-2234276736-3190104271-1004-0.dat
[2010-09-17 19:30:00 | 000,132,826 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2012-04-15 19:31:04 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011-09-05 14:56:10 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 11:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-15 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TEMP:D1B5B4F1

< End of report >