OTL logfile created on: 2012-09-10 20:37:51 - Run 3 OTL by OldTimer - Version 3.2.61.2 Folder = c:\Users\Mirek\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,87 Gb Total Physical Memory | 1,30 Gb Available Physical Memory | 45,42% Memory free 5,95 Gb Paging File | 2,65 Gb Available in Paging File | 44,52% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 148,89 Gb Total Space | 13,86 Gb Free Space | 9,31% Space Free | Partition Type: NTFS Drive E: | 147,73 Gb Total Space | 75,04 Gb Free Space | 50,79% Space Free | Partition Type: NTFS Drive F: | 1,24 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: MIREKDAWID-PC | User Name: Mirek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-09-09 10:34:51 | 000,599,552 | ---- | M] (OldTimer Tools) -- c:\Users\Mirek\Downloads\OTL.exe PRC - [2012-09-09 09:50:16 | 000,162,816 | ---- | M] (Cybernet Manufacturing) -- C:\Users\Mirek i Dawid\rnd0312.tmp PRC - [2012-08-30 04:58:46 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe PRC - [2012-08-10 18:59:52 | 004,440,896 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Mirek i Dawid\AppData\Local\Akamai\netsession_win.exe PRC - [2012-06-21 09:16:02 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2012-01-18 14:14:29 | 000,939,872 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe PRC - [2011-10-21 08:46:11 | 002,042,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe PRC - [2011-01-13 22:29:31 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe PRC - [2010-05-14 11:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe PRC - [2010-02-08 08:19:35 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe PRC - [2010-02-08 08:19:26 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe PRC - [2010-02-04 12:32:58 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe PRC - [2010-02-04 12:32:58 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe PRC - [2010-02-04 12:32:51 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe PRC - [2009-12-22 01:08:39 | 000,814,344 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-04-11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2008-08-25 10:58:20 | 000,077,824 | ---- | M] (Toshiba) -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe PRC - [2008-08-04 01:02:20 | 000,036,352 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe PRC - [2008-07-18 21:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe PRC - [2008-06-10 18:04:58 | 000,689,456 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\HPWUCli.exe PRC - [2008-04-24 13:03:12 | 000,430,080 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe PRC - [2008-04-17 00:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe PRC - [2008-04-08 15:14:50 | 006,037,504 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008-04-04 16:19:44 | 002,600,960 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.ux.pl 2.4.0\program\soffice.bin PRC - [2008-04-04 16:19:44 | 002,273,280 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.ux.pl 2.4.0\program\soffice.exe PRC - [2008-04-01 03:54:06 | 000,507,904 | ---- | M] (Orb Networks) -- C:\Program Files\Winamp Remote\bin\OrbTray.exe PRC - [2008-02-06 15:12:56 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe PRC - [2008-01-21 04:23:50 | 000,318,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe PRC - [2008-01-17 17:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe PRC - [2007-11-21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe PRC - [2007-05-11 03:06:00 | 000,341,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe PRC - [2006-10-05 13:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe PRC - [2006-08-23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-08-30 04:58:45 | 000,442,392 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\21.0.1180.89\ppgooglenaclpluginchrome.dll MOD - [2012-08-30 04:58:44 | 012,237,336 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll MOD - [2012-08-30 04:58:42 | 003,997,720 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\21.0.1180.89\pdf.dll MOD - [2012-08-30 04:57:15 | 000,144,424 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\21.0.1180.89\avutil-51.dll MOD - [2012-08-30 04:57:13 | 000,266,792 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\21.0.1180.89\avformat-54.dll MOD - [2012-08-30 04:57:12 | 002,480,680 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\21.0.1180.89\avcodec-54.dll MOD - [2012-07-30 13:43:25 | 000,133,632 | ---- | M] () -- C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll MOD - [2012-06-27 17:38:52 | 000,531,968 | ---- | M] () -- C:\Users\Mirek i Dawid\AppData\Roaming\BabylonToolbar\CR\BUSolution.dll MOD - [2012-06-21 09:16:01 | 002,042,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2012-06-04 18:36:14 | 000,133,632 | ---- | M] () -- C:\Users\MIREKI~1\AppData\Local\Google\Chrome\USERDA~1\Default\EXTENS~1\DHKPLH~1\1.7_0\BABYLO~1.DLL MOD - [2012-03-11 10:37:47 | 008,527,520 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll MOD - [2012-01-18 14:14:29 | 000,939,872 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe MOD - [2009-11-09 20:00:00 | 003,564,544 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax MOD - [2009-09-28 00:02:24 | 000,797,184 | ---- | M] () -- C:\Windows\System32\ac3filter.ax MOD - [2009-06-10 19:54:14 | 000,694,272 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\bin\FWUpdateEDO.dll MOD - [2008-08-04 01:02:20 | 000,036,352 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe MOD - [2008-04-04 16:16:46 | 000,139,264 | ---- | M] () -- C:\Program Files\OpenOffice.ux.pl 2.4.0\program\nsldap32v50.dll MOD - [2008-04-02 18:38:58 | 000,542,720 | ---- | M] () -- C:\Program Files\OpenOffice.ux.pl 2.4.0\program\libxmlsec.dll MOD - [2008-04-02 18:01:40 | 000,210,944 | ---- | M] () -- C:\Program Files\OpenOffice.ux.pl 2.4.0\program\libxslt.dll MOD - [2008-04-02 18:00:52 | 001,124,352 | ---- | M] () -- C:\Program Files\OpenOffice.ux.pl 2.4.0\program\libxml2.dll MOD - [2008-03-27 02:40:34 | 000,118,784 | ---- | M] () -- C:\Program Files\Winamp Remote\bin\Cab.dll MOD - [2008-01-25 17:12:34 | 000,098,304 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\EScript.POL MOD - [2007-07-11 07:26:54 | 003,031,040 | ---- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\RdLang32.POL MOD - [2007-07-11 07:09:52 | 000,049,152 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\WebLink.POL MOD - [2007-07-11 07:07:04 | 000,027,136 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Spelling.POL MOD - [2007-07-11 07:06:24 | 000,032,768 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\SendMail.POL MOD - [2007-07-11 07:05:26 | 000,053,248 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Search.POL MOD - [2007-07-11 07:03:04 | 000,028,672 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\SaveAsRTF.POL MOD - [2007-07-11 07:02:04 | 000,013,312 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\ReadOutLoud.POL MOD - [2007-07-11 07:00:28 | 000,933,888 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\PPKLite.POL MOD - [2007-07-11 06:58:14 | 000,155,648 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Multimedia.POL MOD - [2007-07-11 06:57:30 | 000,077,824 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\makeaccessible.POL MOD - [2007-07-11 06:53:58 | 000,006,656 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\EWH32.POL MOD - [2007-07-11 06:50:34 | 000,208,896 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\DigSig.POL MOD - [2007-07-11 06:49:24 | 000,188,416 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Checkers.POL MOD - [2007-07-11 06:47:42 | 001,208,320 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Annots.POL MOD - [2007-07-11 06:44:48 | 000,794,624 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Acroform.POL MOD - [2007-07-11 06:43:44 | 000,077,824 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\accessibility.POL MOD - [2006-12-14 10:33:18 | 000,005,120 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\updater.POL MOD - [2006-12-14 10:26:32 | 000,011,776 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Search5.POL MOD - [2006-12-14 10:22:30 | 000,008,192 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\reflow.POL MOD - [2006-12-14 10:10:20 | 000,010,752 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\pddom.POL MOD - [2006-12-14 09:56:44 | 000,013,312 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\HLS.POL MOD - [2006-12-14 09:49:40 | 000,028,672 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\eBook.POL [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2012-07-11 08:07:49 | 004,419,392 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_4f7fccd.dll -- (Akamai) SRV - [2012-06-21 09:16:01 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2011-11-16 18:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc) SRV - [2011-11-10 15:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service) SRV - [2010-12-08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010-03-03 20:32:44 | 000,332,720 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010-02-08 08:19:26 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd) SRV - [2010-02-04 12:32:51 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc) SRV - [2009-12-22 01:08:39 | 000,814,344 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.10.0) SRV - [2008-08-25 10:58:20 | 000,077,824 | ---- | M] (Toshiba) [On_Demand | Running] -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv) SRV - [2008-07-18 21:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv) SRV - [2008-04-24 10:21:56 | 000,099,720 | ---- | M] (Toshiba Europe GmbH) [Auto | Stopped] -- C:\Program Files\Toshiba TEMPRO\TempoSVC.exe -- (TempoMonitoringService) SRV - [2008-04-17 00:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service) SRV - [2008-02-06 15:12:56 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service) SRV - [2008-01-21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008-01-17 17:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV - [2007-11-21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv) SRV - [2006-10-05 13:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2006-08-23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT) DRV - [2010-02-04 12:32:58 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86) DRV - [2010-02-04 12:32:58 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86) DRV - [2010-02-04 12:32:57 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX) DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-07-18 19:52:16 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32) DRV - [2008-07-15 20:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR) DRV - [2008-04-28 06:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) DRV - [2008-04-15 10:05:08 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2007-11-09 15:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ) DRV - [2006-11-28 16:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006-11-20 14:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk) DRV - [2006-10-18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/idg/idg_1342534181_724673 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = pl.v9.com/idg/idg_1342534181_724673 IE - HKLM\..\URLSearchHook: {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - C:\Program Files\SFT_eng7\prxtbSFT1.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKLM\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {AA74FE59-BC4C-4172-9AC4-73315F71CFFE} IE - HKLM\..\SearchScopes\{6982C084-5CC9-4360-8F20-57F76E802378}: "URL" = http://www.google.com/search?source=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEA; IE - HKLM\..\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxapp.com/?q={searchTerms} IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms} IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7 IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/idg/idg_1342534181_724673 IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = pl.v9.com/idg/idg_1342534181_724673 IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\..\URLSearchHook: *{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - No CLSID value found IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\..\URLSearchHook: {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - C:\Program Files\SFT_eng7\prxtbSFT1.dll (Conduit Ltd.) IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110819&babsrc=SP_ss&mntrId=3c2c01360000000000000022fae73edc IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\..\SearchScopes\{6982C084-5CC9-4360-8F20-57F76E802378}: "URL" = http://www.google.com/search?source=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEA_plPL360 IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=A2FNxO43ymVrj3WKpixz9o_JzC8?q={searchTerms} IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={72865A88-F2D8-4828-A417-1DE50DFE7DB5}&mid=daf9c6b168e086e222217d672cd7f803-e07abd0d512872b19cb41e139162e1865b1b8c8d&lang=us&ds=AVG&pr=fr&d=2011-12-05 13:23:35&v=10.0.0.7&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpro.com/search/browser/hypercam/{F7D07D1D-FA9B-473A-B070-5EE2AF67B0ED}?q={searchTerms} IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\..\SearchScopes\{AA1097AD-D026-4964-BB3F-9271D99AD165}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678 IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\..\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxapp.com/?q={searchTerms} IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\..\SearchScopes\{BA58CFBF-F233-4330-8E04-67247FEA2334}: "URL" = http://mp3tubetoolbar.com/?tmp=toolbar_sb_results&prt=pinballtbfour01ie&Keywords={searchTerms}&clid=e9efe36ab9e04905b8b7f793ed36e27a IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb119/?search={searchTerms}&loc=IB_DS&a=6Oyg5UF3IS&i=26 IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms} IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7 IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421; IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA; IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2475029 IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1001\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.) IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1001\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={72865A88-F2D8-4828-A417-1DE50DFE7DB5}&mid=daf9c6b168e086e222217d672cd7f803-e07abd0d512872b19cb41e139162e1865b1b8c8d&lang=us&ds=AVG&pr=fr&d=2011-12-05 13:23:35&v=10.0.0.7&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1001\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029 IE - HKU\S-1-5-21-3688101451-2162129067-826341854-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3688101451-2162129067-826341854-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA; IE - HKU\S-1-5-21-3688101451-2162129067-826341854-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA; IE - HKU\S-1-5-21-3688101451-2162129067-826341854-500\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={72865A88-F2D8-4828-A417-1DE50DFE7DB5}&mid=daf9c6b168e086e222217d672cd7f803-e07abd0d512872b19cb41e139162e1865b1b8c8d&lang=us&ds=AVG&pr=fr&d=2011-12-05 13:23:35&v=9.0.0.18&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-3688101451-2162129067-826341854-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Yahoo-Mp3Tube" FF - prefs.js..browser.search.defaultenginename: "Yahoo-Mp3Tube" FF - prefs.js..browser.search.defaultthis.engineName: "MyAshampoo Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Yahoo-Mp3Tube" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.selectedEngineURL: "http://mp3tubetoolbarsearch.com/?prt=pinballtbfour01ff&clid=e9efe36ab9e04905b8b7f793ed36e27a&subid=&Keywords={searchTerms}" FF - prefs.js..browser.startup.homepage: "http://mp3tubetoolbarsearch.com/?tmp=toolbar_mp3tube_homepage&prt=pinballtbfour04ff&clid=e9efe36ab9e04905b8b7f793ed36e27a&subid=" FF - prefs.js..extensions.enabledAddons: 4fc0d28015468@4fc0d280154a2.info:5.1 FF - prefs.js..extensions.enabledAddons: mp3tubetoolbar@mp3tubetoolbar.com:3.2 FF - prefs.js..extensions.enabledAddons: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.15.1.0 FF - prefs.js..keyword.URL: "http://mp3tubetoolbarsearch.com/?prt=pinballtbfour02ff&clid=e9efe36ab9e04905b8b7f793ed36e27a&subid=&Keywords=" FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2010-02-08 08:21:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared [2011-06-20 18:58:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-06-09 20:21:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-01-13 22:29:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.0.0.7\ [2012-01-18 14:14:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4fc0d28015468@4fc0d280154a2.info: C:\Users\Mirek i Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\jbgrh1ff.default\extensions\4fc0d28015468@4fc0d280154a2.info [2012-05-26 23:56:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-06-21 09:16:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-05-17 10:09:15 | 000,000,000 | ---D | M] [2011-05-25 10:54:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mirek\AppData\Roaming\mozilla\Extensions [2012-08-29 12:40:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mirek\AppData\Roaming\mozilla\Firefox\Profiles\oe9c2hgx.default\extensions [2012-08-29 12:40:56 | 000,000,000 | ---D | M] (MyAshampoo Community Toolbar) -- C:\Users\Mirek\AppData\Roaming\mozilla\Firefox\Profiles\oe9c2hgx.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} [2011-03-24 13:03:00 | 000,000,923 | ---- | M] () -- C:\Users\Mirek\AppData\Roaming\mozilla\firefox\profiles\oe9c2hgx.default\searchplugins\conduit.xml [2012-06-11 12:11:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-03-10 17:09:04 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-01-27 18:33:47 | 000,000,000 | ---D | M] (MP3Tube Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com [2012-05-26 23:56:19 | 000,000,000 | ---D | M] (TheBflix) -- C:\USERS\MIREK I DAWID\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JBGRH1FF.DEFAULT\EXTENSIONS\4FC0D28015468@4FC0D280154A2.INFO [2012-06-21 09:16:02 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-07-23 09:20:48 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012-06-01 18:43:14 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-06-01 18:43:14 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-06-01 18:43:14 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-06-01 18:43:14 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-07-17 16:18:51 | 000,002,415 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml [2012-06-01 18:43:14 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-06-01 18:43:14 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://www.google.com/ CHR - default_search_provider: AVG Secure Search (Enabled) CHR - default_search_provider: search_url = http://isearch.avg.com/search?cid={72865A88-F2D8-4828-A417-1DE50DFE7DB5}&mid=daf9c6b168e086e222217d672cd7f803-e07abd0d512872b19cb41e139162e1865b1b8c8d&lang=us&ds=AVG&pr=fr&d=2011-12-05 13:23:35&v=10.0.0.7&sap=dsp&q={searchTerms} CHR - default_search_provider: suggest_url = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding} CHR - homepage: http://www.google.com/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - Extension: Babylon Toolbar = C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\ CHR - Extension: TheBflix = C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgnbbmjplnjojimmnihieecplmnhgfem\5.1_0\ CHR - Extension: DealPly = C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2_0\ CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\ CHR - Extension: Bflix extension = C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlfihafpijfdgmojeeigcldgchhojpfp\1.0_0\ CHR - Extension: Skype Click to Call = C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\ CHR - Extension: ADDICT-THING = C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppjemjejnnojomfekgbpbbnecicblllf\1.0_0\ O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (SFT_eng7 Toolbar) - {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - C:\Program Files\SFT_eng7\prxtbSFT1.dll (Conduit Ltd.) O2 - BHO: (BFlix Class) - {0C9F4179-6CE2-4c6a-A3E5-67FF3592A12E} - C:\Program Files\BFlix\Bflix.dll (BFlix) O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.3.27\bh\incredibar.dll (Montera Technologeis LTD) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll () O2 - BHO: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.) O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll (DealPly Technologies Ltd) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (ADDICT-THING Class) - {CCBFD0AE-D5B9-4F14-8770-D6F1051A97B8} - C:\ProgramData\ADDICT-THING\bhoclass.dll File not found O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files\Softonic\Softonic\1.5.21.0\bh\Softonic.dll (Softonic.com) O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O2 - BHO: (TheBflix Class) - {FAD556F3-D448-E67B-B59D-E652370B2A15} - C:\ProgramData\TheBflix\bhoclass.dll File not found O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC) O3 - HKLM\..\Toolbar: (SFT_eng7 Toolbar) - {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - C:\Program Files\SFT_eng7\prxtbSFT1.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Mp3Tube Toolbar) - {46897C77-E7A6-4c33-BFFB-E9C2E2718942} - C:\Program Files\Mp3Tube Toolbar\mp3tubetb.dll (Mp3Tube Toolbar) O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\Softonic\1.5.21.0\SoftonicTlbr.dll (Softonic.com) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.3.27\incredibarTlbr.dll (Montera Technologeis LTD) O3 - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\..\Toolbar\WebBrowser: (SFT_eng7 Toolbar) - {08D6B0B4-C132-470D-A8E2-AA2E9C3851C9} - C:\Program Files\SFT_eng7\prxtbSFT1.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\..\Toolbar\WebBrowser: (MyAshampoo Toolbar) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKU\S-1-5-21-3688101451-2162129067-826341854-1001\..\Toolbar\WebBrowser: (SFT_eng7 Toolbar) - {08D6B0B4-C132-470D-A8E2-AA2E9C3851C9} - C:\Program Files\SFT_eng7\prxtbSFT1.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-3688101451-2162129067-826341854-1001\..\Toolbar\WebBrowser: (MyAshampoo Toolbar) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-3688101451-2162129067-826341854-1001\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKU\S-1-5-21-3688101451-2162129067-826341854-1001\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [Bonus.SSR.FR10] C:\Program Files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe (ABBYY.) O4 - HKLM..\Run: [NWEReboot] File not found O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe () O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe (Toshiba Europe GmbH) O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe () O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe () O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-3688101451-2162129067-826341854-1000..\Run: [Akamai NetSession Interface] C:\Users\Mirek i Dawid\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKU\S-1-5-21-3688101451-2162129067-826341854-1000..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - HKU\S-1-5-21-3688101451-2162129067-826341854-1000..\Run: [hbmigawjamnfwtp] C:\Windows\hbmigawj.exe (Cybernet Manufacturing) O4 - HKU\S-1-5-21-3688101451-2162129067-826341854-1000..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe (PC Utilities Pro) O4 - HKU\S-1-5-21-3688101451-2162129067-826341854-1000..\Run: [Real Desktop] "C:\Program Files\Real Desktop\Real Desktop.exe" File not found O4 - HKU\S-1-5-21-3688101451-2162129067-826341854-1000..\Run: [TOSCDSPD] TOSCDSPD.EXE File not found O4 - HKU\S-1-5-21-3688101451-2162129067-826341854-1000..\Run: [update] C:\Program Files\Internet Explorer\SIGNUP\update.exe File not found O4 - HKU\S-1-5-21-3688101451-2162129067-826341854-1001..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA) O4 - HKU\S-1-5-21-3688101451-2162129067-826341854-500..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA) O4 - HKU\S-1-5-21-3688101451-2162129067-826341854-500..\Run: [update] C:\Program Files\Internet Explorer\SIGNUP\update.exe File not found O4 - HKU\S-1-5-21-3688101451-2162129067-826341854-500..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKLM..\RunOnce: [TheBflixUpdater] C:\ProgramData\TheBflixUpdater\updater.exe () O4 - HKU\S-1-5-21-3688101451-2162129067-826341854-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil11g_Plugin.exe (Adobe Systems, Inc.) O4 - HKU\S-1-5-21-3688101451-2162129067-826341854-500..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil11g_Plugin.exe (Adobe Systems, Inc.) O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) O4 - Startup: C:\Users\Mirek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.ux.pl 2.4.0.lnk = C:\Program Files\OpenOffice.ux.pl 2.4.0\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data] O7 - HKU\S-1-5-21-3688101451-2162129067-826341854-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html () O9 - Extra Button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/4908-44618-9400-3/4 File not found O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home File not found O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKU\S-1-5-21-3688101451-2162129067-826341854-1000\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 91.195.233.234 91.195.232.126 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{00A2EBB4-C6B8-42D4-9D13-9B52E57DE446}: DhcpNameServer = 91.195.233.234 91.195.232.126 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F8B927D6-81C3-4B4F-80E4-B21D30A67584}: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll () O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - AppInit_DLLs: (avgrsstx.dll) - avgrsstx.dll (AVG Technologies CZ, s.r.o.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - igfxdev.dll (Intel Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2009-12-31 18:54:03 | 000,000,000 | ---D | M] - E:\auto xtreme -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-09-09 09:50:25 | 000,000,000 | ---D | C] -- C:\ProgramData\cwycsfkravgwlrq [2012-09-09 09:50:23 | 000,162,816 | ---- | C] (Cybernet Manufacturing) -- C:\Windows\hbmigawj.exe [2012-09-09 09:50:23 | 000,162,816 | ---- | C] (Cybernet Manufacturing) -- C:\ProgramData\hbmigawj.exe [2012-09-08 16:11:39 | 000,000,000 | ---D | C] -- C:\Minecraft_Backup [2012-08-25 11:29:50 | 000,000,000 | ---D | C] -- C:\Users\Mirek\AppData\Roaming\.techniclauncher [2012-08-16 10:04:27 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012-08-16 10:04:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012-08-16 10:04:26 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012-08-16 10:04:25 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012-08-16 10:04:25 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012-08-16 10:04:25 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012-08-16 10:04:24 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012-08-16 10:04:11 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-09-10 20:28:47 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012-09-10 20:28:47 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012-09-10 20:20:05 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-09-10 20:01:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-09-10 19:10:09 | 000,000,356 | -H-- | M] () -- C:\Windows\tasks\TheBflixUpdaterRefreshTask.job [2012-09-10 19:10:00 | 000,000,376 | -H-- | M] () -- C:\Windows\tasks\TheBflixUpdaterLogonTask.job [2012-09-10 15:20:03 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-09-10 14:29:08 | 057,340,307 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm [2012-09-09 09:50:24 | 000,078,023 | ---- | M] () -- C:\ProgramData\fsovxecueifdqou [2012-09-09 09:50:16 | 000,162,816 | ---- | M] (Cybernet Manufacturing) -- C:\Windows\hbmigawj.exe [2012-09-09 09:50:16 | 000,162,816 | ---- | M] (Cybernet Manufacturing) -- C:\ProgramData\hbmigawj.exe [2012-09-07 09:43:08 | 000,712,170 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-09-07 09:43:08 | 000,632,098 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-09-07 09:43:08 | 000,150,124 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-09-07 09:43:08 | 000,118,724 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-09-03 14:18:00 | 000,000,316 | -HS- | M] () -- C:\Windows\tasks\bekpfdgahn.job [2012-09-03 14:17:22 | 3082,809,344 | -HS- | M] () -- C:\hiberfil.sys [2012-08-17 15:03:44 | 000,344,992 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-09-09 09:50:17 | 000,078,023 | ---- | C] () -- C:\ProgramData\fsovxecueifdqou [2012-08-15 18:50:20 | 000,344,992 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2012-05-10 06:38:00 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI [2012-02-11 17:47:04 | 000,202,240 | ---- | C] () -- C:\Windows\System32\patchw32.dll [2012-02-11 17:46:40 | 000,349,696 | ---- | C] () -- C:\Windows\System32\mss32.dll [2012-02-11 17:46:27 | 003,167,501 | ---- | C] () -- C:\Windows\System32\metin2.bin [2012-01-23 15:02:17 | 000,139,128 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2012-01-23 15:01:46 | 000,189,248 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2012-01-23 15:01:45 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe [2012-01-23 15:01:45 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2011-09-04 09:40:02 | 000,167,740 | ---- | C] () -- C:\Windows\dat.exe [2011-08-31 13:14:53 | 000,249,461 | ---- | C] () -- C:\Windows\Tibia.dat [2011-08-11 08:25:05 | 000,108,217 | ---- | C] () -- C:\Windows\os4.exe [2011-08-11 08:25:05 | 000,059,904 | ---- | C] () -- C:\Windows\zlib1.dll [2011-07-26 19:06:02 | 000,008,704 | ---- | C] () -- C:\Users\Mirek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-05-25 10:54:25 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2011-05-25 09:31:47 | 000,000,418 | ---- | C] () -- C:\Windows\ODBC.INI [2011-02-03 14:29:28 | 000,000,606 | ---- | C] () -- C:\Windows\hpomdl46.dat.temp [2011-01-19 23:29:17 | 000,112,640 | ---- | C] () -- C:\Windows\lsb_un20.exe [2010-10-18 15:50:03 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010-10-18 15:07:14 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll [2010-09-20 15:30:50 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:6BE50C2B < End of report >