OTL logfile created on: 2012-12-29 13:50:15 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Agnieszka\Moje dokumenty\Downloads Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 0,94 Gb Available Physical Memory | 47,14% Memory free 3,85 Gb Paging File | 2,72 Gb Available in Paging File | 70,70% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 53,94 Gb Total Space | 4,11 Gb Free Space | 7,62% Space Free | Partition Type: NTFS Drive D: | 122,08 Gb Total Space | 97,54 Gb Free Space | 79,90% Space Free | Partition Type: NTFS Drive E: | 122,07 Gb Total Space | 35,54 Gb Free Space | 29,11% Space Free | Partition Type: NTFS Computer Name: SPECIAL-XP | User Name: Agnieszka | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 1 Day [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-12-29 13:44:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Agnieszka\Moje dokumenty\Downloads\OTL.exe PRC - [2012-12-12 16:52:25 | 001,354,736 | ---- | M] (Valve Corporation) -- E:\STEAM HIHI\Steam.exe PRC - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe PRC - [2012-11-24 10:19:23 | 003,093,624 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe PRC - [2012-11-14 07:04:22 | 000,568,832 | ---- | M] () -- C:\Program Files\DefaultTab\DefaultTabSearch.exe PRC - [2012-11-05 15:08:35 | 000,997,320 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe PRC - [2012-11-05 15:08:34 | 000,711,112 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe PRC - [2012-11-05 11:57:12 | 003,854,696 | ---- | M] () -- C:\Program Files\TUTO4PC\tuto4pc_pl_1.exe PRC - [2012-11-05 11:57:12 | 003,055,976 | ---- | M] () -- C:\Documents and Settings\paveł\Ustawienia lokalne\Dane aplikacji\tuto4pc_pl_1\supt4pc_pl_1.exe PRC - [2012-10-12 01:38:28 | 000,413,040 | ---- | M] (AnchorFree Inc.) -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe PRC - [2012-09-19 15:50:47 | 000,233,472 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Premium\GadgetBox Updater\GadgetBox Updater.exe PRC - [2012-08-15 18:08:34 | 000,231,768 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe PRC - [2012-04-09 16:43:42 | 001,557,160 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe PRC - [2012-04-03 15:05:56 | 000,183,808 | ---- | M] () -- C:\Program Files\Protector by IB\ExtensionUpdaterService.exe PRC - [2012-01-08 11:55:22 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe PRC - [2011-12-16 07:55:44 | 000,187,696 | ---- | M] (Blabbers Communications LTD) -- C:\Program Files\BrowserCompanion\BCHelper.exe PRC - [2011-11-28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2011-11-28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2011-10-25 13:44:42 | 000,793,048 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe PRC - [2011-09-27 18:10:37 | 001,700,752 | ---- | M] (Bandoo Media, inc) -- C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe PRC - [2011-06-17 18:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe PRC - [2011-05-25 08:25:59 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2010-04-12 04:01:42 | 000,047,616 | R--- | M] (Mobile Leader Co.,Ltd.) -- C:\WINDOWS\system32\LGScsiCommandService.exe PRC - [2009-03-10 21:18:20 | 000,970,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WgaTray.exe PRC - [2008-06-18 11:01:56 | 000,077,824 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-11-03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\WINDOWS\PixArt\Pac207\Monitor.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-12-29 09:34:23 | 002,041,856 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12122900\algo.dll MOD - [2012-12-28 23:48:49 | 002,041,856 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12122801\algo.dll MOD - [2012-12-21 10:53:21 | 000,647,168 | ---- | M] () -- E:\STEAM HIHI\sdl.dll MOD - [2012-12-21 10:52:26 | 020,320,240 | ---- | M] () -- E:\STEAM HIHI\bin\libcef.dll MOD - [2012-12-21 10:52:14 | 000,969,280 | ---- | M] () -- E:\STEAM HIHI\bin\chromehtml.dll MOD - [2012-12-21 10:52:14 | 000,124,416 | ---- | M] () -- E:\STEAM HIHI\bin\avutil-51.dll MOD - [2012-12-21 10:52:13 | 001,100,800 | ---- | M] () -- E:\STEAM HIHI\bin\avcodec-53.dll MOD - [2012-12-21 10:52:13 | 000,192,000 | ---- | M] () -- E:\STEAM HIHI\bin\avformat-53.dll MOD - [2012-12-05 18:09:41 | 002,148,376 | ---- | M] () -- c:\Documents and Settings\All Users\Dane aplikacji\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll MOD - [2012-12-05 02:15:15 | 012,456,040 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll MOD - [2012-12-05 02:15:15 | 000,460,904 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppgooglenaclpluginchrome.dll MOD - [2012-12-05 02:15:14 | 004,008,040 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll MOD - [2012-12-05 02:14:29 | 000,587,880 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\libglesv2.dll MOD - [2012-12-05 02:14:28 | 000,124,520 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\libegl.dll MOD - [2012-12-05 02:14:21 | 000,157,304 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avutil-51.dll MOD - [2012-12-05 02:14:20 | 000,275,576 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avformat-54.dll MOD - [2012-12-05 02:14:19 | 002,168,952 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll MOD - [2012-11-24 10:19:23 | 003,093,624 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe MOD - [2012-11-14 07:04:22 | 000,568,832 | ---- | M] () -- C:\Program Files\DefaultTab\DefaultTabSearch.exe MOD - [2012-11-05 15:08:36 | 000,566,728 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\13.2.0\avgdttbx.dll MOD - [2012-11-05 15:08:36 | 000,134,600 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\SiteSafety.dll MOD - [2012-11-05 15:08:35 | 000,997,320 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe MOD - [2012-11-05 15:08:34 | 000,711,112 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe MOD - [2012-11-05 11:57:12 | 003,854,696 | ---- | M] () -- C:\Program Files\TUTO4PC\tuto4pc_pl_1.exe MOD - [2012-11-05 11:57:12 | 003,055,976 | ---- | M] () -- C:\Documents and Settings\paveł\Ustawienia lokalne\Dane aplikacji\tuto4pc_pl_1\supt4pc_pl_1.exe MOD - [2012-09-19 15:50:47 | 000,233,472 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Premium\GadgetBox Updater\GadgetBox Updater.exe MOD - [2012-04-03 15:05:56 | 000,183,808 | ---- | M] () -- C:\Program Files\Protector by IB\ExtensionUpdaterService.exe MOD - [2011-10-04 22:42:36 | 000,086,016 | ---- | M] () -- C:\WINDOWS\system32\custmon32i.dll MOD - [2011-08-07 12:54:44 | 000,362,029 | ---- | M] () -- C:\Program Files\BrowserCompanion\sqlite3.dll MOD - [2008-04-14 21:50:38 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2012-12-13 10:05:51 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-12-07 17:02:14 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-12-05 18:10:34 | 002,403,352 | ---- | M] () [Disabled | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe -- (Browser Manager) SRV - [2012-11-19 17:03:24 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012-11-14 07:04:22 | 000,568,832 | ---- | M] () [Auto | Running] -- C:\Program Files\DefaultTab\DefaultTabSearch.exe -- (DefaultTabSearch) SRV - [2012-11-12 19:55:13 | 004,539,712 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_ce5ba24.dll -- (Akamai) SRV - [2012-11-09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-11-05 15:08:34 | 000,711,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0) SRV - [2012-11-05 11:57:12 | 003,055,976 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\paveł\Ustawienia lokalne\Dane aplikacji\tuto4pc_pl_1\supt4pc_pl_1.exe -- (supt4pc_pl_1) SRV - [2012-10-12 01:47:38 | 000,078,072 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Hotspot Shield\bin\HSSTrayService.exe -- (HssTrayService) SRV - [2012-10-12 01:38:28 | 000,413,040 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv) SRV - [2012-04-03 15:05:56 | 000,183,808 | ---- | M] () [Auto | Running] -- C:\Program Files\Protector by IB\ExtensionUpdaterService.exe -- (Protector by IB Updater) SRV - [2011-11-28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2011-10-25 13:44:42 | 000,793,048 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc) SRV - [2011-06-17 18:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService) SRV - [2011-05-25 08:25:59 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2010-04-12 04:01:42 | 000,047,616 | R--- | M] (Mobile Leader Co.,Ltd.) [Auto | Running] -- C:\WINDOWS\system32\LGScsiCommandService.exe -- (LGScsiCommandService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva401.sys -- (XDva401) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Admin\USTAWI~1\Temp\ALSysIO.sys -- (ALSysIO) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aimmat6h) DRV - [2012-11-05 15:08:37 | 000,026,984 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp) DRV - [2012-08-01 19:13:42 | 000,039,656 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hssdrv.sys -- (HssDrv) DRV - [2012-06-09 09:41:54 | 000,473,656 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2012-04-14 14:48:19 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2012-01-05 00:01:54 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss) DRV - [2011-11-28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011-11-28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011-11-28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011-11-28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011-11-28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2011-11-28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2011-11-28 18:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2011-08-23 11:56:22 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2011-06-13 04:03:54 | 000,306,664 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2011-05-25 08:26:22 | 000,119,528 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA) DRV - [2010-01-27 03:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf) DRV - [2009-11-18 00:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009-11-18 00:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2009-01-19 19:31:56 | 000,277,544 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\acedrv11.sys -- (acedrv11) DRV - [2008-07-03 10:03:14 | 004,745,216 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2008-05-02 07:48:55 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112) DRV - [2006-11-20 08:48:40 | 000,506,112 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PFC027.SYS -- (PAC207) DRV - [2005-11-03 15:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02) DRV - [2005-08-10 13:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) DRV - [2005-05-16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=MAXTOR_STM3320613AS_6SZ0VGV4____6SZ0VGV4&ts=1354289339 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=MAXTOR_STM3320613AS_6SZ0VGV4____6SZ0VGV4&ts=1354289339 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.v9.com/web/?q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.v9.com/web/?q={searchTerms} IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{154d339e-ccaa-49a5-9b38-6878ad4220bc}: "URL" = http://www.searchamong.com/searchview.php?source=6987e315b363f4b09672a1cda71caea8&query={searchTerms}&cat=webs&bar=true IE - HKLM\..\SearchScopes\{23088cf8-eaf8-4bb3-a251-9ba61557ac75}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=Z1xdm040YYpl&ptb=1607FD2E-4F47-4639-A423-765AAF1415F9&psa=&ind=2011121907&ptnrS=Z1xdm040YYpl&si=CPXz8eDRwqwCFUcj3godUSlrqg&st=sb&n=77df48f3&searchfor={searchTerms} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://www.searchqu.com/web?src=ieb&appid=102&systemid=406&sr=0&q={searchTerms} IE - HKLM\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDyD0D0EtAyByC0B0AyE0BtAtN0D0Tzu0CtAtBtCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=353377797 IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxapp.com/?q={searchTerms} IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&st=6&barid={A4B740C1-DBE1-47B1-A3EE-8D48C105D4F4} IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-1935655697-1965331169-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?affID=110824&tt=261112_set2_4812_3&babsrc=HP_ss&mntrId=9430a4b300000000000000ff9d17e8d9 IE - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://pl.v9.com/ins/ins_1332262466_135926 IE - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.searchamong.com/searchview.php?source=6987e315b363f4b09672a1cda71caea8&query={searchTerms}&cat=webs&bar=true IE - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.searchamong.com/searchview.php?source=6987e315b363f4b09672a1cda71caea8&query={searchTerms}&cat=webs&bar=true IE - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={7D15B2A0-CCDC-465B-843D-89D19F516142}&mid=09e0e3f2de7a456b8e8a27ac045eb7de-06ce4fc639803a2e3563922518183d8e94088cb9&lang=pl&ds=ik011&pr=&d=2012-09-06 18:03:40&v=13.2.0.5&sap=hp IE - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.searchamong.com/searchview.php?source=6987e315b363f4b09672a1cda71caea8&query={searchTerms}&cat=webs&bar=true IE - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchamong.com/searchview.php?source=6987e315b363f4b09672a1cda71caea8&query={searchTerms}&cat=webs&bar=true IE - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110824&tt=261112_set2_4812_3&babsrc=SP_ss&mntrId=9430a4b300000000000000ff9d17e8d9 IE - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\..\SearchScopes\{154d339e-ccaa-49a5-9b38-6878ad4220bc}: "URL" = http://www.searchamong.com/searchview.php?source=6987e315b363f4b09672a1cda71caea8&query={searchTerms}&cat=webs&bar=true IE - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=VD&o=14778&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=VX&apn_dtid=YYYYYYFHPL&apn_uid=6BA37897-BB59-4C0B-A6A2-6B177A738092&apn_sauid=179BAA21-9770-4AA1-BB47-9945088FAEFD IE - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\..\SearchScopes\{23088cf8-eaf8-4bb3-a251-9ba61557ac75}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=Z1xdm040YYpl&ptb=1607FD2E-4F47-4639-A423-765AAF1415F9&psa=&ind=2011121907&ptnrS=Z1xdm040YYpl&si=CPXz8eDRwqwCFUcj3godUSlrqg&st=sb&n=77df48f3&searchfor={searchTerms} IE - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MOOI_pl IE - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={7D15B2A0-CCDC-465B-843D-89D19F516142}&mid=09e0e3f2de7a456b8e8a27ac045eb7de-06ce4fc639803a2e3563922518183d8e94088cb9&lang=pl&ds=ik011&pr=&d=2012-09-06 18:03:40&v=12.2.0.5&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678 IE - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\..\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}: "URL" = http://www.ask.com/web?l=dis&o=APN10020&gct=sb&qsrc=2869&apn_dtid=^YYYYYY^YY^US&apn_ptnrs=^A4G &apn_uid=1463240465034258&p2=^A4G ^YYYYYY^YY^US&q={searchTerms} IE - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredimail.com/mb68/?search={searchTerms}&loc=search_box&u=92823119942804819 IE - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={A4B740C1-DBE1-47B1-A3EE-8D48C105D4F4} IE - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)" FF - prefs.js..browser.search.selectedEngine,S: S", "" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "https://www.google.pl/" FF - prefs.js..extensions.enabledAddons: addon%40defaulttab.com:1.4.2 FF - prefs.js..extensions.enabledAddons: ffxtlbr%40babylon.com:1.5.0 FF - prefs.js..extensions.enabledAddons: plugin%40yontoo.com:1.20.00 FF - prefs.js..extensions.enabledAddons: %7Bcd8812d4-e5b8-41c6-94d4-59872a484bf1%7D:1.0.0.12 FF - prefs.js..extensions.enabledAddons: %7BEEE6C361-6118-11DC-9C72-001320C79847%7D:1.7.0.3 FF - prefs.js..extensions.enabledAddons: afurladvisor%40anchorfree.com:1.1 FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:6.0.1367 FF - prefs.js..extensions.enabledAddons: jqs%40sun.com:1.0 FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.9 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 FF - prefs.js..browser.search.defaultenginename: "Google" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@ei.FilmFanatic.com/Plugin: C:\Program Files\FilmFanaticEI\Installr\c.bin\NPpaEISB.dll (FilmFanatic) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPBrowserExt: C:\Program Files\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-12-16 09:32:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\firefox\ [2012-01-07 12:30:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4f8da96068d6f@4f8da96068d70.info: C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\k0dm8u43.default\extensions\4f8da96068d6f@4f8da96068d70.info FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Protector by IB\Firefox [2012-04-18 16:48:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search\FireFoxExt\13.2.0.5 [2012-11-05 15:10:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-12-07 17:02:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-10-21 08:05:57 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}: C:\Documents and Settings\All Users\Dane aplikacji\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2012-12-11 08:39:21 | 000,000,000 | ---D | M] [2011-05-27 14:14:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Mozilla\Extensions [2012-12-29 13:19:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Mozilla\Firefox\Profiles\j2gjoprc.default\extensions [2012-02-26 10:46:37 | 000,000,000 | ---D | M] (DVD Video Soft Toolbar) -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Mozilla\Firefox\Profiles\j2gjoprc.default\extensions\{cd8812d4-e5b8-41c6-94d4-59872a484bf1} [2011-10-08 21:18:18 | 000,000,000 | ---D | M] (DealPly) -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Mozilla\Firefox\Profiles\j2gjoprc.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} [2012-11-06 18:39:58 | 000,000,000 | ---D | M] (SweetPacks Toolbar for Firefox) -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Mozilla\Firefox\Profiles\j2gjoprc.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} [2012-11-10 17:40:19 | 000,000,000 | ---D | M] (Default Tab) -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Mozilla\Firefox\Profiles\j2gjoprc.default\extensions\addon@defaulttab.com [2012-11-29 18:58:13 | 000,000,000 | ---D | M] (Babylon Toolbar) -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Mozilla\Firefox\Profiles\j2gjoprc.default\extensions\ffxtlbr@babylon.com [2012-02-26 10:35:05 | 000,000,000 | ---D | M] (Yontoo) -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Mozilla\Firefox\Profiles\j2gjoprc.default\extensions\plugin@yontoo.com [2012-12-29 13:19:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Mozilla\Firefox\Profiles\j2gjoprc.default\extensions\staged [2012-11-10 17:40:19 | 000,022,389 | ---- | M] () (No name found) -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Mozilla\Firefox\Profiles\j2gjoprc.default\extensions\addon@defaulttab.com.xpi [2012-12-22 09:19:46 | 000,036,098 | ---- | M] () (No name found) -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Mozilla\Firefox\Profiles\j2gjoprc.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-06 18:39:52 | 000,189,128 | ---- | M] () (No name found) -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Mozilla\Firefox\Profiles\j2gjoprc.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2012-09-15 20:07:34 | 000,002,571 | ---- | M] () -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Mozilla\Firefox\Profiles\j2gjoprc.default\searchplugins\askcom.xml [2011-11-11 18:46:18 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Mozilla\Firefox\Profiles\j2gjoprc.default\searchplugins\conduit.xml [2011-11-19 17:50:14 | 000,009,650 | ---- | M] () -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Mozilla\Firefox\Profiles\j2gjoprc.default\searchplugins\my-web-search.xml [2011-10-08 21:18:16 | 000,002,207 | ---- | M] () -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Mozilla\Firefox\Profiles\j2gjoprc.default\searchplugins\MyStart Search.xml [2012-12-29 13:18:27 | 000,002,030 | ---- | M] () -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Mozilla\Firefox\Profiles\j2gjoprc.default\searchplugins\search-here.xml [2012-09-24 13:45:32 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Mozilla\Firefox\Profiles\j2gjoprc.default\searchplugins\sweetim.xml [2012-11-10 17:39:56 | 000,006,498 | ---- | M] () -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Mozilla\Firefox\Profiles\j2gjoprc.default\searchplugins\Web Search.xml [2012-12-07 17:02:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-02-17 15:21:38 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files\Mozilla Firefox\extensions\afurladvisor@anchorfree.com [2012-05-18 18:19:23 | 000,000,000 | ---D | M] (Babylon) -- C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2011-08-02 11:27:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\muza [2012-12-07 10:15:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\extensions [2012-12-07 10:15:42 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2012-12-07 10:15:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} [2012-12-07 10:15:41 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files\Mozilla Firefox\updated\extensions\afurladvisor@anchorfree.com [2012-12-07 10:15:41 | 000,000,000 | ---D | M] (Babylon) -- C:\Program Files\Mozilla Firefox\updated\extensions\ffxtlbr@babylon.com [2012-12-07 10:15:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\extensions\muza [2011-12-16 09:32:29 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2011-08-07 11:42:26 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2012-12-07 17:02:17 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-08-07 11:42:26 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012-10-24 20:33:06 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-02-26 10:46:45 | 000,002,277 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\ask.xml [2012-11-05 15:09:24 | 000,003,571 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml [2012-11-30 16:16:19 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2009-09-21 12:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml [2012-10-24 20:33:06 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-01-05 19:55:43 | 000,002,049 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml [2012-10-24 20:33:06 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-01-05 00:02:04 | 000,001,847 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\privatesearch.xml [2012-10-24 20:33:06 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011-10-11 15:40:11 | 000,002,520 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml [2012-11-30 16:29:02 | 000,000,402 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml [2012-10-24 20:33:06 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-10-24 20:33:06 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://search.babylon.com/?affID=110824&tt=261112_set2_4812_3&babsrc=HP_ss&mntrId=9430a4b300000000000000ff9d17e8d9 CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: http://search.babylon.com/?affID=110824&tt=261112_set2_4812_3&babsrc=HP_ss&mntrId=9430a4b300000000000000ff9d17e8d9 CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll CHR - plugin: (Enabled) = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\chromeNPAPI.dll CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.412_0\npbrowserext.dll CHR - plugin: Babylon ToolBar (Enabled) = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.8_0\BabylonChromeToolBar.dll CHR - plugin: Application Manager (Enabled) = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll CHR - plugin: SweetIM GC Helper (Enabled) = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\mgHelperGCFB.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\npSkypeChromePlugin.dll CHR - plugin: npDefaultTabSearch plugin (Enabled) = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.10_0\plugins/npDefaultTabSearch.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll CHR - plugin: FilmFanatic Installer Plugin Stub (Enabled) = C:\Program Files\FilmFanaticEI\Installr\c.bin\NPpaEISB.dll CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files\FilmFanatic\bar\1.bin\NPpaStub.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll CHR - plugin: iTunes Application Detector (Enabled) = E:\Mozilla Plugins\npitunes.dll CHR - Extension: Browser Companion Helper = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\ CHR - Extension: Protector by IB = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.412_0\ CHR - Extension: DealPly = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2_0\ CHR - Extension: wxDfast = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\hpilclpacieflhmobalmaccogiioldoo\1.0_0\ CHR - Extension: avast! WebRep = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1374_0\ CHR - Extension: DefaultTab = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.14_0\ CHR - Extension: Click to call with Skype = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\ CHR - Extension: AVG Secure Search = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\ CHR - Extension: AVG Secure Search = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\.bak CHR - Extension: GoPhoto.it = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.4_0\ CHR - Extension: Settings Protector = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\ CHR - Extension: Browser Companion Helper = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\ CHR - Extension: Protector by IB = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.412_0\ CHR - Extension: DealPly = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2_0\ CHR - Extension: wxDfast = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\hpilclpacieflhmobalmaccogiioldoo\1.0_0\ CHR - Extension: avast! WebRep = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1374_0\ CHR - Extension: DefaultTab = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.14_0\ CHR - Extension: Click to call with Skype = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\ CHR - Extension: AVG Secure Search = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\ CHR - Extension: AVG Secure Search = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\.bak CHR - Extension: GoPhoto.it = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.4_0\ CHR - Extension: Settings Protector = C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\ O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Chatvibes Browser Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files\BrowserCompanion\jsloader.dll ( ) O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (SearchAmong Toolbar) - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\Program Files\SearchAmong Toolbar\SearchAmongToolbar.dll () O2 - BHO: (I Want This) - {11111111-1111-1111-1111-110011221158} - C:\Program Files\I Want This\I Want This.dll (215 Apps) O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.3.8\bh\BabylonToolbar.dll File not found O2 - BHO: (Protector by IB) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Protector by IB\Extension32.dll () O2 - BHO: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\prxtbFre0.dll (Conduit Ltd.) O2 - BHO: (Mario Forever Toolbar) - {707db484-2428-402d-afb5-d85b387544c7} - C:\Program Files\Mario_Forever\tbMari.dll File not found O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files\Funmoods\1.5.23.22\bh\escort.dll (Funmoods BHO) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll () O2 - BHO: (Chatvibes Browser Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files\BrowserCompanion\updatebhoWin32.dll ( ) O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll () O2 - BHO: (SearchCore for Browsers) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\BrowserConnection.dll (Bandoo Media, inc) O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll (DealPly Technologies Ltd) O2 - BHO: (Plugin for Media Finder) - {AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} - C:\Documents and Settings\Admin\Dane aplikacji\Media Finder\Extensions\IEPlugin32.dll File not found O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Pandora Toolbar) - {bc9d04ce-6b2c-4809-aa45-3aa12301ea0d} - C:\Program Files\Pandora\prxtbPand.dll File not found O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll File not found O2 - BHO: (Hotspot Shield Toolbar) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\prxtbHot2.dll (Conduit Ltd.) O2 - BHO: (Help the General-Search Project) - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\DOCUME~1\Admin\DANEAP~1\MEDIAF~1\EXTENS~1\GENCRA~1.DLL File not found O2 - BHO: (DVD Video Soft Toolbar) - {cd8812d4-e5b8-41c6-94d4-59872a484bf1} - C:\Program Files\dvdvideosofttoolbar\dvdvideosofttoolbarX.dll () O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - E:\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.) O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC) O3 - HKLM\..\Toolbar: (SearchAmong Toolbar) - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\Program Files\SearchAmong Toolbar\SearchAmongToolbar.dll () O3 - HKLM\..\Toolbar: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\prxtbFre0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Mario Forever Toolbar) - {707db484-2428-402d-afb5-d85b387544c7} - C:\Program Files\Mario_Forever\tbMari.dll File not found O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.3.8\BabylonToolbarTlbr.dll File not found O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll () O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files\Funmoods\1.5.23.22\escorTlbr.dll (Funmoods) O3 - HKLM\..\Toolbar: (Pandora Toolbar) - {bc9d04ce-6b2c-4809-aa45-3aa12301ea0d} - C:\Program Files\Pandora\prxtbPand.dll File not found O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll File not found O3 - HKLM\..\Toolbar: (Hotspot Shield Toolbar) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\prxtbHot2.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (DVD Video Soft Toolbar) - {cd8812d4-e5b8-41c6-94d4-59872a484bf1} - C:\Program Files\dvdvideosofttoolbar\dvdvideosofttoolbarX.dll () O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\..\Toolbar\WebBrowser: (Free Lunch Design Toolbar) - {57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC} - C:\Program Files\Free_Lunch_Design\prxtbFre0.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\..\Toolbar\WebBrowser: (Mario Forever Toolbar) - {707DB484-2428-402D-AFB5-D85B387544C7} - C:\Program Files\Mario_Forever\tbMari.dll File not found O3 - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\prxtbuTo0.dll File not found O3 - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\..\Toolbar\WebBrowser: (Hotspot Shield Toolbar) - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - C:\Program Files\Hotspot_Shield\prxtbHot2.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\alcwzrd.exe (RealTek Semicoductor Corp.) O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Browser companion helper] C:\Program Files\BrowserCompanion\BCHelper.exe (Blabbers Communications LTD) O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe (Bandoo Media, inc) O4 - HKLM..\Run: [Monitor] C:\WINDOWS\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe () O4 - HKLM..\Run: [ROC_roc_ssl_v12] C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe () O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Tutorials] C:\Program Files\TUTO4PC\tuto4pc_pl_1.exe () O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe () O4 - HKU\S-1-5-21-1935655697-1965331169-682003330-1006..\Run: [ALLUpdate] E:\ALLPlayer\ALLUpdate.exe () O4 - HKU\S-1-5-21-1935655697-1965331169-682003330-1006..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun File not found O4 - HKU\S-1-5-21-1935655697-1965331169-682003330-1006..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent File not found O4 - HKU\S-1-5-21-1935655697-1965331169-682003330-1006..\Run: [EADM] C:\Program Files\Origin\Origin.exe (Electronic Arts) O4 - HKU\S-1-5-21-1935655697-1965331169-682003330-1006..\Run: [Gadu-Gadu 10] E:\windows.xP\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-1935655697-1965331169-682003330-1006..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe () O4 - HKU\S-1-5-21-1935655697-1965331169-682003330-1006..\Run: [Steam] E:\STEAM HIHI\Steam.exe (Valve Corporation) O4 - HKU\S-1-5-21-1935655697-1965331169-682003330-1006..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED File not found O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found O4 - HKU\S-1-5-21-1935655697-1965331169-682003330-1004..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.) O4 - Startup: C:\Documents and Settings\Mateusz\Menu Start\Programy\Autostart\GamersFirst LIVE!.lnk = C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\GamersFirst\LIVE!\Live.exe (GamersFirst) O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1935655697-1965331169-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1935655697-1965331169-682003330-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Search - http://tbedits.mywebsearch.com/one-toolbaredits/menusearch.jhtml?s=100000428&p=Z1xdm040YYpl&si=CPXz8eDRwqwCFUcj3godUSlrqg&a=1607FD2E-4F47-4639-A423-765AAF1415F9&n=2011121907 File not found O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Agnieszka\Dane aplikacji\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 46.151.216.2 8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D6702A29-AC89-43EA-8DCD-89DD77E3CBEE}: DhcpNameServer = 192.168.0.1 46.151.216.2 8.8.8.8 O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll () O20 - AppInit_DLLs: (c:\docume~1\alluse~1\daneap~1\browse~1\25976~1.107\{c16c1~1\mngr.dll) - c:\Documents and Settings\All Users\Dane aplikacji\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-07-22 09:59:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 1 Day ==========[/color] [2012-12-29 13:04:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Funmoods [2011-10-08 19:57:42 | 003,623,592 | ---- | C] (Ask) -- C:\Program Files\Common Files\ApnToolbarInstaller.exe [2011-10-08 19:57:42 | 000,143,240 | ---- | C] (Ask.com) -- C:\Program Files\Common Files\ApnStub.exe [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 1 Day ==========[/color] [2012-12-29 13:53:01 | 000,000,242 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2012-12-29 13:41:00 | 000,001,042 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012-12-29 13:04:16 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-12-29 12:43:47 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-12-29 12:42:20 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-12-29 12:42:17 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\DriverScanner.job [2012-12-29 12:42:16 | 000,000,580 | -H-- | M] () -- C:\WINDOWS\tasks\GadgetBox UpdaterUpdaterTask{645B67CC-AF6F-4C30-B73E-A951C1598FDB}.job [2012-12-29 12:42:14 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1935655697-1965331169-682003330-1010.job [2012-12-29 12:42:07 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\RNUpgradeHelperLogonPrompt_Patrycja.job [2012-12-29 12:42:07 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2012-12-29 12:41:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-12-28 16:13:27 | 008,126,464 | -H-- | M] () -- C:\Documents and Settings\Agnieszka\NTUSER.DAT [2012-12-28 16:13:27 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Agnieszka\ntuser.ini [2012-12-28 15:12:00 | 000,000,410 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateXML_Patrycja.job [2012-12-28 15:01:00 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\PC Performer_DEFAULT.job [2012-12-28 14:27:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateFiles_Patrycja.job [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-12-26 17:22:44 | 000,009,452 | ---- | C] () -- C:\Documents and Settings\Agnieszka\.recently-used.xbel [2012-11-30 16:17:27 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\custmon32i.dll [2012-09-15 15:15:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\cd.dat [2012-08-28 17:50:06 | 000,558,133 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll [2012-07-31 16:10:41 | 000,000,091 | ---- | C] () -- C:\WINDOWS\System32\logon.ini [2012-07-12 16:53:30 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll [2012-07-12 16:53:30 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll [2012-06-09 10:15:06 | 000,051,823 | ---- | C] () -- C:\WINDOWS\System32\_command.com [2012-06-09 10:14:57 | 000,000,019 | ---- | C] () -- C:\WINDOWS\compedia.ini [2012-06-01 08:56:02 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012-05-18 19:55:02 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2012-03-12 18:11:39 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Agnieszka\Bal.jpg [2012-02-16 14:52:17 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012-01-12 11:57:07 | 000,014,028 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2012-01-04 17:55:47 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Agnieszka\Jennifer Lopez - I_m Into You _ft. Lil Wayne_.mp3 [2011-12-06 20:07:40 | 000,037,336 | ---- | C] () -- C:\WINDOWS\System32\CleanMFT32.exe [2011-12-01 19:53:53 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Agnieszka\Atlantis - September 28th. .mp3 [2011-11-09 19:13:43 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Agnieszka\DSC00685.JPG [2011-11-09 19:10:30 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Agnieszka\DSC00713.JPG [2011-11-09 19:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Agnieszka\DSC00764.JPG [2011-10-16 13:19:37 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Agnieszka\PA150066.JPG [2011-10-08 20:34:43 | 000,644,608 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2011-10-08 20:34:43 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll [2011-10-08 19:57:43 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe [2011-08-23 11:57:37 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2011-08-21 12:32:04 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2011-07-31 15:15:02 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-07-22 11:51:01 | 000,190,470 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2011-07-22 11:51:00 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011-07-22 11:49:41 | 000,288,496 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-07-22 10:00:09 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011-07-22 09:59:15 | 000,050,105 | ---- | C] () -- C:\WINDOWS\activ.exe [2011-07-22 09:59:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini [2011-07-22 09:58:07 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2011-07-22 09:58:05 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2011-07-22 09:55:42 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2011-07-22 09:55:33 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini [2011-07-22 09:55:33 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini [2011-07-22 09:54:47 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini [2011-07-22 09:54:46 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini [2011-05-27 20:39:23 | 001,575,750 | -H-- | C] () -- C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\IconCache.db [2011-05-27 18:44:55 | 000,071,056 | ---- | C] () -- C:\Documents and Settings\Agnieszka\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2011-05-27 14:10:50 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\Agnieszka\ntuser.ini [2011-05-27 14:10:49 | 008,126,464 | -H-- | C] () -- C:\Documents and Settings\Agnieszka\NTUSER.DAT [2011-05-23 08:50:23 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2011-05-23 08:27:53 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2011-05-23 08:27:53 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2011-05-23 08:27:52 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2011-05-23 08:27:51 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2011-05-23 08:27:51 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2011-05-23 08:27:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2011-05-23 08:26:12 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2011-05-22 12:50:33 | 000,273,344 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2011-05-22 12:50:33 | 000,273,344 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2011-05-22 12:50:33 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [2011-05-22 12:50:25 | 002,123,582 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data [2011-05-22 11:30:50 | 000,081,936 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll [color=#E56717]========== ZeroAccess Check ==========[/color] [2011-05-22 11:08:31 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-14 21:50:48 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 11:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 21:50:58 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2012-11-29 18:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\.minecraft [2012-12-15 21:08:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\AnvSoft [2012-02-26 10:46:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Ask.com [2012-10-14 12:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\AVG Secure Search [2012-12-25 11:15:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Awesomium [2012-11-10 17:24:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Babylon [2011-12-19 13:24:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\BabylonToolbar [2012-05-18 14:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\DAEMON Tools Lite [2012-02-26 10:46:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\DVDVideoSoft [2012-02-26 10:46:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\DVDVideoSoftIEHelpers [2012-08-30 16:17:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\dvdvideosofttoolbar [2011-11-06 14:05:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Easy MP3 Recorder [2011-11-21 13:09:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\FOG Downloader [2012-12-29 13:04:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Funmoods [2012-03-16 21:43:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Gadu-Gadu 10 [2012-11-25 19:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\gtk-2.0 [2011-11-19 20:10:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\ipla [2012-01-11 20:33:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\LolClient [2012-06-02 18:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\LolClient2 [2012-03-24 15:44:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Need for Speed World [2011-10-13 12:39:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Nowe Gadu-Gadu [2011-08-05 11:41:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\OpenCandy [2011-09-01 10:42:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\OpenFM [2012-06-09 17:24:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Origin [2012-02-18 16:46:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\PhotoScape [2012-12-29 13:15:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\PriceGong [2011-11-11 22:39:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\Rovio [2011-12-19 13:23:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\searchquband [2011-12-19 13:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\searchqutoolbar [2012-06-08 14:54:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\searchresultstb [2012-11-25 16:06:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\TuneUp Software [2012-11-27 15:28:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\uTorrent [2011-10-08 19:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\VDownloader [2011-10-08 21:31:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Agnieszka\Dane aplikacji\WinAVI [2012-09-29 07:17:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper [2011-05-26 13:54:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2012-11-05 15:10:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search [2011-12-20 16:20:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon [2012-09-29 06:54:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Big Fish Games [2011-10-11 16:07:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\boost_interprocess [2012-12-11 08:39:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Browser Manager [2011-08-05 11:41:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2012-06-14 21:42:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EA Core [2012-06-08 14:34:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2011-05-23 08:37:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2012-09-16 08:48:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Hotspot Shield [2012-11-03 14:33:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IBUpdaterService [2011-10-08 21:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IM [2011-10-08 21:21:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IncrediMail [2012-10-26 11:28:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\InstallMate [2012-11-10 19:15:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2012-06-08 14:38:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Origin [2011-05-23 07:53:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PassMark [2012-09-29 07:23:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Playrix Entertainment [2012-11-29 19:16:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files [2012-10-26 11:28:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Premium [2012-11-20 13:13:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\RDRM [2012-12-29 13:07:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SweetIM [2012-11-06 16:41:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Synetic [2012-03-16 17:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tarma Installer [2012-02-23 19:10:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2012-11-25 10:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software [2012-12-07 09:20:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WEBZEN [2012-08-21 14:35:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\wxDfast [2011-10-11 15:41:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{1B0B54CA-AA7D-41D3-A84A-29E7C9CB13A2} [2012-11-25 10:38:53 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2011-11-11 18:18:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2012-10-31 17:03:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\~Browser Manager [2012-11-04 08:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Hotspot Shield [2012-11-25 10:57:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\TuneUp Software [2012-10-05 19:09:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\AVG Secure Search [2012-10-19 16:18:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Babylon [2012-10-19 16:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\BabylonToolbar [2012-11-03 20:36:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Claro LTD [2012-11-01 20:52:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\dvdvideosofttoolbar [2012-10-05 19:09:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\facemoods.com [2012-12-21 17:23:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Gadu-Gadu 10 [2012-10-05 19:10:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Incredibar.com [2012-10-21 12:48:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Need for Speed World [2012-11-30 16:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\PDFCreatorPackages [2012-11-03 20:37:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\PriceGong [2012-10-05 19:09:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\searchquband [2012-11-01 20:52:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\searchqutoolbar [2012-10-05 19:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\searchresultstb [2012-10-05 19:10:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Softonic [2012-02-27 20:00:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\dvdvideosofttoolbar [2012-10-05 11:57:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrycja\Dane aplikacji\AVG Secure Search [2012-09-29 15:22:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrycja\Dane aplikacji\BabylonToolbar [2012-11-18 15:27:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrycja\Dane aplikacji\Claro LTD [2012-09-29 15:50:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrycja\Dane aplikacji\dvdvideosofttoolbar [2012-09-28 13:48:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrycja\Dane aplikacji\facemoods.com [2012-11-18 15:27:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrycja\Dane aplikacji\Funmoods [2012-09-29 15:22:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrycja\Dane aplikacji\Incredibar.com [2012-11-10 10:31:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrycja\Dane aplikacji\Need for Speed World [2012-11-18 15:28:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrycja\Dane aplikacji\PriceGong [2012-09-29 15:22:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrycja\Dane aplikacji\searchquband [2012-09-29 15:50:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrycja\Dane aplikacji\searchqutoolbar [2012-09-29 15:22:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrycja\Dane aplikacji\searchresultstb [2012-09-29 15:22:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrycja\Dane aplikacji\Softonic [2012-11-25 12:05:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrycja\Dane aplikacji\TuneUp Software [2012-11-28 13:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paveł\Dane aplikacji\.minecraft [2012-09-06 17:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paveł\Dane aplikacji\AVG Secure Search [2012-05-20 08:32:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paveł\Dane aplikacji\Babylon [2012-03-12 13:24:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paveł\Dane aplikacji\BabylonToolbar [2012-11-04 08:47:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paveł\Dane aplikacji\Claro LTD [2012-06-09 10:14:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paveł\Dane aplikacji\DAEMON Tools Lite [2012-03-12 13:25:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paveł\Dane aplikacji\dvdvideosofttoolbar [2012-03-12 13:18:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paveł\Dane aplikacji\facemoods.com [2012-11-17 10:54:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paveł\Dane aplikacji\Funmoods [2012-04-24 17:40:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paveł\Dane aplikacji\Incredibar.com [2012-12-01 13:30:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paveł\Dane aplikacji\ipla [2012-05-20 10:09:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paveł\Dane aplikacji\Need for Speed World [2012-11-03 14:34:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paveł\Dane aplikacji\PerformerSoft [2012-12-29 11:05:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paveł\Dane aplikacji\PriceGong [2012-11-06 16:42:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paveł\Dane aplikacji\ProtectDisc [2012-03-12 13:24:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paveł\Dane aplikacji\searchquband [2012-03-12 13:25:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paveł\Dane aplikacji\searchqutoolbar [2012-03-12 13:24:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paveł\Dane aplikacji\searchresultstb [2012-05-31 18:03:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paveł\Dane aplikacji\Softonic [2012-11-25 10:43:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paveł\Dane aplikacji\TuneUp Software [2012-07-18 10:06:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paveł\Dane aplikacji\Unity [2012-11-16 19:49:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paweł\Dane aplikacji\AVG Secure Search [2012-12-07 13:12:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paweł\Dane aplikacji\BabylonToolbar [2012-11-16 19:49:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paweł\Dane aplikacji\Claro LTD [2012-12-07 13:12:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paweł\Dane aplikacji\dvdvideosofttoolbar [2012-11-16 19:49:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paweł\Dane aplikacji\facemoods.com [2012-11-27 13:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paweł\Dane aplikacji\Funmoods [2012-11-16 19:49:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paweł\Dane aplikacji\Incredibar.com [2012-11-16 19:49:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paweł\Dane aplikacji\searchquband [2012-12-07 13:12:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paweł\Dane aplikacji\searchqutoolbar [2012-11-16 19:49:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paweł\Dane aplikacji\searchresultstb [2012-11-16 19:49:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paweł\Dane aplikacji\Softonic [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:D1B5B4F1 < End of report >