OTL logfile created on: 2012-07-27 15:29:39 - Run 1 OTL by OldTimer - Version 3.2.55.0 Folder = G:\ Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,87 Gb Total Physical Memory | 2,49 Gb Available Physical Memory | 86,85% Memory free 5,74 Gb Paging File | 5,40 Gb Available in Paging File | 94,07% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 116,34 Gb Total Space | 11,79 Gb Free Space | 10,13% Space Free | Partition Type: NTFS Drive D: | 58,27 Gb Total Space | 2,42 Gb Free Space | 4,15% Space Free | Partition Type: NTFS Drive F: | 58,17 Gb Total Space | 0,46 Gb Free Space | 0,79% Space Free | Partition Type: NTFS Drive G: | 7,21 Gb Total Space | 7,21 Gb Free Space | 99,99% Space Free | Partition Type: FAT32 Drive I: | 535,78 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: SYLWIA-LAPTOP | User Name: Sylwia | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-07-27 15:08:32 | 000,597,504 | ---- | M] (OldTimer Tools) -- G:\OTL.exe PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-07-14 03:14:21 | 000,497,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\HelpPane.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-07-25 22:03:47 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-06-05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-05-08 14:14:10 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012-05-08 14:14:09 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011-02-10 09:25:36 | 000,112,080 | ---- | M] (Toshiba Europe GmbH) [Auto | Stopped] -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) SRV - [2010-11-16 15:37:38 | 000,264,704 | ---- | M] () [Auto | Stopped] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe) SRV - [2010-05-21 02:30:40 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2009-12-24 15:14:22 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2008-09-16 13:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0) SRV - [2008-04-24 18:35:46 | 000,073,728 | ---- | M] (Toshiba) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv) SRV - [2008-04-17 00:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service) SRV - [2008-04-07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2008-02-06 14:12:56 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service) SRV - [2008-01-17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev) DRV - [2012-05-08 14:14:10 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2012-05-08 14:14:10 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011-12-15 16:00:35 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2011-08-17 10:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2011-08-17 10:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2011-08-17 10:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010-10-09 14:48:36 | 000,072,576 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV - [2010-08-31 18:09:00 | 000,208,896 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet) DRV - [2010-08-07 17:48:42 | 000,106,880 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2010-07-27 09:52:02 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2010-06-17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009-09-21 18:58:28 | 001,218,048 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2009-07-14 00:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2009-02-24 19:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus) DRV - [2008-10-09 14:50:08 | 000,022,528 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Unknown] -- C:\Windows\System32\drivers\BMLoad.sys -- (BMLoad) DRV - [2008-10-09 14:50:04 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM) DRV - [2008-07-15 19:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR) DRV - [2008-05-02 11:58:14 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2007-11-09 14:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ) DRV - [2007-09-17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2006-11-20 14:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh.com/web?src=ieb&systemid=1&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found IE - HKCU\..\URLSearchHook: {707db484-2428-402d-afb5-d85b387544c7} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=113480&tt=010712_6&babsrc=SP_ss&mntrId=9a1e2d73000000000000000000000000 IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=VD&o=14778&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=VX&apn_dtid=&apn_uid=829DE11A-84C0-4C85-80A9-2A6F8CB8C1ED&apn_sauid=D72226FC-E8A7-47EC-BE55-CC0A0C11E82B IE - HKCU\..\SearchScopes\{44E5771F-752F-4717-B658-FF803C6A462E}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2247187 IE - HKCU\..\SearchScopes\{8B67FE22-5002-45C7-9C18-D88B1B04284B}: "URL" = http://www.google.com/search?hl=pl&q={searchTerms}&rlz= IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh.com/web?src=ieb&systemid=1&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-01-01 22:51:08 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{20978f0f-2978-4992-ae97-7d373c44e04e}: C:\Program Files\Techland\English Translator XT\MozillaTranslator [2010-09-27 00:23:39 | 000,000,000 | ---D | M] [2012-07-07 13:56:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sylwia\AppData\Roaming\mozilla\Extensions [color=#E56717]========== Chrome ==========[/color] O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Giant Savings) - {11111111-1111-1111-1111-110011441179} - C:\Program Files\Giant Savings\Giant Savings.dll (215 Apps) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Help the General-Search Project) - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Users\Sylwia\AppData\Roaming\MEDIAF~1\EXTENS~1\GENCRA~1.DLL () O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Sylwia\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) O3 - HKLM\..\Toolbar: (&Tłumaczenie) - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - C:\Program Files\Techland\English Translator XT\InternetTranslator\InternetTranslator.dll (Techland) O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {707DB484-2428-402D-AFB5-D85B387544C7} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony) O4 - HKLM..\Run: [cfFncEnabler.exe] cfFncEnabler.exe File not found O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe (Huawei Technologies Co., Ltd.) O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH) O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe () O4 - HKCU..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - HKCU..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group) O4 - HKCU..\Run: [HW_OPENEYE_OUC_] C:\Program Files\PLAY ONLINE\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.) O4 - HKCU..\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] C:\Program Files\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.) O4 - HKCU..\Run: [TOSCDSPD] TOSCDSPD.EXE File not found O4 - HKCU..\RunOnce: [036DFF85031A5C719182E2A6F875F020] C:\ProgramData\036DFF85031A5C719182E2A6F875F020\036DFF85031A5C719182E2A6F875F020.exe () O4 - Startup: C:\Users\Sylwia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html File not found O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : @C:\Program Files\Techland\English Translator XT\InternetTranslator\InternetTranslator.dll,-103 - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files\Techland\English Translator XT\InternetTranslator\InternetTranslator.dll (Techland) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0EC05ADC-2D8A-400F-BAF5-8E63AEDBC542}: NameServer = 89.108.195.20 217.17.34.10 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2012-07-27 15:09:56 | 000,000,106 | RHS- | M] () - G:\autorun.inf -- [ FAT32 ] O32 - AutoRun File - [2003-06-19 10:26:16 | 000,192,512 | R--- | M] (Auralog) - I:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2003-06-26 18:53:06 | 000,000,053 | R--- | M] () - I:\AutoRun.inf -- [ CDFS ] O33 - MountPoints2\{0313ca47-613f-11e1-845f-001e33f15a67}\Shell - "" = AutoRun O33 - MountPoints2\{0313ca47-613f-11e1-845f-001e33f15a67}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{1b814624-e24d-11de-ba0f-001e33f15a67}\Shell - "" = AutoRun O33 - MountPoints2\{1b814624-e24d-11de-ba0f-001e33f15a67}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{1e5a25e7-3558-11e1-a11a-001e33f15a67}\Shell - "" = AutoRun O33 - MountPoints2\{1e5a25e7-3558-11e1-a11a-001e33f15a67}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{2c223e17-e101-11de-a47c-001e33f15a67}\Shell - "" = AutoRun O33 - MountPoints2\{2c223e17-e101-11de-a47c-001e33f15a67}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{2fb22eff-292a-11df-aa6f-001e33f15a67}\Shell - "" = AutoRun O33 - MountPoints2\{2fb22eff-292a-11df-aa6f-001e33f15a67}\Shell\AutoRun\command - "" = O33 - MountPoints2\{462d783d-b170-11e1-823b-001e33f15a67}\Shell - "" = AutoRun O33 - MountPoints2\{462d783d-b170-11e1-823b-001e33f15a67}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{979ddd97-c265-11de-99cf-001e33f15a67}\Shell - "" = AutoRun O33 - MountPoints2\{979ddd97-c265-11de-99cf-001e33f15a67}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{979ddd9b-c265-11de-99cf-001e33f15a67}\Shell - "" = AutoRun O33 - MountPoints2\{979ddd9b-c265-11de-99cf-001e33f15a67}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{9dfcef72-c558-11e0-b344-001e33f15a67}\Shell - "" = AutoRun O33 - MountPoints2\{9dfcef72-c558-11e0-b344-001e33f15a67}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{9dfcef81-c558-11e0-b344-001e33f15a67}\Shell - "" = AutoRun O33 - MountPoints2\{9dfcef81-c558-11e0-b344-001e33f15a67}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{a6982940-44da-11e0-8ca1-001e33f15a67}\Shell - "" = AutoRun O33 - MountPoints2\{a6982940-44da-11e0-8ca1-001e33f15a67}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{a698294d-44da-11e0-8ca1-001e33f15a67}\Shell - "" = AutoRun O33 - MountPoints2\{a698294d-44da-11e0-8ca1-001e33f15a67}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{a6982970-44da-11e0-8ca1-001e33f15a67}\Shell - "" = AutoRun O33 - MountPoints2\{a6982970-44da-11e0-8ca1-001e33f15a67}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{a6982afa-44da-11e0-8ca1-001e33f15a67}\Shell - "" = AutoRun O33 - MountPoints2\{a6982afa-44da-11e0-8ca1-001e33f15a67}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{a86cb837-5bb9-11e1-9064-001e33f15a67}\Shell - "" = AutoRun O33 - MountPoints2\{a86cb837-5bb9-11e1-9064-001e33f15a67}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a O33 - MountPoints2\{c08ef6b2-5490-11e1-bfc2-001e33f15a67}\Shell - "" = AutoRun O33 - MountPoints2\{c08ef6b2-5490-11e1-bfc2-001e33f15a67}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{c4201ee7-c719-11e0-8556-001e33f15a67}\Shell - "" = AutoRun O33 - MountPoints2\{c4201ee7-c719-11e0-8556-001e33f15a67}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{c70deade-558b-11e0-bdf0-001e33f15a67}\Shell - "" = AutoRun O33 - MountPoints2\{c70deade-558b-11e0-bdf0-001e33f15a67}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{ccb19afd-c562-11de-a8aa-001e33f15a67}\Shell - "" = AutoRun O33 - MountPoints2\{ccb19afd-c562-11de-a8aa-001e33f15a67}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{db075945-2d9e-11e1-a954-001e101f82a7}\Shell - "" = AutoRun O33 - MountPoints2\{db075945-2d9e-11e1-a954-001e101f82a7}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{faec57a9-c5dd-11e0-81f0-001e33f15a67}\Shell - "" = AutoRun O33 - MountPoints2\{faec57a9-c5dd-11e0-81f0-001e33f15a67}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-07-25 22:04:42 | 000,000,000 | ---D | C] -- C:\Users\Sylwia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum [2012-07-25 22:03:49 | 000,000,000 | ---D | C] -- C:\ProgramData\036DFF85031A5C719182E2A6F875F020 [2012-07-25 20:21:50 | 000,000,000 | ---D | C] -- C:\Users\Sylwia\Desktop\The Vow 2012 R5 LiNE XViD AbSurdiTy [2012-07-25 20:19:42 | 000,000,000 | ---D | C] -- C:\Users\Sylwia\Desktop\La vida secreta de las palabras.DVDRIP.www.lokotorrents.com [2012-07-14 20:13:04 | 000,000,000 | ---D | C] -- C:\Users\Sylwia\Desktop\Asia [2012-07-11 22:37:51 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012-07-11 22:37:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012-07-11 22:37:50 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012-07-11 22:37:50 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012-07-11 22:37:49 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012-07-11 22:37:48 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012-07-11 22:37:48 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012-07-11 22:35:39 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012-07-11 11:14:48 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2012-07-11 11:14:45 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll [2012-07-11 11:14:41 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll [2012-07-07 13:56:09 | 000,000,000 | ---D | C] -- C:\Users\Sylwia\AppData\Roaming\Mozilla [2012-07-07 13:56:09 | 000,000,000 | ---D | C] -- C:\Users\Sylwia\AppData\Roaming\Media Finder [2012-07-07 13:55:58 | 000,000,000 | ---D | C] -- C:\Users\Sylwia\AppData\Roaming\BabylonToolbar [2012-07-07 13:55:48 | 000,000,000 | ---D | C] -- C:\Program Files\BabylonToolbar [2012-07-07 13:55:25 | 000,000,000 | ---D | C] -- C:\Users\Sylwia\AppData\Local\Giant Savings [2012-07-07 13:55:24 | 000,000,000 | ---D | C] -- C:\Program Files\Giant Savings [2012-07-07 13:55:02 | 000,000,000 | ---D | C] -- C:\Users\Sylwia\AppData\Roaming\Babylon [2012-07-07 13:55:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon [2012-07-06 16:52:03 | 000,000,000 | ---D | C] -- C:\ProgramData\TOSHIBA Tempro [2010-03-10 23:34:42 | 002,131,336 | ---- | C] (Ask.com ) -- C:\Program Files\Common Files\AskToolbarInstaller.exe [2010-03-10 23:34:42 | 000,201,616 | ---- | C] (Ask.com) -- C:\Program Files\Common Files\AskInstallChecker.exe [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] File not found -- C:\Windows\System32\ [2012-07-27 15:21:18 | 000,697,896 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-07-27 15:21:18 | 000,616,032 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-07-27 15:21:18 | 000,135,006 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-07-27 15:21:18 | 000,106,412 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-07-27 14:57:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-07-27 14:57:01 | 2312,105,984 | -HS- | M] () -- C:\hiberfil.sys [2012-07-26 19:00:39 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-07-25 22:36:10 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-07-25 22:27:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-07-25 22:19:54 | 000,015,824 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-07-25 22:19:54 | 000,015,824 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-07-25 22:03:47 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-07-25 22:03:47 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012-07-21 17:05:42 | 000,000,090 | ---- | M] () -- C:\Users\Sylwia\AppData\Roaming\XTDocSettings_et.ini [2012-07-12 09:08:49 | 000,381,600 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-07-07 13:55:49 | 000,001,527 | ---- | M] () -- C:\user.js [color=#E56717]========== Files Created - No Company Name ==========[/color] File not found -- C:\Windows\System32\ [2012-07-25 22:02:51 | 000,001,712 | ---- | C] () -- C:\Windows\Installer\{5c5b1adf-377f-c79f-bb85-f9726679cb58}\U\00000001.@ [2012-07-07 13:55:48 | 000,001,527 | ---- | C] () -- C:\user.js [2012-01-11 15:08:05 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{5c5b1adf-377f-c79f-bb85-f9726679cb58}\@ [2012-01-11 15:08:05 | 000,002,048 | -HS- | C] () -- C:\Users\Sylwia\AppData\Local\{5c5b1adf-377f-c79f-bb85-f9726679cb58}\@ [2011-12-14 23:57:49 | 000,000,036 | ---- | C] () -- C:\Windows\mafosav.INI [2011-11-30 22:41:26 | 000,644,608 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2011-11-30 22:41:26 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll [2011-09-24 10:55:15 | 022,252,382 | ---- | C] () -- C:\Windows\System32\Foto Dalux_e-Dalux_uninstaller.exe [2011-03-26 21:08:25 | 000,000,404 | ---- | C] () -- C:\Windows\BRWMARK.INI [2011-03-26 21:08:25 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2010-09-27 00:35:19 | 000,000,090 | ---- | C] () -- C:\Users\Sylwia\AppData\Roaming\XTDocSettings_et.ini [2010-08-25 20:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin [2010-08-25 20:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin [2010-08-25 20:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin [2010-08-25 19:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll [2010-08-25 19:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config [2010-08-25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll [2010-08-25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll < End of report >