OTL logfile created on: 2014-02-09 11:45:13 - Run 9 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pecet\Desktop\Moj pulpit Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,99 Gb Total Physical Memory | 1,92 Gb Available Physical Memory | 64,27% Memory free 7,48 Gb Paging File | 6,25 Gb Available in Paging File | 83,47% Paging File free Paging file location(s): c:\pagefile.sys 4599 4599 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 288,32 Gb Total Space | 7,01 Gb Free Space | 2,43% Space Free | Partition Type: NTFS Computer Name: PECET-KOMPUTER | User Name: Pecet | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-01-28 15:35:50 | 002,135,232 | ---- | M] () -- C:\Program Files\Comodo\Dragon\dragon_updater.exe PRC - [2013-12-21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013-12-19 09:07:52 | 001,821,384 | ---- | M] () -- C:\Program Files\Comodo\IceDragon\icedragon_updater.exe PRC - [2013-12-02 02:26:04 | 000,243,512 | ---- | M] (Maxthon International ltd.) -- C:\Program Files\Maxthon\Bin\Maxthon.exe PRC - [2013-09-06 18:30:16 | 000,273,296 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe PRC - [2013-04-04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013-04-04 13:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013-04-04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2013-02-27 00:08:07 | 000,295,072 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe PRC - [2013-02-10 04:20:39 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2013-02-10 01:35:07 | 001,821,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe PRC - [2013-02-10 01:35:07 | 000,866,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2012-12-13 21:56:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pecet\Desktop\Moj pulpit\OTL.exe PRC - [2012-11-29 20:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe PRC - [2011-06-20 08:00:24 | 000,049,752 | ---- | M] () -- C:\Program Files\blueconnect\BackgroundService\ServiceManager.exe PRC - [2011-02-23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2011-01-12 14:32:06 | 000,866,576 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe PRC - [2011-01-12 14:13:16 | 000,481,552 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe PRC - [2009-10-31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-07-14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009-07-14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2009-06-04 18:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-11-26 02:25:42 | 015,990,664 | ---- | M] () -- C:\Program Files\Maxthon\Core\Webkit\Npplugins\NPSWF32.dll MOD - [2013-11-21 07:37:14 | 000,109,336 | ---- | M] () -- C:\Program Files\Maxthon\Core\Webkit\libEGL.dll MOD - [2013-11-21 07:37:06 | 002,128,152 | ---- | M] () -- C:\Program Files\Maxthon\Core\Webkit\ffmpegsumo.dll MOD - [2013-11-21 07:37:06 | 000,887,064 | ---- | M] () -- C:\Program Files\Maxthon\Core\Webkit\libGLESv2.dll MOD - [2013-11-18 02:18:38 | 000,258,944 | ---- | M] () -- C:\Program Files\Maxthon\Bin\Maxzlib.dll MOD - [2013-11-18 02:18:36 | 000,232,760 | ---- | M] () -- C:\Program Files\Maxthon\Addons\Mobile\MxMobile.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2014-02-05 16:47:16 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014-01-28 15:35:50 | 002,135,232 | ---- | M] () [Auto | Running] -- C:\Program Files\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater) SRV - [2013-12-21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013-12-20 10:45:57 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013-12-19 09:07:52 | 001,821,384 | ---- | M] () [Auto | Running] -- C:\Program Files\Comodo\IceDragon\icedragon_updater.exe -- (IceDragonUpdater) SRV - [2013-09-06 18:29:38 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe -- (McComponentHostService) SRV - [2013-04-04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013-04-04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2013-02-10 04:20:39 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-11-29 20:31:04 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service) SRV - [2011-08-21 22:56:00 | 003,928,736 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2011-06-20 08:00:24 | 000,049,752 | ---- | M] () [Auto | Running] -- C:\Program Files\blueconnect\BackgroundService\ServiceManager.exe -- (Modem Device Helper) SRV - [2011-03-16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011-02-23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2011-01-12 14:32:06 | 000,866,576 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2011-01-12 14:15:08 | 000,227,600 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV - [2011-01-12 14:13:16 | 000,481,552 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2010-07-25 08:21:51 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009-06-04 18:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva405.sys -- (XDva405) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ab21vp49) DRV - [2013-04-04 13:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2013-02-10 04:20:39 | 008,944,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2012-12-19 06:41:53 | 000,154,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2012-02-27 01:35:32 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2012-02-27 01:35:32 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2011-12-08 05:22:34 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm) DRV - [2011-12-08 05:22:34 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bserd.sys -- (ss_bserd) DRV - [2011-12-08 05:22:34 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) DRV - [2011-12-08 05:22:34 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) DRV - [2011-12-08 05:22:26 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm) DRV - [2011-12-08 05:22:26 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) DRV - [2011-12-08 05:22:26 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) DRV - [2011-12-08 05:22:26 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb) DRV - [2011-12-08 05:22:26 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) DRV - [2011-06-20 08:00:46 | 000,106,112 | ---- | M] (TCT International Mobile Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jrdusbser.sys -- (jrdusbser) DRV - [2011-02-23 15:56:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011-02-23 15:56:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011-02-23 15:55:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011-02-23 15:55:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011-02-23 15:55:03 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2011-02-23 15:54:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2011-01-19 11:28:11 | 007,087,616 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETwNs32.sys -- (NETwNs32) DRV - [2010-01-05 02:20:10 | 001,500,160 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athur.sys -- (athur) DRV - [2009-11-04 12:38:06 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2009-09-29 07:51:10 | 000,166,912 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV - [2009-07-14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2009-07-14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2009-07-14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2009-07-14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009-07-14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009-07-14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2009-07-14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2009-07-13 23:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2009-07-13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) DRV - [2009-07-13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) DRV - [2007-08-13 03:48:45 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT) DRV - [2006-11-01 13:42:14 | 000,033,280 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.toolksearchbook.info/?pid=1364&r=2014/01/14&hid=11384397145274859116&lg=EN&cc=PL&unqvl=46 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.toolksearchbook.info/?l=1&q={searchTerms}&pid=1364&r=2014/01/14&hid=11384397145274859116&lg=EN&cc=PL&unqvl=46 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_ss&mntrId=BA6100216BCD2263&affID=127886&tsp=5129 IE - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} IE - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=BA6100216BCD2263&affID=127886&tsp=5129 IE - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.toolksearchbook.info/?l=1&q={searchTerms}&pid=1364&r=2014/01/14&hid=11384397145274859116&lg=EN&cc=PL&unqvl=46 IE - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3441852442-2004521568-503359352-1012\..\SearchScopes,DefaultScope = [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaulturl: "http://websearch.toolksearchbook.info/?pid=1364&r=2014/01/14&hid=11384397145274859116&lg=EN&cc=PL&unqvl=46&l=1&q=" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPBrowserExt: C:\Program Files\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Pecet\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Pecet\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-03-13 08:44:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-12-23 11:32:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013-02-27 00:08:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\K-Meleon\Extensions\\Plugins: C:\Program Files\K-Meleon\Plugins [2014-01-17 14:39:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\K-Meleon\Extensions\\Components: C:\Program Files\K-Meleon\Components [2014-01-07 20:27:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-12-20 10:45:50 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014-01-17 14:39:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.23\extensions\\Components: C:\Program Files\SeaMonkey\components [2014-01-08 13:01:50 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.23\extensions\\Plugins: C:\Program Files\SeaMonkey\plugins [2012-05-10 19:05:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pecet\AppData\Roaming\mozilla\Extensions [2014-01-17 13:54:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pecet\AppData\Roaming\mozilla\Firefox\Profiles\70j7bgp8.default-1369159864367\extensions [2014-01-15 09:27:43 | 000,000,000 | ---D | M] (greatSaver) -- C:\Users\Pecet\AppData\Roaming\mozilla\Firefox\Profiles\70j7bgp8.default-1369159864367\extensions\qkr9juiee@tyi-od.org [2014-01-15 09:27:43 | 000,000,000 | ---D | M] (SNT) -- C:\Users\Pecet\AppData\Roaming\mozilla\Firefox\Profiles\70j7bgp8.default-1369159864367\extensions\so-iuua@spabvhas-.edu [2014-01-15 09:27:43 | 000,000,000 | ---D | M] (YoutubeAdblocker) -- C:\Users\Pecet\AppData\Roaming\mozilla\Firefox\Profiles\70j7bgp8.default-1369159864367\extensions\yaiatf@zkdaaoe.com [2013-05-21 19:21:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pecet\AppData\Roaming\mozilla\Firefox\Profiles\ogrx41qn.default\extensions [2010-06-06 12:18:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pecet\AppData\Roaming\mozilla\Firefox\Profiles\ogrx41qn.default\extensions\foxyproxy@eric.h.jung [2014-01-08 21:35:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pecet\AppData\Roaming\mozilla\SeaMonkey\Profiles\q5ypae0r.default\extensions [2014-01-08 21:35:58 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Pecet\AppData\Roaming\mozilla\SeaMonkey\Profiles\q5ypae0r.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2013-06-25 09:59:33 | 000,006,505 | ---- | M] () -- C:\Users\Pecet\AppData\Roaming\mozilla\firefox\profiles\70j7bgp8.default-1369159864367\searchplugins\babylon.xml [2014-01-16 21:14:25 | 000,006,226 | ---- | M] () -- C:\Users\Pecet\AppData\Roaming\mozilla\firefox\profiles\70j7bgp8.default-1369159864367\searchplugins\buenosearch.xml [2013-06-25 09:59:49 | 000,001,294 | ---- | M] () -- C:\Users\Pecet\AppData\Roaming\mozilla\firefox\profiles\70j7bgp8.default-1369159864367\searchplugins\delta.xml [2014-01-15 09:27:46 | 000,007,864 | ---- | M] () -- C:\Users\Pecet\AppData\Roaming\mozilla\firefox\profiles\70j7bgp8.default-1369159864367\searchplugins\WebSearch.xml [2013-12-20 10:45:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013-12-20 10:45:50 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-20 10:45:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2013-12-20 10:45:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2013-12-20 10:45:59 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013-02-27 00:08:19 | 000,124,056 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Bueno Search (Enabled) CHR - default_search_provider: search_url = http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=BA6100216BCD2263&affID=127886&tsp=5129 CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: http://www.buenosearch.com/?babsrc=HP_ss&mntrId=BA6100216BCD2263&affID=127886&tsp=5129 CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Pecet\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Pecet\AppData\Local\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Pecet\AppData\Local\Google\Chrome\Application\32.0.1700.107\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: WEBZEN Browser Extension (Enabled) = C:\Program Files\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll CHR - plugin: RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll CHR - plugin: RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll CHR - plugin: RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\system32\npDeployJava1.dll CHR - Extension: SNT = C:\Users\Pecet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoodbclapejpaimaakcokfbekekdegep\2.1\ CHR - Extension: No name found = C:\Users\Pecet\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgedghfipndjjfapckfnodphnijpcckl\1.1\ CHR - Extension: Exfm Explorer = C:\Users\Pecet\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehohhddamheegbbkabfgegbaeminghlb\174\ CHR - Extension: YoutubeAdblocker = C:\Users\Pecet\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhcfmeflegjpelpafllmpgmgppbjgai\1.0\ CHR - Extension: RealDownloader = C:\Users\Pecet\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0\ CHR - Extension: Skype Click to Call = C:\Users\Pecet\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\ CHR - Extension: greatSaver = C:\Users\Pecet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nghpaaopnfnochbobnchdbjepfklodnl\2.7\ CHR - Extension: Google Wallet = C:\Users\Pecet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\ CHR - Extension: DivX Plus Web Player HTML5 video = C:\Users\Pecet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ O1 HOSTS File: ([2011-12-22 15:11:00 | 000,000,833 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.) O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) O2 - BHO: (DivX Plus Web Player HTML5