OTL logfile created on: 7/16/2012 2:48:32 PM - Run 1
OTL by OldTimer - Version 3.2.54.0     Folder = C:\Users\Sylwia\Desktop
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2.99 Gb Total Physical Memory | 2.03 Gb Available Physical Memory | 67.86% Memory free
5.98 Gb Paging File | 5.05 Gb Available in Paging File | 84.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 99.14 Gb Total Space | 11.30 Gb Free Space | 11.39% Space Free | Partition Type: NTFS
Drive D: | 351.52 Gb Total Space | 125.48 Gb Free Space | 35.70% Space Free | Partition Type: NTFS
 
Computer Name: LAPTOP | User Name: Sylwia | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012/07/16 14:48:24 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Sylwia\Desktop\OTL.exe
PRC - [2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2012/06/25 18:10:25 | 000,935,480 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe -- (vToolbarUpdater11.1.0)
SRV - [2012/01/23 06:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Stopped] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2011/11/10 15:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/07/20 21:44:46 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/07/18 10:29:54 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/06/02 11:42:41 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/01/26 12:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/10/02 18:48:26 | 000,595,232 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009/08/13 22:58:10 | 000,044,312 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/03/05 11:54:50 | 000,311,296 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\Rezip.exe -- (Rezip)
SRV - [2007/03/06 11:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\appliand.sys -- (appliandMP)
DRV - File not found [2010/08/20 11:45:10] [Kernel | Auto | Stopped] -- C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2012/07/15 16:35:51 | 000,027,424 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hitmanpro36.sys -- (hitmanpro36)
DRV - [2011/09/13 11:00:49 | 000,029,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2011/05/06 09:49:00 | 000,243,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/07/18 10:29:52 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/03/31 14:30:58 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010/03/25 01:15:55 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009/11/06 22:53:58 | 001,227,776 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/11/06 06:07:10 | 009,923,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/10/26 22:39:04 | 000,125,696 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV - [2009/09/28 11:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/01 22:46:20 | 000,043,944 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt)
DRV - [2009/06/27 16:55:12 | 000,066,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/01/04 13:48:04 | 000,104,344 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e4usbaw.sys -- (e4usbaw)
DRV - [2007/01/04 13:47:48 | 000,069,656 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\e4ldr.sys -- (E4LOADER) General Purpose USB Driver (e4ldr.sys)
DRV - [2006/05/03 22:40:42 | 000,390,784 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snpstd.sys -- (snpstd)
DRV - [2005/09/23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=af55c054-fb4a-11e0-b6e5-9b03e8384971&q={searchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{DDA96837-F20A-493D-A4D2-883D1BF568EC}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}: "URL" = http://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_plPL365PL368
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={F4CF5847-3258-4610-9573-139CFB9D79E4}&mid=36ffe4363bcd43f73a444fee269e3d15-aa0b31f49fe2cc3a90d161aa351f1755c97b7563&lang=pl&ds=AVG&pr=fr&d=2011-12-13 18:14:43&v=9.0.0.18&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{DDA96837-F20A-493D-A4D2-883D1BF568EC}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_plPL365PL368
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.sport.pl"
FF - prefs.js..keyword.URL: "http://isearch.avg.com/search?cid=%7B3302d5a2-8e22-4262-97e6-566e82c3b407%7D&mid=36ffe4363bcd43f73a444fee269e3d15-aa0b31f49fe2cc3a90d161aa351f1755c97b7563&ds=AVG&v=10.2.0.3&lang=pl&pr=fr&d=2011-12-13%2018%3A14%3A43&sap=ku&q="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/04/23 22:37:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011/03/27 23:25:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.7\ [2012/06/25 18:10:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/21 21:53:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/10/20 20:38:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/03/27 23:25:57 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/04/23 22:37:34 | 000,000,000 | ---D | M]
 
[2011/12/18 19:54:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sylwia\AppData\Roaming\mozilla\Extensions
[2011/12/18 19:54:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sylwia\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012/07/12 09:03:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sylwia\AppData\Roaming\mozilla\Firefox\Profiles\rsbczrgc.default\extensions
[2012/06/30 21:40:59 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\Sylwia\AppData\Roaming\mozilla\Firefox\Profiles\rsbczrgc.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2012/07/12 09:03:36 | 000,000,000 | ---D | M] (FoxClocks) -- C:\Users\Sylwia\AppData\Roaming\mozilla\Firefox\Profiles\rsbczrgc.default\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
[2011/07/11 20:04:02 | 000,000,633 | ---- | M] () -- C:\Users\Sylwia\AppData\Roaming\Mozilla\Firefox\Profiles\rsbczrgc.default\searchplugins\startsear.xml
[2011/09/30 11:36:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/06/25 18:10:29 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\11.1.0.7
[2012/02/21 21:53:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/10/03 11:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll
[2012/02/21 21:53:48 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012/06/25 18:10:24 | 000,003,766 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/02/21 21:53:48 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012/02/21 21:53:48 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012/02/21 21:53:48 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012/02/21 21:53:48 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012/02/21 21:53:48 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O4 - HKLM..\Run: [APLangApp] C:\Program Files\AnyPC Client\APLangApp.exe (DoctorSoft)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl8] C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [snpstd] C:\Windows\vsnpstd.exe ()
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [USBToolTip] C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKCU..\Run: [Olympus ib] C:\Program Files\Olympus\ib\olycamdetect.exe (OLYMPUS IMAGING CORP.)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKCU..\Run: [UIAutomationCore] C:\Users\Sylwia\AppData\Local\Microsoft\Windows\3347\UIAutomationCore.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.42.228.9
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC793B7B-F204-4F1A-93B3-184EFDDC40C6}: DhcpNameServer = 193.42.228.9
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll ()
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll ()
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0e6f4d75-9119-11e0-b1a9-d19ad2233c12}\Shell - "" = AutoRun
O33 - MountPoints2\{0e6f4d75-9119-11e0-b1a9-d19ad2233c12}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{2cdaf8d6-8ea9-11e0-b7c9-ded010617412}\Shell - "" = AutoRun
O33 - MountPoints2\{2cdaf8d6-8ea9-11e0-b7c9-ded010617412}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{2cdaf8d9-8ea9-11e0-b7c9-ded010617412}\Shell - "" = AutoRun
O33 - MountPoints2\{2cdaf8d9-8ea9-11e0-b7c9-ded010617412}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{3999e701-95c8-11e0-a420-8f84c62c4911}\Shell - "" = AutoRun
O33 - MountPoints2\{3999e701-95c8-11e0-a420-8f84c62c4911}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5036484c-f5b0-11df-af1e-d6ea9983eb10}\Shell - "" = AutoRun
O33 - MountPoints2\{5036484c-f5b0-11df-af1e-d6ea9983eb10}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{61bb8a1d-6534-11e0-a511-fd0f3fe3e21c}\Shell - "" = AutoRun
O33 - MountPoints2\{61bb8a1d-6534-11e0-a511-fd0f3fe3e21c}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\{8bf4c1bd-1357-11df-81ae-0026b6d70fa5}\Shell - "" = AutoRun
O33 - MountPoints2\{8bf4c1bd-1357-11df-81ae-0026b6d70fa5}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8bf4c1d1-1357-11df-81ae-0026b6d70fa5}\Shell - "" = AutoRun
O33 - MountPoints2\{8bf4c1d1-1357-11df-81ae-0026b6d70fa5}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{ac438196-45c0-11e1-b7c2-a919d7ea231d}\Shell - "" = AutoRun
O33 - MountPoints2\{ac438196-45c0-11e1-b7c2-a919d7ea231d}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{be00ac22-c17b-11e0-8802-cbd864745e1c}\Shell - "" = AutoRun
O33 - MountPoints2\{be00ac22-c17b-11e0-8802-cbd864745e1c}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{be6a78c1-5153-11df-8919-0026b6d70fa5}\Shell - "" = AutoRun
O33 - MountPoints2\{be6a78c1-5153-11df-8919-0026b6d70fa5}\Shell\AutoRun\command - "" = I:\Welcome\Welcome.exe
O33 - MountPoints2\{cbb5e0ba-57a9-11df-8995-0024545af4d1}\Shell - "" = AutoRun
O33 - MountPoints2\{cbb5e0ba-57a9-11df-8995-0024545af4d1}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{ce0e3ccf-c204-11e0-ac3f-d15d68c49779}\Shell - "" = AutoRun
O33 - MountPoints2\{ce0e3ccf-c204-11e0-ac3f-d15d68c49779}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{ce0e3cd3-c204-11e0-ac3f-d15d68c49779}\Shell - "" = AutoRun
O33 - MountPoints2\{ce0e3cd3-c204-11e0-ac3f-d15d68c49779}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{ce0e3ce1-c204-11e0-ac3f-d15d68c49779}\Shell - "" = AutoRun
O33 - MountPoints2\{ce0e3ce1-c204-11e0-ac3f-d15d68c49779}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ce0e3d26-c204-11e0-ac3f-d15d68c49779}\Shell - "" = AutoRun
O33 - MountPoints2\{ce0e3d26-c204-11e0-ac3f-d15d68c49779}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{df92d105-432a-11df-a3a2-0026b6d70fa5}\Shell - "" = AutoRun
O33 - MountPoints2\{df92d105-432a-11df-a3a2-0026b6d70fa5}\Shell\AutoRun\command - "" = "H:\Adobe CS5\Set-up.exe"
O33 - MountPoints2\{e703b731-1278-11df-86ea-0026b6d70fa5}\Shell - "" = AutoRun
O33 - MountPoints2\{e703b731-1278-11df-86ea-0026b6d70fa5}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{e703b736-1278-11df-86ea-0026b6d70fa5}\Shell - "" = AutoRun
O33 - MountPoints2\{e703b736-1278-11df-86ea-0026b6d70fa5}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{ee467e53-4192-11df-a4dd-0026b6d70fa5}\Shell - "" = AutoRun
O33 - MountPoints2\{ee467e53-4192-11df-a4dd-0026b6d70fa5}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f92413a4-1304-11df-b01e-0026b6d70fa5}\Shell - "" = AutoRun
O33 - MountPoints2\{f92413a4-1304-11df-b01e-0026b6d70fa5}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012/07/16 14:48:24 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Sylwia\Desktop\OTL.exe
[2012/07/16 13:36:14 | 000,000,000 | ---D | C] -- C:\Users\Sylwia\AppData\Roaming\Malwarebytes
[2012/07/16 13:35:59 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2012/07/16 13:35:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/16 13:35:59 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/07/16 13:35:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/16 13:35:32 | 010,652,120 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Sylwia\Desktop\mbam-setup-1.62.0.1300.exe
[2012/07/15 16:34:17 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2012/07/15 16:34:03 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2012/07/15 16:19:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hitman Pro
[2012/07/15 16:19:47 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro
[2012/07/15 13:38:43 | 000,000,000 | ---D | C] -- C:\Users\Sylwia\AppData\Roaming\hellomoto
[2012/07/13 17:58:11 | 000,000,000 | ---D | C] -- C:\Users\Sylwia\Desktop\4 wizyta dyplomatyczna Szoi we StoLycy
[2012/07/10 09:21:34 | 000,000,000 | ---D | C] -- C:\Users\Sylwia\Desktop\Foto
[2012/07/08 12:55:56 | 000,000,000 | ---D | C] -- C:\Users\Sylwia\Desktop\Nowy folder
[2012/07/08 00:29:22 | 000,000,000 | ---D | C] -- C:\Users\Sylwia\Desktop\ULA SUROWE
[2012/06/30 21:07:02 | 000,000,000 | ---D | C] -- C:\Users\Sylwia\AppData\Local\Macromedia
[2012/06/29 12:50:59 | 000,000,000 | ---D | C] -- C:\Users\Sylwia\Desktop\Koniec roku 2012
[2012/06/25 18:11:31 | 000,000,000 | ---D | C] -- C:\Users\Sylwia\AppData\Local\AVG Secure Search
[2010/03/24 23:00:47 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Sylwia\AppData\Roaming\pcouffin.sys
[2 C:\Users\Sylwia\*.tmp files -> C:\Users\Sylwia\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012/07/16 14:48:24 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Sylwia\Desktop\OTL.exe
[2012/07/16 14:44:23 | 000,065,536 | ---- | M] () -- C:\windows\System32\Ikeext.etl
[2012/07/16 14:44:10 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/07/16 14:44:00 | 2406,920,192 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/16 14:40:14 | 000,014,736 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/16 14:40:14 | 000,014,736 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/16 14:39:07 | 000,697,912 | ---- | M] () -- C:\windows\System32\perfh015.dat
[2012/07/16 14:39:07 | 000,616,008 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/07/16 14:39:07 | 000,134,990 | ---- | M] () -- C:\windows\System32\perfc015.dat
[2012/07/16 14:39:07 | 000,106,388 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/07/16 13:35:59 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/16 13:35:35 | 010,652,120 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Sylwia\Desktop\mbam-setup-1.62.0.1300.exe
[2012/07/15 16:35:51 | 000,027,424 | ---- | M] () -- C:\windows\System32\drivers\hitmanpro36.sys
[2012/07/15 16:19:47 | 000,001,827 | ---- | M] () -- C:\Users\Sylwia\Desktop\Hitman Pro.lnk
[2012/07/15 09:39:57 | 101,528,768 | ---- | M] () -- C:\windows\System32\drivers\Avg\incavi.avm
[2012/07/13 22:34:22 | 000,272,783 | ---- | M] () -- C:\Users\Sylwia\Desktop\kulej.jpg
[2012/07/11 15:36:26 | 000,130,204 | ---- | M] () -- C:\Users\Sylwia\Desktop\spaslak.jpg
[2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2012/06/28 12:04:00 | 003,090,468 | ---- | M] () -- C:\Users\Sylwia\Desktop\ATB feat. Ramona Nerra - Never Give [zapiska.pl].mp3
[2012/06/25 18:02:56 | 000,000,119 | ---- | M] () -- C:\Users\Public\Desktop\e-Świadectwa.url
[2012/06/25 18:02:55 | 000,001,121 | ---- | M] () -- C:\Users\Public\Desktop\Świadectwa 4-6.lnk
[2012/06/22 23:40:09 | 000,004,278 | ---- | M] () -- C:\Users\Sylwia\Desktop\ISO1_DVD.nri
[2012/06/19 16:09:24 | 1557,687,290 | ---- | M] () -- C:\Users\Sylwia\Desktop\Polska.vs.Grecja.1pol.08.06.2012.PL.HDTV.720p.H264.pietras44.mkv
[2 C:\Users\Sylwia\*.tmp files -> C:\Users\Sylwia\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012/07/16 13:35:59 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/15 16:35:51 | 000,027,424 | ---- | C] () -- C:\windows\System32\drivers\hitmanpro36.sys
[2012/07/15 16:19:47 | 000,001,827 | ---- | C] () -- C:\Users\Sylwia\Desktop\Hitman Pro.lnk
[2012/07/13 22:34:21 | 000,272,783 | ---- | C] () -- C:\Users\Sylwia\Desktop\kulej.jpg
[2012/07/11 15:34:55 | 000,130,204 | ---- | C] () -- C:\Users\Sylwia\Desktop\spaslak.jpg
[2012/06/28 11:57:42 | 003,090,468 | ---- | C] () -- C:\Users\Sylwia\Desktop\ATB feat. Ramona Nerra - Never Give [zapiska.pl].mp3
[2012/06/25 18:02:56 | 000,000,119 | ---- | C] () -- C:\Users\Public\Desktop\e-Świadectwa.url
[2012/06/23 14:52:08 | 1557,687,290 | ---- | C] () -- C:\Users\Sylwia\Desktop\Polska.vs.Grecja.1pol.08.06.2012.PL.HDTV.720p.H264.pietras44.mkv
[2012/06/22 23:40:09 | 000,004,278 | ---- | C] () -- C:\Users\Sylwia\Desktop\ISO1_DVD.nri
[2011/10/26 13:13:55 | 000,004,096 | -H-- | C] () -- C:\Users\Sylwia\AppData\Local\keyfile3.drm
[2011/07/11 18:45:08 | 000,033,792 | ---- | C] () -- C:\windows\System32\rgbacodec.dll
[2011/05/21 09:21:01 | 000,000,000 | ---- | C] () -- C:\Users\Sylwia\AppData\Local\{C8105FD4-65C7-46BD-82CB-0856C6A8F15D}
[2011/03/27 23:28:07 | 000,000,116 | ---- | C] () -- C:\windows\NeroDigital.ini
[2010/08/05 13:19:57 | 000,001,006 | ---- | C] () -- C:\windows\unins000.dat
[2010/07/31 20:09:28 | 000,000,218 | ---- | C] () -- C:\Users\Sylwia\.recently-used.xbel
[2010/04/23 23:13:04 | 000,004,940 | ---- | C] () -- C:\ProgramData\mtbjfghn.xbe
[2010/03/25 01:33:23 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010/03/24 23:00:47 | 000,087,608 | ---- | C] () -- C:\Users\Sylwia\AppData\Roaming\inst.exe
[2010/03/24 23:00:47 | 000,007,887 | ---- | C] () -- C:\Users\Sylwia\AppData\Roaming\pcouffin.cat
[2010/03/24 23:00:47 | 000,001,144 | ---- | C] () -- C:\Users\Sylwia\AppData\Roaming\pcouffin.inf
[2010/02/07 14:48:17 | 000,017,408 | ---- | C] () -- C:\Users\Sylwia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/06 11:52:04 | 000,002,432 | ---- | C] () -- C:\Users\Sylwia\AppData\Local\Tempgp3252.html
[2010/02/06 11:52:04 | 000,002,089 | ---- | C] () -- C:\Users\Sylwia\AppData\Local\TempFB3252.html
[2010/02/06 03:21:44 | 000,002,432 | ---- | C] () -- C:\Users\Sylwia\AppData\Local\Tempjc4404.html
[2010/02/06 03:21:44 | 000,002,089 | ---- | C] () -- C:\Users\Sylwia\AppData\Local\Tempel4404.html
[2010/02/05 17:54:20 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:ABE89FFE

< End of report >