OTL logfile created on: 1/14/2013 10:57:04 AM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Windows 7 Ultimate  (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 8.0.7601.16562)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 86.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = H: | %SystemRoot% = H:\Windows | %ProgramFiles% = H:\Program Files
Drive C: | 100.00 Mb Total Space | 75.49 Mb Free Space | 75.50% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 55.15 Gb Free Space | 5.92% Space Free | Partition Type: NTFS
Drive E: | 97.65 Gb Total Space | 32.86 Gb Free Space | 33.65% Space Free | Partition Type: NTFS
Drive F: | 244.14 Gb Total Space | 48.74 Gb Free Space | 19.96% Space Free | Partition Type: NTFS
Drive G: | 244.14 Gb Total Space | 26.91 Gb Free Space | 11.02% Space Free | Partition Type: NTFS
Drive H: | 112.59 Gb Total Space | 28.82 Gb Free Space | 25.59% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [On_Demand] --  -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2013/01/09 14:08:15 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- H:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/01/06 10:28:54 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand] -- H:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/11/05 08:42:42 | 000,711,112 | ---- | M] () [Auto] -- H:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)
SRV - [2012/11/05 05:57:12 | 003,055,976 | ---- | M] () [Auto] -- H:\Users\Domownik\AppData\Local\tuto4pc_pl_1\supt4pc_pl_1.exe -- (supt4pc_pl_1)
SRV - [2012/10/30 17:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto] -- H:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/09/27 20:38:02 | 000,217,600 | ---- | M] (AMD) [Auto] -- H:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012/04/04 00:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto] -- H:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/08/30 10:49:46 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand] -- H:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011/05/01 02:47:49 | 000,139,264 | ---- | M] (Sony DADC Austria AG.) [Auto] -- H:\Windows\System32\UAService7.exe -- (UserAccess7) SecuROM User Access Service (V7)
SRV - [2010/10/21 03:38:32 | 004,869,488 | ---- | M] (Wacom Technology, Corp.) [Auto] -- H:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2010/10/21 03:38:32 | 000,416,112 | ---- | M] (Wacom Technology, Corp.) [Auto] -- H:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV - [2010/03/25 04:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/02/12 03:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto] -- H:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2009/12/21 21:31:26 | 000,217,088 | ---- | M] (Teruten) [Auto] -- H:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled] -- H:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto] -- H:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/11/11 02:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand] -- H:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | System] --  -- (SBRE)
DRV - File not found [Kernel | On_Demand] --  -- (dgderdrv)
DRV - File not found [2011/04/16 17:04:50] [Kernel | Auto] --  -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2012/11/05 08:42:43 | 000,026,984 | ---- | M] (AVG Technologies) [Kernel | System] -- H:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012/10/30 17:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System] -- H:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/10/30 17:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System] -- H:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/10/30 17:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System] -- H:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/10/30 17:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto] -- H:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/10/30 17:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto] -- H:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/10/15 11:59:28 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System] -- H:\Windows\System32\Drivers\aswrdr2.sys -- (aswRdr)
DRV - [2012/09/27 21:20:20 | 009,107,968 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand] -- H:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2012/09/27 20:12:10 | 000,370,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand] -- H:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2012/05/14 01:12:28 | 000,086,656 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand] -- H:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2011/11/21 11:31:02 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand] -- H:\Windows\gdrv.sys -- (gdrv)
DRV - [2011/07/30 09:30:22 | 000,083,872 | ---- | M] () [Kernel | Auto] -- H:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2011/07/30 09:30:21 | 000,025,888 | ---- | M] () [Kernel | Auto] -- H:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011/05/01 02:47:49 | 000,006,432 | ---- | M] (Sony DADC Austria AG.) [Kernel | On_Demand] -- H:\Users\Domownik\AppData\Local\Temp\sony_ssm.sys -- (sony_ssm.sys)
DRV - [2011/03/04 11:51:26 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System] -- H:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2010/10/05 07:26:10 | 000,016,240 | ---- | M] (Wacom Technology) [Kernel | On_Demand] -- H:\Windows\System32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2010/10/05 07:26:02 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand] -- H:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2010/10/05 07:26:00 | 000,014,120 | ---- | M] (Wacom Technology) [Kernel | On_Demand] -- H:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2010/02/24 05:22:10 | 000,185,472 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- H:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2009/12/21 21:31:26 | 000,036,640 | ---- | M] () [Kernel | On_Demand] -- H:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/09/19 00:30:10 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009/09/19 00:30:10 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2009/09/19 00:30:10 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand] -- H:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009/09/19 00:30:10 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2009/07/13 20:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/13 20:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- H:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 20:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/13 18:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 18:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 18:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/06/10 16:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/06/03 20:22:50 | 000,413,208 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- H:\Windows\System32\drivers\t3.sys -- (t3)
DRV - [2008/08/26 02:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand] -- H:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/11/06 15:22:06 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand] -- H:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2005/09/23 15:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand] -- H:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Domownik_ON_H\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\Domownik_ON_H\Software\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid={74E1EC53-7A18-42FB-81F9-03BD775E4743}&mid=8a517bfd7daa486eaee99e70ab59184d-2251a4cd54be3ba3993b4af353613a7c6448f4a9&lang=pl&ds=ik011&pr=&d=2012-10-02 22:06:30&v=12.2.5.34&sap=hp
IE - HKU\Domownik_ON_H\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "http://www.thecrims.com/"
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4
FF - prefs.js..extensions.enabledItems: wrc@avast.com:7.0.1474
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: avg@toolbar:13.2.0.5
FF - prefs.js..keyword.URL: "http://isearch.avg.com/search?cid=%7B11470f6e-ae94-4fdb-899d-d72a882adb79%7D&mid=8a517bfd7daa486eaee99e70ab59184d-2251a4cd54be3ba3993b4af353613a7c6448f4a9&ds=ik011&v=13.2.0.5&lang=pl&pr=&d=2012-10-02%2022%3A06%3A30&sap=ku&q="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: H:\Windows\System32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: H:\Windows\System32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: H:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: H:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: H:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: H:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: H:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: H:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: H:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.5.109: H:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.5.109: H:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.5.109: H:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.5.109: H:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.5.109: H:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: H:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: H:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: H:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: H:\Users\Domownik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/11/08 00:30:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/07/01 02:21:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5 [2012/11/05 08:42:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/06 10:46:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/09 14:08:13 | 000,000,000 | ---D | M]
 
[2011/03/02 12:07:25 | 000,000,000 | ---D | M] (No name found) -- H:\Users\Domownik\AppData\Roaming\Mozilla\Extensions
[2013/01/07 11:14:07 | 000,000,000 | ---D | M] (No name found) -- H:\Users\Domownik\AppData\Roaming\Mozilla\Firefox\Profiles\071yjfpx.default\extensions
[2013/01/06 10:29:00 | 000,000,000 | ---D | M] (No name found) -- H:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- 
[2013/01/06 10:28:55 | 000,097,208 | ---- | M] (Mozilla Foundation) -- H:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/06/16 14:49:34 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- H:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/07/01 02:21:28 | 000,129,176 | ---- | M] (RealPlayer) -- H:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2013/01/06 10:28:51 | 000,002,767 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012/11/05 08:42:46 | 000,003,572 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2013/01/06 10:28:51 | 000,001,406 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2013/01/06 10:28:51 | 000,000,917 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2013/01/06 10:28:51 | 000,000,858 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2013/01/06 10:28:51 | 000,001,183 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2013/01/06 10:28:51 | 000,001,683 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2009/06/10 16:39:37 | 000,000,824 | ---- | M]) - H:\Windows\System32\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - H:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - H:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - H:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -  File not found
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - H:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O3 - HKU\Domownik_ON_H\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\Domownik_ON_H\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [ATICustomerCare] H:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avast] H:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ROC_ROC_NT] H:\Program Files\AVG Secure Search\ROC_ROC_NT.exe ()
O4 - HKLM..\Run: [SBRegRebootCleaner]  File not found
O4 - HKLM..\Run: [SPIRunE] H:\Windows\System32\SpiRunE.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [ss] H:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [StartCCC] H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Tutorials] H:\Program Files\TUTO4PC\tuto4pc_pl_1.exe ()
O4 - HKLM..\Run: [vProt] H:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKU\.DEFAULT..\Run: [Advanced SystemCare 5]  File not found
O4 - HKU\LocalService_ON_H..\RunOnce: [mctadmin] H:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_H..\RunOnce: [mctadmin] H:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\Domownik_ON_H\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - H:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - H:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - H:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - H:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanner.ikea.com/PL/Core/Player/2020PlayerAX_IKEA_Win32.cab (20-20 3D Viewer for IKEA)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 62.179.1.62 62.179.1.63
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - H:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - H:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - H:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKU\Domownik_ON_H Winlogon: Shell - (explorer.exe) - H:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\Domownik_ON_H Winlogon: Shell - (C:\Users\Domownik\AppData\Roaming\skype.dat) - H:\Users\Domownik\AppData\Roaming\skype.dat ()
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - H:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/02/08 05:24:39 | 000,000,000 | RH-D | M] - D:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002/10/16 13:56:50 | 000,000,036 | RH-- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (SBBD.exe /d \Device\HarddiskVolume2\Program Files\Ad-Aware Antivirus\Definitions) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013/01/14 02:59:00 | 127,231,689 | ---- | C] (Igor Pavlov) -- H:\OTLPENet.exe
[2013/01/14 02:37:24 | 005,021,655 | R--- | C] (Swearware) -- H:\ComboFix.exe
[2013/01/10 11:01:37 | 000,000,000 | ---D | C] -- H:\Users\Domownik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft Cracked
[2013/01/10 10:56:35 | 000,000,000 | ---D | C] -- H:\Users\Domownik\Desktop\Minecraft_Cracked_v1.4.7
[2013/01/08 14:00:49 | 000,000,000 | ---D | C] -- H:\Users\Domownik\Desktop\Samsung Monte
[2013/01/06 10:30:18 | 000,000,000 | ---D | C] -- H:\Users\Domownik\AppData\Local\Macromedia
[2013/01/06 10:29:03 | 000,000,000 | ---D | C] -- H:\ProgramData\Mozilla
[2013/01/06 10:29:02 | 000,000,000 | ---D | C] -- H:\Program Files\Mozilla Maintenance Service
[2013/01/04 20:07:41 | 000,000,000 | ---D | C] -- H:\Users\Domownik\AppData\Roaming\Stella
[2012/12/29 08:29:51 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012/12/27 17:14:58 | 000,000,000 | ---D | C] -- H:\ProgramData\REVOLT
[2012/12/27 17:14:52 | 000,000,000 | ---D | C] -- H:\Users\Domownik\Documents\Telltale Games
[2012/12/24 07:12:28 | 000,000,000 | ---D | C] -- H:\Users\Domownik\Desktop\Avengers Initiative v1.0.2 Android
[2012/12/16 17:05:14 | 000,000,000 | ---D | C] -- H:\Users\Domownik\AppData\Local\supt4pc_pl_1
[2012/12/16 17:05:12 | 000,000,000 | ---D | C] -- H:\Users\Domownik\AppData\Local\tuto4pc_pl_1
[2012/12/16 17:05:12 | 000,000,000 | ---D | C] -- H:\Program Files\TUTO4PC
[2012/12/16 17:05:05 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comical
[2012/12/16 17:05:05 | 000,000,000 | ---D | C] -- H:\Program Files\Comical
[2012/12/16 17:02:28 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDisplay
[2012/12/16 17:02:28 | 000,000,000 | ---D | C] -- H:\Program Files\CDisplay
[2012/12/16 17:00:55 | 000,000,000 | ---D | C] -- H:\Users\Domownik\Desktop\Policja
[2012/01/13 16:31:53 | 001,531,392 | ---- | C] (Toshiba Samsung Storage Technology Corporation) -- H:\Users\Domownik\AppData\Roaming\tsdnwin.dll
[5 H:\Windows\System32\*.tmp files -> H:\Windows\System32\*.tmp -> ]
[1 H:\Windows\*.tmp files -> H:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013/01/14 02:42:50 | 127,231,689 | ---- | M] (Igor Pavlov) -- H:\OTLPENet.exe
[2013/01/14 02:22:51 | 005,021,655 | R--- | M] (Swearware) -- H:\ComboFix.exe
[2013/01/14 02:15:35 | 000,067,584 | --S- | M] () -- H:\Windows\bootstat.dat
[2013/01/14 02:09:41 | 000,000,004 | ---- | M] () -- H:\Users\Domownik\AppData\Roaming\skype.ini
[2013/01/14 02:08:50 | 000,001,036 | ---- | M] () -- H:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/14 01:33:01 | 000,001,040 | ---- | M] () -- H:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/14 01:29:27 | 000,016,944 | -H-- | M] () -- H:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/14 01:29:27 | 000,016,944 | -H-- | M] () -- H:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/13 16:07:00 | 000,000,930 | ---- | M] () -- H:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/12 15:22:24 | 000,750,200 | ---- | M] () -- H:\Windows\System32\perfh015.dat
[2013/01/12 15:22:24 | 000,725,694 | ---- | M] () -- H:\Windows\System32\perfh019.dat
[2013/01/12 15:22:24 | 000,663,122 | ---- | M] () -- H:\Windows\System32\perfh009.dat
[2013/01/12 15:22:24 | 000,160,700 | ---- | M] () -- H:\Windows\System32\perfc015.dat
[2013/01/12 15:22:24 | 000,154,292 | ---- | M] () -- H:\Windows\System32\perfc019.dat
[2013/01/12 15:22:24 | 000,125,252 | ---- | M] () -- H:\Windows\System32\perfc009.dat
[2013/01/12 08:38:02 | 000,000,577 | ---- | M] () -- H:\Users\Domownik\AppData\Roaming\burnaware.ini
[2013/01/12 03:23:11 | 000,212,703 | ---- | M] () -- H:\Users\Domownik\Desktop\potw.jpg
[2013/01/12 02:56:56 | 000,002,230 | ---- | M] () -- H:\Users\Domownik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/01/11 15:36:32 | 000,000,000 | ---D | M] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/01/10 11:01:37 | 000,001,893 | ---- | M] () -- H:\Users\Domownik\Desktop\MINECRAFTinstall.net.lnk
[2013/01/10 11:01:37 | 000,000,932 | ---- | M] () -- H:\Users\Domownik\Desktop\Start Minecraft Cracked.lnk
[2013/01/09 14:08:14 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- H:\Windows\System32\FlashPlayerApp.exe
[2013/01/09 14:08:14 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- H:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/01/09 11:00:13 | 002,079,891 | ---- | M] () -- H:\Users\Domownik\Desktop\Skan001.pdf
[2013/01/06 13:26:31 | 000,001,101 | ---- | M] () -- H:\Users\Domownik\Desktop\ASIO4ALL v2 Instruction Manual.lnk
[2013/01/06 13:05:53 | 000,000,000 | ---D | M] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
[2013/01/06 10:29:00 | 000,001,995 | ---- | M] () -- H:\Users\Domownik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/01/06 10:29:00 | 000,001,105 | ---- | M] () -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/01/05 12:28:19 | 124,627,096 | ---- | M] () -- H:\Users\Domownik\Desktop\Zarzadzanie zasobami ludzkami - M.Armstrong 2000.pdf
[2013/01/05 12:25:22 | 000,263,169 | ---- | M] () -- H:\Users\Domownik\Desktop\e-book - zarzadzanie zasobami ludzkimi.pdf
[2013/01/01 08:46:24 | 002,883,648 | ---- | M] () -- H:\Users\Domownik\Desktop\MINECRAFT PORADNIK potwory CRAFTING bloki Jak stworzyć server multi.pdf
[2013/01/01 08:06:04 | 000,001,868 | ---- | M] () -- H:\Users\Domownik\Desktop\Minecraft.lnk
[2012/12/29 08:29:51 | 000,002,179 | ---- | M] () -- H:\Users\Public\Desktop\Google Earth.lnk
[2012/12/29 08:29:51 | 000,000,000 | ---D | M] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012/12/28 08:23:00 | 000,000,583 | ---- | M] () -- H:\Users\Public\Desktop\The Walking Dead.lnk
[2012/12/25 11:22:35 | 000,004,096 | ---- | M] () -- H:\Users\Public\Documents\00001A83.LCS
[2012/12/16 17:05:05 | 000,000,000 | ---D | M] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comical
[2012/12/16 17:02:28 | 000,000,000 | ---D | M] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDisplay
[2012/12/16 17:00:18 | 001,189,345 | ---- | M] () -- H:\Users\Domownik\Desktop\CDisplay_setup.exe
[5 H:\Windows\System32\*.tmp files -> H:\Windows\System32\*.tmp -> ]
[1 H:\Windows\*.tmp files -> H:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/01/14 02:04:35 | 000,000,004 | ---- | C] () -- H:\Users\Domownik\AppData\Roaming\skype.ini
[2013/01/12 03:23:10 | 000,212,703 | ---- | C] () -- H:\Users\Domownik\Desktop\potw.jpg
[2013/01/10 11:01:37 | 000,001,893 | ---- | C] () -- H:\Users\Domownik\Desktop\MINECRAFTinstall.net.lnk
[2013/01/10 11:01:37 | 000,000,932 | ---- | C] () -- H:\Users\Domownik\Desktop\Start Minecraft Cracked.lnk
[2013/01/09 11:04:38 | 002,079,891 | ---- | C] () -- H:\Users\Domownik\Desktop\Skan001.pdf
[2013/01/06 13:26:31 | 000,001,101 | ---- | C] () -- H:\Users\Domownik\Desktop\ASIO4ALL v2 Instruction Manual.lnk
[2013/01/06 10:29:00 | 000,001,105 | ---- | C] () -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/01/05 12:27:41 | 124,627,096 | ---- | C] () -- H:\Users\Domownik\Desktop\Zarzadzanie zasobami ludzkami - M.Armstrong 2000.pdf
[2013/01/05 12:25:22 | 000,263,169 | ---- | C] () -- H:\Users\Domownik\Desktop\e-book - zarzadzanie zasobami ludzkimi.pdf
[2013/01/01 08:46:24 | 002,883,648 | ---- | C] () -- H:\Users\Domownik\Desktop\MINECRAFT PORADNIK potwory CRAFTING bloki Jak stworzyć server multi.pdf
[2013/01/01 08:06:04 | 000,001,868 | ---- | C] () -- H:\Users\Domownik\Desktop\Minecraft.lnk
[2012/12/29 08:29:51 | 000,002,179 | ---- | C] () -- H:\Users\Public\Desktop\Google Earth.lnk
[2012/12/28 08:23:00 | 000,000,583 | ---- | C] () -- H:\Users\Public\Desktop\The Walking Dead.lnk
[2012/12/16 17:00:17 | 001,189,345 | ---- | C] () -- H:\Users\Domownik\Desktop\CDisplay_setup.exe
[2012/10/02 15:02:36 | 002,392,064 | ---- | C] () -- H:\Windows\System32\videotrans.dll
[2012/10/02 15:02:35 | 000,215,040 | ---- | C] () -- H:\Windows\System32\videoformat.dll
[2012/10/02 15:02:35 | 000,061,440 | ---- | C] () -- H:\Windows\System32\imgscaler.dll
[2012/10/02 15:02:35 | 000,022,016 | ---- | C] () -- H:\Windows\System32\img_utils.dll
[2012/10/02 15:02:35 | 000,017,920 | ---- | C] () -- H:\Windows\System32\videocore.dll
[2012/10/02 15:02:32 | 000,128,512 | ---- | C] () -- H:\Windows\System32\xvid.dll
[2012/09/30 11:46:40 | 000,240,640 | ---- | C] () -- H:\Windows\System32\xvidvfw.dll
[2012/09/30 11:46:40 | 000,217,088 | ---- | C] () -- H:\Windows\System32\xvidcore.dll
[2012/09/28 08:36:56 | 000,180,224 | ---- | C] () -- H:\Windows\System32\clinfo.exe
[2012/09/25 14:37:52 | 000,075,776 | -H-- | C] () -- H:\Users\Domownik\AppData\Roaming\rbqt450.DLL
[2012/09/25 14:37:52 | 000,065,024 | -H-- | C] () -- H:\Users\Domownik\AppData\Roaming\MBSPicturePlugin3542.dll
[2012/09/25 14:37:52 | 000,064,512 | -H-- | C] () -- H:\Users\Domownik\AppData\Roaming\rbap450.dll
[2012/09/25 14:37:52 | 000,061,440 | -H-- | C] () -- H:\Users\Domownik\AppData\Roaming\MBSQTImporterPlugin3549.dll
[2012/09/25 14:37:52 | 000,055,808 | -H-- | C] () -- H:\Users\Domownik\AppData\Roaming\MBSQuickTimePlugin3549.dll
[2012/09/25 14:37:52 | 000,053,760 | -H-- | C] () -- H:\Users\Domownik\AppData\Roaming\MBSWinPlugin3544.dll
[2012/09/25 14:37:52 | 000,052,224 | -H-- | C] () -- H:\Users\Domownik\AppData\Roaming\EHZComp.dll
[2012/09/25 14:37:52 | 000,048,640 | -H-- | C] () -- H:\Users\Domownik\AppData\Roaming\MBSResPlugin3542.dll
[2012/09/25 14:37:52 | 000,044,032 | -H-- | C] () -- H:\Users\Domownik\AppData\Roaming\MBSMainPlugin3542.dll
[2012/09/25 14:37:52 | 000,042,496 | -H-- | C] () -- H:\Users\Domownik\AppData\Roaming\MBSRegistryPlugin3544.dll
[2012/09/25 14:37:52 | 000,041,472 | -H-- | C] () -- H:\Users\Domownik\AppData\Roaming\RBShell400.dll
[2012/09/25 14:37:52 | 000,037,888 | -H-- | C] () -- H:\Users\Domownik\AppData\Roaming\MBSPictureMacPlugin3552.dll
[2012/09/25 14:37:52 | 000,036,352 | -H-- | C] () -- H:\Users\Domownik\AppData\Roaming\MBSFolderitemsPlugin3542.dll
[2012/09/25 14:37:52 | 000,036,352 | -H-- | C] () -- H:\Users\Domownik\AppData\Roaming\MBSFolderitemsCreatePlugin3542.dll
[2012/09/25 14:37:52 | 000,034,304 | -H-- | C] () -- H:\Users\Domownik\AppData\Roaming\MBSEncryptPlugin3543.dll
[2012/09/25 14:37:52 | 000,033,792 | -H-- | C] () -- H:\Users\Domownik\AppData\Roaming\MBSIconPlugin3542.dll
[2012/09/25 14:37:52 | 000,032,768 | -H-- | C] () -- H:\Users\Domownik\AppData\Roaming\MBSProcessPlugin3543.dll
[2012/09/25 14:37:52 | 000,030,720 | -H-- | C] () -- H:\Users\Domownik\AppData\Roaming\MBSMemoryPlugin3542.dll
[2012/09/25 14:37:52 | 000,029,696 | -H-- | C] () -- H:\Users\Domownik\AppData\Roaming\MBSMacOSXPlugin3545.dll
[2012/09/25 14:37:52 | 000,029,184 | -H-- | C] () -- H:\Users\Domownik\AppData\Roaming\MBSRectPlugin3542.dll
[2012/09/25 14:37:52 | 000,027,648 | -H-- | C] () -- H:\Users\Domownik\AppData\Roaming\MBSRegistrationPlugin3542.dll
[2012/09/25 14:37:52 | 000,027,136 | -H-- | C] () -- H:\Users\Domownik\AppData\Roaming\MBSUsernamePlugin3541.dll
[2012/09/25 14:37:52 | 000,026,112 | -H-- | C] () -- H:\Users\Domownik\AppData\Roaming\MBSResStreamPlugin3552.dll
[2012/09/25 14:37:52 | 000,025,600 | -H-- | C] () -- H:\Users\Domownik\AppData\Roaming\MBSVersionPlugin3581.dll
[2012/09/25 14:37:52 | 000,019,968 | -H-- | C] () -- H:\Users\Domownik\AppData\Roaming\EHMD5.dll
[2012/09/25 14:37:52 | 000,018,432 | -H-- | C] () -- H:\Users\Domownik\AppData\Roaming\EHEncrypt.dll
[2012/07/18 12:21:49 | 000,000,104 | ---- | C] () -- H:\Windows\System32\SBRC.dat
[2012/07/11 09:46:01 | 000,000,096 | ---- | C] () -- H:\Users\Domownik\AppData\Local\fusioncache.dat
[2012/07/08 09:01:45 | 000,066,872 | ---- | C] () -- H:\Windows\System32\PnkBstrA.exe
[2012/07/08 09:01:44 | 000,022,328 | ---- | C] () -- H:\Windows\System32\drivers\PnkBstrK.sys
[2012/07/08 09:01:22 | 000,103,736 | ---- | C] () -- H:\Windows\System32\PnkBstrB.exe
[2012/06/18 14:32:53 | 000,110,592 | ---- | C] () -- H:\Windows\System32\FsUsbExDevice.Dll
[2012/06/18 14:32:53 | 000,036,640 | ---- | C] () -- H:\Windows\System32\FsUsbExDisk.Sys
[2012/05/23 10:31:02 | 000,632,252 | ---- | C] () -- H:\Windows\System32\atiicdxx.dat
[2012/05/02 07:58:10 | 000,029,184 | ---- | C] () -- H:\Windows\System32\kdbsdk32.dll
[2012/02/14 21:28:34 | 000,157,144 | ---- | C] () -- H:\Windows\System32\ativvsva.dat
[2012/02/14 21:28:32 | 000,204,952 | ---- | C] () -- H:\Windows\System32\ativvsvl.dat
[2012/01/03 02:28:06 | 002,570,286 | ---- | C] () -- H:\Windows\System32\abgx360.exe
[2011/11/24 11:24:44 | 029,190,001 | ---- | C] () -- H:\Windows\System32\D3Studio [nfoto.com.pl]_nfotokreator_uninstaller.exe
[2011/10/25 15:21:34 | 000,056,832 | ---- | C] () -- H:\Windows\System32\OVDecoder.dll
[2011/09/12 17:06:16 | 000,003,917 | ---- | C] () -- H:\Windows\System32\atipblag.dat
[2011/06/07 04:13:38 | 000,974,848 | ---- | C] () -- H:\Windows\System32\cis-2.4.dll
[2011/06/07 04:13:38 | 000,081,920 | ---- | C] () -- H:\Windows\System32\issacapi_bs-2.3.dll
[2011/06/07 04:13:38 | 000,065,536 | ---- | C] () -- H:\Windows\System32\issacapi_pe-2.3.dll
[2011/06/07 04:13:38 | 000,057,344 | ---- | C] () -- H:\Windows\System32\issacapi_se-2.3.dll
[2011/06/07 04:13:38 | 000,030,568 | ---- | C] () -- H:\Windows\MusiccityDownload.exe
[2011/05/01 10:41:04 | 000,083,872 | ---- | C] () -- H:\Windows\System32\drivers\atksgt.sys
[2011/05/01 10:41:03 | 000,025,888 | ---- | C] () -- H:\Windows\System32\drivers\lirsgt.sys
[2011/05/01 09:38:16 | 000,000,183 | ---- | C] () -- H:\Windows\7THLEVEL.INI
[2011/04/16 03:32:18 | 000,000,577 | ---- | C] () -- H:\Users\Domownik\AppData\Roaming\burnaware.ini
[2011/04/12 10:07:42 | 000,000,052 | ---- | C] () -- H:\Windows\mafosav.INI
[2011/04/11 13:27:54 | 000,000,115 | ---- | C] () -- H:\Windows\kaillera.ini
[2011/03/25 15:33:48 | 000,002,516 | -HS- | C] () -- H:\ProgramData\KGyGaAvL.sys
[2011/03/25 15:33:48 | 000,000,088 | RHS- | C] () -- H:\ProgramData\ECFD5E5943.sys
[2011/03/06 14:30:15 | 000,011,264 | ---- | C] () -- H:\Users\Domownik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/04 12:11:13 | 000,000,309 | ---- | C] () -- H:\Windows\disney.ini
[2011/03/03 03:18:40 | 000,000,010 | ---- | C] () -- H:\Windows\GSetup.ini
[2011/03/02 13:28:39 | 000,079,872 | ---- | C] () -- H:\Windows\System32\ff_vfw.dll
[2011/03/02 13:21:09 | 000,000,600 | ---- | C] () -- H:\Users\Domownik\AppData\Roaming\winscp.rnd
[2011/03/02 12:46:27 | 000,000,000 | ---- | C] () -- H:\Windows\ativpsrm.bin
[2011/03/02 12:21:10 | 000,000,049 | R--- | C] () -- H:\Windows\System32\ctzapxx.ini
[2011/03/02 12:21:09 | 000,148,480 | ---- | C] () -- H:\Windows\System32\APOMngr.DLL
[2011/03/02 12:21:09 | 000,073,728 | ---- | C] () -- H:\Windows\System32\CmdRtr.DLL
[2011/03/02 12:21:05 | 000,001,436 | ---- | C] () -- H:\Windows\CfgHPSp.ini
[2011/03/02 12:21:05 | 000,001,434 | ---- | C] () -- H:\Windows\Cfg05Sp.ini
[2011/03/02 12:21:05 | 000,001,434 | ---- | C] () -- H:\Windows\Cfg04Sp.ini
[2011/03/02 12:21:05 | 000,001,091 | ---- | C] () -- H:\Windows\Cfg03Sp.ini
[2011/03/02 12:21:05 | 000,001,091 | ---- | C] () -- H:\Windows\Cfg02Sp.ini
[2011/03/02 12:21:05 | 000,000,932 | ---- | C] () -- H:\Windows\CfgHPHp.ini
[2011/03/02 12:21:05 | 000,000,932 | ---- | C] () -- H:\Windows\CfgHPDO.ini
[2011/03/02 12:21:05 | 000,000,932 | ---- | C] () -- H:\Windows\Cfg05DO.ini
[2011/03/02 12:21:05 | 000,000,932 | ---- | C] () -- H:\Windows\Cfg04DO.ini
[2011/03/02 12:21:05 | 000,000,930 | ---- | C] () -- H:\Windows\Cfg05Hp.ini
[2011/03/02 12:21:05 | 000,000,930 | ---- | C] () -- H:\Windows\Cfg04Hp.ini
[2011/03/02 12:21:05 | 000,000,725 | ---- | C] () -- H:\Windows\Cfg03Hp.ini
[2011/03/02 12:21:05 | 000,000,725 | ---- | C] () -- H:\Windows\Cfg03DO.ini
[2011/03/02 12:21:05 | 000,000,725 | ---- | C] () -- H:\Windows\Cfg02Hp.ini
[2011/03/02 12:21:05 | 000,000,725 | ---- | C] () -- H:\Windows\Cfg02DO.ini
[2011/03/02 12:21:05 | 000,000,453 | ---- | C] () -- H:\Windows\CfgHPRMi.ini
[2011/03/02 12:21:05 | 000,000,453 | ---- | C] () -- H:\Windows\CfgHPRLI.ini
[2011/03/02 12:21:05 | 000,000,453 | ---- | C] () -- H:\Windows\CfgHPFMi.ini
[2011/03/02 12:21:05 | 000,000,453 | ---- | C] () -- H:\Windows\CfgHPDI.ini
[2011/03/02 12:21:05 | 000,000,453 | ---- | C] () -- H:\Windows\Cfg05RMi.ini
[2011/03/02 12:21:05 | 000,000,453 | ---- | C] () -- H:\Windows\Cfg05RLI.ini
[2011/03/02 12:21:05 | 000,000,453 | ---- | C] () -- H:\Windows\Cfg05FMi.ini
[2011/03/02 12:21:05 | 000,000,453 | ---- | C] () -- H:\Windows\Cfg05DI.ini
[2011/03/02 12:21:05 | 000,000,453 | ---- | C] () -- H:\Windows\Cfg04RMi.ini
[2011/03/02 12:21:05 | 000,000,453 | ---- | C] () -- H:\Windows\Cfg04RLI.ini
[2011/03/02 12:21:05 | 000,000,453 | ---- | C] () -- H:\Windows\Cfg04FMi.ini
[2011/03/02 12:21:05 | 000,000,453 | ---- | C] () -- H:\Windows\Cfg04DI.ini
[2011/03/02 12:21:05 | 000,000,453 | ---- | C] () -- H:\Windows\Cfg03RMi.ini
[2011/03/02 12:21:05 | 000,000,453 | ---- | C] () -- H:\Windows\Cfg03RLI.ini
[2011/03/02 12:21:05 | 000,000,453 | ---- | C] () -- H:\Windows\Cfg03FMi.ini
[2011/03/02 12:21:05 | 000,000,453 | ---- | C] () -- H:\Windows\Cfg03DI.ini
[2011/03/02 12:21:05 | 000,000,453 | ---- | C] () -- H:\Windows\Cfg02RMi.ini
[2011/03/02 12:21:05 | 000,000,453 | ---- | C] () -- H:\Windows\Cfg02RLI.ini
[2011/03/02 12:21:05 | 000,000,453 | ---- | C] () -- H:\Windows\Cfg02FMi.ini
[2011/03/02 12:21:04 | 000,148,992 | ---- | C] () -- H:\Windows\System32\OemSpiE.dll
[2011/03/02 12:21:04 | 000,001,000 | ---- | C] () -- H:\Windows\Cfg01Sp.ini
[2011/03/02 12:21:04 | 000,000,818 | ---- | C] () -- H:\Windows\Cfg01APR.ini
[2011/03/02 12:21:04 | 000,000,725 | ---- | C] () -- H:\Windows\Cfg01Hp.ini
[2011/03/02 12:21:04 | 000,000,725 | ---- | C] () -- H:\Windows\Cfg01DO.ini
[2011/03/02 12:21:04 | 000,000,453 | ---- | C] () -- H:\Windows\Cfg02DI.ini
[2011/03/02 12:21:04 | 000,000,453 | ---- | C] () -- H:\Windows\Cfg01Mic.ini
[2011/03/02 12:21:04 | 000,000,453 | ---- | C] () -- H:\Windows\Cfg01LI.ini
[2011/03/02 12:21:04 | 000,000,453 | ---- | C] () -- H:\Windows\Cfg01DI.ini
[2011/03/02 12:07:14 | 000,000,000 | ---- | C] () -- H:\Windows\nsreg.dat
[2011/03/02 11:46:05 | 000,513,720 | ---- | C] () -- H:\Windows\System32\FNTCACHE.DAT
[2010/08/02 17:05:14 | 000,337,158 | ---- | C] () -- H:\Windows\System32\perfi015.dat
[2010/08/02 17:05:13 | 000,750,200 | ---- | C] () -- H:\Windows\System32\perfh015.dat
[2010/08/02 17:05:13 | 000,160,700 | ---- | C] () -- H:\Windows\System32\perfc015.dat
[2010/08/02 17:05:13 | 000,038,710 | ---- | C] () -- H:\Windows\System32\perfd015.dat
[2010/06/25 01:44:03 | 000,080,384 | ---- | C] () -- H:\Windows\System32\RDVGHelper.exe
[2010/04/02 11:17:34 | 000,179,091 | ---- | C] () -- H:\Windows\System32\xlive.dll.cat
[2009/07/14 03:41:05 | 000,725,694 | ---- | C] () -- H:\Windows\System32\perfh019.dat
[2009/07/14 03:41:05 | 000,336,704 | ---- | C] () -- H:\Windows\System32\perfi019.dat
[2009/07/14 03:41:05 | 000,154,292 | ---- | C] () -- H:\Windows\System32\perfc019.dat
[2009/07/14 03:41:05 | 000,039,446 | ---- | C] () -- H:\Windows\System32\perfd019.dat
[2009/07/13 23:57:37 | 000,067,584 | --S- | C] () -- H:\Windows\bootstat.dat
[2009/07/13 21:05:48 | 000,663,122 | ---- | C] () -- H:\Windows\System32\perfh009.dat
[2009/07/13 21:05:48 | 000,291,294 | ---- | C] () -- H:\Windows\System32\perfi009.dat
[2009/07/13 21:05:48 | 000,125,252 | ---- | C] () -- H:\Windows\System32\perfc009.dat
[2009/07/13 21:05:48 | 000,031,548 | ---- | C] () -- H:\Windows\System32\perfd009.dat
[2009/07/13 21:05:05 | 000,000,741 | ---- | C] () -- H:\Windows\System32\NOISE.DAT
[2009/07/13 21:04:11 | 000,215,943 | ---- | C] () -- H:\Windows\System32\dssec.dat
[2009/07/13 19:19:49 | 000,066,048 | ---- | C] () -- H:\Windows\System32\PrintBrmUi.exe
[2009/07/13 19:02:54 | 000,252,928 | ---- | C] () -- H:\Windows\System32\DShowRdpFilter.dll
[2009/07/13 18:55:01 | 000,043,131 | ---- | C] () -- H:\Windows\mib.bin
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- H:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- H:\Windows\System32\BWContextHandler.dll
[2009/07/13 18:11:59 | 000,058,880 | ---- | C] () -- H:\Users\Domownik\AppData\Roaming\skype.dat
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- H:\Windows\System32\mlang.dat
[2009/04/14 08:34:28 | 000,033,080 | ---- | C] () -- H:\Windows\System32\t3.ini
[2009/01/28 13:50:44 | 000,153,088 | ---- | C] () -- H:\Windows\System32\unrar.dll
[2007/11/06 15:19:28 | 000,053,299 | ---- | C] () -- H:\Windows\System32\pthreadVC.dll
[2007/06/21 01:34:08 | 000,203,328 | R--- | C] () -- H:\Windows\GSetup.exe
[2007/04/27 02:43:58 | 000,120,200 | ---- | C] () -- H:\Windows\System32\DLLDEV32i.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012/10/23 10:09:18 | 000,000,000 | ---D | M] -- H:\ProgramData\AMD
[2011/03/06 07:33:48 | 000,000,000 | ---D | M] -- H:\ProgramData\Apache
[2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- H:\ProgramData\Application Data
[2011/04/15 12:27:43 | 000,000,000 | ---D | M] -- H:\ProgramData\ashampoo
[2011/06/21 23:02:09 | 000,000,000 | ---D | M] -- H:\ProgramData\AutoKMS
[2012/03/12 11:01:48 | 000,000,000 | ---D | M] -- H:\ProgramData\AVAST Software
[2012/11/25 05:01:46 | 000,000,000 | ---D | M] -- H:\ProgramData\AVG Secure Search
[2012/09/07 12:26:34 | 000,000,000 | ---D | M] -- H:\ProgramData\Brawsome
[2011/03/03 03:31:06 | 000,000,000 | -H-D | M] -- H:\ProgramData\CanonBJ
[2011/05/02 07:26:48 | 000,000,000 | -H-D | M] -- H:\ProgramData\CanonIJScan
[2011/06/18 15:08:01 | 000,000,000 | ---D | M] -- H:\ProgramData\Codemasters
[2011/03/04 11:50:26 | 000,000,000 | ---D | M] -- H:\ProgramData\DAEMON Tools Lite
[2011/03/02 11:53:01 | 000,000,000 | -HSD | M] -- H:\ProgramData\Dane aplikacji
[2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- H:\ProgramData\Desktop
[2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- H:\ProgramData\Documents
[2011/03/02 11:53:01 | 000,000,000 | -HSD | M] -- H:\ProgramData\Dokumenty
[2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- H:\ProgramData\Favorites
[2011/03/02 13:19:41 | 000,000,000 | ---D | M] -- H:\ProgramData\FreeDownloadManager.ORG
[2012/07/18 12:27:27 | 000,000,000 | ---D | M] -- H:\ProgramData\GFI Software
[2012/06/22 14:35:03 | 000,000,000 | ---D | M] -- H:\ProgramData\IObit
[2011/11/24 11:30:50 | 000,000,000 | ---D | M] -- H:\ProgramData\M-Photo
[2012/07/28 05:21:59 | 000,000,000 | ---D | M] -- H:\ProgramData\MAGIX
[2011/03/02 11:53:01 | 000,000,000 | -HSD | M] -- H:\ProgramData\Menu Start
[2011/04/03 00:42:27 | 000,000,000 | ---D | M] -- H:\ProgramData\PACE Anti-Piracy
[2012/06/18 14:48:06 | 000,000,000 | ---D | M] -- H:\ProgramData\PC Suite
[2011/05/19 13:39:34 | 000,000,000 | ---D | M] -- H:\ProgramData\Pinnacle
[2011/05/19 13:35:56 | 000,000,000 | ---D | M] -- H:\ProgramData\Pinnacle Studio Plus
[2011/05/19 13:40:18 | 000,000,000 | ---D | M] -- H:\ProgramData\Pinnacle Studio Ultimate Collection
[2011/03/02 11:53:01 | 000,000,000 | -HSD | M] -- H:\ProgramData\Pulpit
[2011/12/02 16:50:58 | 000,000,000 | ---D | M] -- H:\ProgramData\RELOADED
[2012/12/27 17:14:58 | 000,000,000 | ---D | M] -- H:\ProgramData\REVOLT
[2011/11/21 13:59:37 | 000,000,000 | ---D | M] -- H:\ProgramData\salvation
[2012/06/30 12:50:58 | 000,000,000 | ---D | M] -- H:\ProgramData\Samsung
[2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- H:\ProgramData\Start Menu
[2011/05/19 13:35:56 | 000,000,000 | ---D | M] -- H:\ProgramData\Studio 14
[2011/03/11 15:47:16 | 000,000,000 | ---D | M] -- H:\ProgramData\Synetic
[2012/09/15 11:51:24 | 000,000,000 | ---D | M] -- H:\ProgramData\Systweak
[2011/03/02 11:53:01 | 000,000,000 | -HSD | M] -- H:\ProgramData\Szablony
[2011/04/16 10:08:58 | 000,000,000 | ---D | M] -- H:\ProgramData\Temp
[2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- H:\ProgramData\Templates
[2011/10/23 10:42:46 | 000,000,000 | ---D | M] -- H:\ProgramData\Ubisoft
[2011/03/02 11:53:01 | 000,000,000 | -HSD | M] -- H:\ProgramData\Ulubione
[2012/01/01 10:38:28 | 000,000,000 | -H-D | M] -- H:\ProgramData\{C78336EC-F2EB-4640-99A4-DFE96581B90B}
[2011/11/22 13:05:18 | 000,000,000 | -H-D | M] -- H:\ProgramData\{D69A48BF-7653-4AA8-94BC-5847522A4573}
[2012/10/28 01:35:09 | 000,032,604 | ---- | M] () -- H:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 1234 bytes -> H:\Program Files\Common Files\microsoft shared:C89j2BSzANkzJjrsNpMjtHytY
@Alternate Data Stream - 1222 bytes -> H:\ProgramData\Microsoft:6inkd0OFizOF4wX8akqXGyG6
@Alternate Data Stream - 1183 bytes -> H:\Users\Domownik\AppData\Local\0bBlquKUiTcLkC:iWMBNQ5wDvVJHUGGygATy6j
@Alternate Data Stream - 1069 bytes -> H:\ProgramData\Microsoft:eCdpITJfPZeQQ3nQbUZVj2fPcYxs6
< End of report >