OTL logfile created on: 2012-01-02 15:44:48 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Przemek\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
4,00 Gb Total Physical Memory | 2,11 Gb Available Physical Memory | 52,77% Memory free
8,00 Gb Paging File | 5,86 Gb Available in Paging File | 73,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 36,07 Gb Total Space | 11,78 Gb Free Space | 32,66% Space Free | Partition Type: NTFS
Drive D: | 10,64 Gb Total Space | 3,45 Gb Free Space | 32,45% Space Free | Partition Type: NTFS
Drive E: | 154,98 Gb Total Space | 61,12 Gb Free Space | 39,44% Space Free | Partition Type: NTFS
Drive F: | 264,06 Gb Total Space | 124,41 Gb Free Space | 47,11% Space Free | Partition Type: NTFS
 
Computer Name: CALIBER | User Name: Przemek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-01-02 15:43:34 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Przemek\Desktop\OTL.exe
PRC - [2011-12-31 23:17:58 | 000,924,632 | ---- | M] (Mozilla Corporation) -- D:\Przegladarki internetowe\Mozilla Firefox 8\firefox.exe
PRC - [2011-12-30 17:48:12 | 002,942,856 | ---- | M] (Hagel Technologies Ltd.) -- D:\Różne Programy\DU Meter\DUMeter.exe
PRC - [2011-12-29 18:15:01 | 003,462,552 | ---- | M] (Tonec Inc.) -- D:\Różne Programy\Internet Download Manager\IDMan.exe
PRC - [2011-12-24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- D:\Antywirus\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011-12-24 17:50:16 | 000,981,680 | ---- | M] (Malwarebytes Corporation) -- D:\Antywirus\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2011-10-08 17:34:24 | 000,820,568 | ---- | M] (IObit) -- D:\Antywirus\IObit Malware Fighter\IMFsrv.exe
PRC - [2011-10-08 17:34:22 | 004,441,944 | ---- | M] (IObit) -- D:\Antywirus\IObit Malware Fighter\IMF.exe
PRC - [2011-08-05 10:12:48 | 001,382,912 | ---- | M] (Crystal Rich Ltd) -- D:\Różne Programy\USB Safely Remove\USBSafelyRemove.exe
PRC - [2011-06-06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-04-24 22:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- D:\Antywirus\Kaspersky Internet Security 2012\avp.exe
PRC - [2011-04-05 10:39:46 | 001,518,976 | ---- | M] () -- D:\Programy do czyszczenia\Ashampoo HDD Control 2\AHDDC2_Service.exe
PRC - [2011-03-31 15:08:14 | 000,080,896 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2011-01-14 06:53:50 | 001,412,488 | ---- | M] (Hagel Technologies Ltd.) -- D:\Różne Programy\DU Meter\DUMeterSvc.exe
PRC - [2010-11-20 15:58:08 | 001,894,912 | ---- | M] (Steamcore.se) -- D:\Różne Programy\Screamer Radio\screamer.exe
PRC - [2010-05-25 15:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- D:\Różne Programy\Internet Download Manager\IEMonitor.exe
PRC - [2007-09-02 12:58:52 | 000,495,616 | ---- | M] () -- D:\Różne Programy\RocketDock\RocketDock.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2011-12-31 23:17:58 | 001,911,768 | ---- | M] () -- D:\Przegladarki internetowe\Mozilla Firefox 8\mozjs.dll
MOD - [2011-08-05 10:12:48 | 000,002,560 | ---- | M] () -- D:\Różne Programy\USB Safely Remove\USBSafelyRemove.dll
MOD - [2011-04-24 22:13:30 | 007,008,656 | ---- | M] () -- D:\Antywirus\Kaspersky Internet Security 2012\qtgui4.dll
MOD - [2011-04-24 22:13:28 | 000,192,912 | ---- | M] () -- D:\Antywirus\Kaspersky Internet Security 2012\qtsql4.dll
MOD - [2011-04-24 22:13:26 | 001,270,160 | ---- | M] () -- D:\Antywirus\Kaspersky Internet Security 2012\qtscript4.dll
MOD - [2011-04-24 22:13:26 | 000,758,160 | ---- | M] () -- D:\Antywirus\Kaspersky Internet Security 2012\qtnetwork4.dll
MOD - [2011-04-24 22:13:24 | 002,118,032 | ---- | M] () -- D:\Antywirus\Kaspersky Internet Security 2012\qtcore4.dll
MOD - [2011-04-24 22:13:24 | 002,089,360 | ---- | M] () -- D:\Antywirus\Kaspersky Internet Security 2012\qtdeclarative4.dll
MOD - [2011-04-20 18:56:28 | 000,025,088 | ---- | M] () -- D:\Antywirus\Kaspersky Internet Security 2012\imageformats\qgif4.dll
MOD - [2010-03-23 09:05:18 | 000,495,104 | ---- | M] () -- D:\Różne Programy\Screamer Radio\lame_enc.dll
MOD - [2007-09-02 13:57:36 | 000,069,632 | ---- | M] () -- D:\Różne Programy\RocketDock\RocketDock.dll
MOD - [2007-09-02 12:58:52 | 000,495,616 | ---- | M] () -- D:\Różne Programy\RocketDock\RocketDock.exe
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2011-11-14 14:25:14 | 000,035,648 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:[b]64bit:[/b] - [2011-09-27 20:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011-12-24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Antywirus\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011-11-14 14:25:16 | 002,072,896 | ---- | M] (TuneUp Software) [Auto | Running] -- D:\Programy do czyszczenia\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011-11-14 14:25:14 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011-10-08 17:34:24 | 000,820,568 | ---- | M] (IObit) [Auto | Running] -- D:\Antywirus\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011-08-04 13:25:22 | 000,551,352 | ---- | M] () [Auto | Running] -- D:\Różne Programy\USB Safely Remove\USBSRService.exe -- (USBSafelyRemoveService)
SRV - [2011-07-20 13:50:16 | 000,884,120 | ---- | M] () [On_Demand | Stopped] -- D:\Programy do czyszczenia\Ashampoo WinOptimizer 8\LiveTunerService.exe -- (WO_LiveService)
SRV - [2011-06-06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-05-28 11:16:06 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2011-04-24 22:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- D:\Antywirus\Kaspersky Internet Security 2012\avp.exe -- (AVP)
SRV - [2011-04-05 10:39:46 | 001,518,976 | ---- | M] () [Auto | Running] -- D:\Programy do czyszczenia\Ashampoo HDD Control 2\AHDDC2_Service.exe -- (AHDDC2)
SRV - [2011-03-31 15:08:14 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2011-01-14 06:53:50 | 001,412,488 | ---- | M] (Hagel Technologies Ltd.) [Auto | Running] -- D:\Różne Programy\DU Meter\DUMeterSvc.exe -- (DUMeterSvc)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-08-24 21:16:12 | 000,544,768 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- D:\Programy do czyszczenia\Ashampoo HDD Control 2\DfsdkS64.exe -- (DfSdkS)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007-05-31 09:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-05-31 09:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2011-12-10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2011-10-26 20:33:28 | 000,615,728 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:[b]64bit:[/b] - [2011-09-02 07:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:[b]64bit:[/b] - [2011-09-02 07:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:[b]64bit:[/b] - [2011-07-06 14:14:42 | 000,145,008 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:[b]64bit:[/b] - [2011-05-16 21:55:28 | 000,533,096 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2011-05-03 09:58:26 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2011-03-04 12:23:28 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:[b]64bit:[/b] - [2011-03-04 12:23:24 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:[b]64bit:[/b] - [2010-11-21 04:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-06-25 15:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:[b]64bit:[/b] - [2010-04-22 17:07:36 | 000,027,736 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:[b]64bit:[/b] - [2009-11-02 19:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:[b]64bit:[/b] - [2009-11-01 18:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2007-04-23 18:12:44 | 000,739,760 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BisonCam.sys -- (Cam5603D)
DRV - [2011-11-08 12:47:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- D:\Programy do czyszczenia\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2011-10-08 17:04:08 | 000,020,336 | ---- | M] () [File_System | On_Demand | Running] -- D:\Antywirus\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2011-09-20 14:27:44 | 000,021,872 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- D:\Antywirus\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2011-09-20 14:27:38 | 000,033,184 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- D:\Antywirus\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2011-01-14 06:53:54 | 000,019,088 | ---- | M] (Hagel Technologies Ltd.) [Kernel | On_Demand | Running] -- D:\Różne Programy\DU Meter\DUMetr64.sys -- (DUMeterDrv)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3028481013-2955328546-3815660072-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Przemek\Desktop
IE - HKU\S-1-5-21-3028481013-2955328546-3815660072-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-3028481013-2955328546-3815660072-1001\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKU\S-1-5-21-3028481013-2955328546-3815660072-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "/=45:A"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:7.3.5
FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:11.0.2.579
FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.6.1
FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:4.0.2
FF - prefs.js..extensions.enabledItems: {5C655500-E712-41e7-9349-CE462F844B19}:0.9
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.6
FF - prefs.js..extensions.enabledItems: pastetotab@loucypher:0.3.1
FF - prefs.js..extensions.enabledItems: pasteandgo2@holio.lin:1.0.5
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {F8A55C97-3DB6-4961-A81D-0DE0080E53CB}:0.9.5
FF - prefs.js..extensions.enabledItems: tabscope@xuldev.org:1.1.2
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.3.49167
FF - prefs.js..extensions.enabledItems: ArzoFox@sjcmankimo.ilovetw:0.1.7
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\RNEPRO~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: D:\Odtwarzacze i kodeki\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: D:\Odtwarzacze i kodeki\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Różne Programy\Adobe Reader 10\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Przemek\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Przemek\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: D:\Antywirus\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2011-11-09 11:57:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: D:\Antywirus\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2011-11-09 11:57:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: D:\Antywirus\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2011-11-09 11:57:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: D:\Przegladarki internetowe\Mozilla Firefox 8\components [2011-12-31 23:17:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Przemek\AppData\Roaming\IDM\idmmzcc5 [2011-12-31 11:04:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: D:\Przegladarki internetowe\Mozilla Firefox 8\components [2011-12-31 23:17:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: D:\Przegladarki internetowe\Mozilla Firefox 8\plugins [2011-11-01 14:59:01 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Przemek\AppData\Roaming\IDM\idmmzcc5 [2011-12-31 11:04:33 | 000,000,000 | ---D | M]
 
[2011-08-16 21:25:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\Extensions
[2011-08-16 21:25:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\4bgl98y5.default\extensions
[2011-12-30 20:02:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\a8lw2one.default\extensions
[2011-08-26 08:50:39 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\a8lw2one.default\extensions\foxmarks@kei.com
[2011-12-30 20:02:38 | 000,000,000 | ---D | M] (gTranslator) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\a8lw2one.default\extensions\jyboy.yy@gmail.com
[2011-08-17 08:33:48 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\a8lw2one.default\extensions\personas@christopher.beard
[2011-12-18 14:43:29 | 000,000,000 | ---D | M] (Cooliris) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\a8lw2one.default\extensions\piclens@cooliris.com
[2011-12-31 11:04:33 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\PRZEMEK\APPDATA\ROAMING\IDM\IDMMZCC5
() (No name found) -- C:\USERS\PRZEMEK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A8LW2ONE.DEFAULT\EXTENSIONS\{64161300-E22B-11DB-8314-0800200C9A66}.XPI
() (No name found) -- C:\USERS\PRZEMEK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A8LW2ONE.DEFAULT\EXTENSIONS\{84625510-7E5D-11E0-A411-0800200C9A66}.XPI
() (No name found) -- C:\USERS\PRZEMEK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A8LW2ONE.DEFAULT\EXTENSIONS\{CDD09450-7280-11DE-8A39-0800200C9A66}.XPI
() (No name found) -- C:\USERS\PRZEMEK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A8LW2ONE.DEFAULT\EXTENSIONS\{DAF44BF7-A45E-4450-979C-91CF07434C3D}.XPI
() (No name found) -- C:\USERS\PRZEMEK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A8LW2ONE.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
() (No name found) -- C:\USERS\PRZEMEK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A8LW2ONE.DEFAULT\EXTENSIONS\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.XPI
() (No name found) -- C:\USERS\PRZEMEK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A8LW2ONE.DEFAULT\EXTENSIONS\MENUICONSPLUS@CODEDAWN.COM.XPI
() (No name found) -- C:\USERS\PRZEMEK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A8LW2ONE.DEFAULT\EXTENSIONS\TABBUTTON@FIREFOX.XPI
() (No name found) -- C:\USERS\PRZEMEK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A8LW2ONE.DEFAULT\EXTENSIONS\TABPOPUP@ADARSH.TP.XPI
() (No name found) -- C:\USERS\PRZEMEK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A8LW2ONE.DEFAULT\EXTENSIONS\TABSCOPE@XULDEV.ORG.XPI
[2011-05-22 18:23:06 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: facemoods (Enabled)
CHR - default_search_provider: search_url = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
CHR - default_search_provider: suggest_url = 
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Przemek\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = D:\R\u00F3\u017Cne Programy\Adobe Reader 10\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Przemek\AppData\Local\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Przemek\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Przemek\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Google Translate = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.3.1_1\
CHR - Extension: Xmarks Bookmark Sync = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.16_0\
CHR - Extension: TooManyTabs for Chrome = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp\1.8.1_0\
CHR - Extension: Stitches = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\annpjgednbdhheijbefcpeaipapajkof\1.0_0\
CHR - Extension: Session Manager = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi\0.4_0\
CHR - Extension: Turn Off the Lights = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.0.0.30_0\
CHR - Extension: Turn Off the Lights = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.0.0.31_0\
CHR - Extension: WOT = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.2.6_1\
CHR - Extension: WOT = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.2.9_0\
CHR - Extension: WOT = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.2.9_1\
CHR - Extension: WOT = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.2.9_2\
CHR - Extension: SmoothScroll = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cccpiddacjljmfbbgeimpelpndgpoknn\1.0.5_0\
CHR - Extension: AdBlock+ = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmimgmjdabgiilljdjfbonifbhiglao\1.1.9.18_0\
CHR - Extension: Kaspersky URL Advisor = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.397_0\
CHR - Extension: Speed Dial = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi\2.1_0\
CHR - Extension: Picnik Extension for Chrome = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcifofgaphfkfdcjbdogpamghiihilkl\1.0.7_0\
CHR - Extension: Slideshow = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hijbjhjjipenfibfbleadidijdimlpmk\1.3.1_1\
CHR - Extension: Select To Get Maps = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hinehgnhgiohbfpbpgkjnelkcgdkcgha\1.1.1_0\
CHR - Extension: Forecastfox = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihffmkcfkejomlfnilnmkokcpgclhfeg\2.0.10_0\
CHR - Extension: Benchmark.pl CSS repair tool = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippdfpngcckconoochhgfoiicecngdap\1.2.1_0\
CHR - Extension: Virtual Keyboard = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_0\
CHR - Extension: Downloads = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfchnphgogjhineanplmfkofljiagjfb\1_0\
CHR - Extension: Clickable Links = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblbciejcodpealifnhfjbdlkedplodp\1.1.2_0\
CHR - Extension: Google Dictionary (by Google) = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.6_0\
CHR - Extension: FastestChrome - Browse Faster = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\5.7.9_0\
CHR - Extension: FastestChrome - Browse Faster = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\5.8.9_0\
CHR - Extension: FastestChrome - Browse Faster = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\5.8.9_1\
CHR - Extension: MonitorTab = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ognampngfcbddbfemdapefohjiobgbdl\0.23_0\
CHR - Extension: xSpeechKit = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkoajfaiokpnjcniepkgabjbgpjkegb\0.1_0\
CHR - Extension: Anti-Banner = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\
 
O1 HOSTS File: ([2011-12-07 22:39:50 | 000,000,892 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       secure.tune-up.com       #Blokada TuneUp Utilities
O2:[b]64bit:[/b] - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Różne Programy\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:[b]64bit:[/b] - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - D:\Antywirus\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Różne Programy\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - D:\Antywirus\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Różne Programy\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - D:\Antywirus\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - No CLSID value found.
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - D:\Antywirus\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [BCSSync] D:\Różne Programy\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] D:\Antywirus\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [IObit Malware Fighter] D:\Antywirus\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Antywirus\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3028481013-2955328546-3815660072-1001..\Run: [DU Meter] D:\Różne Programy\DU Meter\DUMeter.exe (Hagel Technologies Ltd.)
O4 - HKU\S-1-5-21-3028481013-2955328546-3815660072-1001..\Run: [IDMan] D:\Różne Programy\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-3028481013-2955328546-3815660072-1001..\Run: [RocketDock] D:\Różne Programy\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-3028481013-2955328546-3815660072-1001..\Run: [SpeedConnectStartUp]  File not found
O4 - HKU\S-1-5-21-3028481013-2955328546-3815660072-1001..\Run: [USB Safely Remove] D:\Różne Programy\USB Safely Remove\USBSafelyRemove.exe (Crystal Rich Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3028481013-2955328546-3815660072-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Google Search
O7 - HKU\S-1-5-21-3028481013-2955328546-3815660072-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://www.google.com/search?q=%w
O8:[b]64bit:[/b] - Extra context menu item: Add to Anti-Banner - D:\Antywirus\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Różne Programy\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:[b]64bit:[/b] - Extra context menu item: Ściągaj z Mipony - D:\Programy peer2mail\MiPony\Browser\IEContext.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Ściągnij przez IDM - D:\Różne Programy\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Add to Anti-Banner - D:\Antywirus\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Różne Programy\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Ściągaj z Mipony - D:\Programy peer2mail\MiPony\Browser\IEContext.htm ()
O8 - Extra context menu item: Ściągnij przez IDM - D:\Różne Programy\Internet Download Manager\IEExt.htm ()
O9:[b]64bit:[/b] - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - D:\Antywirus\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:[b]64bit:[/b] - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - D:\Antywirus\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - D:\Antywirus\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - D:\Antywirus\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - Reg Error: Value error. File not found
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1880FF15-C33F-404E-86E4-19C10EC539B6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3B80133-D74F-44EE-85A8-9C4EACD34377}: DhcpNameServer = 192.168.42.129
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:[b]64bit:[/b] - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O20:[b]64bit:[/b] - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:[b]64bit:[/b] - HKLM IFEO\htcupctloader.exe: Debugger - D:\Programy do czyszczenia\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\htcupctloader.exe: Debugger - D:\Programy do czyszczenia\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-01-02 15:43:10 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Przemek\Desktop\OTL.exe
[2012-01-02 14:27:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-01-02 14:27:31 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012-01-02 12:24:21 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\TrustPort
[2011-12-31 19:31:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedConnect Internet Accelerator
[2011-12-31 19:07:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2011-12-31 19:07:33 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\IObit
[2011-12-30 23:04:35 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011-12-30 23:04:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011-12-30 20:52:27 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
[2011-12-28 15:04:19 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HaoZip
[2011-12-25 23:29:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ContextMenuEditor
[2011-12-24 15:27:26 | 000,000,000 | R--D | C] -- C:\Users\Przemek\Documents\Notes
[2011-12-24 14:33:23 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Local\Babylon
[2011-12-24 14:32:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon
[2011-12-24 14:31:59 | 000,000,000 | ---D | C] -- C:\Program Files\Babylon
[2011-12-24 14:31:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\RBSoft
[2011-12-24 14:31:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Right Click Enhancer
[2011-12-24 14:28:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\RightClickFiles
[2011-12-24 13:59:05 | 000,000,000 | ---D | C] -- C:\ProgramData\ashampoo
[2011-12-24 13:58:56 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2011-12-24 13:36:19 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\xm1
[2011-12-24 13:36:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Texmaker
[2011-12-19 11:33:39 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Local\http___www.julien-manici
[2011-12-19 11:23:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Context Magic
[2011-12-19 09:54:51 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2011-12-18 11:31:31 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\Real
[2011-12-15 20:48:59 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011-12-15 20:48:59 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011-12-15 20:48:58 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011-12-15 20:48:58 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011-12-15 20:48:57 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011-12-15 20:48:57 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011-12-15 20:48:56 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011-12-15 20:48:56 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011-12-15 20:48:56 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011-12-15 20:48:56 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011-12-15 20:48:55 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011-12-15 20:47:47 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011-12-15 20:47:47 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011-12-15 20:47:47 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011-12-10 22:56:59 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Local\MigWiz
[2011-12-06 11:07:25 | 000,028,992 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2011-12-06 11:07:23 | 000,035,648 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2011-12-06 10:46:40 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2011-12-06 10:46:39 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2011-12-06 10:46:39 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2011-12-06 10:46:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012
[2011-12-06 10:46:32 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\TuneUp Software
[2011-12-06 10:45:28 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2011-12-06 10:44:42 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-01-02 15:48:41 | 004,456,448 | -HS- | M] () -- C:\Users\Przemek\ntuser.dat
[2012-01-02 15:43:34 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Przemek\Desktop\OTL.exe
[2012-01-02 15:38:17 | 000,024,392 | ---- | M] () -- C:\Users\Przemek\Desktop\błąd.jpg
[2012-01-02 15:35:34 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-01-02 15:35:34 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-01-02 15:31:02 | 000,000,220 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2012-01-02 15:30:59 | 000,000,218 | ---- | M] () -- C:\Windows\tasks\AutoKMSDaily.job
[2012-01-02 15:30:53 | 000,151,552 | ---- | M] () -- C:\Windows\KMSEmulator.exe
[2012-01-02 15:30:24 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012-01-02 15:30:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-01-02 13:52:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3028481013-2955328546-3815660072-1001UA.job
[2012-01-02 13:46:35 | 001,663,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-01-02 13:46:35 | 000,737,942 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-01-02 13:46:35 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-01-02 13:46:35 | 000,154,630 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-01-02 13:46:35 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-01-01 11:52:00 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3028481013-2955328546-3815660072-1001Core.job
[2011-12-30 19:09:07 | 000,000,076 | ---- | M] () -- C:\Users\Przemek\AppData\Local\CrystalDiskMark30.ini
[2011-12-30 17:53:56 | 001,638,614 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011-12-25 13:57:18 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011-12-19 09:56:17 | 000,018,960 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys
[2011-12-16 08:55:04 | 000,345,552 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011-12-10 22:57:46 | 000,000,000 | -H-- | M] () -- C:\Users\Przemek\Documents\Default.rdp
[2011-12-10 17:07:05 | 000,120,054 | -H-- | M] () -- C:\Users\Przemek\Desktop\folder.jpg
[2011-12-10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-01-02 15:37:30 | 000,024,392 | ---- | C] () -- C:\Users\Przemek\Desktop\błąd.jpg
[2011-12-25 13:57:18 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011-12-10 22:57:46 | 000,000,000 | -H-- | C] () -- C:\Users\Przemek\Documents\Default.rdp
[2011-12-10 17:07:05 | 000,120,054 | -H-- | C] () -- C:\Users\Przemek\Desktop\folder.jpg
[2011-12-06 10:46:36 | 000,001,166 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
[2011-11-26 20:54:38 | 000,151,552 | ---- | C] () -- C:\Windows\KMSEmulator.exe
[2011-11-22 21:44:02 | 004,369,408 | ---- | C] () -- C:\Windows\SysWow64\pdftk.exe
[2011-11-22 21:44:02 | 001,503,232 | ---- | C] () -- C:\Windows\SysWow64\ptj.exe
[2011-11-22 21:44:02 | 001,103,360 | ---- | C] () -- C:\Windows\SysWow64\cidfont.dll
[2011-11-22 21:44:02 | 000,235,008 | ---- | C] () -- C:\Windows\SysWow64\office.exe
[2011-11-17 22:56:55 | 000,000,076 | ---- | C] () -- C:\Users\Przemek\AppData\Local\CrystalDiskMark30.ini
[2011-10-26 20:55:36 | 000,017,408 | ---- | C] () -- C:\Users\Przemek\AppData\Local\WebpageIcons.db
[2011-10-10 21:25:01 | 000,000,133 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Images.fl
[2011-09-04 09:55:46 | 000,901,120 | ---- | C] () -- C:\Windows\SysWow64\ctocr32.dll
[2011-09-04 09:55:46 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\ctocrc32.dll
[2011-07-18 17:52:54 | 001,638,614 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011-05-28 11:17:41 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2011-05-07 16:53:34 | 000,034,308 | ---- | C] () -- C:\ProgramData\mazuki.dll
[2011-05-04 21:21:41 | 000,023,972 | ---- | C] () -- C:\Users\Przemek\AppData\Roaming\Notepad2.ini
[2011-05-04 12:26:14 | 000,015,190 | ---- | C] () -- C:\Windows\M2000Twn.ini
[2011-05-03 14:26:40 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011-05-03 14:26:39 | 000,631,808 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011-05-03 14:26:39 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011-05-03 14:26:39 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011-05-03 14:26:39 | 000,000,590 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2011-05-03 14:26:39 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011-05-03 11:29:59 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011-05-03 11:23:24 | 000,081,920 | -H-- | C] () -- C:\Windows\SysWow64\v3shrtkgn.dll
[2011-05-03 09:00:25 | 000,084,120 | ---- | C] () -- C:\Users\Przemek\AppData\Local\GDIPFONTCACHEV1.DAT
[2011-04-09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009-07-14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009-07-14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009-07-14 03:35:42 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini
[2009-07-14 03:34:57 | 000,000,427 | ---- | C] () -- C:\Windows\win.ini
[2009-07-14 03:34:57 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini
[2009-07-14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009-07-14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009-06-10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011-12-24 14:06:57 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\App Launcher Gadget
[2011-12-24 13:59:28 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Ashampoo
[2011-12-24 15:00:04 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Babylon
[2011-12-30 23:17:13 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\BESTplayer
[2011-10-11 09:19:55 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\BlackBean
[2011-10-28 19:34:32 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Canneverbe Limited
[2011-10-11 21:59:13 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\DAEMON Tools Lite
[2011-11-04 21:37:41 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\DeskSoft
[2012-01-02 14:39:01 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\DMCache
[2011-12-06 10:43:42 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\ekAzek Download
[2011-05-03 11:32:01 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Gadu-Gadu 10
[2011-08-17 07:32:55 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\GHISLER
[2011-11-17 22:38:44 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\HD Tune Pro
[2011-07-07 17:49:34 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\HTC
[2011-07-07 17:49:47 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012-01-01 00:42:17 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\IDM
[2011-12-31 19:07:33 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\IObit
[2011-05-03 12:50:29 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Leadertech
[2011-12-13 09:39:40 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Mipony
[2011-05-14 16:41:00 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Mirillis
[2011-05-03 22:14:38 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\mkvtoolnix
[2011-07-09 12:47:55 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Mobile Action
[2011-10-17 20:04:56 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\NapiProjekt
[2011-10-10 21:35:05 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\ObviousIdea
[2011-06-03 22:02:42 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Opera
[2011-09-04 09:50:50 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Softinterface, Inc
[2011-08-19 13:07:19 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Tlen.pl
[2012-01-02 12:24:21 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\TrustPort
[2011-12-06 11:07:21 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\TuneUp Software
[2011-05-03 11:21:02 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\URSoft
[2011-05-03 19:17:26 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\USBSafelyRemove
[2011-12-22 23:03:07 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\uTorrent
[2011-10-10 21:20:45 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\VSO
[2011-12-24 13:36:20 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\xm1
[2012-01-02 15:31:02 | 000,000,220 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2012-01-02 15:30:59 | 000,000,218 | ---- | M] () -- C:\Windows\Tasks\AutoKMSDaily.job
[2011-12-01 11:37:30 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2011-09-23 10:42:27 | 000,000,000 | ---D | M](C:\Users\Przemek\AppData\Local\?__) -- C:\Users\Przemek\AppData\Local\€__
[2011-09-23 10:42:27 | 000,000,000 | ---D | M](C:\Users\Przemek\AppData\Local\?__) -- C:\Users\Przemek\AppData\Local\€__
(C:\Users\Przemek\AppData\Local\?__) -- C:\Users\Przemek\AppData\Local\€__
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 155 bytes -> C:\ProgramData\TEMP:1CE11B51

< End of report >