OTL logfile created on: 2013-01-29 18:06:08 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Domownicy\Downloads Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,50 Gb Total Physical Memory | 2,40 Gb Available Physical Memory | 68,62% Memory free 6,99 Gb Paging File | 5,72 Gb Available in Paging File | 81,90% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 60,00 Gb Total Space | 34,96 Gb Free Space | 58,26% Space Free | Partition Type: NTFS Drive D: | 520,18 Gb Total Space | 254,08 Gb Free Space | 48,84% Space Free | Partition Type: NTFS Drive J: | 22,19 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: DOM | User Name: Domownicy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-01-29 18:05:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Domownicy\Downloads\OTL.exe PRC - [2013-01-18 14:02:39 | 000,997,320 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe PRC - [2013-01-14 14:26:19 | 000,711,112 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe PRC - [2012-12-19 16:33:45 | 000,253,952 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Program Files\blueconnect\DataCardMonitor.exe PRC - [2012-12-19 16:33:45 | 000,114,688 | ---- | M] () -- C:\Program Files\blueconnect\blueconnect.exe PRC - [2012-12-16 12:04:54 | 029,379,032 | ---- | M] (SlimWare Utilities, Inc.) -- C:\Program Files\SlimDrivers\SlimDrivers.exe PRC - [2012-09-13 14:26:52 | 001,006,448 | ---- | M] () -- C:\Windows\System32\dmwu.exe PRC - [2012-07-04 07:21:18 | 000,453,632 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2012-07-04 07:20:42 | 000,217,088 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2012-04-09 10:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012-04-06 03:16:24 | 000,069,448 | ---- | M] (ZTE) -- C:\Program Files\T-Mobile\InternetManager_Z\Bin\mcserver.exe PRC - [2012-04-06 03:16:22 | 000,221,512 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_Z\Bin\dbus-daemon.exe PRC - [2012-04-06 03:16:20 | 000,037,192 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_Z\Bin\db_daemon.exe PRC - [2010-04-01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe PRC - [2009-07-14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009-07-14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-07-14 02:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe PRC - [2009-07-14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2006-11-03 10:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac207\Monitor.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-01-18 14:02:39 | 000,997,320 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe MOD - [2013-01-14 14:26:19 | 000,566,728 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\13.2.0\avgdttbx.dll MOD - [2013-01-14 14:26:19 | 000,134,600 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\SiteSafety.dll MOD - [2012-12-19 16:33:45 | 000,114,688 | ---- | M] () -- C:\Program Files\blueconnect\blueconnect.exe MOD - [2012-11-28 04:43:17 | 000,460,904 | ---- | M] () -- C:\Users\Domownicy\AppData\Local\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll MOD - [2012-11-28 04:43:16 | 012,456,040 | ---- | M] () -- C:\Users\Domownicy\AppData\Local\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll MOD - [2012-11-28 04:43:15 | 004,008,040 | ---- | M] () -- C:\Users\Domownicy\AppData\Local\Google\Chrome\Application\23.0.1271.95\pdf.dll MOD - [2012-11-28 04:42:30 | 000,587,880 | ---- | M] () -- C:\Users\Domownicy\AppData\Local\Google\Chrome\Application\23.0.1271.95\libglesv2.dll MOD - [2012-11-28 04:42:29 | 000,124,520 | ---- | M] () -- C:\Users\Domownicy\AppData\Local\Google\Chrome\Application\23.0.1271.95\libegl.dll MOD - [2012-11-28 04:42:22 | 000,157,304 | ---- | M] () -- C:\Users\Domownicy\AppData\Local\Google\Chrome\Application\23.0.1271.95\avutil-51.dll MOD - [2012-11-28 04:42:21 | 002,168,952 | ---- | M] () -- C:\Users\Domownicy\AppData\Local\Google\Chrome\Application\23.0.1271.95\avcodec-54.dll MOD - [2012-11-28 04:42:21 | 000,275,576 | ---- | M] () -- C:\Users\Domownicy\AppData\Local\Google\Chrome\Application\23.0.1271.95\avformat-54.dll MOD - [2012-04-06 03:16:22 | 000,221,512 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_Z\Bin\dbus-daemon.exe MOD - [2012-04-06 03:16:20 | 000,037,192 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_Z\Bin\db_daemon.exe MOD - [2012-04-06 03:15:26 | 000,021,504 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_Z\Bin\libctlsvr.dll MOD - [2012-04-06 03:14:28 | 000,099,840 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_Z\Bin\itapi.dll MOD - [2012-04-06 03:14:24 | 000,043,520 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_Z\Bin\audio.dll MOD - [2012-04-06 03:14:20 | 000,058,880 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_Z\Bin\coder.dll MOD - [2012-04-06 03:14:18 | 000,036,352 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_Z\Bin\libConfig.dll MOD - [2012-04-06 03:14:18 | 000,027,648 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_Z\Bin\log.dll MOD - [2011-12-26 08:41:00 | 000,090,624 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_Z\Bin\CaptureCrash.dll MOD - [2011-05-06 04:03:32 | 000,594,944 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_Z\Bin\dbus-1.dll MOD - [2011-05-06 04:02:40 | 000,341,504 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_Z\Bin\sqlite3.dll MOD - [2010-10-14 10:37:52 | 000,971,776 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_Z\Bin\libxml2.dll MOD - [2010-10-14 10:37:52 | 000,080,688 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_Z\Bin\zlib1.dll MOD - [2010-03-15 10:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll MOD - [2009-07-14 18:20:30 | 000,860,160 | ---- | M] () -- C:\Program Files\blueconnect\NDISAPI.dll MOD - [2009-05-31 17:06:16 | 000,217,088 | ---- | M] () -- C:\Program Files\blueconnect\DeviceMgrUIPlugin.dll MOD - [2009-05-31 15:07:52 | 000,159,744 | ---- | M] () -- C:\Program Files\blueconnect\SMSPlugin.dll MOD - [2009-05-31 14:57:08 | 000,139,264 | ---- | M] () -- C:\Program Files\blueconnect\NetInfoPlugin.dll MOD - [2009-05-20 11:41:28 | 000,061,440 | ---- | M] () -- C:\Program Files\blueconnect\SpeedManagerPlugin.dll MOD - [2009-04-21 17:12:50 | 000,090,112 | ---- | M] () -- C:\Program Files\blueconnect\DialUpPlugin.dll MOD - [2009-04-21 17:11:50 | 000,065,536 | ---- | M] () -- C:\Program Files\blueconnect\ConfigFilePlugin.dll MOD - [2009-04-21 17:11:28 | 000,098,304 | ---- | M] () -- C:\Program Files\blueconnect\DeviceMgrPlugin.dll MOD - [2009-03-10 20:08:16 | 000,155,648 | R--- | M] () -- C:\Program Files\blueconnect\DetectDev.dll MOD - [2009-03-10 20:08:16 | 000,061,440 | R--- | M] () -- C:\Program Files\blueconnect\XCodec.dll MOD - [2009-03-10 20:08:16 | 000,061,440 | R--- | M] () -- C:\Program Files\blueconnect\DeviceOperate.dll MOD - [2009-03-10 20:08:14 | 000,561,152 | R--- | M] () -- C:\Program Files\blueconnect\atcomm.dll MOD - [2009-01-09 11:31:54 | 000,139,264 | ---- | M] () -- C:\Program Files\blueconnect\LocaleMgrPlugin.dll MOD - [2009-01-09 11:30:38 | 000,032,768 | ---- | M] () -- C:\Program Files\blueconnect\NotifyServicePlugin.dll MOD - [2008-11-08 10:52:10 | 000,090,112 | R--- | M] () -- C:\Program Files\blueconnect\FileManager.dll MOD - [2008-11-08 10:52:08 | 000,014,848 | R--- | M] () -- C:\Program Files\blueconnect\isaputrace.dll MOD - [2007-09-09 16:07:00 | 000,151,552 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_Z\Bin\libexpat.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2013-01-14 14:26:19 | 000,711,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0) SRV - [2012-09-13 14:26:52 | 001,006,448 | ---- | M] () [Auto | Running] -- C:\Windows\System32\dmwu.exe -- (WebOptimizer) SRV - [2012-07-04 07:20:42 | 000,217,088 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2012-04-09 10:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2001-08-24 19:00:00 | 000,036,352 | --S- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\svchost.exe -- (PowerManager) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nlndis.sys -- (NLNdisPT) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nlndis.sys -- (NLNdisMP) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\MTA San Andreas All\1.3\temp\FairplayKD.sys -- (FairplayKD) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aeuy0g9h) DRV - [2013-01-29 17:45:10 | 000,013,024 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SWDUMon.sys -- (SWDUMon) DRV - [2013-01-14 14:26:19 | 000,026,984 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp) DRV - [2012-07-04 07:58:12 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2012-07-04 07:58:12 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2012-07-04 06:10:30 | 000,290,304 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2012-04-30 12:17:10 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2011-08-10 11:56:46 | 000,067,968 | ---- | M] (ZTE) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zte_cdc_acm.sys -- (zte_cdc_acm) DRV - [2011-08-10 11:56:46 | 000,009,984 | ---- | M] (ZTE) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zte_cpo.sys -- (zte_cpo) DRV - [2009-12-15 03:46:26 | 000,024,192 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM) DRV - [2009-12-15 03:46:18 | 000,013,184 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BMLoad.sys -- (BMLoad) DRV - [2009-07-14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009-06-22 19:38:22 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009-06-22 19:26:04 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev) DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2007-05-14 09:26:10 | 000,508,288 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PFC027.SYS -- (PAC207) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=b16494ab-2914-11e2-9c3e-6cf04902dd09 IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{832D5C82-DC03-4E25-AD67-8248BDD93D7E}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10002&barid={5E05756B-22CA-11E2-B002-6CF04902DD09} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3238015126-268487927-3306664167-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={1C37D2D1-F151-48EE-A151-5BFDB26074FB}&mid=5a7827a3c96b47d09930bdb90fe634fa-ba7eb98fe831ad887d002720927756db27cf684a&lang=pl&ds=ik011&pr=&d=2013-01-14 14:26:30&v=13.2.0.4&sap=hp IE - HKU\S-1-5-21-3238015126-268487927-3306664167-1001\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKU\S-1-5-21-3238015126-268487927-3306664167-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3238015126-268487927-3306664167-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110824&tt=4812_2&babsrc=SP_ss&mntrId=13aaf385000000000000000000000000 IE - HKU\S-1-5-21-3238015126-268487927-3306664167-1001\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=STC-PO&o=1738&src=crm&q={searchTerms}&locale=&apn_ptnrs=^AAU&apn_dtid=^YYYYYY^YY^PL&apn_uid=D2703BE6-0A42-4536-B8BD-3ABFF013444F&apn_sauid=6103F1AC-8CAA-47DD-817A-376D1E282FC7 IE - HKU\S-1-5-21-3238015126-268487927-3306664167-1001\..\SearchScopes\{832D5C82-DC03-4E25-AD67-8248BDD93D7E}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&st=6&barid={5E05756B-22CA-11E2-B002-6CF04902DD09} IE - HKU\S-1-5-21-3238015126-268487927-3306664167-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={1C37D2D1-F151-48EE-A151-5BFDB26074FB}&mid=5a7827a3c96b47d09930bdb90fe634fa-ba7eb98fe831ad887d002720927756db27cf684a&lang=pl&ds=ik011&pr=&d=2013-01-14 14:26:30&v=13.2.0.4&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-3238015126-268487927-3306664167-1001\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb165/?search={searchTerms}&loc=IB_DS&a=6PQB8riAhj&i=26 IE - HKU\S-1-5-21-3238015126-268487927-3306664167-1001\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=b16494ab-2914-11e2-9c3e-6cf04902dd09&q={searchTerms} IE - HKU\S-1-5-21-3238015126-268487927-3306664167-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search" FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search" FF - prefs.js..browser.startup.homepage: "http://isearch.avg.com/?cid={1C37D2D1-F151-48EE-A151-5BFDB26074FB}&mid=5a7827a3c96b47d09930bdb90fe634fa-ba7eb98fe831ad887d002720927756db27cf684a&lang=pl&ds=ik011&pr=&d=2013-01-14 14:26:30&v=13.2.0.4&sap=hp" FF - prefs.js..extensions.enabledAddons: battlefieldplay4free@ea.com:1.0.80.2 FF - prefs.js..extensions.enabledAddons: {f3f995c2-5a42-74a0-464c-620214e2cf71}:4.6.8.5 FF - prefs.js..extensions.enabledAddons: plugin@yontoo.com:1.20.00 FF - prefs.js..keyword.URL: "http://isearch.avg.com/search?cid={1C37D2D1-F151-48EE-A151-5BFDB26074FB}&mid=5a7827a3c96b47d09930bdb90fe634fa-ba7eb98fe831ad887d002720927756db27cf684a&lang=pl&ds=ik011&pr=&d=2013-01-14 14:26:30&v=13.2.0.4&sap=ku&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Domownicy\AppData\Local\Google\Update\1.3.21.129\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Domownicy\AppData\Local\Google\Update\1.3.21.129\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Domownicy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_Z\Bin\addon [2010-04-01 13:29:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5 [2013-01-18 14:02:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-11-02 09:36:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-11-14 15:35:24 | 000,000,000 | ---D | M] [2012-11-02 09:36:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Domownicy\AppData\Roaming\mozilla\Extensions [2013-01-27 11:06:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Domownicy\AppData\Roaming\mozilla\Firefox\Profiles\z21omvsq.default\extensions [2012-11-02 09:38:49 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Domownicy\AppData\Roaming\mozilla\Firefox\Profiles\z21omvsq.default\extensions\battlefieldplay4free@ea.com [2013-01-16 22:18:37 | 000,216,743 | ---- | M] () (No name found) -- C:\Users\Domownicy\AppData\Roaming\mozilla\firefox\profiles\z21omvsq.default\extensions\freehdsport@freehdsport.tv.xpi [2012-11-07 20:54:10 | 000,000,792 | ---- | M] () -- C:\Users\Domownicy\AppData\Roaming\mozilla\firefox\profiles\z21omvsq.default\searchplugins\startsear.xml [2012-11-02 14:23:49 | 000,003,978 | ---- | M] () -- C:\Users\Domownicy\AppData\Roaming\mozilla\firefox\profiles\z21omvsq.default\searchplugins\sweetim.xml [2012-11-07 20:54:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-11-07 20:54:20 | 000,000,000 | ---D | M] (z) -- C:\Program Files\Mozilla Firefox\extensions\{f3f995c2-5a42-74a0-464c-620214e2cf71} File not found (No name found) -- C:\USERS\DOMOWNICY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z21OMVSQ.DEFAULT\EXTENSIONS\PLUGIN@YONTOO.COM [2012-02-16 16:14:21 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012-02-16 12:12:03 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2013-01-18 14:02:40 | 000,003,571 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml [2012-12-01 02:27:23 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2012-02-16 12:12:03 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-02-16 12:12:03 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-02-16 12:12:03 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-02-16 12:12:03 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-02-16 12:12:03 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://isearch.avg.com/?cid={1C37D2D1-F151-48EE-A151-5BFDB26074FB}&mid=5a7827a3c96b47d09930bdb90fe634fa-ba7eb98fe831ad887d002720927756db27cf684a&lang=pl&ds=ik011&pr=&d=2013-01-14 14:26:30&v=13.2.0.4&sap=hp CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: http://isearch.avg.com/?cid={1C37D2D1-F151-48EE-A151-5BFDB26074FB}&mid=5a7827a3c96b47d09930bdb90fe634fa-ba7eb98fe831ad887d002720927756db27cf684a&lang=pl&ds=ik011&pr=&d=2013-01-14 14:26:30&v=13.2.0.4&sap=hp CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Domownicy\AppData\Local\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Domownicy\AppData\Local\Google\Chrome\Application\23.0.1271.95\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Domownicy\AppData\Local\Google\Chrome\Application\23.0.1271.95\gcswf32.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - Extension: FreeHDSport.TV = C:\Users\Domownicy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnnidmnbdkmhfkjgdnngciimpdgohok\1.2_0\ CHR - Extension: YouTube = C:\Users\Domownicy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: Szukaj w Google = C:\Users\Domownicy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: Skype Click to Call = C:\Users\Domownicy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\ CHR - Extension: AVG Secure Search = C:\Users\Domownicy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\ CHR - Extension: AVG Secure Search = C:\Users\Domownicy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\.bak CHR - Extension: Battlefield Play4Free = C:\Users\Domownicy\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.80.5_0\ O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll () O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll () O3 - HKU\S-1-5-21-3238015126-268487927-3306664167-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [AMD AVT] C:\Windows\System32\cmd.exe (Microsoft Corporation) O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\blueconnect\DataCardMonitor.exe (Huawei Technologies Co., Ltd.) O4 - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation) O4 - HKLM..\Run: [ROC_roc_ssl_v12] C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe () O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe () O4 - HKU\S-1-5-21-3238015126-268487927-3306664167-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-3238015126-268487927-3306664167-1001..\Run: [HW_OPENEYE_OUC_blueconnect] C:\Program Files\blueconnect\UpdateDog\ouc.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 10.4.1) O16 - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0C5B874A-FBBA-43E6-ADFF-02CD3919192E}: NameServer = 213.158.199.1 213.158.199.5 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll () O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2009-04-30 18:48:12 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.) - J:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2009-05-03 18:59:04 | 000,000,045 | R--- | M] () - J:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{04485bf0-67c1-11e2-ac2d-6cf04902dd09}\Shell - "" = AutoRun O33 - MountPoints2\{04485bf0-67c1-11e2-ac2d-6cf04902dd09}\Shell\AutoRun\command - "" = G:\RunGame.exe O33 - MountPoints2\{04485bf1-67c1-11e2-ac2d-6cf04902dd09}\Shell - "" = AutoRun O33 - MountPoints2\{04485bf1-67c1-11e2-ac2d-6cf04902dd09}\Shell\AutoRun\command - "" = I:\RunGame.exe O33 - MountPoints2\{077b0a94-942e-11e1-8b87-6cf04902dd09}\Shell - "" = AutoRun O33 - MountPoints2\{077b0a94-942e-11e1-8b87-6cf04902dd09}\Shell\AutoRun\command - "" = I:\AutoRun.exe O33 - MountPoints2\{23e1e6fa-3333-11e2-b467-6cf04902dd09}\Shell - "" = AutoRun O33 - MountPoints2\{23e1e6fa-3333-11e2-b467-6cf04902dd09}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{2787c63f-67e1-11e2-8737-6cf04902dd09}\Shell - "" = AutoRun O33 - MountPoints2\{2787c63f-67e1-11e2-8737-6cf04902dd09}\Shell\AutoRun\command - "" = J:\AutoRun.exe -- [2009-04-30 18:48:12 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{3bc6f962-92b6-11e1-bae5-6cf04902dd09}\Shell - "" = AutoRun O33 - MountPoints2\{3bc6f962-92b6-11e1-bae5-6cf04902dd09}\Shell\AutoRun\command - "" = I:\AutoRun.exe O33 - MountPoints2\{3bc6f96e-92b6-11e1-bae5-6cf04902dd09}\Shell - "" = AutoRun O33 - MountPoints2\{3bc6f96e-92b6-11e1-bae5-6cf04902dd09}\Shell\AutoRun\command - "" = I:\AutoRun.exe O33 - MountPoints2\{4f0fd49d-3297-11e2-a051-6cf04902dd09}\Shell - "" = AutoRun O33 - MountPoints2\{4f0fd49d-3297-11e2-a051-6cf04902dd09}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{54d67c6d-ee15-11e1-a09c-6cf04902dd09}\Shell - "" = AutoRun O33 - MountPoints2\{54d67c6d-ee15-11e1-a09c-6cf04902dd09}\Shell\AutoRun\command - "" = F:\windows\Install\Install.exe O33 - MountPoints2\{59023fa6-11f3-11e2-83b4-6cf04902dd09}\Shell - "" = AutoRun O33 - MountPoints2\{59023fa6-11f3-11e2-83b4-6cf04902dd09}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{60c9f016-3243-11e2-8827-6cf04902dd09}\Shell - "" = AutoRun O33 - MountPoints2\{60c9f016-3243-11e2-8827-6cf04902dd09}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{6f40f21f-1115-11e2-81ea-6cf04902dd09}\Shell - "" = AutoRun O33 - MountPoints2\{6f40f21f-1115-11e2-81ea-6cf04902dd09}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{976e3a5b-c368-11e1-b1a4-6cf04902dd09}\Shell - "" = AutoRun O33 - MountPoints2\{976e3a5b-c368-11e1-b1a4-6cf04902dd09}\Shell\AutoRun\command - "" = I:\AutoRun.exe O33 - MountPoints2\{abb5477a-9860-11e1-92ab-6cf04902dd09}\Shell - "" = AutoRun O33 - MountPoints2\{abb5477a-9860-11e1-92ab-6cf04902dd09}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{b4249715-9df3-11e1-8be6-6cf04902dd09}\Shell - "" = AutoRun O33 - MountPoints2\{b4249715-9df3-11e1-8be6-6cf04902dd09}\Shell\AutoRun\command - "" = I:\AutoRun.exe O33 - MountPoints2\{cc0e71e4-9786-11e1-87c1-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{cc0e71e4-9786-11e1-87c1-806e6f6e6963}\Shell\AutoRun\command - "" = I:\AutoRun.exe O33 - MountPoints2\{cf8ccf5b-4a7c-11e2-9217-6cf04902dd09}\Shell - "" = AutoRun O33 - MountPoints2\{cf8ccf5b-4a7c-11e2-9217-6cf04902dd09}\Shell\AutoRun\command - "" = J:\AutoRun.exe -- [2009-04-30 18:48:12 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{d2b88fc4-1951-11e2-a9de-6cf04902dd09}\Shell - "" = AutoRun O33 - MountPoints2\{d2b88fc4-1951-11e2-a9de-6cf04902dd09}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{d321808f-67bd-11e2-9df5-6cf04902dd09}\Shell - "" = AutoRun O33 - MountPoints2\{d321808f-67bd-11e2-9df5-6cf04902dd09}\Shell\AutoRun\command - "" = F:\RunGame.exe O33 - MountPoints2\{e7b24ac5-49f0-11e2-a3fc-6cf04902dd09}\Shell - "" = AutoRun O33 - MountPoints2\{e7b24ac5-49f0-11e2-a3fc-6cf04902dd09}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{e7b24ad1-49f0-11e2-a3fc-6cf04902dd09}\Shell - "" = AutoRun O33 - MountPoints2\{e7b24ad1-49f0-11e2-a3fc-6cf04902dd09}\Shell\AutoRun\command - "" = J:\AutoRun.exe -- [2009-04-30 18:48:12 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\I\Shell - "" = AutoRun O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-01-28 23:26:29 | 000,000,000 | ---D | C] -- C:\Users\Domownicy\Desktop\Filmiki yt [2013-01-26 17:04:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers [2013-01-26 17:04:52 | 000,000,000 | ---D | C] -- C:\Program Files\SlimDrivers [2013-01-26 15:13:53 | 000,000,000 | ---D | C] -- C:\Users\Domownicy\Documents\NFS Most Wanted [2013-01-25 17:43:33 | 000,000,000 | ---D | C] -- C:\Users\Domownicy\Documents\FIFA 13 [2013-01-24 20:48:16 | 000,000,000 | ---D | C] -- C:\Users\Domownicy\Documents\Rockstar Games [2013-01-24 14:25:24 | 000,000,000 | ---D | C] -- C:\Users\Domownicy\AppData\Roaming\Unity [2013-01-24 14:24:24 | 000,000,000 | ---D | C] -- C:\Users\Domownicy\AppData\Local\Unity [2013-01-17 15:37:42 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll [2013-01-17 15:37:42 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll [2013-01-17 15:37:41 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll [2013-01-17 15:37:41 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll [2013-01-17 15:37:41 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll [2013-01-17 15:37:41 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll [2013-01-17 15:37:41 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll [2013-01-17 15:37:41 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll [2013-01-17 15:37:41 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll [2013-01-17 15:37:40 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll [2013-01-17 15:37:40 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll [2013-01-17 15:37:40 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll [2013-01-17 15:37:40 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll [2013-01-17 15:37:39 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll [2013-01-17 15:37:39 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll [2013-01-17 15:37:39 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll [2013-01-17 15:37:39 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll [2013-01-17 15:37:39 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll [2013-01-17 15:37:39 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll [2013-01-17 15:37:39 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll [2013-01-17 15:37:39 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll [2013-01-17 15:37:38 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll [2013-01-17 15:37:38 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll [2013-01-17 15:37:38 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll [2013-01-17 15:37:38 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll [2013-01-17 15:37:38 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll [2013-01-17 15:37:38 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll [2013-01-17 15:37:38 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll [2013-01-17 15:37:38 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll [2013-01-17 15:37:37 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll [2013-01-17 15:37:37 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll [2013-01-17 15:37:37 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll [2013-01-17 15:37:37 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll [2013-01-17 15:37:37 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll [2013-01-17 15:37:37 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll [2013-01-17 15:37:37 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll [2013-01-17 15:37:37 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll [2013-01-17 15:37:37 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll [2013-01-17 15:37:36 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll [2013-01-17 15:37:36 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll [2013-01-17 15:37:36 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll [2013-01-17 15:37:36 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll [2013-01-17 15:37:36 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll [2013-01-17 15:37:36 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll [2013-01-17 15:37:35 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll [2013-01-17 15:37:35 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll [2013-01-17 15:37:35 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll [2013-01-17 15:37:35 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll [2013-01-17 15:37:34 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll [2013-01-17 15:37:34 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll [2013-01-17 15:37:34 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll [2013-01-17 15:37:34 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll [2013-01-17 15:37:33 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll [2013-01-17 15:37:33 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll [2013-01-17 15:37:33 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll [2013-01-17 15:37:33 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll [2013-01-17 15:37:33 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll [2013-01-17 15:37:32 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll [2013-01-17 15:37:32 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll [2013-01-17 15:37:31 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll [2013-01-17 15:37:31 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll [2013-01-17 15:37:31 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll [2013-01-17 15:37:30 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll [2013-01-17 15:37:30 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll [2013-01-17 15:37:30 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll [2013-01-17 15:37:30 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll [2013-01-17 15:37:29 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll [2013-01-17 15:37:29 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll [2013-01-17 15:37:29 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll [2013-01-17 15:37:29 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll [2013-01-17 15:37:28 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll [2013-01-17 15:37:28 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll [2013-01-17 15:37:28 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll [2013-01-17 15:37:28 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll [2013-01-17 15:37:24 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll [2013-01-17 15:37:24 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll [2013-01-17 15:37:24 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll [2013-01-17 15:37:23 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll [2013-01-17 15:37:23 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll [2013-01-17 15:37:22 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll [2013-01-16 22:19:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer [2013-01-16 22:18:34 | 000,000,000 | ---D | C] -- C:\Users\Domownicy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ATDheNetTVApp.com [2013-01-16 22:18:34 | 000,000,000 | ---D | C] -- C:\Program Files\ATDheNetTVApp.com [2013-01-14 14:27:40 | 000,000,000 | ---D | C] -- C:\Users\Domownicy\AppData\Roaming\TS3Client [2013-01-14 14:27:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client [2013-01-14 14:27:32 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client [2013-01-14 14:26:40 | 000,000,000 | ---D | C] -- C:\Users\Domownicy\AppData\Local\AVG Secure Search [2013-01-14 14:26:35 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search [2013-01-14 14:26:29 | 000,026,984 | ---- | C] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys [2013-01-14 14:26:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search [2013-01-14 14:26:27 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search [2013-01-10 21:36:51 | 000,000,000 | ---D | C] -- C:\Program Files\AMD AVT [2013-01-10 21:36:51 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD [2013-01-10 21:36:49 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP [2013-01-10 21:36:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies [2013-01-10 21:36:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2013-01-10 21:33:32 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab [2013-01-10 21:33:29 | 000,000,000 | ---D | C] -- C:\Users\Domownicy\SystemRequirementsLab [2013-01-10 21:22:37 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfds.dll.bak [2013-01-10 21:22:17 | 000,000,000 | ---D | C] -- C:\Users\Domownicy\AppData\Roaming\Win7codecs [2013-01-10 21:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs [2013-01-10 21:22:16 | 000,000,000 | ---D | C] -- C:\Program Files\Win7codecs [2013-01-10 21:21:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Win7codecs [2013-01-09 18:44:59 | 000,000,000 | ---D | C] -- C:\Users\Domownicy\Desktop\Nutki TOP [2013-01-09 17:40:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2013-01-09 17:40:21 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2013-01-07 10:00:00 | 001,566,720 | ---- | C] (xy-VSFilter Team) -- C:\Windows\System32\VSFilter.dll [2013-01-03 16:04:14 | 000,000,000 | ---D | C] -- C:\ProgramData\FarmFrenzy3 [2013-01-03 16:03:18 | 000,000,000 | ---D | C] -- C:\ProgramData\FarmFrenzy3_Madagascar [2012-12-31 09:28:23 | 000,000,000 | ---D | C] -- C:\Users\Domownicy\Documents\My Games [2012-12-31 09:28:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Orbit [2012-12-31 09:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics [2012-12-31 09:27:33 | 000,000,000 | ---D | C] -- C:\Users\Domownicy\AppData\Roaming\Far Cry 3 [2012-12-31 09:26:52 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll [2012-12-31 09:26:52 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll [2012-12-31 09:26:51 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll [2012-12-31 09:26:51 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll [2012-12-31 09:26:51 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll [2012-12-31 09:26:51 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll [2012-12-31 09:26:49 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-01-29 18:01:49 | 000,209,522 | ---- | M] () -- C:\Users\Domownicy\Desktop\dumpy.zip [2013-01-29 17:52:08 | 000,014,624 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013-01-29 17:52:08 | 000,014,624 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013-01-29 17:45:15 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job [2013-01-29 17:45:10 | 000,013,024 | ---- | M] () -- C:\Windows\System32\drivers\SWDUMon.sys [2013-01-29 17:45:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-01-29 17:44:58 | 2815,025,152 | -HS- | M] () -- C:\hiberfil.sys [2013-01-29 15:44:40 | 322,935,966 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013-01-28 20:59:42 | 000,001,041 | ---- | M] () -- C:\Users\Domownicy\Desktop\fifa13 — skrót.lnk [2013-01-28 20:39:48 | 000,100,866 | ---- | M] () -- C:\Users\Domownicy\Desktop\buttonDataSetup.ini [2013-01-28 20:37:07 | 000,000,200 | ---- | M] () -- C:\Users\Domownicy\Desktop\fifasetup.ini [2013-01-28 19:46:59 | 005,227,387 | ---- | M] () -- C:\Users\Domownicy\Desktop\Career 20130128194659#Kariera Zawodnik gelo [2013-01-27 11:06:46 | 000,002,455 | ---- | M] () -- C:\Users\Public\Desktop\SlimDrivers.lnk [2013-01-26 15:13:45 | 000,000,855 | ---- | M] () -- C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk [2013-01-25 17:49:58 | 003,143,328 | ---- | M] () -- C:\Users\Domownicy\Desktop\Squads 20130125174957#Sklady 111 [2013-01-24 20:46:30 | 000,138,032 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2013-01-24 20:46:25 | 000,281,688 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr [2013-01-23 20:48:33 | 000,001,017 | ---- | M] () -- C:\Users\Domownicy\Desktop\ATDheNetTVApp.lnk [2013-01-18 14:41:24 | 000,007,597 | ---- | M] () -- C:\Users\Domownicy\AppData\Local\Resmon.ResmonCfg [2013-01-14 14:26:19 | 000,026,984 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys [2013-01-13 10:35:40 | 000,281,688 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0 [2013-01-10 22:25:05 | 000,411,232 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013-01-09 17:40:23 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013-01-07 10:00:00 | 001,566,720 | ---- | M] (xy-VSFilter Team) -- C:\Windows\System32\VSFilter.dll [2013-01-03 16:02:37 | 000,001,113 | ---- | M] () -- C:\Users\Domownicy\Desktop\Odlotowa farma 3.lnk [2013-01-03 16:01:36 | 000,001,245 | ---- | M] () -- C:\Users\Domownicy\Desktop\Odlotowa farma 3 Madagaskar.lnk [2012-12-31 09:27:33 | 000,000,762 | ---- | M] () -- C:\Users\Domownicy\Desktop\Far Cry 3.lnk [2012-12-31 09:27:17 | 000,138,904 | ---- | M] () -- C:\Users\Domownicy\AppData\Roaming\PnkBstrK.sys [2012-12-31 08:13:58 | 003,190,168 | ---- | M] () -- C:\Windows\System32\pb.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-01-29 18:01:49 | 000,209,522 | ---- | C] () -- C:\Users\Domownicy\Desktop\dumpy.zip [2013-01-28 20:59:42 | 000,001,041 | ---- | C] () -- C:\Users\Domownicy\Desktop\fifa13 — skrót.lnk [2013-01-28 20:49:20 | 003,143,328 | ---- | C] () -- C:\Users\Domownicy\Desktop\Squads 20130125174957#Sklady 111 [2013-01-28 20:48:58 | 000,100,866 | ---- | C] () -- C:\Users\Domownicy\Desktop\buttonDataSetup.ini [2013-01-28 20:48:58 | 000,000,200 | ---- | C] () -- C:\Users\Domownicy\Desktop\fifasetup.ini [2013-01-28 20:48:49 | 005,227,387 | ---- | C] () -- C:\Users\Domownicy\Desktop\Career 20130128194659#Kariera Zawodnik gelo [2013-01-27 11:12:26 | 322,935,966 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013-01-26 17:04:59 | 000,000,394 | ---- | C] () -- C:\Windows\tasks\SlimDrivers Startup.job [2013-01-26 17:04:52 | 000,002,455 | ---- | C] () -- C:\Users\Public\Desktop\SlimDrivers.lnk [2013-01-26 15:14:05 | 040,144,776 | ---- | C] () -- C:\Users\Domownicy\Desktop\_Music Instructor - Superfly(--CLIP--).mpg [2013-01-26 15:13:45 | 000,000,855 | ---- | C] () -- C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk [2013-01-18 14:41:24 | 000,007,597 | ---- | C] () -- C:\Users\Domownicy\AppData\Local\Resmon.ResmonCfg [2013-01-16 22:18:34 | 000,001,017 | ---- | C] () -- C:\Users\Domownicy\Desktop\ATDheNetTVApp.lnk [2013-01-09 17:40:23 | 000,000,925 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013-01-03 16:02:37 | 000,001,113 | ---- | C] () -- C:\Users\Domownicy\Desktop\Odlotowa farma 3.lnk [2013-01-03 16:01:36 | 000,001,245 | ---- | C] () -- C:\Users\Domownicy\Desktop\Odlotowa farma 3 Madagaskar.lnk [2012-12-31 09:27:33 | 000,000,762 | ---- | C] () -- C:\Users\Domownicy\Desktop\Far Cry 3.lnk [2012-12-31 09:27:17 | 000,138,032 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2012-12-31 09:27:01 | 000,281,688 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2012-12-31 09:27:00 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2012-12-31 09:26:59 | 003,190,168 | ---- | C] () -- C:\Windows\System32\pb.exe [2012-12-01 02:27:23 | 000,086,016 | ---- | C] () -- C:\Windows\System32\custmon32i.dll [2012-11-27 05:58:24 | 004,316,160 | ---- | C] () -- C:\Windows\System32\x264vfw.dll [2012-11-02 14:07:52 | 000,138,904 | ---- | C] () -- C:\Users\Domownicy\AppData\Roaming\PnkBstrK.sys [2012-10-18 12:12:29 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll [2012-10-18 12:12:29 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll [2012-10-17 14:53:16 | 000,013,024 | ---- | C] () -- C:\Windows\System32\drivers\SWDUMon.sys [2012-09-20 16:23:31 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat [2012-09-20 16:23:31 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat [2012-09-20 16:23:31 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat [2012-09-20 16:23:31 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat [2012-09-20 16:23:31 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat [2012-09-20 16:23:31 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat [2012-09-20 16:23:31 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat [2012-09-20 16:23:31 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat [2012-09-20 16:23:31 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat [2012-09-20 16:23:31 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat [2012-09-20 16:23:31 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat [2012-09-20 16:23:31 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat [2012-09-20 16:23:31 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat [2012-09-20 16:23:31 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat [2012-09-20 16:23:31 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat [2012-09-20 16:23:31 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat [2012-09-20 16:23:31 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat [2012-09-20 16:23:31 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat [2012-09-20 16:23:31 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini [2012-09-20 16:13:32 | 000,000,026 | ---- | C] () -- C:\Windows\CDEDX7400EXPORT.ini [2012-09-17 13:50:37 | 000,000,097 | ---- | C] () -- C:\Users\Domownicy\AppData\Local\fusioncache.dat [2012-09-14 16:38:33 | 001,006,448 | ---- | C] () -- C:\Windows\System32\dmwu.exe [2012-09-14 16:38:33 | 000,028,160 | ---- | C] () -- C:\Windows\System32\ImHttpComm.dll [2012-07-04 06:27:30 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat [2012-07-04 06:27:30 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat [2012-07-04 02:32:18 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe [2012-07-03 02:28:06 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2012-06-14 20:46:41 | 000,005,632 | ---- | C] () -- C:\Users\Domownicy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-06-10 01:21:56 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll [2012-05-22 00:28:58 | 000,155,648 | ---- | C] () -- C:\Windows\System32\mlc.dll [2012-05-07 17:23:37 | 000,140,744 | ---- | C] () -- C:\Windows\System32\javaw.exe [2012-05-02 12:47:51 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll [2012-04-18 19:39:06 | 000,028,672 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll [2012-03-12 18:27:32 | 000,072,192 | R--- | C] () -- C:\Windows\System32\changeAcl.exe [2012-03-06 18:59:32 | 000,618,823 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2011-12-08 05:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll [2011-09-12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2009-07-14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2012-12-27 02:38:55 | 000,000,000 | ---D | M] -- C:\Users\Domownicy\AppData\Roaming\.minecraft [2012-06-21 11:00:06 | 000,000,000 | ---D | M] -- C:\Users\Domownicy\AppData\Roaming\Babylon [2012-04-30 20:05:42 | 000,000,000 | ---D | M] -- C:\Users\Domownicy\AppData\Roaming\blueconnect [2013-01-27 11:32:26 | 000,000,000 | ---D | M] -- C:\Users\Domownicy\AppData\Roaming\DAEMON Tools Lite [2012-09-20 16:22:12 | 000,000,000 | ---D | M] -- C:\Users\Domownicy\AppData\Roaming\EPSON [2012-12-31 09:27:33 | 000,000,000 | ---D | M] -- C:\Users\Domownicy\AppData\Roaming\Far Cry 3 [2012-10-11 14:49:55 | 000,000,000 | ---D | M] -- C:\Users\Domownicy\AppData\Roaming\FMZilla [2012-08-14 18:31:09 | 000,000,000 | ---D | M] -- C:\Users\Domownicy\AppData\Roaming\Gadu-Gadu 10 [2012-04-30 11:25:14 | 000,000,000 | ---D | M] -- C:\Users\Domownicy\AppData\Roaming\GHISLER [2012-08-24 19:00:30 | 000,000,000 | ---D | M] -- C:\Users\Domownicy\AppData\Roaming\InternetManager_Z [2012-05-10 19:07:36 | 000,000,000 | ---D | M] -- C:\Users\Domownicy\AppData\Roaming\Leadertech [2012-10-25 10:04:46 | 000,000,000 | ---D | M] -- C:\Users\Domownicy\AppData\Roaming\Opera [2012-07-26 20:33:33 | 000,000,000 | ---D | M] -- C:\Users\Domownicy\AppData\Roaming\Orbit [2012-12-01 02:27:39 | 000,000,000 | ---D | M] -- C:\Users\Domownicy\AppData\Roaming\PDFCreatorPackages [2013-01-15 19:23:38 | 000,000,000 | ---D | M] -- C:\Users\Domownicy\AppData\Roaming\TS3Client [2013-01-24 14:25:24 | 000,000,000 | ---D | M] -- C:\Users\Domownicy\AppData\Roaming\Unity [2013-01-23 10:35:52 | 000,000,000 | ---D | M] -- C:\Users\Domownicy\AppData\Roaming\uTorrent [2013-01-10 21:22:26 | 000,000,000 | ---D | M] -- C:\Users\Domownicy\AppData\Roaming\Win7codecs [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 209 bytes -> C:\ProgramData\TEMP:CB0AACC9 < End of report >