OTL logfile created on: 2012-08-24 14:17:50 - Run 1
OTL by OldTimer - Version 3.2.58.1     Folder = C:\Users\ppp\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1,99 Gb Total Physical Memory | 0,82 Gb Available Physical Memory | 41,02% Memory free
3,98 Gb Paging File | 2,02 Gb Available in Paging File | 50,68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 683,50 Gb Total Space | 363,97 Gb Free Space | 53,25% Space Free | Partition Type: NTFS
Drive D: | 713,67 Gb Total Space | 128,44 Gb Free Space | 18,00% Space Free | Partition Type: NTFS
Drive F: | 97,65 Gb Total Space | 57,84 Gb Free Space | 59,23% Space Free | Partition Type: NTFS
Drive G: | 127,97 Gb Total Space | 10,91 Gb Free Space | 8,52% Space Free | Partition Type: FAT32
Drive H: | 135,22 Gb Total Space | 39,11 Gb Free Space | 28,92% Space Free | Partition Type: NTFS
Drive K: | 7,40 Gb Total Space | 7,40 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
 
Computer Name: PPP-KOMPUTER | User Name: ppp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-08-24 13:52:26 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\ppp\Downloads\OTL.exe
PRC - [2012-08-16 07:03:16 | 001,536,712 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe
PRC - [2012-07-27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-07-19 13:39:42 | 000,400,352 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2012-07-18 18:28:17 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-07-18 10:15:17 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012-04-22 10:05:38 | 000,474,168 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
PRC - [2012-04-22 09:58:48 | 000,724,536 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
PRC - [2012-04-13 11:00:00 | 000,107,976 | ---- | M] (Sage sp. z o.o.) -- C:\Program Files\Sage\Komunikator\Komunikator.exe
PRC - [2012-04-06 05:09:45 | 000,624,856 | ---- | M] (Pandora.TV) -- C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
PRC - [2012-03-26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012-03-26 11:24:58 | 001,516,600 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2012-01-04 13:32:36 | 000,718,888 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012-01-04 13:32:18 | 000,173,096 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2012-01-04 13:32:10 | 000,126,504 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-12-16 14:18:08 | 008,491,008 | ---- | M] (Sage sp. z o.o.) -- C:\Start\Amfl.exe
PRC - [2010-11-20 23:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010-01-15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2008-06-24 17:06:06 | 001,840,424 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007-03-06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
PRC - [1999-06-28 12:47:28 | 000,320,512 | ---- | M] () -- C:\Start\W32MKDE.EXE
PRC - [1998-09-03 03:23:00 | 003,886,592 | ---- | M] (Lotus Development Corporation) -- c:\lotus\organize\org5.exe
PRC - [1998-09-03 03:23:00 | 000,087,040 | ---- | M] (Lotus Development Corporation) -- C:\lotus\organize\easyclip.exe
PRC - [1998-09-03 03:23:00 | 000,067,584 | ---- | M] (IntelliQuest Communications, Inc.) -- C:\lotus\orgreg\remind32.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-08-16 07:03:14 | 009,465,032 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_271.dll
MOD - [2012-07-19 13:39:44 | 001,936,352 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\mozjs.dll
MOD - [2012-07-19 13:39:43 | 000,162,784 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2012-07-19 13:39:43 | 000,021,984 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2012-07-18 18:27:59 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-06-14 07:24:31 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012-06-14 07:24:14 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012-05-12 07:57:02 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\626d0ac2f4ada682d7ca6c4ebf821469\CustomMarshalers.ni.dll
MOD - [2012-05-12 07:51:26 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012-05-12 07:50:30 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\2ec98ab0193d64e95b7d09d094deed97\Accessibility.ni.dll
MOD - [2012-05-12 07:50:04 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012-05-12 07:49:54 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012-05-12 07:49:52 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012-05-12 07:49:39 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012-03-26 11:25:32 | 000,345,656 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtXml4.dll
MOD - [2012-03-26 11:25:32 | 000,282,168 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtSvg4.dll
MOD - [2012-03-26 11:25:26 | 008,197,176 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtGUI4.dll
MOD - [2012-03-26 11:25:26 | 002,302,008 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtCore4.dll
MOD - [2012-03-26 11:25:24 | 000,027,704 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
MOD - [2012-03-26 11:25:22 | 000,202,296 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
MOD - [2011-09-27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011-09-27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010-11-21 04:32:12 | 000,167,936 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_pl_b77a5c561934e089\System.Xml.resources.dll
MOD - [2010-11-20 23:29:07 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2010-11-13 03:57:46 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009-02-25 11:44:06 | 007,331,840 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2009-02-25 11:44:06 | 002,023,424 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll
MOD - [2009-02-25 11:43:54 | 000,135,168 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [1999-06-28 12:47:28 | 000,320,512 | ---- | M] () -- C:\Start\W32MKDE.EXE
MOD - [1999-06-28 12:47:28 | 000,110,080 | ---- | M] () -- C:\Start\W32MKRC.DLL
MOD - [1998-08-28 03:23:00 | 000,220,160 | ---- | M] () -- C:\lotus\organize\ormutil.dll
MOD - [1998-08-28 03:23:00 | 000,153,088 | ---- | M] () -- C:\lotus\organize\ormmime.dll
MOD - [1998-08-28 03:23:00 | 000,138,752 | ---- | M] () -- C:\lotus\organize\ormprot.dll
MOD - [1998-03-24 03:23:00 | 000,215,552 | ---- | M] () -- c:\lotus\compnent\lticnc80.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2012-08-16 07:03:16 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-07-27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-07-18 18:28:16 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-04-22 10:05:38 | 000,474,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2012-04-06 05:09:45 | 000,624,856 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2012-03-26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012-03-10 12:54:35 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012-01-04 13:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-01-15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-03-06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2012-03-20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011-11-01 10:07:26 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011-11-01 10:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011-11-01 10:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011-11-01 10:07:24 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-11-20 23:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 23:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010-01-12 06:19:20 | 000,081,920 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NmPar.sys -- (NmPar)
DRV - [2010-01-07 12:30:48 | 000,070,656 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NmSerial.sys -- (nmserial)
DRV - [2009-07-14 01:19:25 | 000,114,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mf.sys -- (mf)
DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2005-01-13 16:20:36 | 000,012,500 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBTEnum.sys -- (BTHidEnum)
DRV - [2004-11-05 12:39:08 | 000,082,148 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2004-10-19 14:40:56 | 000,028,207 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2004-10-19 14:37:38 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VComm.sys -- (VComm)
DRV - [2004-10-19 12:39:26 | 000,020,096 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2004-09-21 19:15:34 | 000,010,804 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BtNetDrv.sys -- (BT)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/idg/idg_1334781087_135596
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = pl.v9.com/idg/idg_1334781087_135596
IE - HKLM\..\URLSearchHook: {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - C:\Program Files\Ashampoo_PO\prxtbAsha.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/idg/idg_1334781087_135596
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2481033
IE - HKCU\..\URLSearchHook: {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - C:\Program Files\Ashampoo_PO\prxtbAsha.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{E2E3BEC8-DB26-4745-9DBD-4D1905119A4B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481033
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultthis.engineName: "WinZipBar Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3106777&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "www.onet.pl"
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3106777&SearchSource=2&q="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.5.109: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.5.109: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.5.109: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-07-27 17:11:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-07-18 18:28:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-06-21 19:54:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-07-18 18:28:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2012-03-11 19:44:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ppp\AppData\Roaming\mozilla\Extensions
[2012-08-23 07:15:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ppp\AppData\Roaming\mozilla\Firefox\Profiles\ijaxhflc.default\extensions
[2012-08-22 07:32:26 | 000,000,000 | ---D | M] (WinZipBar Community Toolbar) -- C:\Users\ppp\AppData\Roaming\mozilla\Firefox\Profiles\ijaxhflc.default\extensions\{50fafaf0-70a9-419d-a109-fa4b4ffd4e37}
[2012-07-18 10:42:41 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\ppp\AppData\Roaming\mozilla\Firefox\Profiles\ijaxhflc.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012-08-23 07:15:24 | 000,000,000 | ---D | M] (Ashampoo PO) -- C:\Users\ppp\AppData\Roaming\mozilla\Firefox\Profiles\ijaxhflc.default\extensions\{d43723ae-1ae1-4a25-a6a4-bf0929273cab}
[2012-03-14 22:15:10 | 000,000,921 | ---- | M] () -- C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\ijaxhflc.default\searchplugins\conduit.xml
[2012-03-23 15:52:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-07-18 18:28:17 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-03-13 07:36:36 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-03-13 07:36:36 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-03-13 07:36:36 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-03-13 07:36:36 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-04-18 22:31:27 | 000,002,415 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml
[2012-03-13 07:36:36 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-03-13 07:36:36 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - homepage: http://www.google.com
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Gmail = C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Ashampoo PO Toolbar) - {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - C:\Program Files\Ashampoo_PO\prxtbAsha.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ashampoo PO Toolbar) - {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - C:\Program Files\Ashampoo_PO\prxtbAsha.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ashampoo PO Toolbar) - {D43723AE-1AE1-4A25-A6A4-BF0929273CAB} - C:\Program Files\Ashampoo_PO\prxtbAsha.dll (Conduit Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [Sage Komunikator] C:\Program Files\Sage\Komunikator\SageUpdt.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {108D3206-846A-4A93-BACB-F0572D043ED7} http://192.168.1.111:5678/webrec.cab (SurveillanceCtrl Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 194.204.152.34
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A2AA0CE-C0C6-4495-8226-2E557A69E5EC}: DhcpNameServer = 194.204.159.1 194.204.152.34
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008-03-12 21:51:30 | 000,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007-08-22 13:27:00 | 000,000,194 | -HS- | M] () - G:\AUTOEXEC.DOS -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-08-24 09:48:15 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{BBE400E8-123B-4BED-88D7-8E885E0431A3}
[2012-08-23 21:05:48 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{BF5219B5-31BD-41A5-A5DB-93F01F2423A6}
[2012-08-23 15:24:26 | 000,000,000 | ---D | C] -- C:\Users\ppp\Desktop\nowsze spa
[2012-08-23 09:05:36 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{65523A0E-30AA-4955-B9B9-BF7A7130980D}
[2012-08-22 13:18:44 | 000,000,000 | ---D | C] -- C:\Users\ppp\Desktop\szerszenie
[2012-08-22 12:35:20 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{5108971E-0F47-463D-987D-D52049C424DF}
[2012-08-22 11:49:35 | 000,000,000 | ---D | C] -- C:\Users\ppp\Desktop\Jackie Chan
[2012-08-21 22:14:24 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{3B80ADC3-01D4-45C0-8D2D-F0BF9B7FCD30}
[2012-08-21 12:04:00 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{E275C8F6-C23F-44CA-AEDA-2DFE0AE6F7F6}
[2012-08-20 11:42:26 | 000,000,000 | ---D | C] -- C:\Users\ppp\Documents\Sage
[2012-08-20 11:37:26 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{C392FD28-D109-4600-A4D1-53B8C7ADAC58}
[2012-08-20 11:24:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symfonia
[2012-08-20 11:24:36 | 000,005,632 | ---- | C] (Tracker Software) -- C:\Windows\System32\pxc25pm.dll
[2012-08-20 11:24:35 | 000,258,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unicows.dll
[2012-08-20 11:24:29 | 000,000,000 | ---D | C] -- C:\Program Files\Symfonia
[2012-08-20 11:22:50 | 000,000,000 | ---D | C] -- C:\Symfonia
[2012-08-20 10:15:59 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{EF278A53-A958-4C6B-A0E4-EB07D010EED7}
[2012-08-19 19:33:04 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{5B4879FD-1197-40B8-BB2E-D84B266DFF06}
[2012-08-17 10:10:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
[2012-08-17 09:58:49 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{78DEA459-F729-4353-AC0F-A0854F9DA886}
[2012-08-17 09:58:37 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{D574ED95-05E5-407C-9ABB-F9A21EEFE820}
[2012-08-16 10:23:50 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{23705773-5024-4457-9385-1A6CE53F0E6D}
[2012-08-16 10:23:38 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{2CF7C011-A092-494D-916A-E8D08F3A2122}
[2012-08-15 19:50:59 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012-08-15 19:50:57 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012-08-15 19:50:56 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012-08-15 19:50:56 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012-08-15 19:50:55 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012-08-15 19:50:54 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012-08-15 19:50:52 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012-08-15 19:37:59 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{E414F165-0301-47F1-8ED8-A6863465FC5D}
[2012-08-15 19:37:46 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{C82655FF-F3DC-4089-B717-CB1E8C523EEA}
[2012-08-15 19:37:27 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012-08-15 19:37:26 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012-08-15 19:37:16 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2012-08-14 21:27:16 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{BAF0B99F-DBB7-4C20-BA0A-62D74982C5A9}
[2012-08-14 21:27:03 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{10765F2C-F5E0-4E4E-B8C8-2AEBDE93E26A}
[2012-08-13 07:48:22 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{CA5FE44F-88A3-48F2-97CA-A3206057B9C5}
[2012-08-13 07:48:10 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{E69C6DA5-A761-4CB4-8EC6-3872AA3AF842}
[2012-08-11 15:02:50 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{B1F70098-E119-4044-958C-E9D8F7C0CF1A}
[2012-08-11 15:02:37 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{2C752686-B202-4A6B-BA12-A4F539FE3E2B}
[2012-08-10 12:34:20 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{0F004F59-B721-40AC-9192-5C6F149BBA8C}
[2012-08-10 12:34:06 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{61C73B52-EE13-4BD3-A468-C1B986577403}
[2012-08-09 08:23:58 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{4C32535D-38C3-4784-A79E-F7F72B4A73A8}
[2012-08-09 08:23:45 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{424955FA-2E17-472E-91A0-6790F46E40E1}
[2012-08-08 15:22:55 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{86393B67-8718-43B1-872F-DD6B3676D323}
[2012-08-08 15:22:41 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{8EF2916D-FCC9-4EF3-A390-FB6B77B9BFF7}
[2012-08-08 15:21:14 | 000,000,000 | ---D | C] -- C:\Users\ppp\Desktop\Faktura wewnętrzna i podmiana faktur
[2012-08-07 09:45:49 | 000,000,000 | ---D | C] -- C:\Users\ppp\Documents\Druki GOFIN
[2012-08-07 09:45:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOFIN
[2012-08-07 09:45:19 | 000,000,000 | ---D | C] -- C:\Program Files\GOFIN
[2012-08-06 20:58:10 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{3AE07FC8-3CCC-4758-AD4F-4D56E53AB32E}
[2012-08-06 20:57:24 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{64E8C47C-E1EC-4D13-BAAB-E9747CD5EEE0}
[2012-08-05 16:08:15 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{8A45F78D-7AE8-4083-8DFE-903C75668CDE}
[2012-08-05 16:08:00 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{511BC716-B8BC-4667-B5C0-50DB9E5D1F11}
[2012-07-28 10:39:00 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{327439B1-F27D-4095-8E75-4A5BE362AD35}
[2012-07-28 10:38:47 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{E7AAAC26-585E-4C08-AD91-142FDDF12530}
[2012-07-27 22:38:17 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{8CF4C98D-58DD-49E2-AD82-BFF691583F4F}
[2012-07-27 22:38:05 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{E3C47653-7BC3-401B-BC44-357514994144}
[2012-07-26 19:09:13 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{4C31145A-3CBA-4D78-8809-E420F961997B}
[2012-07-26 19:09:00 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{25884A55-FB5C-4534-91A4-EA3C371E4B1C}
[2012-07-26 07:04:21 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{A9092150-B616-42E9-9AED-9E51AD61386F}
[2012-07-26 07:04:08 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\{B85B0B31-8DE2-4BC4-9DBC-888A365EB272}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-08-24 14:08:09 | 000,000,585 | ---- | M] () -- C:\Users\ppp\Desktop\OTL.lnk
[2012-08-24 13:53:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-08-24 13:24:00 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-08-24 10:58:29 | 000,001,499 | ---- | M] () -- C:\Windows\AmFL.ini
[2012-08-24 10:06:01 | 000,485,310 | ---- | M] () -- C:\Users\ppp\Desktop\2043-2008Aprilbrokenlcdwallpaper.jpg
[2012-08-24 10:05:53 | 000,198,669 | ---- | M] () -- C:\Users\ppp\Desktop\Broken-Screen.jpg
[2012-08-24 10:05:30 | 000,408,959 | ---- | M] () -- C:\Users\ppp\Desktop\broken-lcd.jpg
[2012-08-24 06:45:50 | 000,022,064 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-08-24 06:45:50 | 000,022,064 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-08-24 06:38:22 | 000,001,026 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-08-24 06:37:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-08-24 06:37:48 | 1602,211,840 | -HS- | M] () -- C:\hiberfil.sys
[2012-08-23 21:26:52 | 000,001,064 | ---- | M] () -- C:\Users\ppp\AppData\Roaming\default.pls
[2012-08-22 14:12:41 | 000,699,774 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-08-22 14:12:41 | 000,617,910 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-08-22 14:12:41 | 000,135,784 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-08-22 14:12:41 | 000,107,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-08-20 11:39:47 | 000,000,575 | ---- | M] () -- C:\Users\Public\Desktop\Symfonia Mała Księgowość.lnk
[2012-08-20 11:39:46 | 000,000,179 | ---- | M] () -- C:\Windows\MKP.ini
[2012-08-20 11:38:57 | 000,002,055 | R--- | M] () -- C:\Windows\BTI.INI
[2012-08-20 11:21:52 | 100,998,200 | ---- | M] () -- C:\Users\ppp\Desktop\demomp.exe
[2012-08-16 07:03:15 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-08-16 07:03:15 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012-08-16 06:57:53 | 000,682,520 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-08-13 09:00:36 | 000,041,984 | ---- | M] () -- C:\Users\ppp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-08-09 13:52:23 | 000,000,362 | ---- | M] () -- C:\Users\ppp\Desktop\Nowy dokument tekstowy.7z
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-08-24 14:08:09 | 000,000,585 | ---- | C] () -- C:\Users\ppp\Desktop\OTL.lnk
[2012-08-24 10:06:00 | 000,485,310 | ---- | C] () -- C:\Users\ppp\Desktop\2043-2008Aprilbrokenlcdwallpaper.jpg
[2012-08-24 10:05:37 | 000,198,669 | ---- | C] () -- C:\Users\ppp\Desktop\Broken-Screen.jpg
[2012-08-24 10:05:27 | 000,408,959 | ---- | C] () -- C:\Users\ppp\Desktop\broken-lcd.jpg
[2012-08-20 11:39:47 | 000,000,575 | ---- | C] () -- C:\Users\Public\Desktop\Symfonia Mała Księgowość.lnk
[2012-08-20 11:39:46 | 000,000,179 | ---- | C] () -- C:\Windows\MKP.ini
[2012-08-20 11:24:08 | 000,101,888 | ---- | C] () -- C:\Windows\System32\BUTIL.DLL
[2012-08-20 11:24:08 | 000,002,055 | R--- | C] () -- C:\Windows\BTI.INI
[2012-08-20 11:19:35 | 100,998,200 | ---- | C] () -- C:\Users\ppp\Desktop\demomp.exe
[2012-08-09 13:52:22 | 000,000,362 | ---- | C] () -- C:\Users\ppp\Desktop\Nowy dokument tekstowy.7z
[2012-07-24 16:03:50 | 000,049,152 | ---- | C] () -- C:\Windows\System32\OctaneARM.dll
[2012-07-19 19:31:20 | 000,000,051 | ---- | C] () -- C:\ProgramData\dqhsfvwwcswxqyx
[2012-05-31 11:27:27 | 000,127,023 | ---- | C] () -- C:\Windows\c96unins.exe
[2012-04-11 16:15:12 | 000,112,688 | ---- | C] () -- C:\Windows\System32\shw32.dll
[2012-04-07 09:51:57 | 000,000,000 | ---- | C] () -- C:\Windows\longfile.INI
[2012-04-07 09:49:56 | 000,039,095 | ---- | C] () -- C:\Windows\iccsigs.dat
[2012-03-30 11:09:09 | 000,000,042 | ---- | C] () -- C:\Windows\FFS20ChtReg.ini
[2012-03-28 16:20:23 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2012-03-26 10:59:00 | 000,003,969 | ---- | C] () -- C:\Windows\cool.ini
[2012-03-26 10:57:45 | 000,000,011 | ---- | C] () -- C:\Windows\wordpad.ini
[2012-03-22 16:30:18 | 000,108,032 | ---- | C] () -- C:\Windows\System32\sh33w32.dll
[2012-03-13 10:28:31 | 000,000,418 | ---- | C] () -- C:\Windows\ODBC.INI
[2012-03-12 13:54:52 | 000,013,304 | ---- | C] () -- C:\Windows\System32\drivers\BTNetFilter.sys
[2012-03-12 13:54:51 | 000,012,500 | ---- | C] () -- C:\Windows\System32\drivers\VBTEnum.sys
[2012-03-12 11:11:51 | 000,041,984 | ---- | C] () -- C:\Users\ppp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-03-10 18:46:32 | 000,306,688 | ---- | C] () -- C:\Windows\System32\Lffpx7.dll
[2012-03-10 18:46:32 | 000,095,232 | ---- | C] () -- C:\Windows\System32\Lfkodak.dll
[2012-03-10 17:48:07 | 000,000,063 | ---- | C] () -- C:\Windows\mxreader.INI
[2012-03-10 17:47:28 | 000,001,499 | ---- | C] () -- C:\Windows\AmFL.ini
[2012-03-10 17:17:13 | 000,001,064 | ---- | C] () -- C:\Users\ppp\AppData\Roaming\default.pls
[2012-03-10 12:31:11 | 000,001,024 | ---- | C] () -- C:\Users\ppp\.rnd
[2012-03-10 12:22:00 | 000,200,468 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2011-06-10 07:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010-11-21 04:32:44 | 000,699,774 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2010-11-21 04:32:44 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2010-11-21 04:32:44 | 000,135,784 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2010-11-21 04:32:44 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat

< End of report >