OTL logfile created on: 30.08.2012 21:14:33 - Run 2
OTL by OldTimer - Version 3.2.59.1     Folder = K:\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,10 Gb Available Physical Memory | 64,59% Memory free
6,71 Gb Paging File | 5,59 Gb Available in Paging File | 83,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 482,92 Gb Total Space | 174,67 Gb Free Space | 36,17% Space Free | Partition Type: NTFS
Drive K: | 448,59 Gb Total Space | 191,84 Gb Free Space | 42,76% Space Free | Partition Type: NTFS
 
Computer Name: IWONNA-PC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012.08.30 10:59:54 | 000,598,528 | ---- | M] (OldTimer Tools) -- K:\Downloads\OTL.exe
PRC - [2012.05.30 20:06:18 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2012.05.18 18:54:28 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012.02.24 03:29:58 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2012.02.23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
PRC - [2012.02.23 12:22:56 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2011.09.16 11:08:18 | 001,804,648 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
PRC - [2011.09.16 10:56:50 | 000,643,944 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe
PRC - [2011.05.24 15:08:54 | 000,067,128 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PRC - [2011.05.21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.05.21 06:01:00 | 000,839,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011.05.21 06:01:00 | 000,373,864 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2010.05.18 16:13:58 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009.11.11 16:17:02 | 000,771,360 | ---- | M] (Apple Inc.) -- C:\Program Files\AirPort\APAgent.exe
PRC - [2009.07.08 03:53:36 | 000,472,112 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Pure Networks\Network Magic\nmapp.exe
PRC - [2009.07.07 15:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2009.07.07 15:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.03.04 03:06:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2008.01.19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007.11.22 12:49:08 | 000,385,024 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
PRC - [2007.05.31 17:21:28 | 000,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdcBase.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.05.24 15:08:53 | 000,061,496 | ---- | M] () -- C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\clntutil.dll
MOD - [2009.07.13 18:37:04 | 000,152,112 | ---- | M] () -- C:\Program Files\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll
MOD - [2009.07.13 18:37:04 | 000,098,304 | ---- | M] () -- C:\Program Files\Common Files\Pure Networks Shared\Platform\CFirewallCOM.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Harmonogram automatycznej usługi LiveUpdate)
SRV - [2012.08.30 11:26:48 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.15 13:02:14 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.05.03 08:31:10 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.05.21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010.05.18 16:13:58 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.07.07 15:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.05.31 17:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 17:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012.02.09 22:43:00 | 010,816,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.01.24 13:27:44 | 000,641,024 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2010.12.01 13:26:28 | 000,015,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2010.12.01 13:26:18 | 001,050,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2009.07.07 15:48:44 | 000,027,696 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\purendis.sys -- (purendis)
DRV - [2009.07.07 15:48:44 | 000,026,672 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\pnarp.sys -- (pnarp)
DRV - [2008.01.19 08:14:59 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2005.01.19 11:14:38 | 000,211,712 | ---- | M] (Labtec Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LV561AV.SYS -- (PID_0928)
DRV - [2005.01.19 11:11:16 | 000,022,016 | ---- | M] (Labtec Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{FEC8E82F-A996-4C47-B6BD-8D0349BAE1AA}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.05.18 18:54:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.05.18 18:54:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.30 11:26:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.08.21 10:50:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.06.27 20:32:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.30 11:26:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.08.21 10:50:27 | 000,000,000 | ---D | M]
 
[2011.01.30 22:09:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Extensions
[2008.07.31 02:17:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.08.30 18:24:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\9pw3cc1q.default\extensions
[2012.06.05 00:13:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.01.31 00:48:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012.08.30 11:26:48 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.05.18 18:54:32 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2011.08.12 05:51:25 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2011.08.12 05:51:25 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2011.08.12 05:51:25 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2011.08.12 05:51:25 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2011.08.12 05:51:25 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011.08.12 05:51:25 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O4 - HKLM..\Run: [AirPort Base Station Agent] C:\Program Files\AirPort\APAgent.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [nmapp] C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [HP Photosmart 5510 series (NET)] C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.34.50 212.76.34.49
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2B5E3E72-20F0-43A4-93AC-68E3A6F1A587}: DhcpNameServer = 212.76.34.50 212.76.34.49
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F71C78F9-FC7A-435A-B28B-05D9BF1609C5}: DhcpNameServer = 212.76.34.50 212.76.34.49
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012.07.16 18:28:44 | 000,247,360 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012.08.30 19:38:30 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.08.30 10:38:50 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{61EDDC45-B058-4409-AB73-8D303F2A51D9}
[2012.08.29 13:57:12 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{9BC712C8-C27E-47D8-A72A-AE591ED987B5}
[2012.08.28 12:12:45 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{49A25D62-5B9B-4F39-907A-682577E95437}
[2012.08.27 23:09:05 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{F864B519-0271-4146-A9ED-1875BC6DE321}
[2012.08.27 10:52:58 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{FE0BF4A6-0E02-48E7-B6A6-8AFE3EADD777}
[2012.08.26 22:34:54 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{2D249D69-8BC6-45A1-9718-172C8F205CB2}
[2012.08.26 10:34:53 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{1C8E689A-1D8E-4B79-ABCA-27DBD94673C4}
[2012.08.24 23:25:34 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{B71DD192-29C5-4777-B785-65D8B012189F}
[2012.08.24 11:25:32 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{329AE32E-4EEE-49A4-B269-94FE040815EE}
[2012.08.23 10:39:23 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{4E769654-D32C-4FEC-934E-D701EF77A269}
[2012.08.22 15:02:02 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{62E0E5C3-5F56-4847-AF57-218804394557}
[2012.08.21 10:14:45 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{ECD840B2-6AA2-455F-A530-874C43FDAEC2}
[2012.08.20 20:57:33 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{E73B78CB-EAA4-49B6-B0B3-CB16F36B6423}
[2012.08.20 08:57:17 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{29233D13-C66E-44A5-8319-958FEC796F9A}
[2012.08.18 22:48:27 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{6A1D8A05-64A9-46D9-B3A1-140C494F2A29}
[2012.08.18 10:48:13 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{0D700CA1-7673-4249-8C6E-4DEDD42B510C}
[2012.08.17 21:31:50 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{176F985E-8EF8-4D9B-9DDC-5C169FB6B17A}
[2012.08.17 21:31:48 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{A87C09D0-D0A0-4A1E-9669-BAF3DEBF06D1}
[2012.08.17 09:31:31 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{075BB7FD-5DA0-4AC9-A12F-943054E42BEF}
[2012.08.17 09:31:26 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{6791A668-47CA-48AF-B854-76AB35599C8A}
[2012.08.16 16:38:36 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.08.16 16:38:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.08.16 16:38:34 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.08.16 16:38:33 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.08.16 16:38:33 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.08.16 16:38:33 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.08.16 16:38:32 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.08.16 16:38:01 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.08.16 16:30:09 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{EF660783-1EE5-462D-981F-C9D48C74342C}
[2012.08.16 16:30:07 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{7B5839B0-1870-4D76-B62E-E170B989EB60}
[2012.08.15 11:02:21 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{CD46D63D-604E-49BB-9FF3-1BB3A855994D}
[2012.08.15 11:02:08 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{075A8752-8DDD-40AC-A0EA-2622F6D9CCFE}
[2012.08.14 12:01:48 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{BB3CAF53-3121-4675-9195-AD49ABADBD1E}
[2012.08.14 12:01:47 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{61316220-34E4-4E69-9662-B99244699DD2}
[2012.08.13 10:58:22 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{6010F39A-839B-41DC-8636-ACAB6022DA20}
[2012.08.13 10:58:19 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{6F4FA289-A5E9-465C-9000-BE3A28528D73}
[2012.08.05 21:16:55 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{E8A5127B-02FF-45C8-947D-B6BD3B07E601}
[2012.08.05 21:16:54 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{B5767302-DD68-4525-9537-D33FF9048776}
[2012.08.04 19:05:25 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{C819E6A3-930B-48D7-BE55-8E4470EBC33D}
[2012.08.04 19:05:24 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{0C08405B-3CBE-4CB9-AB50-326A993C0C29}
[2012.08.03 09:08:36 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.08.03 09:05:09 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{1F14D83F-74D5-4D31-BC8A-5D74D1F47920}
[2012.08.03 09:05:06 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{E2AD0A78-3223-49E6-9CB2-7A966797354D}
[2012.08.02 13:24:10 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{2F1A1B82-25C8-4106-AA6D-07FBC41490F8}
[2012.08.02 13:24:09 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{F075E486-863C-495B-845E-412A991CAE99}
[2012.08.01 11:03:56 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{D42E8428-3AEB-44E4-A895-4D2D8E22562E}
[2012.08.01 11:03:54 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{CC9AF959-EB8E-44D4-A9D7-951AE28D5B0A}
[2012.07.31 21:26:01 | 000,000,000 | ---D | C] -- C:\Program Files\e-Deklaracje
[2011.05.30 20:06:31 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\user\AppData\Roaming\pcouffin.sys
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012.08.30 21:15:17 | 007,602,176 | -HS- | M] () -- C:\Users\user\NTUSER.DAT
[2012.08.30 21:02:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.30 20:38:47 | 001,495,264 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2012.08.30 20:38:47 | 000,671,902 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012.08.30 20:38:47 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.08.30 20:38:47 | 000,130,310 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012.08.30 20:38:47 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.08.30 20:34:24 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.30 20:34:24 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.30 20:34:23 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012.08.30 20:34:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.30 20:33:17 | 000,524,288 | -HS- | M] () -- C:\Users\user\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2012.08.30 20:33:17 | 000,065,536 | -HS- | M] () -- C:\Users\user\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2012.08.30 20:33:16 | 001,711,101 | -H-- | M] () -- C:\Users\user\AppData\Local\IconCache.db
[2012.08.30 19:52:11 | 000,920,096 | ---- | M] () -- C:\Users\user\Desktop\Norton_Removal_Tool.exe
[2012.08.30 12:11:04 | 478,006,596 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.08.28 20:08:19 | 000,116,736 | ---- | M] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.08.28 18:23:09 | 000,000,166 | ---- | M] () -- C:\Users\user\AppData\Roaming\default.rss
[2012.08.21 10:50:28 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012.08.18 23:15:22 | 000,001,245 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2012.08.16 16:53:52 | 000,272,048 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.08.15 13:02:13 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.08.15 13:02:13 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.07.31 21:26:01 | 000,000,792 | ---- | M] () -- C:\Users\Public\Desktop\e-Deklaracje.lnk
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012.08.30 20:33:16 | 001,711,101 | -H-- | C] () -- C:\Users\user\AppData\Local\IconCache.db
[2012.08.30 19:52:38 | 000,920,096 | ---- | C] () -- C:\Users\user\Desktop\Norton_Removal_Tool.exe
[2012.08.03 09:08:31 | 478,006,596 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.07.01 17:07:10 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012.06.26 21:26:52 | 000,031,007 | ---- | C] () -- C:\Users\user\AppData\Roaming\UserTile.png
[2012.05.08 18:12:14 | 042,705,238 | ---- | C] () -- C:\Program Files\FormatFactory.exe
[2012.01.24 21:46:32 | 000,707,504 | ---- | C] () -- C:\Users\user\AppData\Local\unins000.exe
[2012.01.24 21:46:32 | 000,011,761 | ---- | C] () -- C:\Users\user\AppData\Local\unins000.msg
[2012.01.24 21:46:32 | 000,002,156 | ---- | C] () -- C:\Users\user\AppData\Local\unins000.dat
[2012.01.06 19:49:42 | 000,000,067 | ---- | C] () -- C:\Windows\DVDRegionFree.INI
[2012.01.06 19:41:43 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012.01.06 16:09:52 | 000,000,184 | ---- | C] () -- C:\Windows\pdf2word.INI
[2011.08.17 12:50:18 | 000,000,022 | ---- | C] () -- C:\Windows\System32\systeminfo3.dll
[2011.08.11 23:55:09 | 000,085,100 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011.08.03 18:25:13 | 000,000,217 | ---- | C] () -- C:\Users\user\AppData\Roaming\burnaware.ini
[2011.07.18 00:34:24 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Roaming\downloads.m3u
[2011.07.11 20:57:50 | 000,000,272 | ---- | C] () -- C:\Users\user\AppData\Roaming\.backup.dm
[2011.07.10 19:17:29 | 000,000,000 | ---- | C] () -- C:\Windows\System32\dvdtest10024.dat
[2011.05.30 20:06:32 | 000,087,608 | ---- | C] () -- C:\Users\user\AppData\Roaming\inst.exe
[2011.05.30 20:06:32 | 000,007,887 | ---- | C] () -- C:\Users\user\AppData\Roaming\pcouffin.cat
[2011.05.30 20:06:31 | 000,001,144 | ---- | C] () -- C:\Users\user\AppData\Roaming\pcouffin.inf
[2011.05.25 19:39:01 | 000,001,057 | ---- | C] () -- C:\Users\user\AppData\Roaming\vso_ts_preview.xml
[2011.02.25 22:52:00 | 000,299,008 | ---- | C] () -- C:\Windows\System32\lxeasm.dll
[2011.02.25 22:51:55 | 000,024,576 | ---- | C] () -- C:\Windows\System32\lxeasmr.dll
[2011.02.25 19:47:08 | 008,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi
[2011.02.03 12:15:43 | 000,000,166 | ---- | C] () -- C:\Users\user\AppData\Roaming\default.rss
[2011.02.02 22:37:32 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.02.02 22:27:54 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011.02.01 18:40:05 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011.02.01 15:30:57 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.02.01 15:30:56 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.02.01 15:30:40 | 000,368,640 | ---- | C] () -- C:\Windows\System32\msjetoledb40.dll
[2011.01.31 15:59:12 | 000,060,124 | ---- | C] () -- C:\Windows\System32\tcpmon.ini
[2011.01.31 00:19:05 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2011.01.28 02:44:57 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011.01.27 23:28:35 | 000,000,000 | ---- | C] () -- C:\Windows\WinInit.ini
[2011.01.27 19:54:44 | 000,000,552 | ---- | C] () -- C:\Users\user\AppData\Local\d3d8caps.dat
[2011.01.27 19:49:56 | 000,116,736 | ---- | C] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.27 17:59:46 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.01.24 21:51:36 | 000,671,902 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2011.01.24 21:51:36 | 000,332,832 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2011.01.24 21:51:36 | 000,130,310 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2011.01.24 21:51:36 | 000,037,468 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2011.01.24 13:29:48 | 000,004,984 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2011.01.24 13:29:18 | 000,014,640 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2011.01.24 13:14:22 | 000,060,696 | ---- | C] () -- C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
[2011.01.24 13:14:05 | 000,000,680 | ---- | C] () -- C:\Users\user\AppData\Local\d3d9caps.dat
[2011.01.24 13:14:04 | 000,000,020 | -HS- | C] () -- C:\Users\user\ntuser.ini
[2011.01.24 13:14:03 | 007,602,176 | -HS- | C] () -- C:\Users\user\NTUSER.DAT
[2011.01.24 13:14:03 | 000,524,288 | -HS- | C] () -- C:\Users\user\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2011.01.24 13:14:03 | 000,524,288 | -HS- | C] () -- C:\Users\user\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2011.01.24 13:14:03 | 000,065,536 | -HS- | C] () -- C:\Users\user\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:242231A9
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:0B9D8E22

< End of report >