OTL logfile created on: 2014-06-17 17:17:33 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\raddor71\Pulpit\logi
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
502,80 Mb Total Physical Memory | 129,30 Mb Available Physical Memory | 25,72% Memory free
1,20 Gb Paging File | 0,87 Gb Available in Paging File | 72,54% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 41,01 Gb Total Space | 24,39 Gb Free Space | 59,48% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 9,05 Gb Free Space | 1,94% Space Free | Partition Type: NTFS
Drive E: | 145,29 Gb Total Space | 12,13 Gb Free Space | 8,35% Space Free | Partition Type: NTFS
 
Computer Name: IBM | User Name: raddor71 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2014-06-14 10:03:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\raddor71\Pulpit\logi\OTL.exe
PRC - [2014-05-27 08:10:11 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013-09-27 20:46:26 | 000,559,696 | ---- | M] (Lavasoft) -- C:\Documents and Settings\All Users\Dane aplikacji\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2013-08-15 05:25:21 | 000,129,424 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Identity Safe\Engine\2014.5.0.67\NST.exe
PRC - [2013-05-20 22:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\Engine\20.4.0.40\ccsvchst.exe
PRC - [2008-04-15 00:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2006-10-26 14:56:46 | 000,757,008 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2014-06-11 09:12:40 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014-06-09 14:27:44 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-05-27 08:10:11 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2014-04-30 09:13:14 | 001,716,264 | ---- | M] (pdfforge GmbH) [On_Demand | Stopped] -- C:\Program Files\PDF Architect 2\ws.exe -- (PDF Architect 2)
SRV - [2014-04-30 09:13:14 | 000,861,736 | ---- | M] (pdfforge GmbH) [On_Demand | Stopped] -- C:\Program Files\PDF Architect 2\crash-handler-ws.exe -- (pdfforge CrashHandler)
SRV - [2013-10-23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-08-15 05:25:21 | 000,129,424 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Identity Safe\Engine\2014.5.0.67\NST.exe -- (NCO)
SRV - [2013-05-20 22:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe -- (NAV)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2014-06-16 18:26:02 | 001,612,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\VirusDefs\20140616.009\navex15.sys -- (NAVEX15)
DRV - [2014-06-16 18:26:02 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\VirusDefs\20140616.009\naveng.sys -- (NAVENG)
DRV - [2014-06-12 01:46:58 | 000,377,648 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2014-06-11 12:22:59 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2014-06-11 05:45:06 | 000,109,872 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014-06-10 18:02:26 | 000,383,120 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\IPSDefs\20140616.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2014-06-06 18:04:12 | 001,101,616 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\BASHDefs\20140606.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013-07-30 03:24:22 | 000,117,336 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NST\7DE05000.043\ccSetx86.sys -- (ccSet_NST)
DRV - [2013-05-22 23:25:28 | 000,934,488 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1404000.028\symefa.sys -- (SymEFA)
DRV - [2013-05-20 23:02:00 | 000,367,704 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1404000.028\symds.sys -- (SymDS)
DRV - [2013-05-15 23:02:14 | 000,603,224 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NAV\1404000.028\srtsp.sys -- (SRTSP)
DRV - [2013-04-24 18:43:56 | 000,396,760 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1404000.028\symtdi.sys -- (SYMTDI)
DRV - [2013-04-15 20:41:14 | 000,134,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1404000.028\ccsetx86.sys -- (ccSet_NAV)
DRV - [2013-03-04 19:21:36 | 000,032,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1404000.028\srtspx.sys -- (SRTSPX)
DRV - [2012-09-06 19:48:08 | 000,175,264 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1404000.028\ironx86.sys -- (SymIRON)
DRV - [2009-03-19 15:19:54 | 000,991,136 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2009-02-18 11:46:56 | 000,534,312 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008-10-30 23:19:14 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008-07-24 11:37:10 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008-03-10 12:18:42 | 000,057,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2008-02-04 11:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2002-06-13 05:37:16 | 000,045,568 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=180&d=20140613
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-1123561945-1417001333-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-1123561945-1417001333-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-1123561945-1417001333-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1123561945-1417001333-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/isearch/
IE - HKU\S-1-5-21-1123561945-1417001333-1177238915-1003\..\SearchScopes,DefaultScope = {8B63A8D6-BBED-4341-8867-790E5F524C96}
IE - HKU\S-1-5-21-1123561945-1417001333-1177238915-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-1123561945-1417001333-1177238915-1003\..\SearchScopes\{0C7A8EB6-7C00-4C8B-BD52-896AD689C7EB}: "URL" = http://search.us.com/serp?guid={92E087AC-FE90-43D7-9CFC-AA5CD8BF2E9A}&action=default_search&serpv=5&k={searchTerms}
IE - HKU\S-1-5-21-1123561945-1417001333-1177238915-1003\..\SearchScopes\{77D5640F-DE5E-4B22-B47E-2E60FA0B0B5E}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10513
IE - HKU\S-1-5-21-1123561945-1417001333-1177238915-1003\..\SearchScopes\{8B63A8D6-BBED-4341-8867-790E5F524C96}: "URL" = http://mystart.incredimail.com/english/?search={searchTerms}&loc=search_box
IE - HKU\S-1-5-21-1123561945-1417001333-1177238915-1003\..\SearchScopes\{F17FA716-DBE6-4DC7-92D5-DA25374B149C}: "URL" = http://search.us.com/serp?guid={626EC573-AEEE-4878-B8C8-55A9722CDFFC}&action=default_search&serpv=5&k={searchTerms}
IE - HKU\S-1-5-21-1123561945-1417001333-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://mystart.incredimail.com/isearch/"
FF - prefs.js..extensions.enabledAddons: faststartff%40gmail.com:4.2.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - prefs.js..keyword.URL: "http://search.us.com/serp?guid={92E087AC-FE90-43D7-9CFC-AA5CD8BF2E9A}&action=default_search&serpv=5&k="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\PDF Architect 2: C:\Program Files\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\IPSFF [2014-06-11 18:39:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\faststartff@gmail.com: C:\Documents and Settings\raddor71\Dane aplikacji\Mozilla\Firefox\Profiles\j45hpnuw.default\extensions\faststartff@gmail.com [2014-06-12 12:00:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F04D2D30-776C-4d02-8627-8E4385ECA58D}: C:\Documents and Settings\All Users\Dane aplikacji\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\ [2014-06-17 17:07:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\shortcutff@gmail.com: C:\Documents and Settings\raddor71\Dane aplikacji\Mozilla\Firefox\Profiles\j45hpnuw.default\extensions\shortcutff@gmail.com [2014-06-12 12:00:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014-06-11 09:08:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2014-03-19 11:34:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\raddor71\Dane aplikacji\Mozilla\Extensions
[2014-06-16 18:29:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\raddor71\Dane aplikacji\Mozilla\Firefox\Profiles\j45hpnuw.default\extensions
[2014-06-12 12:00:02 | 000,000,000 | ---D | M] ("Fast Start") -- C:\Documents and Settings\raddor71\Dane aplikacji\Mozilla\Firefox\Profiles\j45hpnuw.default\extensions\faststartff@gmail.com
[2014-06-12 12:00:53 | 000,000,000 | ---D | M] ("shortcut") -- C:\Documents and Settings\raddor71\Dane aplikacji\Mozilla\Firefox\Profiles\j45hpnuw.default\extensions\shortcutff@gmail.com
[2014-06-11 09:08:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014-06-11 09:12:51 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: qone8 (Enabled)
CHR - default_search_provider: search_url = http://www.qone8.com/web/?type=dspp&ts=1402317483&from=tt4u&uid=WDCXWD2000JB-55GVA0_WD-WCAL7383104131041X&q={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_9&idate=2014-06-13&ent=hp&u=BA8161C1D5D21001EDD032539AD00BA7
CHR - plugin: Error reading preferences file
CHR - Extension: Google Wallet = C:\Documents and Settings\raddor71\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Norton Identity Safe for Google Chrome\u2122 = C:\Documents and Settings\raddor71\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob\2014.7.0.48_0\
 
O1 HOSTS File: ([2001-10-26 20:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Norton Identity Protection) - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files\Norton Identity Safe\Engine\2014.5.0.67\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files\Norton Identity Safe\Engine\2014.5.0.67\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-1123561945-1417001333-1177238915-1003\..\Toolbar\WebBrowser: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files\Norton Identity Safe\Engine\2014.5.0.67\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\Documents and Settings\All Users\Dane aplikacji\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [fst_pl_128]  File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1123561945-1417001333-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Wyślij do interfejsu Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{525CACA6-7ED5-48F1-884A-54D2CBCA8EDA}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 () - https://encrypted-tbn1.gstatic.com/images?q=tbn:ANd9GcRixNxAvz2t5AhHudvizU00WC-Q03slhK6_Sx6Dm4O255fjpH3pPaAlJw
O24 - Desktop Components:1 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\raddor71\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\raddor71\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014-03-25 17:08:52 | 000,000,056 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2014-01-26 15:40:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.NAV -- [ NTFS ]
O32 - AutoRun File - [2014-02-03 10:44:37 | 000,083,123 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ]
O33 - MountPoints2\{e17c1e26-a2f8-11e3-9321-001986000940}\Shell\AutoRun\command - "" = F:\Start.exe
O33 - MountPoints2\{e17c1e26-a2f8-11e3-9321-001986000940}\Shell\Install\Command - "" = F:\Start.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2014-06-16 20:15:26 | 000,000,000 | ---D | C] -- C:\_OTL
[2014-06-16 18:43:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\raddor71\Pulpit\Nowe logi
[2014-06-16 18:26:17 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\WINDOWS\System32\sqlite3.dll
[2014-06-16 18:24:40 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014-06-15 17:10:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\raddor71\Dane aplikacji\pdfforge_GmbH
[2014-06-15 17:03:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\raddor71\Dane aplikacji\PDF Architect 2
[2014-06-15 15:44:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\raddor71\Pulpit\plili patriota
[2014-06-14 10:29:12 | 000,000,000 | ---D | C] -- C:\FRST
[2014-06-14 10:21:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\raddor71\Pulpit\SecuritycCheck
[2014-06-14 10:18:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\raddor71\Pulpit\gmer
[2014-06-14 10:10:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\raddor71\Pulpit\Otl
[2014-06-14 09:53:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\raddor71\Pulpit\Frst
[2014-06-14 09:50:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\raddor71\Pulpit\logi
[2014-06-14 08:26:26 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014-06-13 14:51:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\raddor71\Dane aplikacji\LavasoftStatistics
[2014-06-13 13:11:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\raddor71\Ustawienia lokalne\Dane aplikacji\adawarebp
[2014-06-13 13:08:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Ad-Aware Browsing Protection
[2014-06-13 12:18:56 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2014-06-13 12:09:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\raddor71\Dane aplikacji\Lavasoft
[2014-06-13 12:06:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft
[2014-06-12 16:30:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2014-06-12 11:59:30 | 000,127,064 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NST\7DE07000.02F\ccsetx86.sys
[2014-06-12 11:58:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NST\7DE07000.02F
[2014-06-12 05:49:27 | 000,127,064 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NST\7DE07000.02B\ccsetx86.sys
[2014-06-12 05:48:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NST\7DE07000.02B
[2014-06-11 23:44:24 | 000,127,064 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NST\7DE06000.01B\ccsetx86.sys
[2014-06-11 23:44:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NST\7DE06000.01B
[2014-06-11 19:38:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Norton Identity Safe
[2014-06-11 18:40:43 | 000,117,336 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NST\7DE05000.043\ccSetx86.sys
[2014-06-11 18:39:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NST\7DE05000.043
[2014-06-11 12:23:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NST
[2014-06-11 12:23:23 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Identity Safe
[2014-06-11 12:23:01 | 000,142,496 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2014-06-11 12:22:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2014-06-11 12:22:59 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2014-06-11 12:21:35 | 000,396,760 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1404000.028\symtdi.sys
[2014-06-11 12:21:35 | 000,352,344 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1404000.028\symtdiv.sys
[2014-06-11 12:21:34 | 000,934,488 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1404000.028\symefa.sys
[2014-06-11 12:21:34 | 000,339,544 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1404000.028\symnets.sys
[2014-06-11 12:21:34 | 000,021,400 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1404000.028\symelam.sys
[2014-06-11 12:21:33 | 000,367,704 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1404000.028\symds.sys
[2014-06-11 12:21:33 | 000,032,344 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1404000.028\srtspx.sys
[2014-06-11 12:21:31 | 000,603,224 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1404000.028\srtsp.sys
[2014-06-11 12:21:30 | 000,175,264 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1404000.028\ironx86.sys
[2014-06-11 12:21:27 | 000,134,744 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1404000.028\ccsetx86.sys
[2014-06-11 12:18:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NAV\1404000.028
[2014-06-11 12:16:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NAV
[2014-06-11 12:16:21 | 000,000,000 | ---D | C] -- C:\Program Files\Norton AntiVirus
[2014-06-11 12:16:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Norton AntiVirus
[2014-06-11 11:55:56 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2014-06-11 11:42:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\7-Zip
[2014-06-11 11:42:53 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2014-06-11 09:08:04 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014-06-09 14:27:29 | 017,352,880 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2014-06-08 20:17:22 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2014-06-08 20:11:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\raddor71\Ustawienia lokalne\Dane aplikacji\Opera Software
[2014-06-08 20:10:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\raddor71\Dane aplikacji\Opera Software
[2014-06-08 20:05:59 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2014-06-08 19:39:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\VideoLAN
[2014-06-08 19:38:27 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2014-06-03 19:24:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PDF Architect 2
[2014-06-03 19:23:11 | 000,000,000 | ---D | C] -- C:\Program Files\PDF Architect 2
[2014-06-03 19:23:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\raddor71\Moje dokumenty\PDF Architect 2
[2014-06-03 19:21:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PDF Architect 2
[2014-06-03 19:20:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PDFCreator
[2014-06-03 19:20:31 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX
[2014-06-03 19:20:31 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMAPI32.OCX
[2014-06-03 19:20:31 | 000,095,416 | ---- | C] (pdfforge GmbH) -- C:\WINDOWS\System32\pdfcmon.dll
[2014-06-03 19:20:28 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMPIDE.DLL
[2014-06-03 19:20:27 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator
[2014-05-28 21:14:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\raddor71\Pulpit\z telefonu Doroty
[2014-05-27 08:11:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2014-05-27 08:10:54 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2014-05-27 08:10:54 | 000,145,408 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2014-05-27 08:10:35 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2014-05-27 08:10:35 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2014-05-27 08:10:35 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2014-05-27 08:10:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Java
[2014-05-27 08:10:03 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014-05-27 08:04:33 | 000,921,512 | ---- | C] (Oracle Corporation) -- C:\Documents and Settings\raddor71\Pulpit\jxpiinstall.exe
[2014-05-24 21:32:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\GameHouse
[2014-05-24 21:31:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2014-05-24 21:30:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\raddor71\Menu Start\Programy\IncrediGames Games
[2014-05-24 21:26:54 | 000,000,000 | ---D | C] -- C:\Program Files\Oberon Media SIDR
[2014-05-24 21:22:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\raddor71\Dane aplikacji\Oberon Media
[2014-05-24 21:21:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Oberon Media
[2014-05-24 21:12:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Oberon Media
[1 C:\Documents and Settings\raddor71\Pulpit\*.tmp files -> C:\Documents and Settings\raddor71\Pulpit\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2014-06-17 17:27:08 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014-06-17 17:24:00 | 000,001,040 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014-06-17 17:07:44 | 000,001,693 | ---- | M] () -- C:\Documents and Settings\raddor71\Menu Start\Programy\Autostart\Powiadomienia monitorowania tuszu - HP Deskjet 3510 series.lnk
[2014-06-17 17:07:25 | 000,000,422 | ---- | M] () -- C:\WINDOWS\tasks\Opera scheduled Autoupdate 1402250759.job
[2014-06-17 17:07:14 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014-06-17 17:07:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014-06-16 17:46:16 | 001,333,465 | ---- | M] () -- C:\Documents and Settings\raddor71\Moje dokumenty\adwcleaner_3.212 (1).exe
[2014-06-16 17:46:09 | 001,333,465 | ---- | M] () -- C:\Documents and Settings\raddor71\Moje dokumenty\adwcleaner_3.212.exe
[2014-06-15 16:17:28 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\raddor71\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014-06-14 08:29:52 | 000,063,764 | ---- | M] () -- C:\Documents and Settings\raddor71\Moje dokumenty\pko_trans_details_140614_082925.pdf
[2014-06-14 08:28:23 | 000,063,756 | ---- | M] () -- C:\Documents and Settings\raddor71\Moje dokumenty\pko_trans_details_140614_082742.pdf
[2014-06-13 13:00:21 | 000,003,960 | ---- | M] () -- C:\{DDC3FC98-9557-40A4-B98D-E77D84E40554}
[2014-06-13 12:59:06 | 000,003,208 | ---- | M] () -- C:\{75068878-4F01-42D3-8C95-20F498892596}
[2014-06-13 12:57:22 | 000,003,448 | ---- | M] () -- C:\{32E2ED47-8064-48DA-97B7-922A9AB53743}
[2014-06-13 12:52:06 | 000,003,704 | ---- | M] () -- C:\{DA734F3F-2205-432F-B4BA-1193B1FA08CC}
[2014-06-13 12:50:19 | 000,002,944 | ---- | M] () -- C:\{3A581BB7-17F5-4D33-974E-187E572C6EE0}
[2014-06-13 12:07:22 | 000,465,645 | ---- | M] () -- C:\WINDOWS\System32\drivers\NAV\1404000.028\Cat.DB
[2014-06-12 15:51:44 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2014-06-12 14:31:17 | 000,002,552 | ---- | M] () -- C:\{EADE0DB7-5E5A-48BD-9AE4-3BEB1D5F92E7}
[2014-06-12 13:27:48 | 000,002,600 | ---- | M] () -- C:\{262CBED2-6B6B-4242-AF82-4FDE28637809}
[2014-06-12 13:15:58 | 000,002,640 | ---- | M] () -- C:\{F496378D-4A46-441C-B769-3216B0DAFDCC}
[2014-06-12 13:02:00 | 000,002,136 | ---- | M] () -- C:\{67571BC2-20D4-4F61-A6C4-31AB567EBE22}
[2014-06-12 12:17:45 | 000,002,400 | ---- | M] () -- C:\{905D190E-285B-4C9B-95F5-C798A7E2377F}
[2014-06-12 11:06:05 | 000,002,256 | ---- | M] () -- C:\{F0FEB365-4C34-406F-9F71-7122B14B4910}
[2014-06-11 12:22:59 | 000,142,496 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2014-06-11 12:22:59 | 000,007,611 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2014-06-11 12:22:59 | 000,000,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2014-06-11 11:49:12 | 000,000,404 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2014-06-11 09:07:33 | 000,003,223 | ---- | M] () -- C:\WINDOWS\VPlayer.INI
[2014-06-11 09:07:32 | 000,000,126 | ---- | M] () -- C:\WINDOWS\VplayerINI.vpl
[2014-06-09 14:27:43 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014-06-09 14:27:43 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014-06-09 14:27:29 | 017,352,880 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2014-06-08 20:06:37 | 000,000,675 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2014-06-04 21:14:44 | 000,038,119 | ---- | M] () -- C:\WINDOWS\System32\drivers\NAV\1404000.028\VT20140604.020
[2014-06-03 15:34:45 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014-06-02 20:05:19 | 000,000,206 | ---- | M] () -- C:\WINDOWS\System\CmiCnfg.ini
[2014-05-30 21:17:00 | 000,517,871 | ---- | M] () -- C:\Documents and Settings\raddor71\Moje dokumenty\Scan0015.jpg
[2014-05-30 21:01:31 | 000,290,995 | ---- | M] () -- C:\Documents and Settings\raddor71\Moje dokumenty\Scan0014.jpg
[2014-05-29 19:45:31 | 000,160,064 | ---- | M] () -- C:\Documents and Settings\raddor71\Moje dokumenty\Scan0013.jpg
[2014-05-27 08:10:12 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2014-05-27 08:10:11 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2014-05-27 08:10:11 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2014-05-27 08:10:10 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2014-05-27 08:10:10 | 000,145,408 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2014-05-27 08:04:33 | 000,921,512 | ---- | M] (Oracle Corporation) -- C:\Documents and Settings\raddor71\Pulpit\jxpiinstall.exe
[2014-05-24 21:22:35 | 000,001,652 | ---- | M] () -- C:\Documents and Settings\raddor71\Pulpit\IncrediGames Games.lnk
[1 C:\Documents and Settings\raddor71\Pulpit\*.tmp files -> C:\Documents and Settings\raddor71\Pulpit\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2014-06-16 17:46:05 | 001,333,465 | ---- | C] () -- C:\Documents and Settings\raddor71\Moje dokumenty\adwcleaner_3.212 (1).exe
[2014-06-16 17:45:41 | 001,333,465 | ---- | C] () -- C:\Documents and Settings\raddor71\Moje dokumenty\adwcleaner_3.212.exe
[2014-06-14 08:29:39 | 000,063,764 | ---- | C] () -- C:\Documents and Settings\raddor71\Moje dokumenty\pko_trans_details_140614_082925.pdf
[2014-06-14 08:27:47 | 000,063,756 | ---- | C] () -- C:\Documents and Settings\raddor71\Moje dokumenty\pko_trans_details_140614_082742.pdf
[2014-06-13 13:00:21 | 000,003,960 | ---- | C] () -- C:\{DDC3FC98-9557-40A4-B98D-E77D84E40554}
[2014-06-13 12:59:06 | 000,003,208 | ---- | C] () -- C:\{75068878-4F01-42D3-8C95-20F498892596}
[2014-06-13 12:57:22 | 000,003,448 | ---- | C] () -- C:\{32E2ED47-8064-48DA-97B7-922A9AB53743}
[2014-06-13 12:52:06 | 000,003,704 | ---- | C] () -- C:\{DA734F3F-2205-432F-B4BA-1193B1FA08CC}
[2014-06-13 12:50:19 | 000,002,944 | ---- | C] () -- C:\{3A581BB7-17F5-4D33-974E-187E572C6EE0}
[2014-06-12 14:31:17 | 000,002,552 | ---- | C] () -- C:\{EADE0DB7-5E5A-48BD-9AE4-3BEB1D5F92E7}
[2014-06-12 13:27:47 | 000,002,600 | ---- | C] () -- C:\{262CBED2-6B6B-4242-AF82-4FDE28637809}
[2014-06-12 13:15:58 | 000,002,640 | ---- | C] () -- C:\{F496378D-4A46-441C-B769-3216B0DAFDCC}
[2014-06-12 13:02:00 | 000,002,136 | ---- | C] () -- C:\{67571BC2-20D4-4F61-A6C4-31AB567EBE22}
[2014-06-12 12:17:38 | 000,002,400 | ---- | C] () -- C:\{905D190E-285B-4C9B-95F5-C798A7E2377F}
[2014-06-12 11:58:20 | 000,000,829 | ---- | C] () -- C:\WINDOWS\System32\drivers\NST\7DE07000.02F\ccsetx86.inf
[2014-06-12 11:58:17 | 000,008,194 | ---- | C] () -- C:\WINDOWS\System32\drivers\NST\7DE07000.02F\ccsetx86.cat
[2014-06-12 11:58:17 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NST\7DE07000.02F\isolate.ini
[2014-06-12 11:06:05 | 000,002,256 | ---- | C] () -- C:\{F0FEB365-4C34-406F-9F71-7122B14B4910}
[2014-06-12 05:48:45 | 000,000,829 | ---- | C] () -- C:\WINDOWS\System32\drivers\NST\7DE07000.02B\ccsetx86.inf
[2014-06-12 05:48:44 | 000,008,194 | ---- | C] () -- C:\WINDOWS\System32\drivers\NST\7DE07000.02B\ccsetx86.cat
[2014-06-12 05:48:44 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NST\7DE07000.02B\isolate.ini
[2014-06-11 23:44:14 | 000,008,194 | ---- | C] () -- C:\WINDOWS\System32\drivers\NST\7DE06000.01B\ccsetx86.cat
[2014-06-11 23:44:14 | 000,000,829 | ---- | C] () -- C:\WINDOWS\System32\drivers\NST\7DE06000.01B\ccsetx86.inf
[2014-06-11 23:44:14 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NST\7DE06000.01B\isolate.ini
[2014-06-11 18:39:47 | 000,038,119 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1404000.028\VT20140604.020
[2014-06-11 18:39:33 | 000,000,829 | R--- | C] () -- C:\WINDOWS\System32\drivers\NST\7DE05000.043\ccSetx86.inf
[2014-06-11 18:39:30 | 000,008,194 | R--- | C] () -- C:\WINDOWS\System32\drivers\NST\7DE05000.043\ccsetx86.cat
[2014-06-11 18:39:29 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NST\7DE05000.043\isolate.ini
[2014-06-11 12:25:05 | 000,465,645 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1404000.028\Cat.DB
[2014-06-11 12:23:02 | 000,007,611 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2014-06-11 12:23:01 | 000,000,805 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2014-06-11 12:21:35 | 000,001,468 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1404000.028\symnetv.inf
[2014-06-11 12:21:34 | 000,009,670 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1404000.028\symelam.cat
[2014-06-11 12:21:34 | 000,008,067 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1404000.028\symnet.cat
[2014-06-11 12:21:34 | 000,007,877 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1404000.028\symnetv.cat
[2014-06-11 12:21:34 | 000,001,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1404000.028\symnet.inf
[2014-06-11 12:21:34 | 000,000,996 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1404000.028\symelam.inf
[2014-06-11 12:21:33 | 000,008,059 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1404000.028\symds.cat
[2014-06-11 12:21:33 | 000,007,583 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1404000.028\symefa.cat
[2014-06-11 12:21:33 | 000,007,581 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1404000.028\srtspx.cat
[2014-06-11 12:21:33 | 000,003,434 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1404000.028\symefa.inf
[2014-06-11 12:21:33 | 000,002,852 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1404000.028\symds.inf
[2014-06-11 12:21:33 | 000,001,389 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1404000.028\srtspx.inf
[2014-06-11 12:21:31 | 000,001,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1404000.028\srtsp.inf
[2014-06-11 12:21:30 | 000,008,059 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1404000.028\srtsp.cat
[2014-06-11 12:21:30 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1404000.028\isolate.ini
[2014-06-11 12:21:29 | 000,000,737 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1404000.028\iron.inf
[2014-06-11 12:21:28 | 000,007,593 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1404000.028\iron.cat
[2014-06-11 12:21:27 | 000,000,827 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1404000.028\ccsetx86.inf
[2014-06-11 12:21:26 | 000,007,667 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1404000.028\ccsetx86.cat
[2014-06-08 20:17:35 | 000,000,404 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2014-06-08 20:06:39 | 000,000,422 | ---- | C] () -- C:\WINDOWS\tasks\Opera scheduled Autoupdate 1402250759.job
[2014-06-08 20:06:37 | 000,000,675 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2014-06-08 20:06:37 | 000,000,675 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk
[2014-05-30 21:17:00 | 000,517,871 | ---- | C] () -- C:\Documents and Settings\raddor71\Moje dokumenty\Scan0015.jpg
[2014-05-30 21:01:30 | 000,290,995 | ---- | C] () -- C:\Documents and Settings\raddor71\Moje dokumenty\Scan0014.jpg
[2014-05-29 19:45:31 | 000,160,064 | ---- | C] () -- C:\Documents and Settings\raddor71\Moje dokumenty\Scan0013.jpg
[2014-05-24 21:22:34 | 000,001,652 | ---- | C] () -- C:\Documents and Settings\raddor71\Pulpit\IncrediGames Games.lnk
[2014-04-06 11:58:33 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014-04-06 11:58:33 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\raddor71\Ustawienia lokalne\Dane aplikacji\d3d9caps.dat
[2014-03-03 19:39:54 | 000,039,340 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2014-01-28 17:34:46 | 000,003,223 | ---- | C] () -- C:\WINDOWS\VPlayer.INI
[2014-01-26 16:49:44 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\raddor71\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014-01-26 16:27:34 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2014-01-26 16:26:04 | 000,215,264 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014-01-26 15:58:28 | 000,000,057 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\Ament.ini
[2014-01-26 15:50:08 | 000,233,472 | R--- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe
[2014-01-26 15:50:08 | 000,028,672 | R--- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2014-01-26 15:49:57 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2014-01-26 15:49:55 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2014-01-26 15:49:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2014-01-26 15:49:33 | 000,266,240 | ---- | C] () -- C:\WINDOWS\CMIUninstall.exe
[2014-01-26 15:49:33 | 000,225,280 | ---- | C] () -- C:\WINDOWS\CmiRmRedundDir.exe
[2014-01-26 15:49:32 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
[2014-01-26 15:48:54 | 000,003,494 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2014-01-26 15:48:52 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2014-01-26 15:43:25 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2014-01-26 15:36:20 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012-10-12 03:50:40 | 000,049,738 | ---- | C] () -- C:\Program Files\AutoMapa EU.md5
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2014-03-03 19:32:31 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-15 00:50:48 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2008-04-15 00:50:32 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-15 00:50:58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2014-06-17 17:08:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ad-Aware Browsing Protection
[2014-05-24 21:32:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\GameHouse
[2014-03-09 12:20:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\GG
[2014-01-27 17:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IM
[2014-01-27 17:48:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IncrediMail
[2014-04-06 08:09:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NCOTEMP
[2014-05-24 21:30:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Oberon Media
[2014-06-03 19:21:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PDF Architect 2
[2014-05-24 21:56:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2014-03-09 19:25:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\The-Dogies
[2014-03-14 09:29:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\raddor71\Dane aplikacji\Audacity
[2014-06-17 08:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\raddor71\Dane aplikacji\GG
[2014-05-24 21:31:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\raddor71\Dane aplikacji\Oberon Media
[2014-02-06 12:40:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\raddor71\Dane aplikacji\OpenOffice
[2014-03-03 19:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\raddor71\Dane aplikacji\OpenWebKitSharp Strings
[2014-06-08 20:10:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\raddor71\Dane aplikacji\Opera Software
[2014-06-15 17:33:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\raddor71\Dane aplikacji\PDF Architect 2
[2014-06-15 17:10:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\raddor71\Dane aplikacji\pdfforge_GmbH
[2014-03-03 19:37:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\raddor71\Dane aplikacji\Tablice szkolne
[2014-03-06 15:41:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\raddor71\Dane aplikacji\uPlayer
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 375 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:EB9E98E5

< End of report >