OTL logfile created on: 2013-05-25 12:10:30 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\User\Desktop Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 1,89 Gb Available Physical Memory | 58,33% Memory free 5,09 Gb Paging File | 3,68 Gb Available in Paging File | 72,40% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 195,31 Gb Total Space | 153,45 Gb Free Space | 78,57% Space Free | Partition Type: NTFS Drive D: | 270,45 Gb Total Space | 268,68 Gb Free Space | 99,35% Space Free | Partition Type: NTFS Computer Name: VOBIS | User Name: User | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-05-25 12:06:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe PRC - [2013-03-22 16:09:37 | 002,787,280 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe PRC - [2012-12-24 05:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Identity Safe\Engine\2013.3.3.19\ccsvchst.exe PRC - [2012-12-23 21:33:30 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\20.3.1.22\ccSvcHst.exe PRC - [2012-10-11 04:29:13 | 000,143,928 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Management\Engine\3.2.0.19\ccsvchst.exe PRC - [2011-12-27 12:54:00 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\UTSCSI.EXE PRC - [2011-08-04 14:44:24 | 000,593,032 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Solution Menu EX\CNSEUPDT.EXE PRC - [2011-08-04 14:41:44 | 001,637,496 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE PRC - [2011-07-19 05:53:07 | 002,567,272 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE PRC - [2010-07-04 19:13:56 | 000,095,576 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe PRC - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe PRC - [2008-04-14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-12-12 11:46:52 | 000,019,456 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CtHelper.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-03-22 16:09:37 | 002,787,280 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe MOD - [2013-03-22 16:08:36 | 002,520,016 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll MOD - [2013-01-02 08:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll MOD - [2012-05-30 16:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files\Norton Identity Safe\Engine\2013.3.3.19\wincfi39.dll MOD - [2012-05-30 08:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files\Norton 360\Engine\20.3.1.22\wincfi39.dll MOD - [2011-12-27 12:54:00 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\UTSCSI.EXE MOD - [2011-02-04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll MOD - [2010-03-15 12:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll MOD - [2009-11-19 00:51:46 | 000,473,704 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nvShell.dll MOD - [2009-04-27 13:55:12 | 000,678,400 | ---- | M] () -- C:\Program Files\IZArc\IZArcCM.dll MOD - [2008-04-14 02:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2008-04-14 02:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll MOD - [2001-10-28 18:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2013-03-22 16:09:37 | 002,787,280 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect) SRV - [2012-12-24 05:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Identity Safe\Engine\2013.3.3.19\ccSvcHst.exe -- (NCO) SRV - [2012-12-23 21:33:30 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\20.3.1.22\ccSvcHst.exe -- (N360) SRV - [2012-10-11 04:29:13 | 000,143,928 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Management\Engine\3.2.0.19\ccSvcHst.exe -- (MCLIENT) SRV - [2011-12-27 12:54:00 | 000,045,056 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\UTSCSI.EXE -- (UTSCSI) SRV - [2010-12-08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2008-02-01 19:08:50 | 000,394,704 | ---- | M] (Symantec, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Temp\catchme.sys -- (catchme) DRV - [2013-05-22 10:14:24 | 001,611,992 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130524.022\NAVEX15.SYS -- (NAVEX15) DRV - [2013-05-22 10:14:24 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130524.022\NAVENG.SYS -- (NAVENG) DRV - [2013-05-11 14:23:24 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2013-05-11 02:17:36 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2013-05-11 02:17:36 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2013-05-10 17:48:34 | 000,373,728 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20130524.001\IDSxpx86.sys -- (IDSxpx86) DRV - [2013-05-03 00:16:48 | 001,000,024 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130515.001\BHDrvx86.sys -- (BHDrvx86) DRV - [2013-01-30 21:18:18 | 000,394,656 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1403010.016\symtdi.sys -- (SYMTDI) DRV - [2013-01-30 21:18:06 | 000,934,488 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\1403010.016\SymEFA.sys -- (SymEFA) DRV - [2013-01-28 19:45:18 | 000,602,712 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\N360\1403010.016\srtsp.sys -- (SRTSP) DRV - [2013-01-28 19:45:18 | 000,032,344 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1403010.016\srtspx.sys -- (SRTSPX) DRV - [2013-01-21 20:15:32 | 000,367,704 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\1403010.016\SymDS.sys -- (SymDS) DRV - [2012-11-16 04:18:04 | 000,134,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NST\7DD03030.013\ccsetx86.sys -- (ccSet_NST) DRV - [2012-11-15 20:22:02 | 000,175,264 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1403010.016\Ironx86.sys -- (SymIRON) DRV - [2012-11-15 20:18:04 | 000,134,304 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1403010.016\ccSetx86.sys -- (ccSet_N360) DRV - [2012-10-04 03:19:14 | 000,134,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\MCLIENT\0302000.013\ccsetx86.sys -- (ccSet_MCLIENT) DRV - [2010-06-14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2010-04-27 04:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm) DRV - [2010-04-27 04:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) DRV - [2010-04-27 04:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-05-06 17:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM) DRV - [2008-04-13 20:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2007-06-18 04:01:28 | 000,514,560 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) DRV - [2006-12-19 09:36:54 | 001,160,504 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha20x2k.sys -- (ha20x2k) DRV - [2006-12-19 09:36:46 | 000,090,936 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia) DRV - [2006-12-19 09:36:42 | 000,156,984 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k) DRV - [2006-12-19 09:36:36 | 000,014,648 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k) DRV - [2006-12-19 09:36:32 | 000,128,312 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv) DRV - [2006-12-19 09:35:40 | 000,511,288 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k) DRV - [2006-08-24 14:00:00 | 000,340,704 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k) DRV - [2006-06-01 14:43:56 | 000,043,264 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) DRV - [2005-10-27 16:06:30 | 000,356,096 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt61.sys -- (RT61) DRV - [2005-08-22 16:29:16 | 000,004,608 | ---- | M] (NVIDIA Corporation.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nvport.sys -- (nvport) DRV - [2005-06-13 17:27:56 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {114F81E9-547A-4556-A160-C9F764A8F5FF} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{114F81E9-547A-4556-A160-C9F764A8F5FF}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.pl/ IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.vobis.pl/ IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.pl/ IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.vobis.pl/ IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-854245398-1364589140-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www1.delta-search.com/?affID=121845&babsrc=HP_ss&mntrId=D055001A703BD279 IE - HKU\S-1-5-21-854245398-1364589140-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.pl/ IE - HKU\S-1-5-21-854245398-1364589140-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ IE - HKU\S-1-5-21-854245398-1364589140-839522115-1004\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-854245398-1364589140-839522115-1004\..\SearchScopes,DefaultScope = {114F81E9-547A-4556-A160-C9F764A8F5FF} IE - HKU\S-1-5-21-854245398-1364589140-839522115-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-854245398-1364589140-839522115-1004\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www1.delta-search.com/?q={searchTerms}&affID=121845&babsrc=SP_ss&mntrId=D055001A703BD279 IE - HKU\S-1-5-21-854245398-1364589140-839522115-1004\..\SearchScopes\{114F81E9-547A-4556-A160-C9F764A8F5FF}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=2I7PRFD_plPL0536______ IE - HKU\S-1-5-21-854245398-1364589140-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www1.delta-search.com/?affID=121845&babsrc=HP_ss&mntrId=D055001A703BD279" FF - prefs.js..extensions.enabledAddons: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.12 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.0 FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.736 FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.0.8 FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.4 FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.6 FF - prefs.js..extensions.enabledItems: {d9284e50-81fc-11da-a72b-0800200c9a66}:7.6.10 FF - prefs.js..browser.search.selectedEngine: "Delta Search" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@comarch.com/NOL,version=3.0: C:\Program Files\Common Files\NOL3\npn30plugin.dll (COMARCH S.A.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2163: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2011-04-15 19:53:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2012-03-25 13:06:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F04D2D30-776C-4d02-8627-8E4385ECA58D}: C:\Documents and Settings\All Users\Application Data\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.3.0.26\coFFPlgn\ FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\IPSFFPlgn\ [2013-05-11 14:24:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\coFFPlgn\ [2013-05-25 08:28:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-02-26 11:37:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-02-23 22:38:34 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2012-03-25 13:06:09 | 000,000,000 | ---D | M] [2010-01-30 01:12:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\mozilla\Extensions [2013-04-14 17:40:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\mozilla\Firefox\Profiles\h32oumzw.default\extensions [2012-02-26 11:37:54 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\User\Application Data\mozilla\Firefox\Profiles\h32oumzw.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2010-05-03 20:28:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\User\Application Data\mozilla\Firefox\Profiles\h32oumzw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2013-04-14 17:40:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\mozilla\Firefox\Profiles\h32oumzw.default\extensions\ffxtlbr@babylon.com [2013-04-14 17:40:37 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Documents and Settings\User\Application Data\mozilla\Firefox\Profiles\h32oumzw.default\extensions\ffxtlbr@delta.com [2011-12-27 13:47:52 | 003,033,424 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\mozilla\firefox\profiles\h32oumzw.default\extensions\{d9284e50-81fc-11da-a72b-0800200c9a66}.xpi [2012-02-26 11:20:50 | 000,686,359 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\mozilla\firefox\profiles\h32oumzw.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-05-05 16:56:02 | 000,006,473 | ---- | M] () -- C:\Documents and Settings\User\Application Data\mozilla\firefox\profiles\h32oumzw.default\searchplugins\babylon.xml [2013-04-14 17:39:32 | 000,006,470 | ---- | M] () -- C:\Documents and Settings\User\Application Data\mozilla\firefox\profiles\h32oumzw.default\searchplugins\BrowserProtect.xml [2013-04-14 17:40:41 | 000,001,294 | ---- | M] () -- C:\Documents and Settings\User\Application Data\mozilla\firefox\profiles\h32oumzw.default\searchplugins\delta.xml [2011-12-10 13:09:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-02-26 11:37:44 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-08-30 13:32:10 | 000,290,816 | ---- | M] (COMARCH S.A.) -- C:\Program Files\mozilla firefox\plugins\npNOL3_ns8_mozilla.dll [2012-02-26 11:37:42 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2013-04-14 17:39:32 | 000,006,470 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2012-02-26 11:37:42 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-02-26 11:37:42 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-02-26 11:37:42 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-02-26 11:37:42 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-02-26 11:37:42 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Delta Search (Enabled) CHR - default_search_provider: search_url = http://www1.delta-search.com/?q={searchTerms}&affID=121845&babsrc=SP_ss&mntrId=D055001A703BD279 CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: http://www1.delta-search.com/?affID=121845&babsrc=HP_ss&mntrId=D055001A703BD279 CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\26.0.1410.64\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\26.0.1410.64\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Norton Confidential (Enabled) = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.4.6_0\npcoplgn.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.140.8 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll CHR - plugin: Java(TM) Platform SE 6 U14 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: YouTube = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Szukaj w Google = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Delta Toolbar = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.3_0\ CHR - Extension: Norton Identity Protection = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.3.19_0\ CHR - Extension: AT_CharlotteRonson = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\obakimnhgahiedhcjlcnohielmendpen\3_0\ CHR - Extension: Gmail = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2012-12-29 15:02:49 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.3.1.22\CoIEPlg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.3.1.22\IPS\IPSBHO.dll (Symantec Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.) O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.16.16\bh\delta.dll (Delta-search.com) O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.3.1.22\CoIEPlg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.16.16\deltaTlbr.dll (Delta-search.com) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-854245398-1364589140-839522115-1004\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found. O3 - HKU\S-1-5-21-854245398-1364589140-839522115-1004\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKU\S-1-5-21-854245398-1364589140-839522115-1004\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.3.1.22\CoIEPlg.dll (Symantec Corporation) O3 - HKU\S-1-5-21-854245398-1364589140-839522115-1004\..\Toolbar\WebBrowser: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files\Norton Identity Safe\Engine\2013.3.3.19\coieplg.dll (Symantec Corporation) O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) O4 - HKLM..\Run: [CTHelper] C:\windows\System32\CtHelper.exe (Creative Technology Ltd) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvMediaCenter] C:\windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKU\.DEFAULT..\Run: [Norton Download Manager{N360203122-SHPD-FSD33017}] C:\Program Files\Norton Management\Engine\3.2.0.19\ccSvcHst.exe (Symantec Corporation) O4 - HKU\S-1-5-18..\Run: [Norton Download Manager{N360203122-SHPD-FSD33017}] C:\Program Files\Norton Management\Engine\3.2.0.19\ccSvcHst.exe (Symantec Corporation) O4 - HKU\S-1-5-21-854245398-1364589140-839522115-1004..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKU\.DEFAULT..\RunOnce: [SetDefaultMIDI] C:\windows\MIDIDEF.EXE (Creative Technology Ltd) O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation) O4 - HKU\S-1-5-18..\RunOnce: [SetDefaultMIDI] C:\windows\MIDIDEF.EXE (Creative Technology Ltd) O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\hpqtra08.exe (Hewlett-Packard Co.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-854245398-1364589140-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-854245398-1364589140-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} http://www.caminova.net/en/downloads/getmodule.aspx?lang=pl (DjVuCtl Class) O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} https://mail.sebn.pl:8644/dwa85W.cab (IBM Lotus iNotes 8.5 Control) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1356796628703 (WUWebControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1341667964230 (MUWebControl Class) O16 - DPF: {76B8A0E5-2705-46E2-8793-7BF7B2E3BDA2} https://epuap.gov.pl/epuap-styles/others/signing_plugin_25/EpuapSign.cab (EpuapSignAX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: TidyCOM http://www.landwirtschaft-mlr.baden-wuerttemberg.de/webedit/TidyCOM.CAB (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2ECD5F1-62CA-4297-87DE-60DF246FAA3E}: DhcpNameServer = 192.168.1.1 192.168.1.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-01-16 23:42:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-05-25 12:06:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe [2013-05-19 13:19:53 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\User\Recent [2013-05-19 13:10:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google [2013-05-19 13:10:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Google [2013-05-19 13:10:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner [2013-05-19 13:10:05 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2013-05-19 13:09:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google [2013-05-19 13:09:07 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2013-05-11 14:23:24 | 000,142,496 | ---- | C] (Symantec Corporation) -- C:\windows\System32\drivers\SYMEVENT.SYS [2013-05-11 14:23:24 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec [2013-05-11 14:22:51 | 000,934,488 | R--- | C] (Symantec Corporation) -- C:\windows\System32\drivers\N360\1403010.016\SymEFA.sys [2013-05-11 14:22:51 | 000,602,712 | R--- | C] (Symantec Corporation) -- C:\windows\System32\drivers\N360\1403010.016\srtsp.sys [2013-05-11 14:22:51 | 000,394,656 | R--- | C] (Symantec Corporation) -- C:\windows\System32\drivers\N360\1403010.016\symtdi.sys [2013-05-11 14:22:51 | 000,367,704 | R--- | C] (Symantec Corporation) -- C:\windows\System32\drivers\N360\1403010.016\SymDS.sys [2013-05-11 14:22:51 | 000,350,368 | R--- | C] (Symantec Corporation) -- C:\windows\System32\drivers\N360\1403010.016\symtdiv.sys [2013-05-11 14:22:51 | 000,338,592 | R--- | C] (Symantec Corporation) -- C:\windows\System32\drivers\N360\1403010.016\symnets.sys [2013-05-11 14:22:51 | 000,175,264 | R--- | C] (Symantec Corporation) -- C:\windows\System32\drivers\N360\1403010.016\Ironx86.sys [2013-05-11 14:22:51 | 000,134,304 | R--- | C] (Symantec Corporation) -- C:\windows\System32\drivers\N360\1403010.016\ccSetx86.sys [2013-05-11 14:22:51 | 000,032,344 | R--- | C] (Symantec Corporation) -- C:\windows\System32\drivers\N360\1403010.016\srtspx.sys [2013-05-11 14:22:51 | 000,021,400 | R--- | C] (Symantec Corporation) -- C:\windows\System32\drivers\N360\1403010.016\SymELAM.sys [2013-05-11 14:22:35 | 000,000,000 | ---D | C] -- C:\windows\System32\drivers\N360 [2013-05-11 14:22:35 | 000,000,000 | ---D | C] -- C:\windows\System32\drivers\N360\1403010.016 [2013-05-11 14:22:33 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360 [2013-05-11 14:22:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Norton 360 [3 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ] [2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] [2 C:\Documents and Settings\User\*.tmp files -> C:\Documents and Settings\User\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-05-25 12:06:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe [2013-05-25 11:37:00 | 000,001,124 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1364589140-839522115-1004UA.job [2013-05-25 11:20:00 | 000,001,032 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2013-05-25 08:25:50 | 000,001,028 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2013-05-25 08:25:42 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat [2013-05-24 23:49:18 | 000,064,756 | ---- | M] () -- C:\windows\System32\DVCState-{00000007-00000000-00000001-00001102-00000005-00211102}.rfx [2013-05-24 23:49:18 | 000,053,968 | ---- | M] () -- C:\windows\System32\BMXStateBkp-{00000007-00000000-00000001-00001102-00000005-00211102}.rfx [2013-05-24 23:49:18 | 000,053,968 | ---- | M] () -- C:\windows\System32\BMXState-{00000007-00000000-00000001-00001102-00000005-00211102}.rfx [2013-05-24 23:49:18 | 000,001,080 | ---- | M] () -- C:\windows\System32\settingsbkup.sfm [2013-05-24 23:49:18 | 000,001,080 | ---- | M] () -- C:\windows\System32\settings.sfm [2013-05-24 22:37:00 | 000,001,072 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1364589140-839522115-1004Core.job [2013-05-24 21:23:45 | 000,002,206 | ---- | M] () -- C:\windows\System32\wpa.dbl [2013-05-19 22:58:01 | 000,000,262 | ---- | M] () -- C:\windows\tasks\EPUpdater.job [2013-05-19 13:10:06 | 000,000,688 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk [2013-05-17 19:50:10 | 000,637,400 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Smieci_01_07_13.pdf [2013-05-16 09:09:52 | 000,215,264 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2013-05-16 09:09:38 | 000,667,705 | ---- | M] () -- C:\windows\System32\drivers\N360\1403010.016\Cat.DB [2013-05-16 00:18:22 | 000,516,366 | ---- | M] () -- C:\windows\System32\perfh009.dat [2013-05-16 00:18:22 | 000,100,986 | ---- | M] () -- C:\windows\System32\perfc009.dat [2013-05-11 14:23:24 | 000,142,496 | ---- | M] (Symantec Corporation) -- C:\windows\System32\drivers\SYMEVENT.SYS [2013-05-11 14:23:24 | 000,007,446 | ---- | M] () -- C:\windows\System32\drivers\SYMEVENT.CAT [2013-05-11 14:23:24 | 000,000,806 | ---- | M] () -- C:\windows\System32\drivers\SYMEVENT.INF [2013-05-11 14:23:14 | 000,001,825 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK [2013-05-11 14:12:48 | 000,000,766 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Pliki instalacyjne Norton.lnk [2013-05-07 06:27:31 | 006,015,488 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dllcache\mshtml.dll [2013-05-06 06:45:04 | 000,644,096 | ---- | M] () -- C:\Documents and Settings\User\Desktop\mikroSUBIEKT.iar [2013-05-06 06:45:04 | 000,010,752 | ---- | M] () -- C:\Documents and Settings\User\Desktop\mikroSUBIEKT.i01 [3 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ] [2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] [2 C:\Documents and Settings\User\*.tmp files -> C:\Documents and Settings\User\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-05-19 13:10:06 | 000,000,688 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk [2013-05-19 13:09:11 | 000,001,032 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2013-05-19 13:09:10 | 000,001,028 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2013-05-17 19:50:10 | 000,637,400 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Smieci_01_07_13.pdf [2013-05-11 14:46:05 | 000,014,818 | ---- | C] () -- C:\windows\System32\drivers\N360\1403010.016\VT20130115.021 [2013-05-11 14:23:30 | 000,667,705 | ---- | C] () -- C:\windows\System32\drivers\N360\1403010.016\Cat.DB [2013-05-11 14:23:24 | 000,007,446 | ---- | C] () -- C:\windows\System32\drivers\SYMEVENT.CAT [2013-05-11 14:23:24 | 000,000,806 | ---- | C] () -- C:\windows\System32\drivers\SYMEVENT.INF [2013-05-11 14:23:14 | 000,001,825 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK [2013-05-11 14:22:35 | 000,014,818 | R--- | C] () -- C:\windows\System32\drivers\N360\1403010.016\SymVTcer.dat [2013-05-11 14:22:35 | 000,009,670 | R--- | C] () -- C:\windows\System32\drivers\N360\1403010.016\SymELAM.cat [2013-05-11 14:22:35 | 000,007,877 | R--- | C] () -- C:\windows\System32\drivers\N360\1403010.016\symnetv.cat [2013-05-11 14:22:35 | 000,007,611 | R--- | C] () -- C:\windows\System32\drivers\N360\1403010.016\ccsetx86.cat [2013-05-11 14:22:35 | 000,007,601 | R--- | C] () -- C:\windows\System32\drivers\N360\1403010.016\SymNet.cat [2013-05-11 14:22:35 | 000,007,593 | R--- | C] () -- C:\windows\System32\drivers\N360\1403010.016\iron.cat [2013-05-11 14:22:35 | 000,007,583 | R--- | C] () -- C:\windows\System32\drivers\N360\1403010.016\SymEFA.cat [2013-05-11 14:22:35 | 000,007,581 | R--- | C] () -- C:\windows\System32\drivers\N360\1403010.016\srtspx.cat [2013-05-11 14:22:35 | 000,007,577 | R--- | C] () -- C:\windows\System32\drivers\N360\1403010.016\SymDS.cat [2013-05-11 14:22:35 | 000,007,577 | R--- | C] () -- C:\windows\System32\drivers\N360\1403010.016\srtsp.cat [2013-05-11 14:22:35 | 000,003,434 | R--- | C] () -- C:\windows\System32\drivers\N360\1403010.016\SymEFA.inf [2013-05-11 14:22:35 | 000,002,852 | R--- | C] () -- C:\windows\System32\drivers\N360\1403010.016\SymDS.inf [2013-05-11 14:22:35 | 000,001,468 | R--- | C] () -- C:\windows\System32\drivers\N360\1403010.016\SymNetV.inf [2013-05-11 14:22:35 | 000,001,440 | R--- | C] () -- C:\windows\System32\drivers\N360\1403010.016\SymNet.inf [2013-05-11 14:22:35 | 000,001,389 | R--- | C] () -- C:\windows\System32\drivers\N360\1403010.016\srtspx.inf [2013-05-11 14:22:35 | 000,001,389 | R--- | C] () -- C:\windows\System32\drivers\N360\1403010.016\srtsp.inf [2013-05-11 14:22:35 | 000,000,996 | R--- | C] () -- C:\windows\System32\drivers\N360\1403010.016\symELAM.inf [2013-05-11 14:22:35 | 000,000,827 | R--- | C] () -- C:\windows\System32\drivers\N360\1403010.016\ccSetx86.inf [2013-05-11 14:22:35 | 000,000,737 | R--- | C] () -- C:\windows\System32\drivers\N360\1403010.016\Iron.inf [2013-05-11 14:22:35 | 000,000,172 | ---- | C] () -- C:\windows\System32\drivers\N360\1403010.016\isolate.ini [2013-04-19 22:58:05 | 000,114,176 | ---- | C] () -- C:\Documents and Settings\User\Application Data\BabMaint.exe [2013-04-13 07:42:08 | 001,072,544 | ---- | C] () -- C:\windows\System32\nvdrsdb0.bin [2013-04-13 07:42:07 | 001,072,544 | ---- | C] () -- C:\windows\System32\nvdrsdb1.bin [2013-04-13 07:42:07 | 000,000,001 | ---- | C] () -- C:\windows\System32\nvdrssel.bin [2013-03-31 15:13:38 | 000,000,706 | RHS- | C] () -- C:\Documents and Settings\User\ntuser.pol [2013-02-08 23:49:37 | 000,114,992 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2013-02-08 05:03:08 | 002,816,504 | ---- | C] () -- C:\windows\System32\nvdata.data [2012-12-29 14:15:23 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe [2012-12-29 14:15:23 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe [2012-12-29 14:15:23 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe [2012-12-29 14:15:23 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe [2012-12-29 14:15:23 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe [2012-03-25 13:02:33 | 000,156,995 | ---- | C] () -- C:\windows\hpoins34.dat [2012-03-25 13:02:33 | 000,000,404 | ---- | C] () -- C:\windows\hpomdl34.dat [2012-03-25 11:27:26 | 000,000,000 | ---- | C] () -- C:\windows\hpqEmlSz.INI [2012-03-25 11:20:22 | 000,000,227 | ---- | C] () -- C:\windows\HP_CounterReport_Update_HPSU.ini [2012-03-25 11:20:02 | 000,000,221 | ---- | C] () -- C:\windows\HP_RedboxHprblog_HPSU.ini [2012-03-25 10:32:47 | 000,156,884 | ---- | C] () -- C:\windows\hpoins34.dat.temp [2012-02-15 15:24:03 | 000,003,072 | ---- | C] () -- C:\windows\System32\iacenc.dll [2011-12-27 12:33:20 | 000,045,056 | ---- | C] () -- C:\windows\System32\UTSCSI.EXE [2011-12-10 13:08:24 | 000,000,406 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol [2011-09-05 11:28:16 | 000,110,592 | ---- | C] () -- C:\windows\System32\FsUsbExDevice.Dll [2011-09-05 11:28:16 | 000,036,608 | ---- | C] () -- C:\windows\System32\FsUsbExDisk.Sys [2011-09-05 11:28:05 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\User\Application Data\$_hpcst$.hpc [2010-03-22 11:41:26 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-01-17 02:55:22 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\fusioncache.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2010-01-16 23:40:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2009-10-29 07:38:22 | 001,509,888 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-02-09 14:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008-04-14 02:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2012-06-07 10:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2013-04-14 17:39:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon [2013-05-13 19:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BrowserProtect [2012-09-26 22:24:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canon IJ Network Tool [2012-09-26 22:16:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ [2012-09-26 22:29:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonEPP [2012-09-26 22:31:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJ [2012-09-30 15:43:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV [2013-02-03 16:09:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX [2012-09-26 22:29:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX2 [2012-10-07 16:19:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJETV [2012-09-26 22:24:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJFAX [2012-10-07 20:03:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter [2013-05-12 20:02:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM [2012-09-27 06:28:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan [2012-09-30 11:52:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSDU [2012-09-26 22:29:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenuEX [2012-10-07 16:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJWSpt [2010-01-30 20:30:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InsERT [2011-04-15 19:51:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations [2013-03-31 12:22:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite [2010-01-23 00:22:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings [2011-09-05 11:28:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung [2010-01-22 23:55:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} [2010-02-05 22:03:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B} [2010-02-05 22:03:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\Gadu-Gadu [2010-02-05 22:03:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\TransEngPol4 [2013-04-14 17:41:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\BabSolution [2013-04-14 17:39:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Babylon [2012-09-27 06:28:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Canon [2012-09-26 22:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Canon Easy-WebPrint EX [2013-01-06 22:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\cld3-lookup [2013-04-14 17:46:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Delta [2013-02-09 18:27:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\ElevatedDiagnostics [2013-03-24 12:57:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\EssentialGrammarInUse [2010-03-18 23:27:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\maxup [2011-04-15 20:02:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Nokia [2012-04-06 22:40:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\OpenOffice.org [2011-12-27 13:28:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\OTi [2011-04-15 19:53:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\PC Suite [2013-04-01 15:00:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Pixmantec [2011-12-27 13:28:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\PLAux [2011-04-24 20:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\ProtectDISC [2011-09-05 11:27:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Samsung [2012-04-06 22:15:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\StarOffice8 [2010-03-14 19:15:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Tific [2011-04-24 20:30:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\TransDeu3 [2011-04-24 20:30:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\TransDeu4 [2011-04-24 20:37:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\TransEngPol51 [2013-05-05 23:39:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\TransEngPol70 [color=#E56717]========== Purity Check ==========[/color] < End of report >