OTL logfile created on: 2013-07-26 15:37:35 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1,96 Gb Total Physical Memory | 1,09 Gb Available Physical Memory | 55,82% Memory free
3,81 Gb Paging File | 3,12 Gb Available in Paging File | 82,01% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52,19 Gb Total Space | 11,69 Gb Free Space | 22,40% Space Free | Partition Type: NTFS
Drive E: | 48,83 Gb Total Space | 4,39 Gb Free Space | 8,98% Space Free | Partition Type: NTFS
Drive F: | 97,65 Gb Total Space | 79,66 Gb Free Space | 81,58% Space Free | Partition Type: NTFS
Drive G: | 99,41 Gb Total Space | 65,32 Gb Free Space | 65,71% Space Free | Partition Type: NTFS
 
Computer Name: NNB0405-1794 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013-07-26 15:36:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2013-07-26 12:59:54 | 000,377,856 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\1ttb7vru.exe
PRC - [2013-07-04 08:05:00 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013-01-14 13:35:18 | 000,825,456 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\Endpoint Connect\TrGUI.exe
PRC - [2013-01-14 13:35:16 | 004,855,928 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
PRC - [2012-03-04 12:34:20 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2010-09-23 16:46:16 | 003,154,432 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Program Files\Cobian Backup 10\cbInterface.exe
PRC - [2010-09-23 16:46:14 | 000,421,376 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Program Files\Cobian Backup 10\Cobian.exe
PRC - [2010-04-23 01:46:00 | 001,831,024 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2010-04-16 22:06:00 | 001,881,368 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
PRC - [2010-04-16 22:01:00 | 001,459,528 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
PRC - [2010-01-25 17:35:56 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2010-01-25 17:35:30 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2009-06-03 16:16:42 | 000,207,400 | ---- | M] (ActivIdentity) -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
PRC - [2009-06-03 16:16:34 | 000,153,640 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\acevents.exe
PRC - [2009-06-03 16:13:28 | 000,400,936 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
PRC - [2009-06-03 16:13:04 | 000,130,600 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
PRC - [2009-06-01 10:26:34 | 000,136,192 | ---- | M] (HP) -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
PRC - [2008-09-05 11:51:58 | 000,544,768 | ---- | M] (Fujitsu Siemens Computers) -- C:\Program Files\Common Files\Fujitsu Siemens Computers\Manageability\HaMDevMg.exe\1.00\HaMDevMg.exe
PRC - [2008-07-17 09:26:00 | 000,143,360 | ---- | M] (Fujitsu Siemens Computers) -- C:\Program Files\Fujitsu Siemens Computers\Mobile Software Suite\Common\UiMdmTip\UIMdmTip.exe
PRC - [2008-07-17 09:17:12 | 000,331,776 | ---- | M] (Fujitsu Siemens Computers) -- C:\Program Files\Common Files\Fujitsu Siemens Computers\Manageability\CnMdKHkH.exe\1.00\CnMdKHkH.exe
PRC - [2008-05-07 18:41:14 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008-05-07 18:41:12 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008-04-15 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-03-14 14:09:56 | 002,938,184 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2008-03-07 22:24:30 | 002,577,736 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
PRC - [2008-03-07 10:26:36 | 000,316,744 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
PRC - [2008-01-22 21:13:08 | 000,288,072 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2008-01-09 11:38:44 | 000,288,072 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
PRC - [2007-10-29 15:30:14 | 000,278,528 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2007-10-04 19:39:42 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2007-09-28 17:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2006-03-04 17:40:30 | 000,882,176 | ---- | M] () -- C:\Program Files\Kalendarz XP\Kalendarz.exe
PRC - [2001-11-23 11:02:12 | 000,364,544 | ---- | M] (Common Group) -- C:\WINDOWS\twain_32\L3U16\WATCH.exe
PRC - [2001-08-24 11:18:06 | 000,045,056 | ---- | M] () -- C:\WINDOWS\Gtwatch.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013-07-26 12:59:54 | 000,377,856 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\1ttb7vru.exe
MOD - [2013-07-04 08:05:00 | 003,285,912 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013-05-10 09:57:54 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL
MOD - [2012-07-02 05:23:20 | 000,028,672 | ---- | M] () -- C:\Program Files\CheckPoint\Endpoint Connect\imageformats\qgif4.dll
MOD - [2012-07-01 19:03:28 | 005,705,728 | ---- | M] () -- C:\Program Files\CheckPoint\Endpoint Connect\QtGui4.dll
MOD - [2012-06-17 15:55:04 | 001,617,920 | ---- | M] () -- C:\Program Files\CheckPoint\Endpoint Connect\QtCore4.dll
MOD - [2009-03-02 07:40:04 | 012,509,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\67cfb70213562afe2ca9b9066764af3a\System.Web.ni.dll
MOD - [2009-03-02 07:39:54 | 000,233,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\193ac978af569ad9ee45110b359961b9\System.ServiceProcess.ni.dll
MOD - [2009-03-02 07:39:50 | 001,011,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\eee9b48577689e92db5a7b5c5de98d9b\System.Configuration.ni.dll
MOD - [2009-02-27 11:23:31 | 005,771,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\c98cb65a79cfccb44ea727ebe4593ede\System.Xml.ni.dll
MOD - [2009-02-27 11:23:25 | 013,193,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3d8c79c45aa674e43f075e2e66b8caf5\System.Windows.Forms.ni.dll
MOD - [2009-02-27 11:23:16 | 001,667,072 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e83aac37b2623f1a24c70979f31dd56\System.Drawing.ni.dll
MOD - [2009-02-27 11:22:57 | 008,265,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\ba0e3a22211ba7343e0116b051f2965a\System.ni.dll
MOD - [2009-02-27 11:22:38 | 011,722,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\32e6f703c114f3a971cbe706586e3655\mscorlib.ni.dll
MOD - [2009-02-27 11:22:19 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_pl_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2009-02-27 11:22:18 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009-02-27 11:21:53 | 000,299,008 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2009-02-27 11:21:53 | 000,131,072 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
MOD - [2006-03-04 17:40:30 | 000,882,176 | ---- | M] () -- C:\Program Files\Kalendarz XP\Kalendarz.exe
MOD - [2005-07-22 22:30:18 | 000,065,536 | ---- | M] () -- C:\WINDOWS\system32\TosCommAPI.dll
MOD - [2001-08-24 11:18:06 | 000,045,056 | ---- | M] () -- C:\WINDOWS\Gtwatch.exe
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\ArcaBit\ArcaUpdate\update.exe -- (AVUpdate)
SRV - File not found [Auto | Stopped] -- C:\Program Files\ArcaBit\Common\ArcaTasksService.exe -- (AVTasks2)
SRV - File not found [Auto | Stopped] -- C:\Program Files\ArcaBit\ArcaTools\arcabackup\ArcaBackupService.exe -- (AVBackup)
SRV - File not found [Auto | Stopped] -- C:\Program Files\ArcaBit\ArcaAgent\ArcaRemoteSvc.exe -- (ArcaRemoteService)
SRV - File not found [Auto | Stopped] -- C:\Program Files\ArcaBit\ArcaVir\ArcaMainSV.exe -- (ABMainSV)
SRV - File not found [Auto | Stopped] -- C:\Program Files\ArcaBit\Common\ArcaConfSV.exe -- (ABConfSV)
SRV - [2013-07-26 05:46:59 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-01-14 13:35:16 | 004,855,928 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\Endpoint Connect\TracSrvWrapper.exe -- (TracSrvWrapper)
SRV - [2012-03-04 12:34:20 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011-10-27 11:34:30 | 000,718,384 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-04-23 01:46:00 | 001,831,024 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2010-04-16 22:06:00 | 001,881,368 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2010-04-01 21:47:00 | 000,349,512 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
SRV - [2010-02-17 11:53:18 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2010-01-25 17:35:30 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2010-01-25 17:35:30 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2009-06-03 16:16:42 | 000,207,400 | ---- | M] (ActivIdentity) [Auto | Running] -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe -- (ac.sharedstore)
SRV - [2009-06-01 10:26:34 | 000,136,192 | ---- | M] (HP) [Auto | Running] -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2008-09-05 11:51:58 | 000,544,768 | ---- | M] (Fujitsu Siemens Computers) [Auto | Running] -- C:\Program Files\Common Files\Fujitsu Siemens Computers\Manageability\HaMDevMg.exe\1.00\HaMDevMg.exe -- (HaMDevMg.1.00)
SRV - [2008-05-07 18:41:14 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007-09-28 17:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\win32x.sys -- (win32x)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\ArcaBit\ArcaVir\ps_drv.sys -- (ps_drv)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\kwldraob.sys -- (kwldraob)
DRV - File not found [Kernel | Auto | Stopped] -- System32\Drivers\e4ldr.sys -- (IKANLOADER2)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\e4usbaw.sys -- (e4usbaw)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\actrpcsc.sys -- (Actrpcsc)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\ArcaBit\ArcaVir\ABTDI.sys -- (ABTDI)
DRV - File not found [File_System | On_Demand | Stopped] -- C:\Program Files\ArcaBit\ArcaVir\ABFLT.sys -- (ABFLT)
DRV - [2013-07-16 09:25:44 | 001,611,992 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20130725.023\NAVEX15.SYS -- (NAVEX15)
DRV - [2013-07-16 09:25:44 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20130725.023\NAVENG.SYS -- (NAVENG)
DRV - [2013-03-18 14:20:34 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013-03-14 13:41:26 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2013-03-14 13:41:26 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013-01-09 11:01:48 | 000,546,520 | ---- | M] (Check Point Software Technologies Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2012-10-02 23:32:22 | 000,174,056 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wpshelper.sys -- (WpsHelper)
DRV - [2011-02-21 17:56:58 | 000,037,968 | ---- | M] (ArcaBit) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\abndis.sys -- (ABndisMP)
DRV - [2011-02-21 17:56:58 | 000,037,968 | ---- | M] (ArcaBit) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\abndis.sys -- (ABndis)
DRV - [2010-04-16 22:06:00 | 000,097,096 | ---- | M] (Symantec Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\SysPlant.sys -- (SysPlant)
DRV - [2010-04-16 22:03:00 | 000,043,336 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\WPSDRVnt.sys -- (WPS)
DRV - [2010-03-08 13:59:14 | 000,320,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2010-03-08 13:59:14 | 000,283,184 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2010-03-08 13:59:14 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2009-12-28 13:42:00 | 000,067,472 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Teefer2.sys -- (Teefer2)
DRV - [2009-12-18 16:42:12 | 000,421,424 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2009-12-02 17:02:10 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2009-09-28 11:46:18 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2009-09-03 17:03:48 | 000,188,080 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\symtdi.sys -- (SYMTDI)
DRV - [2009-09-03 17:03:48 | 000,026,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\symredrv.sys -- (SYMREDRV)
DRV - [2009-06-04 19:57:03 | 000,000,000 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\cb4ec15.sys -- (cb4ec15)
DRV - [2009-05-29 12:34:08 | 000,046,848 | ---- | M] (ActivIdentity) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ActU3_2K.sys -- (ActivIdentity USB Reader V3)
DRV - [2009-05-29 12:34:00 | 000,016,472 | ---- | M] (ActivCard S.A.) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\ACTR.SYS -- (ACTR)
DRV - [2009-05-29 12:33:58 | 000,014,639 | ---- | M] (ActivIdentity) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aksbus.sys -- (aksbus)
DRV - [2009-05-29 12:33:58 | 000,013,619 | ---- | M] (ActivCard) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\akbus.sys -- (akbus)
DRV - [2009-05-29 12:33:58 | 000,010,193 | ---- | M] (ActivIdentity) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\akspcsc.sys -- (akspcsc)
DRV - [2009-05-29 12:33:58 | 000,009,493 | ---- | M] (ActivCard) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\akpcsc.sys -- (akpcsc)
DRV - [2009-02-15 17:39:22 | 000,129,304 | ---- | M] (Check Point Software Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vnaap.sys -- (vna_ap)
DRV - [2008-08-26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-07-24 19:02:44 | 004,749,824 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008-07-08 12:05:36 | 000,015,232 | ---- | M] (Inventec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\FSCSLII.sys -- (FSCSLII)
DRV - [2008-06-26 07:15:34 | 003,630,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32)
DRV - [2008-06-11 19:51:58 | 000,012,160 | ---- | M] (Fujitsu Siemens Computers) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\FscGabi.sys -- (FscGabi)
DRV - [2008-04-23 01:00:00 | 000,244,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1y5132.sys -- (e1yexpress)
DRV - [2008-04-14 00:04:34 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3SavageNB)
DRV - [2008-03-25 17:24:22 | 000,131,712 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2008-03-25 14:54:02 | 000,041,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2008-03-19 12:38:24 | 000,074,112 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2008-01-22 21:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2007-12-24 10:18:48 | 000,068,696 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\oz776.sys -- (guardian2)
DRV - [2007-11-29 10:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007-10-18 15:25:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007-10-02 12:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007-04-04 20:16:20 | 000,041,216 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2005-07-28 08:18:40 | 000,685,056 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2005-07-20 18:08:28 | 000,100,096 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aksusb.sys -- (aksusb)
DRV - [2005-07-20 18:08:26 | 000,327,808 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\akshasp.sys -- (akshasp)
DRV - [2005-07-11 19:58:00 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Toshidpt.sys -- (toshidpt)
DRV - [2005-01-07 06:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2001-08-27 10:09:14 | 000,018,120 | ---- | M] (   ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gt681x.sys -- (GT681x)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=2&systemid=410&sr=0&q={searchTerms}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1258824510-3303949563-3469234235-57623\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
IE - HKU\S-1-5-21-1258824510-3303949563-3469234235-57623\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-1258824510-3303949563-3469234235-57623\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-1258824510-3303949563-3469234235-63062\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/
IE - HKU\S-1-5-21-1258824510-3303949563-3469234235-63062\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1258824510-3303949563-3469234235-63062\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1258824510-3303949563-3469234235-63062\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ironto&s={searchTerms}&f=4
IE - HKU\S-1-5-21-1258824510-3303949563-3469234235-63062\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=20AF54926C2FCD17&affID=119357&tt=250613_gr2&tsp=4927
IE - HKU\S-1-5-21-1258824510-3303949563-3469234235-63062\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-4203109118-277277986-2428271543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=119370&babsrc=HP_ss&mntrId=20afa2f90000000000000016eae36f40
IE - HKU\S-1-5-21-4203109118-277277986-2428271543-500\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
IE - HKU\S-1-5-21-4203109118-277277986-2428271543-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4203109118-277277986-2428271543-500\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=119370&babsrc=SP_ss&mntrId=20afa2f90000000000000016eae36f40
IE - HKU\S-1-5-21-4203109118-277277986-2428271543-500\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=2&systemid=410&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-4203109118-277277986-2428271543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-07-04 08:04:52 | 000,000,000 | ---D | M]
 
[2012-11-09 08:03:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions
[2013-02-12 10:49:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\u9ajkrbg.default\extensions
[2012-11-08 12:58:46 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\u9ajkrbg.default\searchplugins\Search_Results.xml
[2013-07-04 08:04:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013-07-04 08:04:51 | 000,000,000 | ---D | M] (ArcaBit Ext.) -- C:\Program Files\Mozilla Firefox\extensions\arcabit@www.arcabit.pl
[2013-07-04 08:04:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013-07-04 08:05:00 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013-02-12 10:47:46 | 000,002,313 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012-11-08 12:58:46 | 000,002,515 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
 
O1 HOSTS File: ([2008-04-15 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ABRegmon] C:\Program Files\ArcaBit\ArcaVir\ABregmon.exe File not found
O4 - HKLM..\Run: [accrdsub] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [acevents] C:\Program Files\ActivIdentity\ActivClient\acevents.exe (ActivIdentity)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AvMenu] C:\Program Files\ArcaBit\ArcaVir\AVMenu.exe File not found
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Check Point VPN] C:\Program Files\CheckPoint\Endpoint Connect\TrGui.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [Cobian Backup 10] C:\Program Files\Cobian Backup 10\Cobian.exe (Luis Cobian, CobianSoft)
O4 - HKLM..\Run: [COMImpersonator] C:\Program Files\Fujitsu Siemens Computers\Mobile Software Suite\Common\UiMdmTip\UIMdmTip.exe (Fujitsu Siemens Computers)
O4 - HKLM..\Run: [Gtwatch] C:\WINDOWS\Gtwatch.exe ()
O4 - HKLM..\Run: [HPUsageTrackingLEDM] C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre7\bin\jusched.exe" File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ActivClient Agent.lnk = C:\Program Files\ActivIdentity\ActivClient\acsagent.exe (ActivIdentity)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Kalendarz XP.lnk = C:\Program Files\Kalendarz XP\Kalendarz.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Watch.lnk = C:\WINDOWS\twain_32\L3U16\WATCH.exe (Common Group)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\New Windows present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1258824510-3303949563-3469234235-57623\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1258824510-3303949563-3469234235-63062\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4203109118-277277986-2428271543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Wyślij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ArcaVir >> - {40525A66-DB98-480D-BCF9-7AF88C1AF438} - C:\Program Files\ArcaBit\WebExtensions\ie\ArcaIEExt.dll File not found
O9 - Extra 'Tools' menuitem : ArcaVir >> - {40525A66-DB98-480D-BCF9-7AF88C1AF438} - C:\Program Files\ArcaBit\WebExtensions\ie\ArcaIEExt.dll File not found
O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: lasy.gov.pl ([]* in Lokalny intranet)
O15 - HKLM\..Trusted Domains: lasy.gov.pl ([zasoby] * in Lokalny intranet)
O15 - HKLM\..Trusted Domains: microsoft.com ([]* in Zaufane witryny)
O15 - HKLM\..Trusted Domains: pro.net.pl ([serwis] * in Lokalny intranet)
O15 - HKLM\..Trusted Domains: windowsupdate.com ([]* in Zaufane witryny)
O15 - HKLM\..Trusted Ranges: Range1 ([*] in Lokalny intranet)
O15 - HKLM\..Trusted Ranges: Range2 ([*] in Lokalny intranet)
O15 - HKLM\..Trusted Ranges: Range3 ([*] in Lokalny intranet)
O15 - HKLM\..Trusted Ranges: Range4 ([*] in Lokalny intranet)
O15 - HKLM\..Trusted Ranges: Range5 ([*] in Lokalny intranet)
O15 - HKU\S-1-5-21-1258824510-3303949563-3469234235-57623\..Trusted Domains: lasy.gov.pl ([]* in Lokalny intranet)
O15 - HKU\S-1-5-21-1258824510-3303949563-3469234235-57623\..Trusted Domains: lasy.gov.pl ([zasoby] * in Lokalny intranet)
O15 - HKU\S-1-5-21-1258824510-3303949563-3469234235-57623\..Trusted Domains: microsoft.com ([]* in Zaufane witryny)
O15 - HKU\S-1-5-21-1258824510-3303949563-3469234235-57623\..Trusted Domains: pro.net.pl ([serwis] * in Lokalny intranet)
O15 - HKU\S-1-5-21-1258824510-3303949563-3469234235-57623\..Trusted Domains: windowsupdate.com ([]* in Zaufane witryny)
O15 - HKU\S-1-5-21-1258824510-3303949563-3469234235-57623\..Trusted Ranges: Range1 ([*] in Lokalny intranet)
O15 - HKU\S-1-5-21-1258824510-3303949563-3469234235-57623\..Trusted Ranges: Range2 ([*] in Lokalny intranet)
O15 - HKU\S-1-5-21-1258824510-3303949563-3469234235-57623\..Trusted Ranges: Range3 ([*] in Lokalny intranet)
O15 - HKU\S-1-5-21-1258824510-3303949563-3469234235-57623\..Trusted Ranges: Range4 ([*] in Lokalny intranet)
O15 - HKU\S-1-5-21-1258824510-3303949563-3469234235-57623\..Trusted Ranges: Range5 ([*] in Lokalny intranet)
O15 - HKU\S-1-5-21-1258824510-3303949563-3469234235-63062\..Trusted Domains: lasy.gov.pl ([]* in Lokalny intranet)
O15 - HKU\S-1-5-21-1258824510-3303949563-3469234235-63062\..Trusted Domains: lasy.gov.pl ([zasoby] * in Lokalny intranet)
O15 - HKU\S-1-5-21-1258824510-3303949563-3469234235-63062\..Trusted Domains: microsoft.com ([]* in Zaufane witryny)
O15 - HKU\S-1-5-21-1258824510-3303949563-3469234235-63062\..Trusted Domains: pro.net.pl ([serwis] * in Lokalny intranet)
O15 - HKU\S-1-5-21-1258824510-3303949563-3469234235-63062\..Trusted Domains: windowsupdate.com ([]* in Zaufane witryny)
O15 - HKU\S-1-5-21-1258824510-3303949563-3469234235-63062\..Trusted Ranges: Range1 ([*] in Lokalny intranet)
O15 - HKU\S-1-5-21-1258824510-3303949563-3469234235-63062\..Trusted Ranges: Range2 ([*] in Lokalny intranet)
O15 - HKU\S-1-5-21-1258824510-3303949563-3469234235-63062\..Trusted Ranges: Range3 ([*] in Lokalny intranet)
O15 - HKU\S-1-5-21-1258824510-3303949563-3469234235-63062\..Trusted Ranges: Range4 ([*] in Lokalny intranet)
O15 - HKU\S-1-5-21-1258824510-3303949563-3469234235-63062\..Trusted Ranges: Range5 ([*] in Lokalny intranet)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.244.6.75 194.204.159.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ad.lasy.gov.pl
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B8E0063-77EB-4BC9-8F09-5519649DD7AE}: DhcpNameServer = 212.244.6.75 194.204.159.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A99310CC-9D13-4BE0-95D8-5271EDD18F08}: NameServer = 10.0.0.38,10.0.0.40
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F15F951D-A7FC-4A55-B81C-B1DF9E5463CF}: NameServer = 10.0.0.38,10.0.0.40
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ackpbsc: DllName - (C:\Program Files\ActivIdentity\ActivClient\ackpbsc.dll) - C:\Program Files\ActivIdentity\ActivClient\ackpbsc.dll (ActivIdentity)
O20 - Winlogon\Notify\acunlock: DllName - (C:\Program Files\ActivIdentity\ActivClient\acunlock.dll) - C:\Program Files\ActivIdentity\ActivClient\acunlock.dll (ActivIdentity)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\fsc_back.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\fsc_back.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-06-23 23:20:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012-10-18 07:54:15 | 000,058,816 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013-07-25 20:31:21 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IECompatCache
[2013-07-04 08:04:50 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013-07-26 15:39:00 | 000,000,486 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{1173BF4D-93F3-40AA-9479-E6E1CC306CDE}.job
[2013-07-26 14:01:02 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013-07-26 12:54:12 | 000,000,715 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Bluetooth Manager.lnk
[2013-07-26 12:51:46 | 008,405,015 | ---- | M] () -- C:\WINDOWS\TempFile
[2013-07-26 12:51:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-07-26 12:51:13 | 2106,339,328 | -HS- | M] () -- C:\hiberfil.sys
[2013-07-26 05:46:58 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013-07-26 05:46:58 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013-07-25 11:04:26 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013-07-25 10:44:58 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013-07-18 20:50:19 | 000,003,735 | ---- | M] () -- C:\WINDOWS\System32\DisconnectedPolicy.xml
[2013-06-28 14:11:13 | 000,000,478 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2013-06-28 14:11:05 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\EPUpdater.job
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013-06-28 14:10:55 | 000,000,256 | ---- | C] () -- C:\WINDOWS\tasks\EPUpdater.job
[2013-04-16 10:33:18 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\hsduinst.exe
[2013-02-26 16:00:48 | 000,000,478 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013-02-18 14:21:50 | 000,000,754 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2013-02-18 14:18:43 | 000,000,645 | ---- | C] () -- C:\WINDOWS\System32\hppapr14.dat
[2012-10-01 14:39:07 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Administrator\.rnd
[2012-10-01 14:38:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2012-04-19 08:16:24 | 000,000,619 | ---- | C] () -- C:\WINDOWS\System32\hppapr13.dat
[2011-12-01 15:24:42 | 000,000,394 | ---- | C] () -- C:\WINDOWS\capture.ini
[2011-08-17 12:32:16 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2010-09-17 13:10:06 | 000,000,054 | ---- | C] () -- C:\Documents and Settings\Administrator\default.pls
[2010-09-17 13:06:37 | 000,006,656 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-08-24 13:26:00 | 000,021,117 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2008-06-23 23:27:59 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2008-06-23 23:27:00 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-15 14:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2008-04-15 14:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-15 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010-09-15 08:30:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ArcaBit
[2013-02-12 10:44:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Babylon
[2013-02-18 12:02:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\BabylonToolbar
[2013-02-22 11:30:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\CheckPoint
[2012-11-08 12:58:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\FreeAudioPack
[2013-07-26 05:49:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Nokia
[2013-07-26 05:49:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Nokia Suite
[2011-11-10 12:04:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\PC Suite
[2010-09-01 08:59:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\TOSHIBA
[2013-04-02 12:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana.zyburtowicz\Dane aplikacji\CheckPoint
[2012-01-04 10:35:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ArcaBit
[2013-02-12 10:44:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon
[2012-11-08 15:31:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\boost_interprocess
[2011-11-10 12:00:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2011-11-10 11:37:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache
[2011-11-10 12:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2009-06-10 08:01:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\ArcaBit
[2010-09-21 09:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lukasz.mokrzynski\Dane aplikacji\ArcaBit
[2012-02-28 22:56:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lukasz.mokrzynski\Dane aplikacji\ArcaVirMicroScan
[2013-06-28 14:10:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lukasz.mokrzynski\Dane aplikacji\BabSolution
[2013-06-28 14:09:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lukasz.mokrzynski\Dane aplikacji\Babylon
[2013-02-22 11:34:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lukasz.mokrzynski\Dane aplikacji\CheckPoint
[2011-08-17 12:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lukasz.mokrzynski\Dane aplikacji\facemoods.com
[2011-11-10 14:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lukasz.mokrzynski\Dane aplikacji\Nokia
[2011-11-10 14:02:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lukasz.mokrzynski\Dane aplikacji\Nokia Suite
[2011-11-10 14:01:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lukasz.mokrzynski\Dane aplikacji\PC Suite
[2011-08-17 12:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lukasz.mokrzynski\Dane aplikacji\PDF Writer
[2012-11-08 13:03:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lukasz.mokrzynski\Dane aplikacji\searchqutoolbar
[2010-09-21 09:16:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lukasz.mokrzynski\Dane aplikacji\TOSHIBA
[2009-06-09 18:28:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Any Video Converter
[2010-08-02 10:09:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\ArcaBit
[2009-03-02 15:05:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\TOSHIBA
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >