OTL logfile created on: 2012-07-09 10:54:35 - Run 1 OTL by OldTimer - Version 3.2.53.1 Folder = C:\OTL Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,57 Gb Available Physical Memory | 85,64% Memory free 6,19 Gb Paging File | 5,95 Gb Available in Paging File | 96,16% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 290,08 Gb Total Space | 159,89 Gb Free Space | 55,12% Space Free | Partition Type: NTFS Drive D: | 8,01 Gb Total Space | 1,47 Gb Free Space | 18,40% Space Free | Partition Type: NTFS Drive F: | 3,94 Gb Total Space | 2,45 Gb Free Space | 62,35% Space Free | Partition Type: FAT32 Computer Name: LESZEK | User Name: Leszek | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-07-09 10:24:00 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\OTL\OTL.exe PRC - [2008-10-29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-06-26 07:50:38 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2011-01-18 20:40:28 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009-01-29 16:52:55 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service) SRV - [2008-06-27 17:53:08 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\AEstSrv.exe -- (AESTFilters) SRV - [2008-06-27 17:43:24 | 000,221,273 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\stacsv.exe -- (STacSV) SRV - [2008-04-27 23:26:44 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService) SRV - [2008-04-26 01:15:26 | 000,361,808 | ---- | M] () [Auto | Stopped] -- C:\Windows\SMINST\BLService.exe -- (Recovery Service for Windows) SRV - [2008-03-12 20:24:52 | 000,302,144 | ---- | M] (DigitalPersona, Inc.) [Auto | Stopped] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost) SRV - [2008-01-21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-05-31 10:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007-05-31 10:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard) DRV - [2010-02-10 10:42:41 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\Haspnt.sys -- (Haspnt) DRV - [2008-07-08 12:16:26 | 000,096,856 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR) DRV - [2008-06-27 17:44:18 | 000,380,928 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2008-05-14 04:09:00 | 007,443,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008-05-14 04:09:00 | 000,043,552 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2008-05-02 15:59:40 | 000,122,368 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2008-04-28 08:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Sterownik karty Intel(R) DRV - [2008-04-27 23:27:10 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x) DRV - [2008-03-27 13:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt) DRV - [2008-03-27 13:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2008-01-24 15:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir) DRV - [2008-01-21 04:23:26 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb) DRV - [2008-01-21 04:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV - [2007-06-18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2006-11-02 09:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD) DRV - [2006-07-24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2005-07-28 09:18:40 | 000,685,056 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\hardlock.sys -- (Hardlock) DRV - [2005-07-20 19:08:28 | 000,100,096 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aksusb.sys -- (aksusb) DRV - [2005-07-20 19:08:26 | 000,327,808 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\akshasp.sys -- (akshasp) DRV - [2005-06-17 12:20:20 | 000,119,424 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = {E9C4C973-0779-4094-98BE-89732F6D61CC} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{E9C4C973-0779-4094-98BE-89732F6D61CC}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1602&query={searchTerms}&invocationType=tb50hpcnnbie7-pl-pl IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1730995141-1902483144-1799612753-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-1730995141-1902483144-1799612753-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-1730995141-1902483144-1799612753-1000\..\SearchScopes,DefaultScope = {E9C4C973-0779-4094-98BE-89732F6D61CC} IE - HKU\S-1-5-21-1730995141-1902483144-1799612753-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\S-1-5-21-1730995141-1902483144-1799612753-1000\..\SearchScopes\{E9C4C973-0779-4094-98BE-89732F6D61CC}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1602&query={searchTerms}&invocationType=tb50hpcnnbie7-pl-pl IE - HKU\S-1-5-21-1730995141-1902483144-1799612753-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://o2.pl/" FF - prefs.js..extensions.enabledItems: FFToolbar@bitdefender.com:2.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Leszek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2012-05-30 08:22:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-06-26 07:50:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-05-16 08:45:42 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-06-26 07:50:39 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-05-16 08:45:42 | 000,000,000 | ---D | M] [2009-08-03 18:11:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Leszek\AppData\Roaming\mozilla\Extensions [2012-05-02 18:15:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Leszek\AppData\Roaming\mozilla\Firefox\Profiles\iyywy2ku.default\extensions [2010-05-25 14:36:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Leszek\AppData\Roaming\mozilla\Firefox\Profiles\iyywy2ku.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}(64) [2011-06-26 17:16:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-06-26 07:50:39 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2007-02-04 23:02:56 | 001,642,496 | ---- | M] (LizardTech) -- C:\Program Files\mozilla firefox\plugins\npdjvu.dll [2012-06-26 07:50:36 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-06-26 07:50:36 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-06-26 07:50:36 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-06-26 07:50:36 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-06-26 07:50:36 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-06-26 07:50:36 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O3 - HKU\S-1-5-21-1730995141-1902483144-1799612753-1000\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\blueconnect\DataCardMonitor.exe (Huawei Technologies Co., Ltd.) O4 - HKLM..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.) O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [WrtMon.exe] C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe () O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-1730995141-1902483144-1799612753-1000..\Run: [svbdsvzvmoqqxjg] C:\ProgramData\svbdsvzv.exe () O8 - Extra context menu item: &Wyszukiwarka na pasku narzędzi AOL - C:\ProgramData\AOL\ieToolbar\resources\pl-PL\local\search.html () O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll (Sun Microsystems, Inc.) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3EDA812B-3633-4CD6-9242-41A6E7DE4916}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{738E7C2B-E14E-466C-9B52-5CDC94B5889F}: DhcpNameServer = 172.20.1.8 172.20.1.15 10.128.0.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Leszek\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\Leszek\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-01-18 20:00:52 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{0d05151f-f9f2-11de-ac4f-001eecab3b34}\Shell - "" = Autorun O33 - MountPoints2\{0d05151f-f9f2-11de-ac4f-001eecab3b34}\Shell\AutoRun\command - "" = setup.exe O33 - MountPoints2\{0d051522-f9f2-11de-ac4f-001eecab3b34}\Shell - "" = AutoRun O33 - MountPoints2\{0d051522-f9f2-11de-ac4f-001eecab3b34}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{11774884-a4c1-11e0-92a8-002186c7cd20}\Shell\AutoRun\command - "" = F:\SamsungSoftware\APPInst.exe O33 - MountPoints2\{212cb02a-0313-11de-9821-002186c7cd20}\Shell\AutoRun\command - "" = F:\qxty9be.cmd O33 - MountPoints2\{212cb02a-0313-11de-9821-002186c7cd20}\Shell\open\Command - "" = F:\qxty9be.cmd O33 - MountPoints2\{24700d89-3977-11de-85d2-002186c7cd20}\Shell\AutoRun\command - "" = F:\e2.cmd O33 - MountPoints2\{24700d89-3977-11de-85d2-002186c7cd20}\Shell\open\Command - "" = F:\e2.cmd O33 - MountPoints2\{37a98be3-4ea2-11de-90ef-002186c7cd20}\Shell - "" = Autorun O33 - MountPoints2\{37a98be3-4ea2-11de-90ef-002186c7cd20}\Shell\AutoRun\command - "" = setup.exe O33 - MountPoints2\{37a98be6-4ea2-11de-90ef-002186c7cd20}\Shell - "" = AutoRun O33 - MountPoints2\{37a98be6-4ea2-11de-90ef-002186c7cd20}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O33 - MountPoints2\{408b23df-20b2-11df-8c5d-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{408b23df-20b2-11df-8c5d-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{408b242c-20b2-11df-8c5d-001eecab3b34}\Shell - "" = AutoRun O33 - MountPoints2\{408b242c-20b2-11df-8c5d-001eecab3b34}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{74073b1b-de42-11de-b715-002186c7cd20}\Shell\AutoRun\command - "" = F:\SamsungSoftware\APPInst.exe O33 - MountPoints2\{77f3a8c5-1c81-11df-bcb3-001eecab3b34}\Shell - "" = AutoRun O33 - MountPoints2\{77f3a8c5-1c81-11df-bcb3-001eecab3b34}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{83fe1554-204f-11df-a690-001eecab3b34}\Shell - "" = AutoRun O33 - MountPoints2\{83fe1554-204f-11df-a690-001eecab3b34}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{a1b0f890-20ae-11df-91ea-001eecab3b34}\Shell - "" = AutoRun O33 - MountPoints2\{a1b0f890-20ae-11df-91ea-001eecab3b34}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{a1b0f8a9-20ae-11df-91ea-001eecab3b34}\Shell - "" = AutoRun O33 - MountPoints2\{a1b0f8a9-20ae-11df-91ea-001eecab3b34}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{bf2d9b62-4c13-11de-83a8-002186c7cd20}\Shell - "" = Autorun O33 - MountPoints2\{bf2d9b62-4c13-11de-83a8-002186c7cd20}\Shell\AutoRun\command - "" = F:\setup.exe O33 - MountPoints2\{c2ee7fdd-5135-11de-9b2b-002186c7cd20}\Shell - "" = Autorun O33 - MountPoints2\{c2ee7fdd-5135-11de-9b2b-002186c7cd20}\Shell\AutoRun\command - "" = setup.exe O33 - MountPoints2\{c9d2b178-1b1a-11df-9c09-002186c7cd20}\Shell - "" = AutoRun O33 - MountPoints2\{c9d2b178-1b1a-11df-9c09-002186c7cd20}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{c9d2b18e-1b1a-11df-9c09-002186c7cd20}\Shell - "" = AutoRun O33 - MountPoints2\{c9d2b18e-1b1a-11df-9c09-002186c7cd20}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{dac705ab-1ba2-11df-87a2-001eecab3b34}\Shell - "" = AutoRun O33 - MountPoints2\{dac705ab-1ba2-11df-87a2-001eecab3b34}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{dbcbe887-21db-11df-be8f-001eecab3b34}\Shell - "" = AutoRun O33 - MountPoints2\{dbcbe887-21db-11df-be8f-001eecab3b34}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{e21212fe-20b6-11df-be79-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{e21212fe-20b6-11df-be79-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-07-09 10:45:47 | 000,000,000 | ---D | C] -- C:\OTL [2012-07-07 20:54:15 | 000,000,000 | ---D | C] -- C:\ProgramData\dyxpcziehjnbdog [2012-06-11 17:30:56 | 000,000,000 | ---D | C] -- C:\Users\Leszek\AppData\Roaming\Unity [2012-06-11 17:17:12 | 000,000,000 | ---D | C] -- C:\Users\Leszek\AppData\Local\Unity [2012-06-11 17:17:04 | 000,591,512 | ---- | C] (Unity Technologies ApS) -- C:\Users\Leszek\UnityWebPlayer.exe [2010-05-11 08:05:54 | 015,244,936 | ---- | C] (Microsoft Corporation) -- C:\Users\Leszek\IE8-WindowsVista-x86-PL-Kobieca-G3.exe [2010-03-22 19:58:04 | 002,860,862 | ---- | C] (Trimble ) -- C:\Users\Leszek\CFGUpdatev2010-03-04.exe [2009-01-08 21:06:00 | 003,063,561 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\MobileTV.exe [2009-01-08 21:05:59 | 002,989,660 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\DVD.exe [2009-01-08 21:05:59 | 002,864,396 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\MPV.exe [2009-01-08 21:05:59 | 002,331,174 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\Karaoke.exe [2009-01-08 21:05:58 | 002,231,606 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\Games.exe [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-07-09 10:53:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-07-09 10:51:14 | 004,456,448 | -HS- | M] () -- C:\Users\Leszek\ntuser.dat [2012-07-09 10:51:14 | 000,524,288 | -HS- | M] () -- C:\Users\Leszek\ntuser.dat{8815224d-aa19-11e1-957c-001eecab3b34}.TMContainer00000000000000000001.regtrans-ms [2012-07-09 10:51:14 | 000,065,536 | -HS- | M] () -- C:\Users\Leszek\ntuser.dat{8815224d-aa19-11e1-957c-001eecab3b34}.TM.blf [2012-07-09 10:25:58 | 001,468,980 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2012-07-09 10:25:58 | 000,661,070 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-07-09 10:25:58 | 000,586,568 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-07-09 10:25:58 | 000,126,324 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-07-09 10:25:58 | 000,100,640 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-07-09 09:59:22 | 004,573,972 | ---- | M] () -- C:\Users\Leszek\Desktop\ComboFix.exe [2012-07-09 09:59:05 | 000,042,654 | ---- | M] () -- C:\ProgramData\nvModes.001 [2012-07-09 09:57:06 | 000,042,654 | ---- | M] () -- C:\ProgramData\nvModes.dat [2012-07-09 09:56:42 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012-07-09 09:56:42 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012-07-09 09:56:39 | 008,405,015 | ---- | M] () -- C:\Windows\TempFile [2012-07-09 09:56:37 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2012-07-09 09:50:51 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{D7C28979-B712-4E99-9618-DE0A82D2E519}.job [2012-07-08 09:26:45 | 000,001,660 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012-07-07 20:54:16 | 000,000,051 | ---- | M] () -- C:\ProgramData\joxwdzbrptzgpyu [2012-07-07 20:54:10 | 000,095,744 | ---- | M] () -- C:\ProgramData\svbdsvzv.exe [2012-07-07 20:54:10 | 000,095,744 | ---- | M] () -- C:\Users\Leszek\ms.exe [2012-07-04 09:20:43 | 000,221,184 | ---- | M] () -- C:\Users\Leszek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-06-29 08:57:54 | 000,516,174 | ---- | M] () -- C:\Users\Leszek\Desktop\UMP2906.pdf [2012-06-29 08:18:04 | 000,616,131 | ---- | M] () -- C:\Users\Leszek\Desktop\FW__Ogrodzenia_-_pliki.zip [2012-06-26 08:27:27 | 000,428,621 | ---- | M] () -- C:\Users\Leszek\Desktop\Prosba_o_pilna_opinie.zip [2012-06-21 12:43:11 | 000,500,893 | ---- | M] () -- C:\Users\Leszek\Desktop\Ankieta_ASG_EUPOS.pdf [2012-06-15 08:43:47 | 000,911,943 | ---- | M] () -- C:\Users\Leszek\Desktop\projekt_barier.zip [2012-06-14 08:44:54 | 000,625,176 | ---- | M] () -- C:\Users\Leszek\Desktop\FW__wspolrzedne_rowow_rondo_rzedziany.zip [2012-06-12 09:25:35 | 000,699,724 | ---- | M] () -- C:\Users\Leszek\Desktop\2012_05_30 PP nowe WD-8.dwg [2012-06-11 17:17:06 | 000,591,512 | ---- | M] (Unity Technologies ApS) -- C:\Users\Leszek\UnityWebPlayer.exe [2012-06-11 13:00:07 | 000,302,850 | ---- | M] () -- C:\Users\Leszek\Desktop\FW__sciezka_3_od_6037_67_km_do_km_6422_33__sciezka.zip [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-07-09 10:08:41 | 004,573,972 | ---- | C] () -- C:\Users\Leszek\Desktop\ComboFix.exe [2012-07-07 20:54:16 | 000,095,744 | ---- | C] () -- C:\ProgramData\svbdsvzv.exe [2012-07-07 20:54:10 | 000,000,051 | ---- | C] () -- C:\ProgramData\joxwdzbrptzgpyu [2012-07-07 20:54:09 | 000,095,744 | ---- | C] () -- C:\Users\Leszek\ms.exe [2012-06-29 08:18:03 | 000,616,131 | ---- | C] () -- C:\Users\Leszek\Desktop\FW__Ogrodzenia_-_pliki.zip [2012-06-29 07:58:42 | 000,516,174 | ---- | C] () -- C:\Users\Leszek\Desktop\UMP2906.pdf [2012-06-26 08:27:26 | 000,428,621 | ---- | C] () -- C:\Users\Leszek\Desktop\Prosba_o_pilna_opinie.zip [2012-06-21 12:43:10 | 000,500,893 | ---- | C] () -- C:\Users\Leszek\Desktop\Ankieta_ASG_EUPOS.pdf [2012-06-15 08:43:46 | 000,911,943 | ---- | C] () -- C:\Users\Leszek\Desktop\projekt_barier.zip [2012-06-14 08:44:45 | 000,625,176 | ---- | C] () -- C:\Users\Leszek\Desktop\FW__wspolrzedne_rowow_rondo_rzedziany.zip [2012-06-12 08:53:51 | 000,699,744 | ---- | C] () -- C:\Users\Leszek\Desktop\2012_05_30 PP nowe WD-8.bak [2012-06-12 08:53:51 | 000,699,724 | ---- | C] () -- C:\Users\Leszek\Desktop\2012_05_30 PP nowe WD-8.dwg [2012-06-11 13:00:06 | 000,302,850 | ---- | C] () -- C:\Users\Leszek\Desktop\FW__sciezka_3_od_6037_67_km_do_km_6422_33__sciezka.zip [2012-06-04 08:45:11 | 000,171,802 | ---- | C] () -- C:\ProgramData\1338792216.bdinstall.bin [2012-06-04 08:43:36 | 000,031,305 | ---- | C] () -- C:\ProgramData\1338792215.bdinstall.bin [2012-06-04 08:36:43 | 000,085,977 | ---- | C] () -- C:\ProgramData\1338791157.bdinstall.bin [2012-06-04 08:25:57 | 000,031,332 | ---- | C] () -- C:\ProgramData\1338791156.bdinstall.bin [2012-05-31 09:15:17 | 000,520,156 | ---- | C] () -- C:\ProgramData\1338446764.bdinstall.bin [2012-05-31 08:35:55 | 000,222,089 | ---- | C] () -- C:\ProgramData\1338445997.bdinstall.bin [2012-05-31 08:28:50 | 000,085,678 | ---- | C] () -- C:\ProgramData\1338445707.bdinstall.bin [2012-05-31 08:28:27 | 000,031,329 | ---- | C] () -- C:\ProgramData\1338445706.bdinstall.bin [2012-05-30 08:58:55 | 000,477,216 | ---- | C] () -- C:\ProgramData\1338359560.bdinstall.bin [2012-05-30 07:43:17 | 000,524,288 | -HS- | C] () -- C:\Users\Leszek\ntuser.dat{8815224d-aa19-11e1-957c-001eecab3b34}.TMContainer00000000000000000002.regtrans-ms [2012-05-30 07:43:17 | 000,524,288 | -HS- | C] () -- C:\Users\Leszek\ntuser.dat{8815224d-aa19-11e1-957c-001eecab3b34}.TMContainer00000000000000000001.regtrans-ms [2012-05-30 07:43:17 | 000,065,536 | -HS- | C] () -- C:\Users\Leszek\ntuser.dat{8815224d-aa19-11e1-957c-001eecab3b34}.TM.blf [2011-09-13 13:26:12 | 000,000,038 | ---- | C] () -- C:\Windows\DnaGsiConverter.INI [2011-09-13 13:25:16 | 000,000,140 | ---- | C] () -- C:\Windows\Lfx240.INI [2011-05-19 15:21:36 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2011-05-19 15:01:28 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2011-02-23 12:17:12 | 000,000,144 | ---- | C] () -- C:\Windows\Aslan.INI [2011-01-13 15:58:14 | 000,000,100 | ---- | C] () -- C:\Windows\System32\SS0ELMON.dat [2011-01-13 15:58:02 | 000,163,932 | ---- | C] () -- C:\Windows\_isusr32.dll [2011-01-13 15:58:02 | 000,032,768 | ---- | C] () -- C:\Windows\System32\_isusr2k.dll [2011-01-12 11:31:01 | 000,114,520 | ---- | C] () -- C:\Users\Leszek\AppData\Roaming\GDIPFONTCACHEV1.DAT [2010-12-13 09:42:26 | 000,000,680 | ---- | C] () -- C:\Users\Leszek\AppData\Local\d3d9caps.dat [2010-10-26 09:23:15 | 000,010,132 | ---- | C] () -- C:\Users\Leszek\DZ8L.xml [2010-10-19 08:32:49 | 000,175,951 | ---- | C] () -- C:\Windows\hpwins25.dat.temp [2010-10-19 08:32:49 | 000,000,403 | ---- | C] () -- C:\Windows\hpwmdl25.dat.temp [2010-10-14 15:48:57 | 000,020,992 | ---- | C] () -- C:\Windows\jestertb.dll [2010-10-13 13:19:24 | 008,547,200 | ---- | C] () -- C:\Program Files\S8.dwt [2010-09-22 11:35:00 | 000,236,119 | ---- | C] () -- C:\Users\Leszek\788-biala woda-wilkasy-geodezja.pdf [2010-09-15 09:25:50 | 000,176,032 | ---- | C] () -- C:\Windows\hpwins25.dat [2010-08-31 07:33:42 | 000,524,288 | -HS- | C] () -- C:\Users\Leszek\ntuser.dat{3552c2dc-b4c1-11df-aa21-002186c7cd20}.TMContainer00000000000000000002.regtrans-ms [2010-08-31 07:33:42 | 000,524,288 | -HS- | C] () -- C:\Users\Leszek\ntuser.dat{3552c2dc-b4c1-11df-aa21-002186c7cd20}.TMContainer00000000000000000001.regtrans-ms [2010-08-31 07:33:42 | 000,065,536 | -HS- | C] () -- C:\Users\Leszek\ntuser.dat{3552c2dc-b4c1-11df-aa21-002186c7cd20}.TM.blf [2010-08-26 12:56:12 | 000,002,432 | ---- | C] () -- C:\Users\Leszek\AppData\Local\TempjU4308.html [2010-08-26 12:56:12 | 000,002,089 | ---- | C] () -- C:\Users\Leszek\AppData\Local\Tempom4308.html [2010-07-12 19:48:26 | 000,000,025 | ---- | C] () -- C:\Users\Leszek\AppData\Roaming\bdfvconp.ini [2010-07-06 13:38:59 | 000,253,148 | ---- | C] () -- C:\Users\Leszek\Czanoz12.jpg [2010-07-06 13:38:43 | 001,053,253 | ---- | C] () -- C:\Users\Leszek\Czanoz11.jpg [2010-06-14 10:20:03 | 000,524,288 | -HS- | C] () -- C:\Users\Leszek\ntuser.dat{47891bb9-7779-11df-8f5b-002186c7cd20}.TMContainer00000000000000000002.regtrans-ms [2010-06-14 10:20:03 | 000,524,288 | -HS- | C] () -- C:\Users\Leszek\ntuser.dat{47891bb9-7779-11df-8f5b-002186c7cd20}.TMContainer00000000000000000001.regtrans-ms [2010-06-14 10:20:03 | 000,065,536 | -HS- | C] () -- C:\Users\Leszek\ntuser.dat{47891bb9-7779-11df-8f5b-002186c7cd20}.TM.blf [2010-06-11 09:13:03 | 000,524,288 | -HS- | C] () -- C:\Users\Leszek\ntuser.dat{9b50f633-7528-11df-97bb-001eecab3b34}.TMContainer00000000000000000002.regtrans-ms [2010-06-11 09:13:03 | 000,524,288 | -HS- | C] () -- C:\Users\Leszek\ntuser.dat{9b50f633-7528-11df-97bb-001eecab3b34}.TMContainer00000000000000000001.regtrans-ms [2010-06-11 09:13:03 | 000,065,536 | -HS- | C] () -- C:\Users\Leszek\ntuser.dat{9b50f633-7528-11df-97bb-001eecab3b34}.TM.blf [2010-05-26 14:52:57 | 000,005,409 | ---- | C] () -- C:\Users\Leszek\skarga_powodowa.zip [2010-05-24 08:46:32 | 000,026,340 | ---- | C] () -- C:\Users\Leszek\AppData\Roaming\UserTile.png [2010-05-21 09:51:33 | 003,114,667 | ---- | C] () -- C:\Users\Leszek\dd1 dd2.zip [2010-05-07 10:29:12 | 001,415,391 | ---- | C] () -- C:\Users\Leszek\SCAN0008.JPG [2010-04-08 19:37:35 | 002,512,754 | ---- | C] ( ) -- C:\Users\Leszek\NapiProjekt1.0.6.9_(programs.pl).exe [2010-03-22 19:33:55 | 002,754,560 | ---- | C] () -- C:\Users\Leszek\convertToRinex-v2.00.9.msi [2010-01-31 19:14:47 | 000,002,432 | ---- | C] () -- C:\Users\Leszek\AppData\Local\TempFY5860.html [2010-01-31 19:14:47 | 000,002,089 | ---- | C] () -- C:\Users\Leszek\AppData\Local\TempVN5860.html [2009-11-16 17:27:38 | 000,000,000 | ---- | C] () -- C:\Users\Leszek\AppData\Roaming\AVSMediaPlayer.m3u [2009-01-24 20:09:27 | 000,221,184 | ---- | C] () -- C:\Users\Leszek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-01-08 13:54:55 | 000,114,520 | ---- | C] () -- C:\Users\Leszek\AppData\Local\GDIPFONTCACHEV1.DAT [2009-01-08 13:39:25 | 000,524,288 | -HS- | C] () -- C:\Users\Leszek\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms [2009-01-08 13:39:25 | 000,524,288 | -HS- | C] () -- C:\Users\Leszek\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2009-01-08 13:39:25 | 000,065,536 | -HS- | C] () -- C:\Users\Leszek\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2009-01-08 13:39:25 | 000,000,020 | -HS- | C] () -- C:\Users\Leszek\ntuser.ini [2009-01-08 13:39:23 | 004,456,448 | -HS- | C] () -- C:\Users\Leszek\ntuser.dat [2008-11-04 01:31:29 | 000,000,249 | ---- | C] () -- C:\ProgramData\hpqp.ini [2008-11-04 01:22:15 | 000,042,654 | ---- | C] () -- C:\ProgramData\nvModes.001 [2008-11-04 01:21:46 | 000,042,654 | ---- | C] () -- C:\ProgramData\nvModes.dat [color=#E56717]========== LOP Check ==========[/color] [2011-01-18 21:01:50 | 000,000,000 | ---D | M] -- C:\Users\Leszek\AppData\Roaming\Autodesk [2012-06-03 09:00:47 | 000,000,000 | ---D | M] -- C:\Users\Leszek\AppData\Roaming\BESTplayer [2012-03-02 13:28:43 | 000,000,000 | ---D | M] -- C:\Users\Leszek\AppData\Roaming\Canon [2009-01-08 13:54:20 | 000,000,000 | ---D | M] -- C:\Users\Leszek\AppData\Roaming\DigitalPersona [2009-08-04 18:18:36 | 000,000,000 | ---D | M] -- C:\Users\Leszek\AppData\Roaming\Gadu-Gadu [2010-08-27 18:10:51 | 000,000,000 | ---D | M] -- C:\Users\Leszek\AppData\Roaming\Gadu-Gadu 10 [2010-11-16 17:05:33 | 000,000,000 | ---D | M] -- C:\Users\Leszek\AppData\Roaming\Helios [2012-05-31 08:40:08 | 000,000,000 | ---D | M] -- C:\Users\Leszek\AppData\Roaming\ipla [2012-06-19 12:21:31 | 000,000,000 | ---D | M] -- C:\Users\Leszek\AppData\Roaming\NewSoft [2010-10-27 18:28:29 | 000,000,000 | ---D | M] -- C:\Users\Leszek\AppData\Roaming\PDF Writer [2010-05-24 08:46:32 | 000,000,000 | ---D | M] -- C:\Users\Leszek\AppData\Roaming\PeerNetworking [2012-05-30 08:34:06 | 000,000,000 | ---D | M] -- C:\Users\Leszek\AppData\Roaming\QuickScan [2011-05-19 15:22:29 | 000,000,000 | ---D | M] -- C:\Users\Leszek\AppData\Roaming\Samsung [2010-02-05 13:20:54 | 000,000,000 | ---D | M] -- C:\Users\Leszek\AppData\Roaming\ScanSoft [2012-05-20 17:10:54 | 000,000,000 | ---D | M] -- C:\Users\Leszek\AppData\Roaming\SSFPC [2012-06-11 17:30:56 | 000,000,000 | ---D | M] -- C:\Users\Leszek\AppData\Roaming\Unity [2009-10-05 18:51:08 | 000,000,000 | ---D | M] -- C:\Users\Leszek\AppData\Roaming\VistaCodecs [2010-08-11 18:36:48 | 000,000,000 | ---D | M] -- C:\Users\Leszek\AppData\Roaming\VSO [2012-07-08 09:26:45 | 000,032,578 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012-07-09 09:50:51 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{D7C28979-B712-4E99-9618-DE0A82D2E519}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 477 bytes -> C:\Users\Leszek\Documents\zapytanie.eml:OECustomProperty < End of report >