OTL logfile created on: 2012-07-10 18:33:33 - Run 2 OTL by OldTimer - Version 3.2.53.1 Folder = G:\ 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 1,99 Gb Available Physical Memory | 66,33% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,46% Paging File free Paging file location(s): c:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 56,10 Gb Total Space | 24,37 Gb Free Space | 43,44% Space Free | Partition Type: NTFS Drive D: | 53,88 Gb Total Space | 23,75 Gb Free Space | 44,08% Space Free | Partition Type: NTFS Drive F: | 38,96 Gb Total Space | 18,02 Gb Free Space | 46,24% Space Free | Partition Type: NTFS Drive G: | 7,52 Gb Total Space | 1,43 Gb Free Space | 18,98% Space Free | Partition Type: FAT32 Computer Name: KOMP1 | User Name: lysiutki | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-07-10 14:07:00 | 000,595,968 | ---- | M] (OldTimer Tools) -- G:\OTL.exe PRC - [2012-06-15 00:17:36 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-06-15 00:17:55 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2011-02-23 11:24:26 | 006,053,536 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2010-10-13 12:41:06 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Auto | Stopped] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen) SRV:[b]64bit:[/b] - [2010-10-13 12:41:04 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Auto | Stopped] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen) SRV:[b]64bit:[/b] - [2010-09-27 09:37:32 | 004,180,576 | ---- | M] (SafeNet Inc.) [Auto | Stopped] -- C:\Windows\SysNative\hasplms.exe -- (hasplms) SRV:[b]64bit:[/b] - [2010-04-20 14:20:40 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:[b]64bit:[/b] - [2010-04-07 21:13:22 | 000,042,336 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV:[b]64bit:[/b] - [2010-04-07 21:08:52 | 000,810,120 | ---- | M] (ESET) [Auto | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn) SRV:[b]64bit:[/b] - [2010-03-16 17:04:24 | 000,167,280 | ---- | M] (Samsung Electronics CO., LTD.) [On_Demand | Stopped] -- C:\Windows\SysNative\SUPDSvc.exe -- (Samsung UPD Service) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012-06-15 12:28:00 | 000,709,432 | ---- | M] (Comarch S.A.) [Auto | Stopped] -- C:\Windows\SysWOW64\HASPSrv.exe -- (HASPSrv) SRV - [2012-06-15 00:17:46 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2010-04-20 14:20:35 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-04-07 15:34:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice) SRV - [2007-07-24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Stopped] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2010-10-05 14:26:10 | 000,018,288 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor) DRV:[b]64bit:[/b] - [2010-10-05 14:26:02 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter) DRV:[b]64bit:[/b] - [2010-10-05 14:26:00 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid) DRV:[b]64bit:[/b] - [2010-09-27 14:26:04 | 000,131,072 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge) DRV:[b]64bit:[/b] - [2010-07-27 10:36:22 | 000,075,648 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf) DRV:[b]64bit:[/b] - [2010-04-20 13:47:06 | 003,209,000 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ALCWDM64.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV:[b]64bit:[/b] - [2010-04-07 21:10:22 | 000,124,760 | ---- | M] (ESET) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr) DRV:[b]64bit:[/b] - [2010-04-07 21:08:38 | 000,139,704 | ---- | M] (ESET) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:[b]64bit:[/b] - [2010-04-07 21:05:24 | 000,164,912 | ---- | M] (ESET) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm) DRV:[b]64bit:[/b] - [2010-04-03 10:30:40 | 000,313,696 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0150.sys -- (RsFx0150) DRV:[b]64bit:[/b] - [2010-01-05 19:23:18 | 001,847,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur) DRV:[b]64bit:[/b] - [2009-10-12 21:15:20 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT) DRV:[b]64bit:[/b] - [2009-10-12 21:15:14 | 000,053,816 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\DGIVECP.SYS -- (DgiVecp) DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-04-07 15:33:08 | 000,033,072 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\purendis.sys -- (purendis) DRV:[b]64bit:[/b] - [2009-04-07 15:33:06 | 000,031,536 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\pnarp.sys -- (pnarp) DRV:[b]64bit:[/b] - [2009-03-13 11:55:38 | 000,318,464 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock) DRV:[b]64bit:[/b] - [2009-03-13 11:55:38 | 000,053,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\akshasp.sys -- (akshasp) DRV:[b]64bit:[/b] - [2009-03-13 11:55:38 | 000,025,344 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aksusb.sys -- (aksusb) DRV:[b]64bit:[/b] - [2008-06-27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs) DRV:[b]64bit:[/b] - [2007-07-23 15:13:06 | 000,056,960 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\akshhl.sys -- (akshhl) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2006-01-13 15:00:52 | 000,015,872 | ---- | M] (Flint Incorporation) [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\vd_filedisk.sys -- (VD_FileDisk) DRV - [2004-05-05 21:48:40 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\PQNTDRV.sys -- (PQNTDrv) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: eplgTb@eset.com:4.2.42.3 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2010-04-21 14:27:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-06-21 10:55:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-07-10 17:02:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-04-21 14:27:22 | 000,000,000 | ---D | M] [2010-04-20 14:12:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lysiutki\AppData\Roaming\mozilla\Extensions [2010-04-20 14:12:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lysiutki\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012-06-22 11:42:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lysiutki\AppData\Roaming\mozilla\Firefox\Profiles\wg3e7ncb.Domyślny użytkownik\extensions [2012-06-21 10:55:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2010-04-21 14:27:22 | 000,000,000 | ---D | M] (ESET Smart Security Extension) -- C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2012-06-15 00:19:07 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2010-02-21 12:22:32 | 000,712,704 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll [2012-06-15 01:13:23 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2012-06-15 01:13:23 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2012-06-15 01:13:23 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2012-06-15 01:13:23 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2012-06-15 01:13:23 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-06-15 01:13:23 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-04-20 14:29:56 | 000,001,306 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4:[b]64bit:[/b] - HKLM..\Run: [sdiagnhost] C:\Users\lysiutki\AppData\Local\Microsoft\Windows\1390\sdiagnhost.exe () O4 - HKLM..\Run: [Monitor Serwisu klucza HASP] C:\Windows\SysWOW64\HASPSrvN.exe (Comarch S.A.) O4 - Startup: C:\Users\lysiutki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\lysiutki\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.152.34 194.204.159.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{75C546E5-226C-437E-A089-8FA5F712190E}: DhcpNameServer = 194.204.152.34 194.204.159.1 O18:[b]64bit:[/b] - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.) O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-07-10 14:31:34 | 000,000,000 | ---D | C] -- C:\Users\lysiutki\AppData\Roaming\Malwarebytes [2012-07-10 14:31:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012-07-10 12:05:00 | 000,000,000 | ---D | C] -- C:\Users\lysiutki\temp [2012-07-10 12:04:59 | 000,000,000 | ---D | C] -- C:\Users\lysiutki\AppData\Roaming\TeamViewer [2012-07-06 11:07:21 | 000,000,000 | ---D | C] -- C:\Users\lysiutki\Desktop\pisma [2012-07-04 12:44:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt [2012-07-04 12:44:08 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012-07-04 12:12:44 | 000,000,000 | ---D | C] -- C:\Users\lysiutki\AppData\Roaming\Comarch [2012-07-04 11:40:25 | 000,000,000 | ---D | C] -- C:\ProgramData\iBard24 [2012-07-04 11:38:15 | 001,400,832 | ---- | C] (Aladdin Knowledge Systems) -- C:\Windows\SysNative\haspclnt.dll [2012-07-04 11:38:15 | 000,103,224 | ---- | C] (Comarch S.A.) -- C:\Windows\SysNative\HASPSrvN.exe [2012-07-04 11:38:14 | 001,400,832 | ---- | C] (Aladdin Knowledge Systems) -- C:\Windows\SysWow64\haspclnt.dll [2012-07-04 11:38:14 | 000,709,432 | ---- | C] (Comarch S.A.) -- C:\Windows\SysWow64\HASPSrv.exe [2012-07-04 11:38:14 | 000,709,432 | ---- | C] (Comarch S.A.) -- C:\Windows\SysNative\HASPSrv.exe [2012-07-04 11:38:14 | 000,103,224 | ---- | C] (Comarch S.A.) -- C:\Windows\SysWow64\HASPSrvN.exe [2012-07-04 11:37:58 | 000,075,648 | ---- | C] (SafeNet Inc.) -- C:\Windows\SysNative\drivers\aksdf.sys [2012-07-04 11:37:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Aladdin Shared [2012-07-04 11:37:56 | 004,180,576 | ---- | C] (SafeNet Inc.) -- C:\Windows\SysNative\hasplms.exe [2012-07-04 11:37:56 | 004,180,576 | ---- | C] (SafeNet Inc.) -- C:\Windows\SysNative\aksllmtp.exe [2012-07-04 11:37:55 | 000,131,072 | ---- | C] (SafeNet Inc.) -- C:\Windows\SysNative\drivers\aksfridge.sys [2012-07-04 11:37:50 | 000,318,464 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\drivers\hardlock.sys [2012-07-04 11:37:43 | 000,071,168 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\aksusb3.dll [2012-07-04 11:37:43 | 000,063,488 | ---- | C] (SafeNet Inc.) -- C:\Windows\SysNative\akshhl29.dll [2012-07-04 11:37:43 | 000,056,960 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\drivers\akshhl.sys [2012-07-04 11:37:43 | 000,053,760 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\drivers\akshasp.sys [2012-07-04 11:37:43 | 000,025,344 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\drivers\aksusb.sys [2012-07-04 11:37:43 | 000,014,720 | ---- | C] (SafeNet Inc.) -- C:\Windows\SysNative\drivers\aksclass.sys [2012-07-04 11:37:43 | 000,011,776 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\akshsp51.dll [2012-07-04 11:35:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comarch OPT!MA [2012-07-04 11:35:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comarch OPT!MA [2012-07-04 11:34:30 | 000,047,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perf-MSSQL10_50.OPTIMA-sqlagtctr.dll [2012-07-04 11:34:15 | 000,073,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perf-MSSQL$OPTIMA-sqlctr10.51.2500.0.dll [2012-07-04 11:32:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2012-07-04 11:28:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE [2012-07-04 11:28:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQLXML 3.0 [2012-07-04 11:28:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SQLXML 3.0 [2012-07-04 11:28:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SOAP Toolkit Version 3 [2012-07-04 11:28:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSSOAP [2012-07-04 11:28:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MSSoap [2012-07-04 11:28:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\{45901808-75AB-4B7E-8EB5-AC355CC44F8A} [2012-07-04 11:28:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Business Objects [2012-07-04 11:27:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\{97D82AC0-298E-4DBF-82AB-C6CFD84F758A} [2012-07-04 11:15:19 | 000,000,000 | -H-D | C] -- C:\ProgramData\{271292EB-1F30-444C-B5E1-ECBDC7E04B6D} [2012-07-04 11:15:19 | 000,000,000 | ---D | C] -- C:\Users\lysiutki\AppData\Roaming\Comarch OPT!MA [2012-07-04 11:06:03 | 000,000,000 | ---D | C] -- C:\Users\lysiutki\Desktop\umowy [2012-07-02 10:30:18 | 000,000,000 | ---D | C] -- C:\2012_07 [2012-06-28 15:43:52 | 000,000,000 | ---D | C] -- C:\Users\lysiutki\Desktop\Faktury przychodowe EXCEL [2012-06-27 11:29:44 | 000,000,000 | ---D | C] -- C:\Users\lysiutki\Desktop\wysłane [2012-06-26 19:01:52 | 000,000,000 | ---D | C] -- C:\Users\lysiutki\Desktop\od LUKA !!! [2012-06-26 18:58:58 | 000,000,000 | ---D | C] -- C:\Users\lysiutki\Desktop\Documents\auto show [2012-06-26 15:57:09 | 000,000,000 | ---D | C] -- C:\Users\lysiutki\Desktop\banki [2012-06-25 12:48:53 | 001,847,296 | R--- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\athurx.sys [2012-06-25 12:48:53 | 001,847,296 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athurx.sys [2012-06-25 12:48:52 | 000,000,000 | ---D | C] -- C:\Windows\Options [2012-06-25 12:48:33 | 000,000,000 | ---D | C] -- C:\ProgramData\TP-LINK [2012-06-22 15:54:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InsERT [2012-06-22 08:48:41 | 000,000,000 | ---D | C] -- C:\Users\lysiutki\Desktop\kadry [2012-06-21 18:40:41 | 000,000,000 | ---D | C] -- C:\Users\lysiutki\Desktop\nip regon krs [2012-06-21 16:28:52 | 000,000,000 | ---D | C] -- C:\Users\lysiutki\AppData\Roaming\InsERT GT [2012-06-21 16:22:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2012-06-21 16:16:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InsERT [2012-06-21 16:16:08 | 000,000,000 | ---D | C] -- C:\ProgramData\InsERT [2012-06-21 16:16:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\InsERT [2012-06-21 16:15:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2012-06-21 16:13:58 | 000,047,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perf-MSSQL10_50.INSERTGT-sqlagtctr.dll [2012-06-21 16:13:57 | 000,077,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perf-MSSQL10_50.INSERTGT-sqlagtctr.dll [2012-06-21 16:13:40 | 000,079,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perf-MSSQL$INSERTGT-sqlctr10.50.1600.1.dll [2012-06-21 16:13:40 | 000,073,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perf-MSSQL$INSERTGT-sqlctr10.50.1600.1.dll [2012-06-21 16:12:52 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\RsFx [2012-06-21 16:12:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 9.0 [2012-06-21 16:12:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 9.0 [2012-06-21 16:11:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2012-06-21 16:11:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 [2012-06-21 16:11:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\1033 [2012-06-21 16:11:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\1033 [2012-06-21 16:09:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 R2 [2012-06-21 16:09:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server [2012-06-21 16:09:23 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012-06-21 16:08:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server [2012-06-21 16:05:55 | 000,000,000 | ---D | C] -- C:\Instalki [2012-06-21 15:52:24 | 000,000,000 | ---D | C] -- C:\Temp [2012-06-21 14:30:21 | 000,000,000 | ---D | C] -- C:\2012_06 [2012-06-21 13:56:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STREAM soft [2012-06-21 13:56:20 | 000,000,000 | ---D | C] -- C:\ProgramData\StreamSoft [2012-06-21 13:56:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\STREAM soft [2012-06-21 13:56:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Borland Shared [2012-06-21 11:55:32 | 000,000,000 | ---D | C] -- C:\Users\lysiutki\Desktop\Documents\Druki GOFIN [2012-06-21 11:53:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOFIN [2012-06-21 11:53:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GOFIN [2012-06-21 10:55:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012-06-21 10:55:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012-06-13 17:32:26 | 000,055,096 | R--- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\w95scm.DLL [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-07-10 18:35:50 | 001,888,968 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-07-10 18:35:50 | 000,818,214 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-07-10 18:35:50 | 000,737,616 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-07-10 18:35:50 | 000,179,500 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-07-10 18:35:50 | 000,151,694 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-07-10 18:29:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-07-10 18:29:45 | 2414,731,264 | -HS- | M] () -- C:\hiberfil.sys [2012-07-10 18:27:28 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-07-10 17:53:25 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-07-10 17:53:24 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-07-10 17:53:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-07-10 09:12:02 | 000,017,967 | ---- | M] () -- C:\Users\lysiutki\Desktop\Nowy OpenDocument Dokument tekstowy.odt [2012-07-09 15:50:00 | 000,000,436 | ---- | M] () -- C:\Windows\tasks\backup.job [2012-07-06 12:50:07 | 000,000,042 | ---- | M] () -- C:\Users\lysiutki\Desktop\Documents\Asystent.dat [2012-07-06 12:50:03 | 000,013,616 | ---- | M] () -- C:\Users\lysiutki\Desktop\Nowy OpenDocument Dokument tekstowy - Kopia.odt [2012-07-06 12:43:49 | 000,011,838 | ---- | M] () -- C:\Users\lysiutki\Desktop\eden.odt [2012-07-06 12:08:41 | 000,017,842 | ---- | M] () -- C:\Users\lysiutki\Desktop\koszty przekazane do biura.ods [2012-07-06 09:00:36 | 000,406,494 | ---- | M] () -- C:\Users\lysiutki\Desktop\pcc-3.pdf [2012-07-04 11:37:24 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Comarch OPT!MA Biuro Rachunkowe.lnk [2012-07-04 11:36:25 | 000,001,055 | ---- | M] () -- C:\Users\Public\Desktop\Comarch OPT!MA.lnk [2012-07-04 11:34:31 | 001,908,670 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-07-03 11:20:24 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET [2012-07-03 10:48:52 | 000,000,138 | ---- | M] () -- C:\Windows\sysstr32.ini [2012-06-29 09:37:40 | 000,013,854 | ---- | M] () -- C:\Users\lysiutki\Desktop\płatności.ods [2012-06-26 18:07:00 | 000,001,049 | ---- | M] () -- C:\Users\lysiutki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-06-26 11:28:07 | 000,000,355 | ---- | M] () -- C:\Users\lysiutki\Desktop\Sieć.lnk [2012-06-22 15:11:33 | 000,000,077 | ---- | M] () -- C:\Users\lysiutki\Desktop\Documents\pulpit.scf [2012-06-22 08:23:40 | 004,890,296 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-06-21 19:33:41 | 000,010,109 | ---- | M] () -- C:\Users\lysiutki\Desktop\zadania.odt [2012-06-21 14:35:57 | 000,002,040 | ---- | M] () -- C:\Users\Public\Desktop\Aga.lnk [2012-06-21 13:56:23 | 000,002,059 | ---- | M] () -- C:\Users\Public\Desktop\Ewa.lnk [2012-06-21 10:58:27 | 000,001,215 | ---- | M] () -- C:\Users\lysiutki\Desktop\ThunderbirdPortable.exe — skrót.lnk [2012-06-21 09:48:32 | 000,001,023 | ---- | M] () -- C:\Users\lysiutki\Desktop\Dropbox.lnk [2012-06-15 12:34:42 | 000,098,304 | ---- | M] () -- C:\Windows\SysWow64\getver.exe [2012-06-15 12:28:01 | 000,103,224 | ---- | M] (Comarch S.A.) -- C:\Windows\SysWow64\HASPSrvN.exe [2012-06-15 12:28:01 | 000,103,224 | ---- | M] (Comarch S.A.) -- C:\Windows\SysNative\HASPSrvN.exe [2012-06-15 12:28:00 | 000,709,432 | ---- | M] (Comarch S.A.) -- C:\Windows\SysWow64\HASPSrv.exe [2012-06-15 12:28:00 | 000,709,432 | ---- | M] (Comarch S.A.) -- C:\Windows\SysNative\HASPSrv.exe [2012-06-15 12:19:25 | 001,400,832 | ---- | M] (Aladdin Knowledge Systems) -- C:\Windows\SysWow64\haspclnt.dll [2012-06-15 12:19:25 | 001,400,832 | ---- | M] (Aladdin Knowledge Systems) -- C:\Windows\SysNative\haspclnt.dll [2012-06-15 12:19:25 | 000,131,584 | ---- | M] () -- C:\Windows\SysWow64\HASPXPx64.dll [2012-06-15 12:19:25 | 000,131,584 | ---- | M] () -- C:\Windows\SysNative\HASPXPx64.dll [2012-06-15 12:19:25 | 000,112,128 | ---- | M] () -- C:\Windows\SysWow64\HASPXPx32.dll [2012-06-15 12:19:25 | 000,112,128 | ---- | M] () -- C:\Windows\SysNative\HASPXPx32.dll [2012-06-13 17:32:26 | 000,055,096 | R--- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\w95scm.DLL [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-07-09 08:40:57 | 000,017,967 | ---- | C] () -- C:\Users\lysiutki\Desktop\Nowy OpenDocument Dokument tekstowy.odt [2012-07-06 11:38:39 | 000,013,616 | ---- | C] () -- C:\Users\lysiutki\Desktop\Nowy OpenDocument Dokument tekstowy - Kopia.odt [2012-07-06 11:12:52 | 000,011,838 | ---- | C] () -- C:\Users\lysiutki\Desktop\eden.odt [2012-07-06 09:00:36 | 000,406,494 | ---- | C] () -- C:\Users\lysiutki\Desktop\pcc-3.pdf [2012-07-04 11:38:15 | 000,131,584 | ---- | C] () -- C:\Windows\SysWow64\HASPXPx64.dll [2012-07-04 11:38:15 | 000,131,584 | ---- | C] () -- C:\Windows\SysNative\HASPXPx64.dll [2012-07-04 11:38:15 | 000,112,128 | ---- | C] () -- C:\Windows\SysWow64\HASPXPx32.dll [2012-07-04 11:38:15 | 000,112,128 | ---- | C] () -- C:\Windows\SysNative\HASPXPx32.dll [2012-07-04 11:38:15 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\getver.exe [2012-07-04 11:37:24 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Comarch OPT!MA Biuro Rachunkowe.lnk [2012-07-04 11:36:25 | 000,001,055 | ---- | C] () -- C:\Users\Public\Desktop\Comarch OPT!MA.lnk [2012-07-04 11:34:16 | 001,908,670 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-06-26 18:07:00 | 000,001,049 | ---- | C] () -- C:\Users\lysiutki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-06-26 14:32:58 | 000,013,854 | ---- | C] () -- C:\Users\lysiutki\Desktop\płatności.ods [2012-06-26 11:28:07 | 000,000,355 | ---- | C] () -- C:\Users\lysiutki\Desktop\Sieć.lnk [2012-06-25 12:48:53 | 000,017,326 | R--- | C] () -- C:\Windows\SysNative\netathurx.inf [2012-06-25 12:48:53 | 000,007,484 | ---- | C] () -- C:\Windows\SysNative\athurextx.cat [2012-06-22 15:11:21 | 000,000,077 | ---- | C] () -- C:\Users\lysiutki\Desktop\Documents\pulpit.scf [2012-06-22 13:22:11 | 000,017,842 | ---- | C] () -- C:\Users\lysiutki\Desktop\koszty przekazane do biura.ods [2012-06-21 18:07:05 | 000,010,109 | ---- | C] () -- C:\Users\lysiutki\Desktop\zadania.odt [2012-06-21 14:35:57 | 000,002,040 | ---- | C] () -- C:\Users\Public\Desktop\Aga.lnk [2012-06-21 14:09:08 | 000,013,030 | ---- | C] () -- C:\PDOXUSRS.NET [2012-06-21 14:08:56 | 000,000,138 | ---- | C] () -- C:\Windows\sysstr32.ini [2012-06-21 13:56:23 | 000,002,059 | ---- | C] () -- C:\Users\Public\Desktop\Ewa.lnk [2012-06-21 10:58:27 | 000,001,215 | ---- | C] () -- C:\Users\lysiutki\Desktop\ThunderbirdPortable.exe — skrót.lnk [2012-06-21 10:55:55 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011-03-14 13:35:05 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2011-03-14 13:35:05 | 000,000,088 | RHS- | C] () -- C:\ProgramData\69249016F1.sys [2010-04-27 09:13:45 | 000,002,432 | ---- | C] () -- C:\Users\lysiutki\AppData\Local\Tempwg3556.html [2010-04-26 13:21:54 | 000,002,432 | ---- | C] () -- C:\Users\lysiutki\AppData\Local\TempSf1588.html [2010-04-26 13:21:54 | 000,002,089 | ---- | C] () -- C:\Users\lysiutki\AppData\Local\Temphu1588.html [2010-04-23 11:09:25 | 000,002,432 | ---- | C] () -- C:\Users\lysiutki\AppData\Local\TempHP1600.html [2010-04-23 11:09:25 | 000,002,089 | ---- | C] () -- C:\Users\lysiutki\AppData\Local\TempgM1600.html [2010-04-21 19:07:00 | 000,002,432 | ---- | C] () -- C:\Users\lysiutki\AppData\Local\TempEo1852.html [2010-04-21 19:07:00 | 000,002,089 | ---- | C] () -- C:\Users\lysiutki\AppData\Local\TempAS1852.html [2010-04-21 14:33:15 | 000,002,432 | ---- | C] () -- C:\Users\lysiutki\AppData\Local\Tempcw1740.html [2010-04-21 14:33:15 | 000,002,089 | ---- | C] () -- C:\Users\lysiutki\AppData\Local\TempFu1740.html [2010-04-21 14:23:36 | 000,002,432 | ---- | C] () -- C:\Users\lysiutki\AppData\Local\TempRM1948.html [2010-04-21 14:23:36 | 000,002,089 | ---- | C] () -- C:\Users\lysiutki\AppData\Local\TempDP1948.html [2010-04-21 13:33:37 | 000,002,432 | ---- | C] () -- C:\Users\lysiutki\AppData\Local\TempRR2064.html [2010-04-21 13:33:37 | 000,002,089 | ---- | C] () -- C:\Users\lysiutki\AppData\Local\TempKH2064.html [2010-04-21 13:06:07 | 000,002,432 | ---- | C] () -- C:\Users\lysiutki\AppData\Local\TempLp2300.html [2010-04-21 13:06:07 | 000,002,089 | ---- | C] () -- C:\Users\lysiutki\AppData\Local\TempGM2300.html [2010-04-21 09:00:51 | 000,002,432 | ---- | C] () -- C:\Users\lysiutki\AppData\Local\Tempql1908.html [2010-04-21 09:00:51 | 000,002,089 | ---- | C] () -- C:\Users\lysiutki\AppData\Local\TempWD1908.html [2010-04-21 08:58:29 | 000,002,432 | ---- | C] () -- C:\Users\lysiutki\AppData\Local\TempXb2176.html [2010-04-21 08:58:29 | 000,002,089 | ---- | C] () -- C:\Users\lysiutki\AppData\Local\TempLO2176.html [2010-04-21 08:49:24 | 000,002,432 | ---- | C] () -- C:\Users\lysiutki\AppData\Local\TempAe2064.html [2010-04-21 08:49:24 | 000,002,089 | ---- | C] () -- C:\Users\lysiutki\AppData\Local\TempXH2064.html [2010-04-21 08:44:09 | 000,002,432 | ---- | C] () -- C:\Users\lysiutki\AppData\Local\Templh1904.html [2010-04-21 08:44:09 | 000,002,089 | ---- | C] () -- C:\Users\lysiutki\AppData\Local\TempLk1904.html < End of report >