OTL logfile created on: 2012-07-06 18:07:00 - Run 1
OTL by OldTimer - Version 3.2.53.1     Folder = D:\pobrane
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1,87 Gb Total Physical Memory | 1,21 Gb Available Physical Memory | 64,62% Memory free
3,74 Gb Paging File | 3,11 Gb Available in Paging File | 83,11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,21 Gb Total Space | 69,49 Gb Free Space | 59,79% Space Free | Partition Type: NTFS
Drive D: | 116,28 Gb Total Space | 34,30 Gb Free Space | 29,50% Space Free | Partition Type: NTFS
 
Computer Name: NATALIA-TOSH | User Name: natalia | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-07-06 18:06:16 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\pobrane\OTL.exe
PRC - [2012-06-23 21:43:33 | 001,535,176 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
PRC - [2012-06-18 09:33:58 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-06-23 21:43:33 | 009,459,912 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
MOD - [2012-06-18 09:33:57 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2010-02-05 17:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:[b]64bit:[/b] - [2010-01-05 18:04:02 | 000,244,840 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:[b]64bit:[/b] - [2010-01-05 18:04:02 | 000,199,032 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:[b]64bit:[/b] - [2010-01-05 18:04:02 | 000,148,520 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe -- (mfevtp)
SRV:[b]64bit:[/b] - [2009-12-30 18:13:18 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS)
SRV:[b]64bit:[/b] - [2009-12-22 04:31:04 | 000,117,584 | ---- | M] (Devguru Co., Ltd.) [Auto | Stopped] -- C:\Windows\SysNative\dgdersvc.exe -- (dgdersvc)
SRV:[b]64bit:[/b] - [2009-12-14 21:08:40 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:[b]64bit:[/b] - [2009-12-14 21:08:40 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:[b]64bit:[/b] - [2009-12-14 21:08:40 | 000,355,440 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:[b]64bit:[/b] - [2009-12-14 21:08:40 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:[b]64bit:[/b] - [2009-12-14 21:08:40 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:[b]64bit:[/b] - [2009-12-14 21:08:40 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:[b]64bit:[/b] - [2009-12-14 21:08:40 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:[b]64bit:[/b] - [2009-12-14 21:08:40 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:[b]64bit:[/b] - [2009-11-05 22:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:[b]64bit:[/b] - [2009-07-28 14:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2008-05-16 02:19:24 | 000,144,760 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2008-05-16 02:19:00 | 000,247,160 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV:[b]64bit:[/b] - [2008-05-16 02:16:59 | 000,349,560 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV:[b]64bit:[/b] - [2008-05-16 02:06:57 | 000,017,272 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2012-06-23 21:43:40 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-06-18 09:33:57 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-02-29 09:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-02-10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe -- (BBUpdate)
SRV - [2012-02-10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe -- (BBSvc)
SRV - [2012-01-04 14:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011-10-01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011-10-01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011-06-06 23:45:28 | 000,381,064 | ---- | M] (J. River, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\J River\Media Center 16\JRService.exe -- (Media Center 16 Service)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-11 02:40:12 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2010-01-28 16:44:40 | 000,249,200 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2010-01-15 14:08:38 | 000,935,208 | ---- | M] (Nero AG) [Auto | Stopped] -- c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009-12-22 04:31:02 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) [Auto | Stopped] -- C:\Windows\SysWOW64\dgdersvc.exe -- (dgdersvc)
SRV - [2009-10-06 09:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-03-10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2007-12-18 13:48:40 | 000,196,704 | ---- | M] (OptionNV) [Auto | Stopped] -- C:\Program Files (x86)\ERA\GlobeTrotter Connect\GtDetectSc.exe -- (GtDetectSc)
SRV - [2001-04-06 15:06:38 | 000,258,048 | ---- | M] () [Auto | Stopped] -- C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe -- (matlabserver)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2012-03-01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011-12-06 22:49:04 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2011-11-01 11:07:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:[b]64bit:[/b] - [2011-11-01 11:07:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:[b]64bit:[/b] - [2011-11-01 11:07:24 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:[b]64bit:[/b] - [2011-11-01 11:07:24 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:[b]64bit:[/b] - [2011-10-01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:[b]64bit:[/b] - [2011-10-01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:[b]64bit:[/b] - [2011-10-01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:[b]64bit:[/b] - [2011-10-01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:[b]64bit:[/b] - [2011-05-27 15:42:15 | 000,507,392 | ---- | M] (ITETech                  ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AF15BDA.sys -- (AF15BDA)
DRV:[b]64bit:[/b] - [2011-03-11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-03-10 18:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2010-03-04 17:53:00 | 000,075,816 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2010-02-20 09:24:34 | 010,300,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2010-02-01 10:29:48 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:[b]64bit:[/b] - [2010-01-18 17:45:50 | 000,717,368 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:[b]64bit:[/b] - [2010-01-05 18:04:02 | 000,528,232 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:[b]64bit:[/b] - [2010-01-05 18:04:02 | 000,440,688 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:[b]64bit:[/b] - [2010-01-05 18:04:02 | 000,279,752 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:[b]64bit:[/b] - [2010-01-05 18:04:02 | 000,189,880 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:[b]64bit:[/b] - [2010-01-05 18:04:02 | 000,121,504 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:[b]64bit:[/b] - [2010-01-05 18:04:02 | 000,093,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:[b]64bit:[/b] - [2010-01-05 18:04:02 | 000,075,288 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:[b]64bit:[/b] - [2010-01-05 18:04:02 | 000,062,416 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:[b]64bit:[/b] - [2009-12-22 04:31:26 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:[b]64bit:[/b] - [2009-12-22 04:31:04 | 000,020,568 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dgderdrv.sys -- (dgderdrv)
DRV:[b]64bit:[/b] - [2009-11-06 12:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2009-09-19 07:30:14 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV:[b]64bit:[/b] - [2009-09-19 07:30:14 | 000,128,000 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bserd.sys -- (ss_bserd)
DRV:[b]64bit:[/b] - [2009-09-19 07:30:14 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV:[b]64bit:[/b] - [2009-09-19 07:30:14 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV:[b]64bit:[/b] - [2009-08-07 05:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2009-07-30 19:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:[b]64bit:[/b] - [2009-07-14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2009-07-07 08:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:[b]64bit:[/b] - [2009-06-22 17:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:[b]64bit:[/b] - [2009-06-11 16:23:16 | 000,086,528 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gt72ubus.sys -- (GT72UBUS)
DRV:[b]64bit:[/b] - [2009-06-11 16:22:44 | 000,010,496 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gtptser.sys -- (GTPTSER)
DRV:[b]64bit:[/b] - [2009-06-11 16:22:30 | 000,130,048 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Gt51Ip.sys -- (GT72NDISIPXP)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2008-08-28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:[b]64bit:[/b] - [2008-05-16 02:21:03 | 000,089,168 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2008-05-16 02:18:15 | 000,063,056 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2008-05-16 02:16:17 | 000,022,096 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2008-05-16 02:15:34 | 000,027,216 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2008-05-16 02:14:18 | 000,048,720 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009-12-22 04:31:26 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009-12-22 04:31:02 | 000,018,136 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008-05-16 02:18:00 | 000,050,768 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\aswMonFlt.sys -- (aswMonFlt)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {5467D23D-BDAA-4937-8A45-7C0E46789696}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{5467D23D-BDAA-4937-8A45-7C0E46789696}: "URL" = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.maxiwe.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=2&cf=8cf5510a-1b7a-11e1-abd6-00266c7a2dd4
IE - HKLM\..\URLSearchHook: {1192a62b-4dbc-4d1f-b54e-d820a1be76be} - C:\Program Files (x86)\ChrisTV_Add-on\prxtbChr2.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files (x86)\Reganam\prxtbReg2.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{9BF39B7B-9285-4B37-BC4C-069F45BAAB8D}: "URL" = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1166542
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.autocompletepro.com/?si=10182&bi=400
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.autocompletepro.com/?si=10182&bi=400
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.autocompletepro.com/?si=10182&bi=400
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://toshiba.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.autocompletepro.com/?si=10182&bi=400
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.autocompletepro.com/?si=10182&bi=400
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {1192a62b-4dbc-4d1f-b54e-d820a1be76be} - C:\Program Files (x86)\ChrisTV_Add-on\prxtbChr2.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files (x86)\Reganam\prxtbReg2.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {7AEFED9C-9E84-4647-B38D-22D38BB02300}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=108603&babsrc=SP_ss&mntrId=42d834ea0000000000000626b6f2475c
IE - HKCU\..\SearchScopes\{33DC039A-60DD-4DD6-9621-8D2A9960EB99}: "URL" = http://www.amazon.co.uk/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibauk-win7-ie-search-21&index=blended&linkCode=ur2
IE - HKCU\..\SearchScopes\{7AEFED9C-9E84-4647-B38D-22D38BB02300}: "URL" = http://startsear.ch/?aff=2&src=sp&cf=8cf5510a-1b7a-11e1-abd6-00266c7a2dd4&q={searchTerms}
IE - HKCU\..\SearchScopes\{AC244809-11E9-4E57-A634-D607A56751CA}: "URL" = http://rover.ebay.com/rover/1/4908-44618-9400-8/4?satitle={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.autocompletepro.com/?si=10182&bi=400&q={searchTerms}
IE - HKCU\..\SearchScopes\{B0DD2E90-4A17-4CA2-A790-D355B835C3FD}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=YYYYYYYYPL&apn_uid=0D74582B-7085-4938-A7E9-B045CF2208C1&apn_sauid=9C0D06C8-63EB-4D68-9D66-DEAEC75A74E7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Reganam Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1601497&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: false
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: {db9d7a78-a76c-4bf2-97c6-258925ee1542}:3.8.1.0
FF - prefs.js..extensions.enabledItems: support@predictad.com:1.11
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1601497&q="
 
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\natalia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012-02-23 11:55:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_9.0@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 [2012-01-21 15:19:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-06-18 09:34:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-04-21 09:02:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012-01-21 15:19:58 | 000,000,000 | ---D | M]
 
[2010-11-06 13:48:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\natalia\AppData\Roaming\mozilla\Extensions
[2012-06-01 13:00:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\natalia\AppData\Roaming\mozilla\Firefox\Profiles\kynmupgy.default\extensions
[2012-06-01 13:00:37 | 000,000,000 | ---D | M] (Reganam Community Toolbar) -- C:\Users\natalia\AppData\Roaming\mozilla\Firefox\Profiles\kynmupgy.default\extensions\{db9d7a78-a76c-4bf2-97c6-258925ee1542}
[2012-02-01 14:56:57 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\natalia\AppData\Roaming\mozilla\Firefox\Profiles\kynmupgy.default\extensions\ffxtlbr@babylon.com
[2011-05-27 16:43:18 | 000,000,000 | ---D | M] ("AutocompletePro - Your handy search suggestions tool") -- C:\Users\natalia\AppData\Roaming\mozilla\Firefox\Profiles\kynmupgy.default\extensions\support@predictad.com
[2012-04-20 17:42:03 | 000,002,580 | ---- | M] () -- C:\Users\natalia\AppData\Roaming\Mozilla\Firefox\Profiles\kynmupgy.default\searchplugins\askcom.xml
[2010-11-02 16:50:36 | 000,000,917 | ---- | M] () -- C:\Users\natalia\AppData\Roaming\Mozilla\Firefox\Profiles\kynmupgy.default\searchplugins\conduit.xml
[2011-07-11 20:04:02 | 000,000,633 | ---- | M] () -- C:\Users\natalia\AppData\Roaming\Mozilla\Firefox\Profiles\kynmupgy.default\searchplugins\startsear.xml
[2012-05-05 15:00:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-03-10 19:51:44 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-05-21 00:18:05 | 000,550,833 | ---- | M] () (No name found) -- C:\USERS\NATALIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KYNMUPGY.DEFAULT\EXTENSIONS\DIVXWEBPLAYER@DIVX.COM.XPI
[2012-06-18 09:33:59 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010-01-05 18:04:02 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2012-04-05 08:45:51 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011-10-27 15:45:50 | 000,083,456 | ---- | M] (LiveVDO ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll
[2011-05-27 16:43:18 | 000,003,189 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\acpro.xml
[2012-06-18 09:33:55 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-02-01 14:56:32 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012-06-18 09:33:55 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012-06-18 09:33:55 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-06-18 09:33:55 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-06-18 09:33:55 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-06-18 09:33:55 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
 
O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files (x86)\AutocompletePro\64\AutocompletePro64.dll (SimplyGen)
O2:[b]64bit:[/b] - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\msk\mskapbho64.dll ()
O2:[b]64bit:[/b] - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20100422114525.dll (McAfee, Inc.)
O2:[b]64bit:[/b] - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (ChrisTV Add-on Toolbar) - {1192a62b-4dbc-4d1f-b54e-d820a1be76be} - C:\Program Files (x86)\ChrisTV_Add-on\prxtbChr2.dll (Conduit Ltd.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\msk\mskapbho.dll ()
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101105190134.dll (McAfee, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Reganam Toolbar) - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files (x86)\Reganam\prxtbReg2.dll (Conduit Ltd.)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (ChrisTV Add-on Toolbar) - {1192a62b-4dbc-4d1f-b54e-d820a1be76be} - C:\Program Files (x86)\ChrisTV_Add-on\prxtbChr2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (StartSearchToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Reganam Toolbar) - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files (x86)\Reganam\prxtbReg2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (ChrisTV Add-on Toolbar) - {1192A62B-4DBC-4D1F-B54E-D820A1BE76BE} - C:\Program Files (x86)\ChrisTV_Add-on\prxtbChr2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (StartSearchToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Reganam Toolbar) - {DB9D7A78-A76C-4BF2-97C6-258925EE1542} - C:\Program Files (x86)\Reganam\prxtbReg2.dll (Conduit Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [TaskSchdPS] C:\Users\natalia\AppData\Local\Microsoft\Windows\3760\TaskSchdPS.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:[b]64bit:[/b] - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:[b]64bit:[/b] - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NBAgent] c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [guegae] C:\Users\natalia\guegae.exe File not found
O4 - HKCU..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\/\KiesTrayAgent.exe ()
O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BF3F9798-E73A-4372-B3C2-BCDEF39BA92B}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5b9b643c-2034-11e1-85f0-00266c7a2dd4}\Shell - "" = AutoRun
O33 - MountPoints2\{5b9b643c-2034-11e1-85f0-00266c7a2dd4}\Shell\AutoRun\command - "" = G:\Autorun.exe
O33 - MountPoints2\{63990f67-e68e-11df-adb3-00266c7a2dd4}\Shell - "" = AutoRun
O33 - MountPoints2\{63990f67-e68e-11df-adb3-00266c7a2dd4}\Shell\AutoRun\command - "" = F:\setup.exe AUTORUN=1
O33 - MountPoints2\{6f015a6e-1e64-11e1-8d90-00266c7a2dd4}\Shell - "" = AutoRun
O33 - MountPoints2\{6f015a6e-1e64-11e1-8d90-00266c7a2dd4}\Shell\AutoRun\command - "" = F:\DVAP.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\DVAP.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-07-06 18:03:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012-07-06 17:46:35 | 000,000,000 | -HSD | C] -- C:\found.000
[2012-07-06 16:50:19 | 000,000,000 | ---D | C] -- C:\Users\natalia\AppData\Roaming\hellomoto
[2012-07-05 01:26:07 | 000,000,000 | ---D | C] -- C:\Users\natalia\AppData\Local\Unity
[2012-07-04 00:19:45 | 000,000,000 | ---D | C] -- C:\Users\natalia\AppData\Local\Electronic Arts
[2012-07-04 00:00:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2012-06-23 21:43:53 | 000,000,000 | ---D | C] -- C:\Users\natalia\AppData\Local\Macromedia
[2012-06-22 20:09:35 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012-06-22 20:09:35 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012-06-22 20:09:35 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012-06-22 20:09:13 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012-06-22 20:09:13 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012-06-22 20:09:13 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012-06-22 20:08:33 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012-06-22 20:08:33 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012-06-20 17:35:10 | 000,000,000 | ---D | C] -- C:\Users\natalia\AppData\Local\Microsoft Help
[2012-06-20 17:35:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012-06-18 11:43:56 | 000,000,000 | ---D | C] -- C:\Users\natalia\AppData\Local\Nero
[2012-06-18 11:27:59 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2012-06-18 11:26:37 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2012-06-18 11:25:21 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2012-06-18 11:23:55 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2012-06-18 11:22:36 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2012-06-15 15:56:38 | 000,000,000 | ---D | C] -- C:\Users\natalia\Desktop\Praca Licencjacka
[2012-06-15 00:11:08 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012-06-15 00:11:08 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012-06-15 00:11:06 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012-06-15 00:11:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012-06-15 00:11:04 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012-06-15 00:11:04 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012-06-15 00:11:04 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012-06-15 00:11:04 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012-06-15 00:11:01 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012-06-15 00:11:01 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012-06-15 00:11:01 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012-06-15 00:11:00 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012-06-15 00:11:00 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012-06-14 08:25:59 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012-06-14 08:25:59 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012-06-14 08:25:59 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012-06-14 08:25:42 | 005,505,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012-06-14 08:25:41 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012-06-14 08:25:41 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012-06-14 08:25:35 | 003,213,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012-06-14 08:25:20 | 001,460,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012-06-14 08:25:19 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012-06-13 13:43:20 | 000,000,000 | ---D | C] -- C:\Users\natalia\Desktop\prezentacja
[2012-06-11 19:20:44 | 000,000,000 | ---D | C] -- C:\Users\natalia\AppData\Roaming\Rovio
[2012-03-10 19:45:08 | 000,763,226 | ---- | C] (V9 Downloader) -- C:\Program Files\Skype_Downloader.exe
[2012-02-01 14:56:13 | 002,371,152 | ---- | C] (DownVision                                                  ) -- C:\Users\natalia\AppData\Local\setup.exe
[2010-11-03 20:28:28 | 000,196,704 | ---- | C] (OptionNV) -- C:\Users\natalia\GtDetectSc.exe
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\natalia\Desktop\*.tmp files -> C:\Users\natalia\Desktop\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013-02-19 15:26:22 | 063,368,328 | ---- | M] (Aidem Media) -- C:\Users\natalia\Desktop\BiLAngnajm.exe
[2012-07-06 18:03:00 | 000,001,835 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Internet Security.lnk
[2012-07-06 18:00:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-07-06 18:00:46 | 1506,779,136 | -HS- | M] () -- C:\hiberfil.sys
[2012-07-06 17:49:43 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-07-06 17:47:20 | 000,003,224 | ---- | M] () -- C:\bootsqm.dat
[2012-07-06 17:04:02 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-07-06 16:35:04 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-07-06 16:32:48 | 000,022,808 | ---- | M] () -- C:\Users\natalia\Desktop\8081_262461603863182_488301429_n.jpg
[2012-07-06 10:44:41 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-07-06 10:44:41 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-07-05 22:42:37 | 001,551,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-07-05 22:42:37 | 000,698,598 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-07-05 22:42:37 | 000,616,694 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-07-05 22:42:37 | 000,135,418 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-07-05 22:42:37 | 000,106,816 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-07-04 00:23:59 | 000,000,832 | ---- | M] () -- C:\Users\natalia\Desktop\Harry Potter i Insygnia Śmierci™ – część 1 — skrót.lnk
[2012-07-01 14:55:57 | 001,845,033 | ---- | M] () -- C:\Users\natalia\Desktop\KOMIXX.png
[2012-07-01 14:48:58 | 000,023,104 | ---- | M] () -- C:\Users\natalia\Desktop\strzalka_w_lewo.png
[2012-06-30 11:07:27 | 000,002,347 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012-06-25 02:14:19 | 001,284,362 | ---- | M] () -- C:\Users\natalia\Desktop\PL.NB1.pdf
[2012-06-23 21:43:33 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-06-23 21:43:33 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-06-20 19:23:21 | 000,002,432 | ---- | M] () -- C:\Users\natalia\AppData\Local\TempZm6776.html
[2012-06-20 18:29:00 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2012-06-19 12:48:05 | 000,002,716 | ---- | M] () -- C:\Users\natalia\.recently-used.xbel
[2012-06-15 11:59:41 | 000,112,438 | ---- | M] () -- C:\Users\natalia\Desktop\all.png
[2012-06-15 09:34:11 | 002,373,416 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-06-07 16:06:41 | 000,044,908 | ---- | M] () -- C:\Users\natalia\Desktop\Photo_00118.jpg
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\natalia\Desktop\*.tmp files -> C:\Users\natalia\Desktop\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-07-06 17:47:20 | 000,003,224 | ---- | C] () -- C:\bootsqm.dat
[2012-07-06 16:32:32 | 000,022,808 | ---- | C] () -- C:\Users\natalia\Desktop\8081_262461603863182_488301429_n.jpg
[2012-07-04 00:23:59 | 000,000,832 | ---- | C] () -- C:\Users\natalia\Desktop\Harry Potter i Insygnia Śmierci™ – część 1 — skrót.lnk
[2012-07-01 14:52:32 | 001,845,033 | ---- | C] () -- C:\Users\natalia\Desktop\KOMIXX.png
[2012-07-01 14:48:56 | 000,023,104 | ---- | C] () -- C:\Users\natalia\Desktop\strzalka_w_lewo.png
[2012-06-25 02:14:11 | 001,284,362 | ---- | C] () -- C:\Users\natalia\Desktop\PL.NB1.pdf
[2012-06-20 19:19:52 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempZm6776.html
[2012-06-20 18:29:00 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2012-06-19 12:48:05 | 000,002,716 | ---- | C] () -- C:\Users\natalia\.recently-used.xbel
[2012-06-15 11:59:40 | 000,112,438 | ---- | C] () -- C:\Users\natalia\Desktop\all.png
[2012-06-07 14:32:48 | 000,044,908 | ---- | C] () -- C:\Users\natalia\Desktop\Photo_00118.jpg
[2012-05-27 16:01:02 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempEt5884.html
[2012-05-04 09:58:42 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempSp3488.html
[2012-05-02 21:56:10 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempbY6724.html
[2012-05-02 14:07:21 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempeY1336.html
[2012-05-02 09:46:38 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempLq3836.html
[2012-05-02 00:29:38 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempHz4648.html
[2012-04-30 23:43:05 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempZDw328.html
[2012-04-29 22:14:34 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempnR3044.html
[2012-04-22 21:53:27 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\Tempjo6964.html
[2012-04-20 22:19:50 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\Tempxv6736.html
[2012-04-20 21:56:59 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TemphL1848.html
[2012-04-20 15:04:56 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempMd2720.html
[2012-04-15 15:56:50 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\Tempds5436.html
[2012-04-14 14:00:26 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempuY3188.html
[2012-04-14 09:22:31 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempKZ5860.html
[2012-04-13 18:37:07 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempcK5656.html
[2012-04-10 23:16:22 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempPg5492.html
[2012-04-10 11:40:08 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempTX4836.html
[2012-04-09 20:19:06 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempTvs580.html
[2012-04-09 16:16:04 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempXD5124.html
[2012-04-08 15:24:49 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempJwa668.html
[2012-04-08 00:51:19 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempeN4208.html
[2012-04-05 10:24:13 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempbN6104.html
[2012-03-17 20:34:44 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempPa3444.html
[2012-03-03 17:27:39 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempuvY332.html
[2012-02-10 15:40:30 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TemppQ1268.html
[2012-01-17 12:58:17 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TemphR1372.html
[2012-01-12 22:57:28 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\Tempjm5376.html
[2012-01-03 14:18:51 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempVn1048.html
[2011-12-31 13:54:05 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempNc4504.html
[2011-12-29 00:41:36 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempkH6008.html
[2011-12-28 13:46:10 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempyR1556.html
[2011-12-27 00:37:39 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempIqv248.html
[2011-12-24 10:01:27 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempXA4136.html
[2011-12-23 12:19:29 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempMU2064.html
[2011-12-23 00:48:46 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\Tempux2052.html
[2011-12-15 21:59:25 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempcE4716.html
[2011-12-14 20:56:17 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\Tempks4964.html
[2011-12-12 00:34:11 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempBH5032.html
[2011-12-10 00:02:19 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempFh1832.html
[2011-12-09 21:39:10 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempvU2208.html
[2011-12-08 22:16:50 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempeH5848.html
[2011-12-07 22:21:47 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempTB4740.html
[2011-12-07 21:32:49 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempSz6024.html
[2011-12-06 23:20:02 | 000,000,157 | ---- | C] () -- C:\Windows\matlab.ini
[2011-12-06 23:12:22 | 000,148,992 | ---- | C] () -- C:\Windows\SysWow64\mllink5.dll
[2011-12-06 23:12:22 | 000,000,019 | ---- | C] () -- C:\Windows\exlink.ini
[2011-12-06 22:53:16 | 000,006,550 | ---- | C] () -- C:\Windows\jautoexp.dat
[2011-12-02 21:01:55 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempTr4712.html
[2011-12-02 21:01:55 | 000,002,089 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempwI4712.html
[2011-11-30 14:40:07 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempwM4584.html
[2011-11-29 22:34:05 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempHk5176.html
[2011-11-29 21:11:24 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\Tempno1728.html
[2011-11-29 18:29:53 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TemppL4196.html
[2011-11-25 12:43:08 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempWa1868.html
[2011-11-23 22:51:08 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\Tempiy5964.html
[2011-11-23 16:30:03 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempdE4500.html
[2011-11-22 21:40:14 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempgZ1284.html
[2011-11-22 11:30:55 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempRG4800.html
[2011-11-21 21:30:40 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempGN5788.html
[2011-11-21 20:45:14 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempdL4924.html
[2011-11-21 17:38:15 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempcO4204.html
[2011-11-20 21:27:08 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempxD5016.html
[2011-11-17 22:13:13 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempPL3928.html
[2011-11-10 10:37:43 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempIg2596.html
[2011-11-06 21:23:45 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\Tempcf4616.html
[2011-11-06 19:06:56 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempgG4392.html
[2011-11-06 13:44:32 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempBs6092.html
[2011-11-05 18:49:20 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\Tempow1404.html
[2011-11-05 10:47:47 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempTx4056.html
[2011-11-04 17:34:31 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempqT4536.html
[2011-11-03 11:28:02 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempMd4740.html
[2011-11-03 00:29:14 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempRJ1876.html
[2011-11-02 13:51:37 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempMUy336.html
[2011-10-15 18:45:25 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempTp2600.html
[2011-09-17 13:36:09 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\Tempir1644.html
[2011-09-16 14:48:13 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempPG3324.html
[2011-09-14 20:53:36 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempCi5132.html
[2011-09-14 14:50:29 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempKE3144.html
[2011-09-13 14:46:44 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempiC2228.html
[2011-09-12 15:03:26 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempsD2288.html
[2011-09-11 15:18:53 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TemptK4304.html
[2011-09-10 16:17:56 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempaV5212.html
[2011-09-10 04:05:31 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempfP5808.html
[2011-09-09 11:36:47 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempHPO960.html
[2011-09-08 23:41:38 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempnA3616.html
[2011-09-08 22:38:27 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempZC5116.html
[2011-09-08 13:04:32 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempSg5668.html
[2011-09-07 20:31:30 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TemptM6764.html
[2011-09-07 17:53:39 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\Tempcy1808.html
[2011-09-07 13:01:10 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempMP6540.html
[2011-09-06 22:39:29 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempoE2528.html
[2011-09-06 09:53:23 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\Tempgt7360.html
[2011-09-06 01:15:16 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempWS4312.html
[2011-09-05 23:20:27 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempGq3948.html
[2011-09-05 22:58:25 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempHS3224.html
[2011-09-05 10:15:04 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempNL5064.html
[2011-09-04 16:13:17 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempGy2772.html
[2011-09-03 09:47:45 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempuP4364.html
[2011-09-02 14:54:43 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempKE5068.html
[2011-09-01 22:40:19 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempGw4424.html
[2011-09-01 17:06:05 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\Tempnz5312.html
[2011-08-31 16:59:07 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempvE4800.html
[2011-08-30 14:58:11 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempPG4796.html
[2011-08-29 21:49:20 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempcP2940.html
[2011-08-29 18:25:59 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\Tempqg6060.html
[2011-08-29 17:27:52 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011-08-29 14:54:03 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempUbF412.html
[2011-08-28 17:47:52 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempWO4332.html
[2011-07-23 20:49:11 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempKz4812.html
[2011-07-23 16:02:56 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempuY5760.html
[2011-07-22 11:00:42 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\Templg1860.html
[2011-07-22 07:39:02 | 000,000,036 | ---- | C] () -- C:\Windows\mafosav.INI
[2011-07-20 11:44:44 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempQcL424.html
[2011-07-18 21:01:21 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempcA1484.html
[2011-07-18 13:40:32 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempAr5872.html
[2011-07-17 20:20:02 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempKi2928.html
[2011-07-16 16:07:01 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempIA5492.html
[2011-07-16 16:06:53 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempPK5492.html
[2011-07-15 16:53:58 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempJb1884.html
[2011-07-14 20:46:57 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\Tempdr3124.html
[2011-07-14 18:03:58 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempZTH700.html
[2011-07-13 12:46:55 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempXk3508.html
[2011-07-11 10:48:20 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempgX4852.html
[2011-07-10 18:30:14 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempDC2724.html
[2011-07-10 11:37:22 | 000,000,831 | ---- | C] () -- C:\Windows\cdplayer.ini
[2011-07-09 02:54:51 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempcO2780.html
[2011-07-08 21:16:01 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempcV4496.html
[2011-07-08 17:19:02 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempUc6220.html
[2011-07-08 16:25:20 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempnO7836.html
[2011-07-08 16:24:47 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempqB7836.html
[2011-06-30 15:30:44 | 000,000,076 | ---- | C] () -- C:\Windows\SysWow64\net32gdilib.dll
[2011-05-27 15:37:17 | 000,000,014 | ---- | C] () -- C:\Windows\SysWow64\systeminfo.dll
[2011-02-15 21:13:37 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempEd5444.html
[2011-02-15 20:24:52 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TemptD9300.html
[2011-02-15 19:37:06 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempXj4560.html
[2011-02-15 13:07:08 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempJR4620.html
[2011-02-14 18:58:48 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempAlU332.html
[2011-02-14 16:38:01 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempVX6136.html
[2011-02-13 21:22:43 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempYY5540.html
[2011-02-13 18:30:35 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempVu1952.html
[2011-02-13 18:26:40 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\Tempxg3664.html
[2011-01-27 22:33:59 | 000,003,584 | ---- | C] () -- C:\Users\natalia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-01-18 22:50:06 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempPs5468.html
[2010-12-22 18:12:13 | 000,122,884 | ---- | C] () -- C:\Windows\UnGins.exe
[2010-11-17 10:26:36 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempEL2692.html
[2010-11-08 15:33:30 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempVL2480.html
[2010-11-07 15:17:26 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempSm2960.html
[2010-11-06 22:22:34 | 000,002,432 | ---- | C] () -- C:\Users\natalia\AppData\Local\Tempog4552.html
[2010-11-06 22:22:34 | 000,002,089 | ---- | C] () -- C:\Users\natalia\AppData\Local\TempKn4552.html
[2010-11-06 13:39:13 | 000,225,280 | ---- | C] () -- C:\Windows\SysWow64\qtmlClient.dll
[2010-11-03 09:25:50 | 001,576,642 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010-11-02 15:25:24 | 000,002,842 | ---- | C] () -- C:\Windows\unins000.dat
[2010-11-02 15:12:39 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010-08-10 00:54:46 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 165 bytes -> C:\ProgramData\TEMP:084B0270

< End of report >