OTL logfile created on: 2012-07-31 22:41:27 - Run 1
OTL by OldTimer - Version 3.2.55.0     Folder = C:\Users\Ania\Pobierane
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,00 Gb Total Physical Memory | 2,10 Gb Available Physical Memory | 70,02% Memory free
6,19 Gb Paging File | 5,55 Gb Available in Paging File | 89,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 186,15 Gb Total Space | 20,68 Gb Free Space | 11,11% Space Free | Partition Type: NTFS
Drive E: | 184,99 Gb Total Space | 3,96 Gb Free Space | 2,14% Space Free | Partition Type: NTFS
 
Computer Name: ANIA-PC | User Name: Ania | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-07-31 22:41:19 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Ania\Pobierane\OTL.exe
PRC - [2012-07-26 23:01:17 | 001,536,712 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe
PRC - [2012-07-19 16:23:04 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008-08-08 07:04:10 | 001,091,768 | ---- | M] (C. Ghisler & Co.) -- C:\Program Files\TC UP\TOTALCMD.EXE
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-07-26 23:01:17 | 009,465,032 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_268.dll
MOD - [2012-07-19 16:23:04 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011-03-17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009-01-30 15:26:06 | 000,160,768 | ---- | M] () -- C:\Program Files\TC UP\PLUGINS\Library\TCUPShellExt.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - File not found [Auto | Stopped] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - File not found [On_Demand | Stopped] -- C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe -- (McSysmon)
SRV - File not found [Auto | Stopped] -- C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe -- (McShield)
SRV - File not found [Auto | Stopped] -- c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe -- (McProxy)
SRV - File not found [On_Demand | Stopped] -- C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe -- (McODS)
SRV - File not found [Auto | Stopped] -- c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe -- (McNASvc)
SRV - File not found [Auto | Stopped] -- C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2012-07-26 23:01:18 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-07-19 16:23:04 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-02-29 09:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011-11-16 18:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2011-06-12 12:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010-03-18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009-12-22 04:31:26 | 000,217,088 | ---- | M] (Teruten) [Auto | Stopped] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009-12-22 04:31:02 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) [Auto | Stopped] -- C:\Windows\System32\dgdersvc.exe -- (dgdersvc)
SRV - [2009-11-25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009-11-25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009-11-25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009-11-25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009-10-24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009-08-21 12:42:37 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009-05-14 16:07:12 | 000,759,048 | ---- | M] (ABBYY) [Auto | Stopped] -- C:\Program Files\ABBYY Screenshot Reader\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.ScreenshotReader.9.0)
SRV - [2008-11-11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008-07-18 20:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008-04-24 18:35:46 | 000,073,728 | ---- | M] (Toshiba) [On_Demand | Stopped] -- C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv)
SRV - [2008-04-24 10:21:56 | 000,099,720 | ---- | M] (Toshiba Europe GmbH) [Auto | Stopped] -- C:\Program Files\Toshiba TEMPRO\TempoSVC.exe -- (TempoMonitoringService)
SRV - [2008-04-17 00:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008-04-11 11:57:14 | 000,124,264 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2008-01-21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008-01-17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007-12-06 21:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) [Auto | Stopped] -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.9.0)
SRV - [2007-12-03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007-11-21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2007-01-24 12:21:24 | 000,375,176 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-01-24 12:21:14 | 000,177,032 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2006-10-05 12:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Stopped] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006-08-23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\igdkmd32.sys -- (igfx)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\system32\Drivers\DgiVecp.sys -- (DgiVecp)
DRV - [2009-12-22 04:31:26 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009-12-22 04:31:02 | 000,018,136 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2009-11-25 01:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009-11-25 01:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009-11-25 01:49:48 | 000,053,328 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2009-11-25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009-11-25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009-10-28 07:09:29 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2009-09-21 10:55:32 | 000,122,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2009-09-21 10:55:32 | 000,090,240 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus)
DRV - [2009-09-21 10:55:32 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2009-09-21 04:17:34 | 000,318,080 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cxpolaris.sys -- (CXPOLARIS)
DRV - [2009-09-19 07:30:10 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009-09-19 07:30:10 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2009-09-19 07:30:10 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2009-09-19 07:30:10 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2009-08-11 09:45:54 | 000,109,568 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zebrmdmc.sys -- (zebrmdmc)
DRV - [2009-08-11 09:45:54 | 000,109,568 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zebrmdm.sys -- (zebrmdm)
DRV - [2009-08-11 09:45:54 | 000,083,200 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zebrbus.sys -- (zebrbus)
DRV - [2009-08-11 09:45:54 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zebrmdfl.sys -- (zebrmdfl)
DRV - [2009-05-13 23:25:06 | 000,214,024 | ---- | M] (McAfee, Inc.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009-05-13 23:25:06 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009-05-13 23:25:06 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009-05-13 23:25:06 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009-05-13 23:24:34 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009-04-23 14:25:04 | 000,033,280 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cxcir.sys -- (CXIR)
DRV - [2009-04-11 06:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2008-09-26 18:04:10 | 000,101,760 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-07-18 18:52:16 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2008-04-28 06:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2008-04-23 17:15:26 | 000,131,712 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2008-04-15 10:05:08 | 000,118,784 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008-04-08 02:24:20 | 003,548,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008-03-25 13:54:02 | 000,041,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2008-03-19 11:38:24 | 000,074,112 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2008-02-27 19:36:02 | 000,141,408 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008-02-15 18:01:18 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008-01-22 20:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2007-12-17 11:45:20 | 000,018,432 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2007-11-29 10:39:52 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2007-11-29 10:39:42 | 000,016,896 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2007-11-29 10:39:42 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2007-11-29 10:39:40 | 000,019,328 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2007-11-29 09:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007-11-09 14:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2007-10-18 14:25:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007-10-02 11:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007-07-30 11:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007-07-30 10:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007-02-28 14:00:12 | 000,108,752 | ---- | M] (DigitalPeers) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dptrackerd.sys -- (dptrackerd)
DRV - [2006-11-28 15:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006-11-20 14:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006-11-10 16:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
DRV - [2006-10-23 16:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006-10-18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006-01-13 15:00:52 | 000,015,872 | ---- | M] (Flint Incorporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\vd_filedisk.sys -- (VD_FileDisk)
DRV - [2005-01-07 05:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004-06-10 01:42:38 | 000,015,429 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sacm2A.sys -- (USBCM)
DRV - [2003-04-03 01:54:16 | 000,020,648 | ---- | M] (Thomson Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netrcacm.sys -- (netrcacm)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA
IE - HKLM\..\SearchScopes,DefaultScope = {38BDB95C-776D-45F1-8D60-9BC59853A793}
IE - HKLM\..\SearchScopes\{38BDB95C-776D-45F1-8D60-9BC59853A793}: "URL" = http://www.google.com/search?source=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEA;
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=125
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {38BDB95C-776D-45F1-8D60-9BC59853A793}
IE - HKCU\..\SearchScopes\{38BDB95C-776D-45F1-8D60-9BC59853A793}: "URL" = http://www.google.com/search?source=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEA_pl
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=cBBhGYfQVM4_LpObFNRvk9Qtc84?q={searchTerms}
IE - HKCU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = net.telkonet.pl:8080
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "Winamp Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query="
FF - prefs.js..browser.search.selectedEngine: "Allegro"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/"
FF - prefs.js..extensions.enabledItems: {5C46D283-ABDE-4dce-B83C-08881401921C}:2.1.6
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1
FF - prefs.js..extensions.enabledItems: zrzuta@klachoo.net:1.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: info@youtube-mp3.org:1.0.2
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query="
FF - prefs.js..network.proxy.autoconfig_url: "http://vectra.pl/"
FF - prefs.js..network.proxy.ftp: "net.telkonet.pl"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "net.telkonet.pl"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "net.telkonet.pl"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "net.telkonet.pl"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "net.telkonet.pl"
FF - prefs.js..network.proxy.ssl_port: 8080
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-07-19 16:23:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-04-29 23:27:42 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-07-19 16:23:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-04-29 23:27:42 | 000,000,000 | ---D | M]
 
[2009-06-15 14:18:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ania\AppData\Roaming\mozilla\Extensions
[2012-07-30 21:52:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ania\AppData\Roaming\mozilla\Firefox\Profiles\de3z0oiw.default\extensions
[2010-08-26 07:42:51 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Ania\AppData\Roaming\mozilla\Firefox\Profiles\de3z0oiw.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2010-06-29 09:51:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Ania\AppData\Roaming\mozilla\Firefox\Profiles\de3z0oiw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011-02-03 14:58:43 | 000,000,000 | ---D | M] (Elimit.pl - MovieExplorer) -- C:\Users\Ania\AppData\Roaming\mozilla\Firefox\Profiles\de3z0oiw.default\extensions\me@paprikka.pl
[2010-08-26 07:42:50 | 000,000,000 | ---D | M] (Zrzuta!) -- C:\Users\Ania\AppData\Roaming\mozilla\Firefox\Profiles\de3z0oiw.default\extensions\zrzuta@klachoo.net
[2009-11-08 16:00:06 | 000,001,201 | ---- | M] () -- C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\de3z0oiw.default\searchplugins\winamp-search.xml
[2009-12-03 11:59:35 | 000,001,979 | ---- | M] () -- C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\de3z0oiw.default\searchplugins\wrzuta.xml
[2012-04-25 13:59:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-10-14 22:00:14 | 000,372,140 | ---- | M] () (No name found) -- C:\USERS\ANIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DE3Z0OIW.DEFAULT\EXTENSIONS\{5C46D283-ABDE-4DCE-B83C-08881401921C}.XPI
[2011-07-30 18:33:25 | 000,006,796 | ---- | M] () (No name found) -- C:\USERS\ANIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DE3Z0OIW.DEFAULT\EXTENSIONS\INFO@YOUTUBE-MP3.ORG.XPI
[2012-07-19 16:23:04 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-04-08 11:21:00 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012-06-18 07:56:05 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-06-18 07:56:05 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-06-18 07:56:05 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-06-18 07:56:05 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-06-18 07:56:05 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-06-18 07:56:05 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - homepage: http://www.gazeta.pl/0,0.html?p=125
CHR - default_search_provider: Allegro (Enabled)
CHR - default_search_provider: search_url = http://www.allegro.pl/search.php?string={searchTerms}
CHR - default_search_provider: suggest_url = 
CHR - homepage: http://www.gazeta.pl/0,0.html?p=125
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Ania\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa2\npPicasa3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Angry Birds = C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Angry Birds Top Secrets = C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\bckhdpnmdebmdcbinjgfjfmknioahfga\0.0.1_0\
CHR - Extension: Angry Birds Tips And Tricks = C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\beogljmmjlfhemgfbnddmnlkfbfoiobj\0.1_0\
CHR - Extension: Gmail offline = C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.19_0\
CHR - Extension: AT_DolceGabbana = C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpfbmpaebheclpaopjodkelcihldloih\2_0\
CHR - Extension: Angry Birds Matching = C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifanmpagcgjcfkehjbabmegghigachak\3.1.3_0\
CHR - Extension: Angry Bird Social = C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaelbdejafkiipkpmnochcbdlddadcga\0.0.1_0\
 
O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll File not found
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Ania\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll File not found
O3 - HKLM\..\Toolbar: (&Tłumaczenie) - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - C:\Program Files\Techland\English Translator XT\InternetTranslator.dll (Techland)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [cfFncEnabler.exe] cfFncEnabler.exe File not found
O4 - HKLM..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe ( )
O4 - HKLM..\Run: [HDMICtrlMan] C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.)
O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey File not found
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe ()
O4 - HKLM..\Run: [OPSE reminder] C:\Program Files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [OpwareSE2] C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe ()
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe (Toshiba Europe GmbH)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ABBYY Screenshot Reader Retail]  File not found
O4 - HKCU..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()
O4 - HKCU..\Run: [AQQ] C:\Program Files\WapSter\WapSter AQQ\AQQ.exe (Creative Team S.A.)
O4 - HKCU..\Run: [cdoosoft] C:\Windows\system32\olhrwef.exe File not found
O4 - HKCU..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKCU..\Run: [EADM] C:\Program Files\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [KiesTrayAgent]  File not found
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKCU..\RunOnce: [036DFF850007DFC1025D79012F3B707C] C:\ProgramData\036DFF850007DFC1025D79012F3B707C\036DFF850007DFC1025D79012F3B707C.exe ()
O4 - Startup: C:\Users\Ania\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\camtrack.exe (DigitalPeers)
O4 - Startup: C:\Users\Ania\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Wyślij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/4908-44618-9400-3/4 File not found
O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home File not found
O9 - Extra 'Tools' menuitem : @C:\Program Files\Techland\English Translator XT\InternetTranslator.dll,-103 - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files\Techland\English Translator XT\InternetTranslator.dll (Techland)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Lokalny intranet)
O15 - HKCU\..Trusted Domains: mks.com.pl ([www] https in Zaufane witryny)
O15 - HKCU\..Trusted Ranges: GD ([http] in Lokalny intranet)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.132.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{413A3BE9-D369-438B-9EA3-D07665D784E0}: DhcpNameServer = 192.168.132.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4E5E139-F1A7-48E7-B372-728D1FE136F0}: DhcpNameServer = 192.168.132.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) -  File not found
O24 - Desktop WallPaper: C:\Users\Ania\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Ania\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{27330561-77bc-11df-89e0-001e339218fc}\Shell - "" = AutoRun
O33 - MountPoints2\{27330561-77bc-11df-89e0-001e339218fc}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{27330579-77bc-11df-89e0-001e339218fc}\Shell - "" = AutoRun
O33 - MountPoints2\{27330579-77bc-11df-89e0-001e339218fc}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{2733057c-77bc-11df-89e0-001e339218fc}\Shell - "" = AutoRun
O33 - MountPoints2\{2733057c-77bc-11df-89e0-001e339218fc}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{5859174e-7848-11df-8cf2-00037a9e49f9}\Shell - "" = AutoRun
O33 - MountPoints2\{5859174e-7848-11df-8cf2-00037a9e49f9}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{5859175c-7848-11df-8cf2-00037a9e49f9}\Shell - "" = AutoRun
O33 - MountPoints2\{5859175c-7848-11df-8cf2-00037a9e49f9}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{d0bf3d56-a431-11de-a0a9-001e339218fc}\Shell\AutoRun\command - "" = D:\hkn6k.bat
O33 - MountPoints2\{d0bf3d56-a431-11de-a0a9-001e339218fc}\Shell\open\Command - "" = D:\hkn6k.bat
O33 - MountPoints2\{e5a50462-7ab8-11df-8165-001e339218fc}\Shell - "" = AutoRun
O33 - MountPoints2\{e5a50462-7ab8-11df-8165-001e339218fc}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{e5a50465-7ab8-11df-8165-001e339218fc}\Shell - "" = AutoRun
O33 - MountPoints2\{e5a50465-7ab8-11df-8165-001e339218fc}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{f3e4211d-8b4e-11df-b9f5-001e339218fc}\Shell\AutoRun\command - "" = H:\PMBP_Win.exe
O33 - MountPoints2\{f48eeaae-e99f-11de-94e3-001e339218fc}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL maDZIA.eXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-07-31 21:28:51 | 000,000,000 | ---D | C] -- C:\ProgramData\036DFF850007DFC1025D79012F3B707C
[2012-07-25 21:27:05 | 000,000,000 | ---D | C] -- C:\Users\Ania\Desktop\Zdjęcia Agi
[2012-07-25 20:33:24 | 000,000,000 | ---D | C] -- C:\Users\Ania\Desktop\Zdjęcia z tel
[2012-07-17 22:24:47 | 000,000,000 | ---D | C] -- C:\Users\Ania\Desktop\Biżuteria
[2012-07-17 20:27:58 | 000,000,000 | ---D | C] -- C:\Users\Ania\Desktop\Fryzury ślubne
[2012-07-17 15:38:21 | 000,000,000 | ---D | C] -- C:\Users\Ania\Desktop\Zakupy
[2012-07-17 15:36:59 | 000,000,000 | ---D | C] -- C:\Users\Ania\Desktop\Telefon Monte
[2012-07-17 15:36:42 | 000,000,000 | ---D | C] -- C:\Users\Ania\Desktop\Ślub
[2012-07-12 00:18:42 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012-07-11 21:20:14 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2 C:\Users\Ania\Desktop\*.tmp files -> C:\Users\Ania\Desktop\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-07-31 22:34:57 | 000,001,356 | ---- | M] () -- C:\Users\Ania\AppData\Local\d3d9caps.dat
[2012-07-31 22:25:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-07-31 22:23:31 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012-07-31 22:23:30 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-07-31 22:23:30 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-07-31 22:18:00 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{43A94F3B-BA95-488B-BFF2-435F680854FD}.job
[2012-07-31 22:01:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-07-31 21:37:19 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-07-31 21:33:02 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-07-31 19:07:39 | 002,379,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-07-30 17:16:36 | 000,124,340 | ---- | M] () -- C:\Users\Ania\Desktop\see_canyon_fruit_ranch_005.jpg
[2012-07-30 17:15:14 | 000,085,620 | ---- | M] () -- C:\Users\Ania\Desktop\bukiett.jpg
[2012-07-30 10:33:18 | 000,672,140 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-07-30 10:33:18 | 000,600,690 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-07-30 10:33:18 | 000,130,516 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-07-30 10:33:18 | 000,108,572 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-07-26 23:01:17 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-07-26 23:01:17 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012-07-19 14:27:10 | 000,018,034 | ---- | M] () -- C:\Users\Ania\Desktop\TBartoszewicz.jpg
[2012-07-18 22:05:03 | 000,168,960 | ---- | M] () -- C:\Users\Ania\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-07-12 13:31:33 | 000,001,976 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012-07-04 20:30:37 | 000,002,432 | ---- | M] () -- C:\Users\Ania\AppData\Local\TempXm4204.html
[2 C:\Users\Ania\Desktop\*.tmp files -> C:\Users\Ania\Desktop\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-07-30 17:16:35 | 000,124,340 | ---- | C] () -- C:\Users\Ania\Desktop\see_canyon_fruit_ranch_005.jpg
[2012-07-30 17:15:06 | 000,085,620 | ---- | C] () -- C:\Users\Ania\Desktop\bukiett.jpg
[2012-07-19 14:27:06 | 000,018,034 | ---- | C] () -- C:\Users\Ania\Desktop\TBartoszewicz.jpg
[2012-07-04 20:30:16 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempXm4204.html
[2012-06-07 17:39:31 | 000,716,813 | ---- | C] () -- C:\Windows\unins000.exe
[2012-06-07 17:08:31 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2011-10-15 16:34:50 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempbC5164.html
[2011-09-01 13:24:03 | 000,485,240 | ---- | C] () -- C:\Windows\ssndii.exe
[2011-09-01 13:23:31 | 000,116,600 | ---- | C] () -- C:\Windows\Wiainst.exe
[2011-09-01 13:22:44 | 000,274,432 | R--- | C] () -- C:\Windows\System32\SaMinDrv.dll
[2011-09-01 13:22:44 | 000,106,496 | R--- | C] () -- C:\Windows\System32\SaImgFlt.dll
[2011-09-01 13:22:44 | 000,090,112 | R--- | C] () -- C:\Windows\System32\SaSegFlt.dll
[2011-09-01 13:22:44 | 000,061,440 | R--- | C] () -- C:\Windows\System32\SaErHdlr.dll
[2011-09-01 13:19:36 | 000,026,624 | ---- | C] () -- C:\Windows\System32\ssb3ml3.dll
[2011-01-14 17:03:33 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempCF6064.html
[2011-01-14 17:03:33 | 000,002,089 | ---- | C] () -- C:\Users\Ania\AppData\Local\Tempms6064.html
[2010-12-20 11:21:14 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempmO1252.html
[2010-11-23 16:36:49 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempCu2780.html
[2010-11-23 16:36:49 | 000,002,089 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempSB2780.html
[2010-11-19 17:18:36 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempWh2472.html
[2010-11-19 17:18:36 | 000,002,089 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempVr2472.html
[2010-11-16 20:49:47 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempPT8056.html
[2010-11-02 17:19:26 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempcQ4128.html
[2010-10-27 21:01:08 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempqS3376.html
[2010-10-19 21:31:35 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempRI4892.html
[2010-09-30 13:27:56 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempFL5532.html
[2010-09-30 13:27:56 | 000,002,089 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempFk5532.html
[2010-09-15 11:10:57 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempYW3720.html
[2010-09-12 10:02:21 | 000,508,509 | ---- | C] () -- C:\Windows\unins000.dat
[2010-09-11 11:46:28 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempEK4152.html
[2010-09-08 13:39:49 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempqW3228.html
[2010-09-02 19:39:31 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempCr3240.html
[2010-09-02 13:21:51 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\Tempvc1404.html
[2010-09-01 13:16:16 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempCJ3952.html
[2010-09-01 10:57:28 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempRg2772.html
[2010-08-31 13:14:03 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempWB3428.html
[2010-08-30 13:20:08 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempkA3488.html
[2010-08-30 13:20:08 | 000,002,089 | ---- | C] () -- C:\Users\Ania\AppData\Local\Tempep3488.html
[2010-08-30 09:26:50 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempWF2220.html
[2010-08-30 09:26:50 | 000,002,089 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempXE2220.html
[2010-08-29 19:33:26 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempjA3324.html
[2010-08-29 19:33:26 | 000,002,089 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempHB3324.html
[2010-08-28 19:56:18 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempxL7676.html
[2010-08-28 18:50:01 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempLt6008.html
[2010-08-28 16:10:14 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempkS4164.html
[2010-08-27 20:47:54 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempQe3556.html
[2010-08-27 20:47:54 | 000,002,089 | ---- | C] () -- C:\Users\Ania\AppData\Local\Templk3556.html
[2010-08-27 13:07:08 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempND4108.html
[2010-08-27 13:07:08 | 000,002,089 | ---- | C] () -- C:\Users\Ania\AppData\Local\Tempuu4108.html
[2010-08-27 10:16:37 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempxE4136.html
[2010-08-27 10:16:37 | 000,002,089 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempKl4136.html
[2010-08-27 08:54:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010-08-27 08:54:38 | 000,036,640 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010-08-27 07:54:07 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\Tempuw1928.html
[2010-08-26 11:38:39 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\Tempob2432.html
[2010-08-26 11:38:39 | 000,002,089 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempZg2432.html
[2010-08-26 07:41:09 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempgE4136.html
[2010-08-26 07:41:09 | 000,002,089 | ---- | C] () -- C:\Users\Ania\AppData\Local\TemprH4136.html
[2010-08-25 19:18:55 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\Tempry4140.html
[2010-08-25 19:18:55 | 000,002,089 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempfH4140.html
[2010-08-25 08:14:32 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\Tempdd4208.html
[2010-08-24 21:38:27 | 000,644,608 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010-08-24 21:38:27 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2010-08-24 18:28:07 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempzY6248.html
[2010-08-24 18:28:07 | 000,002,089 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempZU6248.html
[2010-08-24 14:38:40 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempIY3348.html
[2010-08-24 14:38:40 | 000,002,089 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempMf3348.html
[2010-08-24 09:04:24 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempyWO936.html
[2010-08-24 09:04:24 | 000,002,089 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempNqD936.html
[2010-08-23 18:50:14 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempLI4292.html
[2010-08-22 21:57:13 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempJV4128.html
[2010-08-22 21:47:10 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\Tempns4128.html
[2010-08-22 21:47:10 | 000,002,089 | ---- | C] () -- C:\Users\Ania\AppData\Local\Temphb4128.html
[2010-08-22 15:00:43 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempRr4492.html
[2010-08-21 16:36:46 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\Tempsb4768.html
[2010-08-21 16:36:46 | 000,002,089 | ---- | C] () -- C:\Users\Ania\AppData\Local\Tempdy4768.html
[2010-08-20 19:37:40 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempYS4184.html
[2010-08-20 13:33:59 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempGj3528.html
[2010-08-20 11:37:03 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempPn4144.html
[2010-08-18 11:40:25 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempMp1872.html
[2010-08-18 11:40:25 | 000,002,089 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempQE1872.html
[2010-08-18 10:33:09 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempKJ1872.html
[2010-08-18 10:27:08 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\Tempsb1872.html
[2010-08-18 08:52:00 | 000,002,432 | ---- | C] () -- C:\Users\Ania\AppData\Local\TempMw1872.html
[2010-08-18 08:52:00 | 000,002,089 | ---- | C] () -- C:\Users\Ania\AppData\Local\TemplU1872.html
[2009-12-27 14:49:35 | 000,004,096 | -H-- | C] () -- C:\Users\Ania\AppData\Local\keyfile3.drm
[2009-10-06 18:10:27 | 000,000,090 | ---- | C] () -- C:\Users\Ania\AppData\Roaming\XTDocSettings.ini
[2009-07-26 11:09:40 | 000,001,024 | ---- | C] () -- C:\Users\Ania\.rnd
[2009-07-26 10:21:49 | 000,001,356 | ---- | C] () -- C:\Users\Ania\AppData\Local\d3d9caps.dat
[2009-06-21 22:25:25 | 000,000,110 | ---- | C] () -- C:\Users\Ania\AppData\Roaming\wklnhst.dat
[2009-06-15 14:13:53 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009-06-12 13:12:24 | 000,168,960 | ---- | C] () -- C:\Users\Ania\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:C8B8CEBD

< End of report >