x-kom hosting

Wirusy (viruty?) - logi z hjt

kcr
utworzono
utworzono (edytowane)

Witam,
Mam problem z wirusami ktore blokuja mi dostep do stron antywirusowych i mirosoft'u itp. Podaje log z Hijackthis: http://wklej.to/fGkq
Co zrobic, zeby sie ich pozbyc? Prosze o pomoc.

Tomek01
komentarz
komentarz

Wrzuć logi OTL i RSIT, wstaw je w odpowiednim formacie.

kcr
komentarz
komentarz

OTL:

[log]OTL logfile created on: 2010-11-23 19:14:34 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\euro\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 58,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 3,97 Gb Free Space | 2,66% Space Free | Partition Type: NTFS
Drive E: | 147,58 Gb Total Space | 60,07 Gb Free Space | 40,70% Space Free | Partition Type: NTFS

Computer Name: EURO-PC | User Name: euro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-11-23 19:13:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\euro\Desktop\OTL.exe
PRC - [2010-11-19 09:21:00 | 007,965,696 | ---- | M] (Creative Team S.A.) -- E:\Programy\WapSter\WapSter AQQ\AQQ.exe
PRC - [2010-10-29 14:56:45 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-10-29 14:56:38 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-08-17 14:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2010-03-30 11:16:16 | 001,820,040 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2010-03-30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009-12-07 15:48:46 | 000,862,208 | ---- | M] (Murray Hurps Corp Pty Ltd) -- E:\Programy\Ad Muncher\AdMunch.exe
PRC - [2009-11-11 16:33:04 | 003,171,760 | ---- | M] (Tonec Inc.) -- E:\Programy\Internet Download Manager\IDMan.exe
PRC - [2009-11-04 16:45:32 | 000,360,448 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009-11-04 16:45:02 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009-10-30 15:08:26 | 000,486,216 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2009-10-30 15:05:48 | 001,021,256 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2009-10-30 12:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- E:\Programy\DAEMON Tools Lite\DTLite.exe
PRC - [2009-10-22 08:43:58 | 002,548,056 | ---- | M] (Razer USA Ltd) -- C:\Program Files\Razer\Orochi\RazerOrochiTray.exe
PRC - [2009-10-20 19:34:38 | 000,207,376 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
PRC - [2009-10-15 10:51:51 | 000,263,600 | ---- | M] (Tonec Inc.) -- E:\Programy\Internet Download Manager\IEMonitor.exe
PRC - [2009-08-24 10:27:34 | 007,719,456 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2009-06-15 13:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2009-04-22 17:38:50 | 000,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2009-04-22 17:37:16 | 000,065,536 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2008-12-05 16:11:54 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008-10-29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008-10-02 09:05:12 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008-08-26 14:26:44 | 000,099,720 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
PRC - [2008-08-25 09:58:20 | 000,077,824 | ---- | M] (Toshiba) -- C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
PRC - [2008-08-19 21:34:32 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008-08-18 22:22:56 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
PRC - [2008-08-18 22:22:02 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2008-07-30 09:02:08 | 000,667,648 | ---- | M] (TOSHIBA Corporation.) -- C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe
PRC - [2008-07-15 19:12:00 | 000,726,904 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
PRC - [2008-07-15 15:16:58 | 000,106,496 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe
PRC - [2008-07-10 16:58:40 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2008-07-10 16:57:30 | 000,634,880 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
PRC - [2008-07-04 13:51:54 | 000,430,080 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2008-06-24 09:06:14 | 000,509,816 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe
PRC - [2008-06-20 02:14:44 | 000,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
PRC - [2008-05-22 21:54:42 | 000,120,168 | ---- | M] (TOSHIBA CORPORATION) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2008-05-20 13:42:00 | 000,716,800 | ---- | M] (TOSHIBA Corporation.) -- C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
PRC - [2008-04-16 23:19:16 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
PRC - [2008-01-21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2008-01-21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2008-01-21 03:25:00 | 002,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
PRC - [2008-01-21 03:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2008-01-21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2008-01-21 03:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2008-01-21 03:24:44 | 000,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
PRC - [2008-01-21 03:24:44 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2008-01-21 03:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2008-01-21 03:23:44 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2008-01-21 03:23:29 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2008-01-21 03:23:29 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanext.exe
PRC - [2007-12-15 14:29:06 | 000,184,320 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\Apoint.exe
PRC - [2007-12-07 17:58:24 | 000,077,824 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\Tss\Instrument API\bin\tray.exe
PRC - [2007-12-07 17:55:08 | 000,380,928 | ---- | M] () -- C:\Program Files\Common Files\Nokia\Tss\Instrument API\bin\root.exe
PRC - [2007-11-21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2007-10-25 16:23:36 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\ApntEx.exe
PRC - [2007-09-28 15:03:46 | 000,075,136 | ---- | M] ( TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
PRC - [2007-09-12 13:40:38 | 000,050,472 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\ApMsgFwd.exe
PRC - [2006-11-06 16:14:44 | 000,034,352 | ---- | M] () -- C:\Program Files\Toshiba\Utilities\KeNotify.exe
PRC - [2006-10-05 11:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006-08-23 15:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006-02-28 12:42:38 | 000,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-11-23 19:13:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\euro\Desktop\OTL.exe
MOD - [2010-08-31 16:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
MOD - [2010-07-26 17:55:26 | 011,581,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2010-06-28 17:15:53 | 001,315,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2010-04-16 17:10:45 | 000,501,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2009-12-07 15:48:46 | 000,030,208 | ---- | M] (Murray Hurps Corp Pty Ltd) -- E:\Programy\Ad Muncher\AM31318.dll
MOD - [2009-07-17 15:35:11 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009-06-15 16:24:05 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2009-04-23 13:43:04 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2009-03-26 16:35:39 | 000,034,224 | ---- | M] (Tonec Inc.) -- E:\Programy\Internet Download Manager\idmmkb.dll
MOD - [2009-02-13 09:49:05 | 000,888,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2008-10-21 06:25:18 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2008-10-16 05:47:33 | 000,466,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
MOD - [2008-05-27 06:17:46 | 000,754,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2008-02-29 07:53:38 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2008-01-21 03:25:01 | 001,203,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2008-01-21 03:25:00 | 000,563,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2008-01-21 03:24:57 | 000,806,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2008-01-21 03:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll
MOD - [2008-01-21 03:24:47 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll
MOD - [2008-01-21 03:24:46 | 001,590,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2008-01-21 03:24:38 | 000,450,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2008-01-21 03:24:37 | 000,351,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2008-01-21 03:24:37 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
MOD - [2008-01-21 03:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008-01-21 03:24:37 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2008-01-21 03:24:36 | 000,680,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2008-01-21 03:24:27 | 000,798,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2008-01-21 03:24:26 | 001,076,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2008-01-21 03:24:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2008-01-21 03:24:24 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2008-01-21 03:24:24 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2008-01-21 03:24:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2008-01-21 03:24:23 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll
MOD - [2008-01-21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2008-01-21 03:24:14 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
MOD - [2008-01-21 03:24:14 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2008-01-21 03:24:13 | 000,289,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2008-01-21 03:24:11 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2008-01-21 03:24:10 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2008-01-21 03:24:10 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2008-01-21 03:23:50 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2008-01-21 03:23:44 | 001,067,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2008-01-21 03:23:43 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2008-01-21 03:23:42 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2008-01-21 03:23:27 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2006-11-02 10:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- -- (xaqrgbg)
SRV - [2010-09-05 12:06:37 | 000,340,520 | ---- | M] (Kaspersky Lab) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP)
SRV - [2010-03-30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010-02-02 21:01:27 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010-01-01 11:17:08 | 000,321,320 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009-12-16 19:55:17 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009-11-04 16:45:02 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (Ati External Event Utility)
SRV - [2009-10-30 15:05:48 | 001,021,256 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2009-10-30 15:01:00 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2008-12-05 16:11:54 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008-08-26 14:26:44 | 000,099,720 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files\Toshiba TEMPRO\TempoSVC.exe -- (TempoMonitoringService)
SRV - [2008-08-25 09:58:20 | 000,077,824 | ---- | M] (Toshiba) [On_Demand | Running] -- C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv)
SRV - [2008-08-19 21:34:32 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008-08-18 22:22:02 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2008-07-15 15:16:58 | 000,106,496 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2008-07-10 16:58:40 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008-05-22 21:54:42 | 000,120,168 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2008-04-16 15:53:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\Jumpstart\jswpsapi.exe -- (jswpsapi)
SRV - [2008-01-21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-11-21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2006-10-05 11:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006-08-23 15:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\vserial.sys -- (vserial)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\TpChoice.sys -- (TpChoice)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2010-11-19 10:37:47 | 000,010,454 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\parldr2k.sys -- (PARLDR2K)
DRV - [2010-11-19 10:34:20 | 000,034,048 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\flsvcom.sys -- (FLSVCOM)
DRV - [2010-11-19 10:34:20 | 000,016,314 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\flspar.sys -- (FLSPAR)
DRV - [2010-11-19 10:34:20 | 000,013,440 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\flsiface.sys -- (FLSIFACE)
DRV - [2010-11-19 10:34:20 | 000,008,344 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\flsser.sys -- (FLSSER)
DRV - [2010-11-19 10:34:18 | 000,033,404 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\fle5wnnt.sys -- (FLE5WNNT)
DRV - [2010-11-19 10:33:03 | 000,049,720 | ---- | M] (Data Encryption Systems Limited) [Kernel | System | Running] -- C:\Windows\System32\drivers\dk2drv.sys -- (dk2drv)
DRV - [2010-10-11 18:38:12 | 000,005,120 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Dark Stars Network\Season 5\MuGuard\llck.sys -- (LLRING0)
DRV - [2010-02-03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009-12-28 18:31:35 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009-12-28 18:31:35 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009-12-28 16:01:01 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-12-06 22:55:17 | 000,311,312 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2009-11-20 15:26:50 | 000,025,984 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2009-11-04 17:16:46 | 005,079,040 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009-10-14 20:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\klbg.sys -- (klbg)
DRV - [2009-10-14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009-10-06 11:56:34 | 000,136,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009-10-06 11:56:32 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009-10-02 18:39:36 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009-09-30 15:31:46 | 000,103,440 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009-09-14 13:46:36 | 000,021,520 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009-09-01 14:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
DRV - [2009-08-24 10:19:10 | 002,754,336 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-08-19 21:01:44 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2008-08-07 16:01:44 | 000,097,536 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008-08-06 15:26:08 | 000,124,928 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008-07-28 15:53:48 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008-07-15 19:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2008-05-23 02:07:16 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2008-05-13 15:16:06 | 000,064,000 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2008-05-07 10:30:12 | 000,025,896 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter)
DRV - [2008-04-28 16:59:18 | 000,020,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf)
DRV - [2008-04-28 08:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2008-04-23 16:15:26 | 000,131,712 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2008-03-25 12:54:02 | 000,041,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2008-03-19 10:38:24 | 000,074,112 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2008-02-06 23:23:46 | 000,166,448 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008-01-22 19:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2008-01-21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008-01-21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008-01-21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008-01-21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008-01-21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008-01-21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008-01-21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008-01-21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008-01-21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008-01-21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008-01-21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008-01-21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008-01-21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008-01-21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008-01-21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008-01-21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008-01-21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008-01-21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008-01-21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008-01-21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008-01-21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008-01-21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008-01-21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008-01-21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008-01-21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007-12-14 10:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007-11-29 08:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007-11-09 13:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007-06-29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2006-11-28 14:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006-10-23 15:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2005-07-11 17:58:00 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Toshidpt.sys -- (toshidpt)
DRV - [2005-01-07 04:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-232952699-1772018591-989298238-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;
IE - HKU\S-1-5-21-232952699-1772018591-989298238-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://shop.thefreevpn.com/home.php
IE - HKU\S-1-5-21-232952699-1772018591-989298238-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-232952699-1772018591-989298238-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-232952699-1772018591-989298238-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: autofillForms@blueimp.net:0.9.6.1
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:6.8
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..extensions.enabledItems: check4change-owner@mozdev.org:1.7.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.4
FF - prefs.js..extensions.enabledItems: lockerzplayextended@flies:2.5.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-10-31 21:04:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-10-29 14:56:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2009-12-06 22:49:47 | 000,000,000 | ---D | M]

[2009-12-06 18:22:48 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\mozilla\Extensions
[2010-11-22 23:09:22 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions
[2010-10-22 14:12:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2010-04-27 22:14:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-06-04 17:35:06 | 000,000,000 | ---D | M] (MinimizeToTray Plus) -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\{de1b245c-de57-11da-ba2d-0050c2490048}
[2010-04-27 22:14:35 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010-09-19 10:24:03 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\autofillForms@blueimp.net
[2010-09-19 10:24:03 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\check4change-owner@mozdev.org
[2010-08-29 12:22:05 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies
[2010-05-26 20:55:01 | 000,001,313 | ---- | M] () -- C:\Users\euro\AppData\Roaming\Mozilla\FireFox\Profiles\xf2ajzxv.default\searchplugins\zgapapl.xml
[2010-11-22 23:09:22 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-05-18 18:36:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-08-29 19:10:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2009-12-06 22:50:46 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010-07-17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-08-30 12:50:44 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-08-30 12:50:44 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-08-30 12:50:44 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-08-30 12:50:45 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-08-30 12:50:45 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-08-30 12:50:45 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-10-31 20:46:14 | 000,000,164 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\Programy\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - E:\Programy\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-232952699-1772018591-989298238-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Ad Muncher] e:\Programy\Ad Muncher\AdMunch.exe (Murray Hurps Corp Pty Ltd)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [cfFncEnabler.exe] File not found
O4 - HKLM..\Run: [HDMICtrlMan] C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.)
O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [KeNotify] C:\Program Files\Toshiba\Utilities\KeNotify.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [Razer Orochi Driver] C:\Program Files\Razer\Orochi\RazerOrochiTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-232952699-1772018591-989298238-1000..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-232952699-1772018591-989298238-1000..\Run: [AQQ] E:\Programy\WapSter\WapSter AQQ\AQQ.exe (Creative Team S.A.)
O4 - HKU\S-1-5-21-232952699-1772018591-989298238-1000..\Run: [DAEMON Tools Lite] E:\Programy\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-232952699-1772018591-989298238-1000..\Run: [IDMan] E:\Programy\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-232952699-1772018591-989298238-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-232952699-1772018591-989298238-1000..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-232952699-1772018591-989298238-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-232952699-1772018591-989298238-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKU\S-1-5-21-232952699-1772018591-989298238-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O8 - Extra context menu item: Ściągnij przez IDM - E:\Programy\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - E:\Programy\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - E:\Programy\Internet Download Manager\IEGetVL.htm ()
O9 - Extra Button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Kolekcja wycinków HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - E:\Programy\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Zaznaczanie HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - E:\Programy\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - File not found
O9 - Extra Button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Programy\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-232952699-1772018591-989298238-1000\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)
O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - E:\Programy\Fences\FencesMenu.dll (Stardock)
O24 - Desktop WallPaper: C:\Users\euro\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\euro\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010-11-11 20:37:20 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-11-11 20:37:20 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{f9211843-e2a8-11de-8a8d-00235a01a141}\Shell\AutoRun\command - "" = G:\EXPLORER.EXE -- File not found
O33 - MountPoints2\{f9211843-e2a8-11de-8a8d-00235a01a141}\Shell\explore\Command - "" = G:\EXPLORER.EXE -- File not found
O33 - MountPoints2\{f9211843-e2a8-11de-8a8d-00235a01a141}\Shell\open\Command - "" = G:\EXPLORER.EXE -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: xaqrgbg - File not found

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - E:\Programy\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]Camera Assistant Software[/b] - hkey= - key= - C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
MsConfig - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - E:\Programy\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig - StartUpReg: [b]Google Desktop Search[/b] - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: [b]Google EULA Launcher[/b] - hkey= - key= - c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe ( )
MsConfig - StartUpReg: [b]HP Software Update[/b] - hkey= - key= - E:\Programy\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
MsConfig - StartUpReg: [b]IDMan[/b] - hkey= - key= - e:\Programy\Internet Download Manager\IDMan.exe (Tonec Inc.)
MsConfig - StartUpReg: [b]jswtrayutil[/b] - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: [b]MyKeys[/b] - hkey= - key= - C:\Program Files\mfk\MFK.EXE ()
MsConfig - StartUpReg: [b]swg[/b] - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - StartUpReg: [b]topi[/b] - hkey= - key= - C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
MsConfig - StartUpReg: [b]Toshiba TEMPO[/b] - hkey= - key= - C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe (Toshiba Europe GmbH)
MsConfig - StartUpReg: [b]winsec32[/b] - hkey= - key= - Reg Error: Value error. File not found
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-11-23 19:12:54 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\euro\Desktop\OTL.exe
[2010-11-23 14:02:12 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010-11-22 19:43:44 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Nowy folder
[2010-11-19 19:09:12 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\EuroTEST
[2010-11-19 16:42:07 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\ISO-8859-2__SpCC
[2010-11-19 16:13:59 | 000,000,000 | ---D | C] -- C:\Program Files\ODEON
[2010-11-19 16:13:30 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\jaf_1.98.62__pkeyv5_www.przeklej.pl
[2010-11-19 14:22:56 | 000,000,000 | ---D | C] -- C:\Users\euro\Documents\Criterion Games
[2010-11-19 13:32:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[2010-11-19 12:16:33 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Roaming\Nokia
[2010-11-19 11:38:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2010-11-19 10:37:47 | 000,010,454 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\parldr2k.sys
[2010-11-19 10:34:20 | 000,079,408 | ---- | C] (DESkey) -- C:\Windows\System32\flsport.cpl
[2010-11-19 10:34:20 | 000,051,798 | ---- | C] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLSUSB\FLSUSB.SYS
[2010-11-19 10:34:20 | 000,051,798 | ---- | C] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLSUSB.SYS
[2010-11-19 10:34:20 | 000,050,175 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLSUSB\FlsFWLdr.sys
[2010-11-19 10:34:20 | 000,050,175 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FlsFWLdr.sys
[2010-11-19 10:34:20 | 000,034,048 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flsvcom.sys
[2010-11-19 10:34:20 | 000,016,314 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flspar.sys
[2010-11-19 10:34:20 | 000,013,440 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flsiface.sys
[2010-11-19 10:34:20 | 000,008,344 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flsser.sys
[2010-11-19 10:34:20 | 000,000,000 | ---D | C] -- C:\ProgramData\DESkey
[2010-11-19 10:34:19 | 000,078,997 | ---- | C] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLSUSB\FLS5USB.SYS
[2010-11-19 10:34:19 | 000,078,997 | ---- | C] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLS5USB.SYS
[2010-11-19 10:34:19 | 000,072,479 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLSUSB\FLS5FWLD.SYS
[2010-11-19 10:34:19 | 000,072,479 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLS5FWLD.SYS
[2010-11-19 10:34:19 | 000,003,984 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\flscoins.dll
[2010-11-19 10:34:19 | 000,003,984 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLSUSB\flscoins.dll
[2010-11-19 10:34:18 | 000,417,792 | ---- | C] (NMP) -- C:\Windows\System32\fls1wn32.dll
[2010-11-19 10:34:18 | 000,080,160 | ---- | C] (NMP) -- C:\Windows\System32\fls1wn16.dll
[2010-11-19 10:34:18 | 000,061,440 | ---- | C] (Data Encryption Systems Ltd) -- C:\Windows\System32\fle5wn32.dll
[2010-11-19 10:34:18 | 000,053,248 | ---- | C] (Data Encryption Systems Ltd) -- C:\Windows\System32\FLS5FL32.DLL
[2010-11-19 10:34:18 | 000,033,404 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\fle5wnnt.sys
[2010-11-19 10:34:17 | 000,022,064 | ---- | C] (NMP) -- C:\Windows\System32\fle5wn16.dll
[2010-11-19 10:34:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\FLSUSB
[2010-11-19 10:33:05 | 000,092,984 | ---- | C] (Data Encryption Systems Ltd) -- C:\Windows\System32\DNClnt32.dll
[2010-11-19 10:33:05 | 000,089,400 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\DNCP32.DLL
[2010-11-19 10:33:05 | 000,064,312 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\vercp32.dll
[2010-11-19 10:33:04 | 000,032,208 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\dk2win16.dll
[2010-11-19 10:33:04 | 000,030,520 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\DK2UInst.exe
[2010-11-19 10:33:04 | 000,024,488 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\dk2vdd.dll
[2010-11-19 10:33:04 | 000,011,576 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\DKCLINST.DLL
[2010-11-19 10:33:03 | 000,076,600 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\dk2cp32.dll
[2010-11-19 10:33:03 | 000,060,216 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\DESkey32.cpl
[2010-11-19 10:33:03 | 000,049,720 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\dk2drv.sys
[2010-11-19 10:33:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESkey
[2010-11-19 10:30:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2010-11-19 10:27:18 | 000,090,624 | ---- | C] (Nokia) -- C:\Windows\System32\nmwcdcls.dll
[2010-11-19 10:27:16 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2010-11-14 16:57:34 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\path
[2010-11-11 20:37:20 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010-11-11 18:09:19 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Roaming\Server121
[2010-11-11 18:08:10 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\ServerHey0121
[2010-11-11 17:55:16 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Minecraft_mod 125
[2010-11-11 17:51:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\world
[2010-11-11 17:44:53 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Roaming\bckup
[2010-11-11 13:31:54 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Minecraft Alpha Server by AmanRuleZ[K0xRLZ]
[2010-11-11 13:30:03 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Local\LogMeIn Hamachi
[2010-11-11 13:29:20 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2010-11-11 11:12:09 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Roaming\.minecraft
[2010-11-02 16:53:22 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Eldo - 27 (2007)
[2010-10-29 15:29:41 | 000,000,000 | ---D | C] -- C:\Program Files\Razer
[2010-10-23 18:57:21 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Roaming\BlackBean
[2010-10-22 16:05:08 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Abradab-Ostatni_Poziom_Kontroli-PL-2008
[2010-10-19 17:41:26 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\AbradAb - Abradabing [2010]-P24
[2010-10-15 14:45:41 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010-10-14 12:10:24 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010-10-14 12:10:15 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010-10-14 12:10:06 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010-10-14 12:10:05 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010-10-14 12:10:05 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010-10-14 12:10:04 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010-10-14 12:10:02 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010-10-14 12:09:57 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010-10-14 12:09:56 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010-10-14 12:09:55 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010-10-14 12:09:55 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010-10-14 12:09:55 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010-10-14 12:09:55 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010-10-14 12:09:55 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010-10-14 12:09:55 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010-10-14 12:09:55 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2010-10-14 12:09:55 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010-10-13 20:02:23 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Bass_Time_Continuum_-_Bass_Junkie
[2010-10-10 13:13:12 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\VA _- C A_V 37 2010__
[2010-10-10 12:58:09 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\the_classic_proyect2_by_angel
[2010-10-10 09:41:03 | 000,000,000 | ---D | C] -- C:\Program Files\Dark Stars Network
[2010-10-02 16:12:13 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Opracowania_Lektur
[2010-09-29 16:27:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[38 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-11-23 19:13:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\euro\Desktop\OTL.exe
[2010-11-23 18:50:01 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010-11-23 17:37:10 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010-11-23 17:37:10 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010-11-23 16:01:00 | 000,688,488 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2010-11-23 16:01:00 | 000,596,566 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010-11-23 16:01:00 | 000,136,144 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2010-11-23 16:01:00 | 000,110,254 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010-11-23 15:55:53 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010-11-23 14:02:12 | 000,001,885 | ---- | M] () -- C:\Users\euro\Desktop\HijackThis.lnk
[2010-11-23 13:37:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-11-23 13:37:01 | 3186,016,256 | -HS- | M] () -- C:\hiberfil.sys
[2010-11-22 22:04:42 | 000,144,384 | ---- | M] () -- C:\Users\euro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-11-22 17:45:28 | 003,128,874 | ---- | M] () -- C:\Users\euro\Desktop\Opposite Of Adults - Chiddy Bang.mp3
[2010-11-21 13:39:25 | 008,300,756 | ---- | M] () -- C:\Users\euro\Desktop\Benny Benassi feat. Gary Go - Cinema.mp3
[2010-11-20 00:16:51 | 000,968,402 | ---- | M] () -- C:\Users\euro\Desktop\blife002.jpg
[2010-11-19 16:18:40 | 000,001,786 | ---- | M] () -- C:\Users\euro\Desktop\Launch JAF COM Emulator.lnk
[2010-11-19 16:18:40 | 000,001,745 | ---- | M] () -- C:\Users\euro\Desktop\Launch JAF Logger.lnk
[2010-11-19 16:18:40 | 000,001,699 | ---- | M] () -- C:\Users\euro\Desktop\Launch JAF.lnk
[2010-11-19 14:22:41 | 000,000,841 | ---- | M] () -- C:\Users\euro\Desktop\NFS11 — skrót.lnk
[2010-11-19 12:40:12 | 000,002,182 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TSS Instrument API Tray Utility.lnk
[2010-11-19 12:40:12 | 000,001,905 | ---- | M] () -- C:\Users\Public\Desktop\Phoenix.lnk
[2010-11-19 11:08:36 | 364,270,098 | ---- | M] () -- C:\Users\euro\Documents\BackupRegistry(20101119).reg
[2010-11-19 11:03:22 | 000,004,263 | ---- | M] () -- C:\Windows\System32\FLSINSTU.INI
[2010-11-19 10:41:00 | 000,000,256 | ---- | M] () -- C:\dk2.mem
[2010-11-19 10:37:47 | 000,010,454 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\parldr2k.sys
[2010-11-19 10:37:41 | 000,000,048 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\FLSUSB.INI
[2010-11-19 10:34:20 | 000,091,696 | ---- | M] () -- C:\Windows\System32\FLSDEVCP.EXE
[2010-11-19 10:34:20 | 000,079,408 | ---- | M] (DESkey) -- C:\Windows\System32\flsport.cpl
[2010-11-19 10:34:20 | 000,051,798 | ---- | M] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLSUSB\FLSUSB.SYS
[2010-11-19 10:34:20 | 000,051,798 | ---- | M] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLSUSB.SYS
[2010-11-19 10:34:20 | 000,050,736 | ---- | M] () -- C:\Windows\System32\flsuinst.exe
[2010-11-19 10:34:20 | 000,050,175 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLSUSB\FlsFWLdr.sys
[2010-11-19 10:34:20 | 000,050,175 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FlsFWLdr.sys
[2010-11-19 10:34:20 | 000,034,048 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flsvcom.sys
[2010-11-19 10:34:20 | 000,023,120 | ---- | M] () -- C:\Windows\System32\drivers\FPGA8501.rd4
[2010-11-19 10:34:20 | 000,016,314 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flspar.sys
[2010-11-19 10:34:20 | 000,013,440 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flsiface.sys
[2010-11-19 10:34:20 | 000,010,449 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\flsvser.cat
[2010-11-19 10:34:20 | 000,008,344 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flsser.sys
[2010-11-19 10:34:20 | 000,004,263 | ---- | M] () -- C:\Windows\System32\flsinst.ini
[2010-11-19 10:34:19 | 000,078,997 | ---- | M] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLSUSB\FLS5USB.SYS
[2010-11-19 10:34:19 | 000,078,997 | ---- | M] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLS5USB.SYS
[2010-11-19 10:34:19 | 000,072,479 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLSUSB\FLS5FWLD.SYS
[2010-11-19 10:34:19 | 000,072,479 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLS5FWLD.SYS
[2010-11-19 10:34:19 | 000,039,423 | ---- | M] () -- C:\Windows\System32\drivers\FLS8500.LDR
[2010-11-19 10:34:19 | 000,020,388 | ---- | M] () -- C:\Windows\System32\drivers\fls8200.ldr
[2010-11-19 10:34:19 | 000,020,320 | ---- | M] () -- C:\Windows\System32\drivers\fls8000.ldr
[2010-11-19 10:34:19 | 000,019,277 | ---- | M] () -- C:\Windows\System32\drivers\fls8100.ldr
[2010-11-19 10:34:19 | 000,019,157 | ---- | M] () -- C:\Windows\System32\drivers\fls8400.ldr
[2010-11-19 10:34:19 | 000,011,720 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\fls5usb.cat
[2010-11-19 10:34:19 | 000,003,984 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\flscoins.dll
[2010-11-19 10:34:19 | 000,003,984 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLSUSB\flscoins.dll
[2010-11-19 10:34:19 | 000,003,024 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\FLS5VSER.INF
[2010-11-19 10:34:18 | 000,417,792 | ---- | M] (NMP) -- C:\Windows\System32\fls1wn32.dll
[2010-11-19 10:34:18 | 000,080,160 | ---- | M] (NMP) -- C:\Windows\System32\fls1wn16.dll
[2010-11-19 10:34:18 | 000,061,440 | ---- | M] (Data Encryption Systems Ltd) -- C:\Windows\System32\fle5wn32.dll
[2010-11-19 10:34:18 | 000,053,248 | ---- | M] (Data Encryption Systems Ltd) -- C:\Windows\System32\FLS5FL32.DLL
[2010-11-19 10:34:18 | 000,033,404 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\fle5wnnt.sys
[2010-11-19 10:34:18 | 000,004,186 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\FLS5.INF
[2010-11-19 10:34:17 | 000,022,064 | ---- | M] (NMP) -- C:\Windows\System32\fle5wn16.dll
[2010-11-19 10:34:17 | 000,009,384 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\DKU8.cat
[2010-11-19 10:34:17 | 000,003,887 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\DKU8.inf
[2010-11-19 10:34:16 | 001,859,584 | ---- | M] () -- C:\Windows\System32\FLSINST.DLL
[2010-11-19 10:33:05 | 000,092,984 | ---- | M] (Data Encryption Systems Ltd) -- C:\Windows\System32\DNClnt32.dll
[2010-11-19 10:33:05 | 000,092,984 | ---- | M] () -- C:\Windows\System32\dkcpanel.exe
[2010-11-19 10:33:05 | 000,089,400 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\DNCP32.DLL
[2010-11-19 10:33:05 | 000,064,312 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\vercp32.dll
[2010-11-19 10:33:04 | 000,032,208 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\dk2win16.dll
[2010-11-19 10:33:04 | 000,030,520 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\DK2UInst.exe
[2010-11-19 10:33:04 | 000,024,488 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\dk2vdd.dll
[2010-11-19 10:33:04 | 000,011,576 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\DKCLINST.DLL
[2010-11-19 10:33:03 | 000,076,600 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\dk2cp32.dll
[2010-11-19 10:33:03 | 000,060,216 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\DESkey32.cpl
[2010-11-19 10:33:03 | 000,049,720 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\dk2drv.sys
[2010-11-19 10:32:59 | 002,325,304 | ---- | M] () -- C:\Windows\System32\DK2INST.DLL
[2010-11-14 13:42:25 | 018,434,172 | ---- | M] () -- C:\Users\euro\Desktop\path.rar
[2010-11-14 13:34:34 | 000,616,578 | ---- | M] () -- C:\Users\euro\Desktop\Zdjęcie0133.jpg
[2010-11-14 12:21:43 | 000,579,381 | ---- | M] () -- C:\Users\euro\Desktop\Zdjęcie0135.jpg
[2010-11-13 18:01:57 | 000,001,060 | ---- | M] () -- C:\Users\euro\Desktop\minecraft_server — skrót.lnk
[2010-11-11 18:00:53 | 000,000,843 | ---- | M] () -- C:\Users\euro\Desktop\Loader — skrót.lnk
[2010-11-11 17:51:47 | 000,000,179 | ---- | M] () -- C:\Windows\System32\server.properties
[2010-11-11 13:29:21 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2010-11-09 19:58:39 | 000,000,011 | R--- | M] () -- C:\Windows\amunres.lsl
[2010-11-02 18:58:04 | 000,001,826 | ---- | M] () -- C:\Users\euro\AppData\Roaming\EliseProfile0.dat
[2010-10-31 21:37:47 | 000,000,110 | ---- | M] () -- C:\Users\euro\Documents\ax_files.xml
[2010-10-26 20:41:33 | 000,149,104 | ---- | M] () -- C:\Users\euro\Desktop\Bez tytułu.jpg
[2010-10-24 09:45:26 | 004,684,800 | ---- | M] () -- C:\Users\euro\Desktop\dj_scott_e__live_it_up.mp3
[2010-10-23 18:56:06 | 000,000,742 | ---- | M] () -- C:\Users\Public\Desktop\Play WRC FIA World Rally Championship.lnk
[2010-10-22 18:01:55 | 006,863,449 | ---- | M] () -- C:\Users\euro\Desktop\Travis Mccoy Feat Bruno Mars - Billionaire.mp3
[2010-10-19 10:41:44 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010-10-17 15:10:18 | 004,719,176 | ---- | M] () -- C:\Users\euro\Desktop\4 Non Blondes - What_s Up.mp3
[2010-10-16 09:07:28 | 001,705,272 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010-10-13 20:10:11 | 003,242,109 | ---- | M] () -- C:\Users\euro\Desktop\Vengaboys - Boom Boom Boom.mp3
[2010-10-10 09:48:36 | 000,000,982 | ---- | M] () -- C:\Users\euro\Desktop\Play on DsNet Season 5 Episode 4.lnk
[2010-10-10 09:46:05 | 000,002,553 | ---- | M] () -- C:\Users\Public\Desktop\Update DsNetS5.lnk
[2010-09-28 20:37:09 | 004,820,741 | ---- | M] () -- C:\Users\euro\Desktop\Nirvana - Smells Like Teen Spirit.mp3
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[38 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-11-23 14:02:12 | 000,001,885 | ---- | C] () -- C:\Users\euro\Desktop\HijackThis.lnk
[2010-11-23 13:37:01 | 3186,016,256 | -HS- | C] () -- C:\hiberfil.sys
[2010-11-22 17:45:06 | 003,128,874 | ---- | C] () -- C:\Users\euro\Desktop\Opposite Of Adults - Chiddy Bang.mp3
[2010-11-21 13:39:11 | 008,300,756 | ---- | C] () -- C:\Users\euro\Desktop\Benny Benassi feat. Gary Go - Cinema.mp3
[2010-11-20 00:16:50 | 000,968,402 | ---- | C] () -- C:\Users\euro\Desktop\blife002.jpg
[2010-11-19 16:18:40 | 000,001,786 | ---- | C] () -- C:\Users\euro\Desktop\Launch JAF COM Emulator.lnk
[2010-11-19 16:18:40 | 000,001,745 | ---- | C] () -- C:\Users\euro\Desktop\Launch JAF Logger.lnk
[2010-11-19 16:18:40 | 000,001,699 | ---- | C] () -- C:\Users\euro\Desktop\Launch JAF.lnk
[2010-11-19 14:22:41 | 000,000,841 | ---- | C] () -- C:\Users\euro\Desktop\NFS11 — skrót.lnk
[2010-11-19 12:40:12 | 000,002,182 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TSS Instrument API Tray Utility.lnk
[2010-11-19 12:40:12 | 000,001,905 | ---- | C] () -- C:\Users\Public\Desktop\Phoenix.lnk
[2010-11-19 11:08:00 | 364,270,098 | ---- | C] () -- C:\Users\euro\Documents\BackupRegistry(20101119).reg
[2010-11-19 11:03:22 | 000,004,263 | ---- | C] () -- C:\Windows\System32\FLSINSTU.INI
[2010-11-19 10:41:00 | 000,000,256 | ---- | C] () -- C:\dk2.mem
[2010-11-19 10:35:41 | 000,000,048 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\FLSUSB.INI
[2010-11-19 10:34:20 | 000,091,696 | ---- | C] () -- C:\Windows\System32\FLSDEVCP.EXE
[2010-11-19 10:34:20 | 000,050,736 | ---- | C] () -- C:\Windows\System32\flsuinst.exe
[2010-11-19 10:34:20 | 000,023,120 | ---- | C] () -- C:\Windows\System32\drivers\FPGA8501.rd4
[2010-11-19 10:34:20 | 000,010,449 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\flsvser.cat
[2010-11-19 10:34:20 | 000,004,263 | ---- | C] () -- C:\Windows\System32\flsinst.ini
[2010-11-19 10:34:19 | 000,039,423 | ---- | C] () -- C:\Windows\System32\drivers\FLS8500.LDR
[2010-11-19 10:34:19 | 000,020,388 | ---- | C] () -- C:\Windows\System32\drivers\fls8200.ldr
[2010-11-19 10:34:19 | 000,020,320 | ---- | C] () -- C:\Windows\System32\drivers\fls8000.ldr
[2010-11-19 10:34:19 | 000,019,277 | ---- | C] () -- C:\Windows\System32\drivers\fls8100.ldr
[2010-11-19 10:34:19 | 000,019,157 | ---- | C] () -- C:\Windows\System32\drivers\fls8400.ldr
[2010-11-19 10:34:19 | 000,011,720 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\fls5usb.cat
[2010-11-19 10:34:19 | 000,003,024 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\FLS5VSER.INF
[2010-11-19 10:34:18 | 000,004,186 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\FLS5.INF
[2010-11-19 10:34:17 | 000,009,384 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\DKU8.cat
[2010-11-19 10:34:17 | 000,003,887 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\DKU8.inf
[2010-11-19 10:34:16 | 001,859,584 | ---- | C] () -- C:\Windows\System32\FLSINST.DLL
[2010-11-19 10:33:05 | 000,092,984 | ---- | C] () -- C:\Windows\System32\dkcpanel.exe
[2010-11-19 10:32:59 | 002,325,304 | ---- | C] () -- C:\Windows\System32\DK2INST.DLL
[2010-11-14 13:33:34 | 018,434,172 | ---- | C] () -- C:\Users\euro\Desktop\path.rar
[2010-11-14 12:22:01 | 000,616,578 | ---- | C] () -- C:\Users\euro\Desktop\Zdjęcie0133.jpg
[2010-11-14 12:21:28 | 000,579,381 | ---- | C] () -- C:\Users\euro\Desktop\Zdjęcie0135.jpg
[2010-11-13 18:01:57 | 000,001,060 | ---- | C] () -- C:\Users\euro\Desktop\minecraft_server — skrót.lnk
[2010-11-11 18:00:53 | 000,000,843 | ---- | C] () -- C:\Users\euro\Desktop\Loader — skrót.lnk
[2010-11-11 17:51:47 | 000,000,179 | ---- | C] () -- C:\Windows\System32\server.properties
[2010-11-11 13:29:21 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2010-11-09 19:58:39 | 000,000,011 | R--- | C] () -- C:\Windows\amunres.lsl
[2010-10-29 15:39:31 | 000,001,826 | ---- | C] () -- C:\Users\euro\AppData\Roaming\EliseProfile0.dat
[2010-10-26 20:41:32 | 000,149,104 | ---- | C] () -- C:\Users\euro\Desktop\Bez tytułu.jpg
[2010-10-24 09:45:18 | 004,684,800 | ---- | C] () -- C:\Users\euro\Desktop\dj_scott_e__live_it_up.mp3
[2010-10-23 18:56:06 | 000,000,742 | ---- | C] () -- C:\Users\Public\Desktop\Play WRC FIA World Rally Championship.lnk
[2010-10-22 18:01:42 | 006,863,449 | ---- | C] () -- C:\Users\euro\Desktop\Travis Mccoy Feat Bruno Mars - Billionaire.mp3
[2010-10-17 15:09:46 | 004,719,176 | ---- | C] () -- C:\Users\euro\Desktop\4 Non Blondes - What_s Up.mp3
[2010-10-13 20:09:44 | 003,242,109 | ---- | C] () -- C:\Users\euro\Desktop\Vengaboys - Boom Boom Boom.mp3
[2010-10-10 09:48:36 | 000,000,982 | ---- | C] () -- C:\Users\euro\Desktop\Play on DsNet Season 5 Episode 4.lnk
[2010-10-10 09:45:54 | 000,002,553 | ---- | C] () -- C:\Users\Public\Desktop\Update DsNetS5.lnk
[2010-09-28 20:36:08 | 004,820,741 | ---- | C] () -- C:\Users\euro\Desktop\Nirvana - Smells Like Teen Spirit.mp3
[2010-09-26 12:33:18 | 002,482,258 | ---- | C] () -- C:\Users\euro\Desktop\Luna Halo - I'm Alright.mp3
[2010-03-12 21:49:36 | 000,000,002 | ---- | C] () -- C:\Windows\msoffice.ini
[2010-03-10 18:07:11 | 000,019,968 | ---- | C] () -- C:\Windows\System32\cpuinf32.dll
[2010-01-27 17:27:44 | 000,000,097 | ---- | C] () -- C:\Windows\WirelessFTP.INI
[2010-01-15 01:08:40 | 000,000,000 | ---- | C] () -- C:\Windows\tosOBEX.INI
[2009-12-28 17:56:26 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009-12-28 17:56:25 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009-12-28 12:21:44 | 000,000,680 | ---- | C] () -- C:\Users\euro\AppData\Local\d3d9caps.dat
[2009-12-16 18:53:55 | 000,000,785 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2009-12-08 12:10:40 | 000,144,384 | ---- | C] () -- C:\Users\euro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-12-06 22:59:28 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009-12-06 19:23:04 | 000,161,612 | RHS- | C] () -- C:\Windows\System32\wrfhx.dll
[2009-11-06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009-09-23 23:46:04 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009-05-30 01:37:40 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009-05-30 01:31:52 | 000,761,856 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009-02-28 10:09:28 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2009-02-28 10:09:28 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2009-02-28 10:09:28 | 000,010,132 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2009-02-28 10:09:28 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2008-10-02 08:48:06 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008-10-02 08:48:06 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008-10-02 08:48:06 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008-10-02 08:48:06 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008-10-02 08:48:06 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008-10-02 08:48:06 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008-10-02 08:39:00 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008-10-02 08:30:09 | 000,040,960 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2008-04-24 08:08:30 | 000,028,672 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2007-12-21 15:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2007-09-04 11:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2007-07-19 11:50:12 | 000,104,520 | ---- | C] () -- C:\Windows\System32\OSD.dll
[2007-02-05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006-11-02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005-07-22 20:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[2001-08-29 14:11:40 | 000,398,848 | R--- | C] () -- C:\Windows\System32\dk2win32.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-05-29 10:05:25 | 000,000,000 | -HSD | M] -- C:\Users\euro\AppData\Roaming\.#
[2010-11-11 13:37:51 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\.minecraft
[2010-11-11 17:44:59 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\bckup
[2010-02-02 13:03:04 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Bioshock
[2010-06-23 13:09:39 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Bioshock2
[2010-10-23 18:57:21 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\BlackBean
[2010-05-08 12:19:20 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Braid
[2009-12-28 17:33:10 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\DAEMON Tools Lite
[2009-12-06 23:38:30 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\DAEMON Tools Pro
[2010-11-23 13:38:01 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\DMCache
[2010-03-05 06:28:18 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\EurekaLog
[2010-06-11 19:08:17 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\FileZilla
[2009-12-07 19:45:35 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\GrabPro
[2010-02-17 17:22:49 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\gtk-2.0
[2010-11-05 18:00:40 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\IDM
[2010-09-17 19:42:20 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Need for Speed World
[2010-11-19 12:16:33 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Nokia
[2009-12-16 23:26:15 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Orbit
[2010-02-09 13:57:55 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\runic games
[2010-11-11 18:11:59 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Server121
[2010-05-02 18:45:38 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Stardock
[2010-10-09 18:12:07 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Toshiba
[2010-05-22 19:05:47 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\TS3Client
[2009-12-16 19:54:57 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\TuneUp Software
[2010-04-06 10:55:22 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Ubisoft
[2010-01-13 17:52:21 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\VistaCodecs
[2009-12-06 23:24:00 | 000,000,000 | RHSD | M] -- C:\Users\euro\AppData\Roaming\winsec32
[2010-11-23 15:54:50 | 000,032,500 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-03-10 22:22:42 | 000,010,920 | ---- | M] () -- C:\aolconnfix.exe
[2010-03-10 22:22:42 | 000,001,039 | ---- | M] () -- C:\aolconnfix.txt
[2006-09-18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2008-01-21 03:24:42 | 000,333,203 | RHS- | M] () -- C:\bootmgr
[2008-10-02 07:16:42 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006-09-18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010-11-19 10:41:00 | 000,000,256 | ---- | M] () -- C:\dk2.mem
[2010-11-23 13:37:01 | 3186,016,256 | -HS- | M] () -- C:\hiberfil.sys
[2010-01-17 16:38:17 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-01-17 16:38:17 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010-11-23 13:36:59 | 3499,618,304 | -HS- | M] () -- C:\pagefile.sys
[2008-10-02 08:21:41 | 000,000,646 | ---- | M] () -- C:\RHDSetup.log
[2008-10-02 09:48:36 | 000,000,070 | -H-- | M] () -- C:\SWSTAMP.TXT


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2008-03-25 04:22:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=2D77788D0B7FE269044F58C86AE099CE -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_3e1ecd89\AGP440.sys
[2008-03-25 04:22:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=2D77788D0B7FE269044F58C86AE099CE -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.22142_none_ba734aead7ed1bb6\AGP440.sys
[2008-03-26 04:38:23 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=ED91751834103DB2A74470CD763A49FE -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_e4087235\AGP440.sys
[2008-03-26 04:38:23 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=ED91751834103DB2A74470CD763A49FE -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20800_none_b8b64d46daa7e57a\AGP440.sys
[2006-11-02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008-01-21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008-01-21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006-11-02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008-06-03 04:29:54 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\System32\drivers\atapi.sys
[2008-06-03 04:29:54 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7f3e4ed9\atapi.sys
[2008-06-03 04:29:54 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22193_none_dd6376773aedb5e4\atapi.sys
[2008-06-03 04:27:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E26DDFE464B464DAF1C739122978D1D6 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b7393fc6\atapi.sys
[2008-06-03 04:27:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E26DDFE464B464DAF1C739122978D1D6 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20847_none_dbb74a7b3d9afbc1\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2008-01-21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys
[2008-01-21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-01-21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\drivers\cdrom.sys
[2008-01-21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008-01-21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006-11-02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008-01-21 03:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
[2008-02-08 05:25:28 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=C8560010A542B5DCA94C62468DC20784 -- C:\Windows\System32\drivers\ndis.sys
[2008-02-08 05:25:28 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=C8560010A542B5DCA94C62468DC20784 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.22110_none_a845f8a63534c8d3\ndis.sys
[2008-02-08 05:22:00 | 000,503,352 | ---- | M] (Microsoft Corporation) MD5=E50187F20ED749F57C97836FEDE14BD6 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.20768_none_a631acb4382f8e4f\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008-01-21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008-01-21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< End of report >[/log]

RSIT

log.txt
[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by euro at 2010-11-23 19:29:06
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 4 GB (3%) free of 153 GB
Total RAM: 3037 MB (53% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - E:\Programy\Internet Download Manager\IDMIECC.dll [2009-11-11 173488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - E:\Programy\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-10-20 68112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-26 297648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2010-10-26 843832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-26 297648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-08-24 7719456]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2007-09-28 75136]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2007-04-16 421888]
"SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2007-09-19 438272]
"KeNotify"=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
"NDSTray.exe"=NDSTray.exe []
"cfFncEnabler.exe"=cfFncEnabler.exe []
"HDMICtrlMan"=C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [2008-05-20 716800]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-08-18 431456]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-10-31 54608]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-06-24 509816]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-07-15 726904]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2007-12-15 184320]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-04 98304]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2010-09-05 340520]
"Ad Muncher"=e:\Programy\Ad Muncher\AdMunch.exe [2009-12-07 862208]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"Razer Orochi Driver"=C:\Program Files\Razer\Orochi\RazerOrochiTray.exe [2009-10-22 2548056]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2010-03-30 1820040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [2008-07-04 430080]
"AQQ"=E:\Programy\WapSter\WAPSTE~1\AQQ.exe [2010-11-19 7965696]
"IDMan"=E:\Programy\Internet Download Manager\IDMan.exe [2009-11-11 3171760]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-02 68856]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2009-11-15 33120]
"DAEMON Tools Lite"=E:\Programy\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2008-08-14 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
E:\Programy\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google EULA Launcher]
c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe [2008-05-28 20480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
E:\Programy\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
e:\Programy\Internet Download Manager\IDMan.exe [2009-11-11 3171760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\jswtrayutil]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyKeys]
C:\Program Files\mfk\MFK.EXE [1999-04-18 541184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-02 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\topi]
C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPO]
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe [2008-08-26 103824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\winsec32]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
E:\Programy\HP\DIGITA~1\bin\hpqtra08.exe [2007-03-11 210520]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TSS Instrument API Tray Utility.lnk - C:\Program Files\Common Files\Nokia\Tss\Instrument API\bin\tray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\system32\klogon.dll [2009-10-20 219664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - E:\Programy\Fences\FencesMenu.dll [2009-10-02 128360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0xFFFFFFFF
"NoDriveTypeAutoRun"=36

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-11-23 19:29:06 ----D---- C:\rsit
2010-11-23 14:02:12 ----D---- C:\Program Files\Trend Micro
2010-11-23 13:37:21 ----A---- C:\Windows\system32\0A591.tmp
2010-11-23 13:37:01 ----ASH---- C:\hiberfil.sys
2010-11-23 10:15:51 ----A---- C:\Windows\system32\0A7C3.tmp
2010-11-22 17:25:50 ----A---- C:\Windows\system32\0A3FB.tmp
2010-11-21 17:02:06 ----A---- C:\Windows\system32\0A66B.tmp
2010-11-21 11:24:52 ----A---- C:\Windows\system32\0AAEE.tmp
2010-11-20 14:24:46 ----A---- C:\Windows\system32\0A85F.tmp
2010-11-20 10:33:59 ----A---- C:\Windows\system32\0AAAF.tmp
2010-11-19 17:48:13 ----A---- C:\Windows\system32\0FE99.tmp
2010-11-19 16:13:59 ----D---- C:\Program Files\ODEON
2010-11-19 13:32:20 ----D---- C:\ProgramData\Solidshield
2010-11-19 12:16:33 ----D---- C:\Users\euro\AppData\Roaming\Nokia
2010-11-19 11:38:45 ----D---- C:\ProgramData\Nokia
2010-11-19 11:03:22 ----A---- C:\Windows\system32\FLSINSTU.INI
2010-11-19 10:37:47 ----A---- C:\Windows\system32\drivers\parldr2k.sys
2010-11-19 10:34:20 ----D---- C:\ProgramData\DESkey
2010-11-19 10:34:20 ----A---- C:\Windows\system32\flsuinst.exe
2010-11-19 10:34:20 ----A---- C:\Windows\system32\flsinst.ini
2010-11-19 10:34:20 ----A---- C:\Windows\system32\FLSDEVCP.EXE
2010-11-19 10:34:20 ----A---- C:\Windows\system32\drivers\flsvcom.sys
2010-11-19 10:34:20 ----A---- C:\Windows\system32\drivers\FLSUSB.SYS
2010-11-19 10:34:20 ----A---- C:\Windows\system32\drivers\flsser.sys
2010-11-19 10:34:20 ----A---- C:\Windows\system32\drivers\flspar.sys
2010-11-19 10:34:20 ----A---- C:\Windows\system32\drivers\flsiface.sys
2010-11-19 10:34:20 ----A---- C:\Windows\system32\drivers\FlsFWLdr.sys
2010-11-19 10:34:19 ----A---- C:\Windows\system32\flscoins.dll
2010-11-19 10:34:19 ----A---- C:\Windows\system32\drivers\FLS5USB.SYS
2010-11-19 10:34:19 ----A---- C:\Windows\system32\drivers\FLS5FWLD.SYS
2010-11-19 10:34:18 ----A---- C:\Windows\system32\FLS5FL32.DLL
2010-11-19 10:34:18 ----A---- C:\Windows\system32\fls1wn32.dll
2010-11-19 10:34:18 ----A---- C:\Windows\system32\fls1wn16.dll
2010-11-19 10:34:18 ----A---- C:\Windows\system32\fle5wn32.dll
2010-11-19 10:34:18 ----A---- C:\Windows\system32\drivers\fle5wnnt.sys
2010-11-19 10:34:17 ----D---- C:\Windows\system32\drivers\FLSUSB
2010-11-19 10:34:17 ----A---- C:\Windows\system32\fle5wn16.dll
2010-11-19 10:34:16 ----A---- C:\Windows\system32\FLSINST.DLL
2010-11-19 10:33:05 ----A---- C:\Windows\system32\vercp32.dll
2010-11-19 10:33:05 ----A---- C:\Windows\system32\DNCP32.DLL
2010-11-19 10:33:05 ----A---- C:\Windows\system32\DNClnt32.dll
2010-11-19 10:33:05 ----A---- C:\Windows\system32\dkcpanel.exe
2010-11-19 10:33:04 ----A---- C:\Windows\system32\DKCLINST.DLL
2010-11-19 10:33:04 ----A---- C:\Windows\system32\dk2win16.dll
2010-11-19 10:33:04 ----A---- C:\Windows\system32\dk2vdd.dll
2010-11-19 10:33:04 ----A---- C:\Windows\system32\DK2UInst.exe
2010-11-19 10:33:03 ----D---- C:\Program Files\Common Files\DESkey
2010-11-19 10:33:03 ----A---- C:\Windows\system32\drivers\dk2drv.sys
2010-11-19 10:33:03 ----A---- C:\Windows\system32\dk2cp32.dll
2010-11-19 10:32:59 ----A---- C:\Windows\system32\DK2INST.DLL
2010-11-19 10:30:21 ----D---- C:\Program Files\Common Files\Nokia
2010-11-19 10:27:18 ----A---- C:\Windows\system32\nmwcdcls.dll
2010-11-19 10:27:16 ----D---- C:\Program Files\Nokia
2010-11-19 09:55:45 ----A---- C:\Windows\system32\0A9A6.tmp
2010-11-18 15:15:09 ----A---- C:\Windows\system32\0A275.tmp
2010-11-17 19:19:56 ----A---- C:\Windows\system32\0A41B.tmp
2010-11-17 16:41:46 ----A---- C:\Windows\system32\0A497.tmp
2010-11-16 16:13:19 ----A---- C:\Windows\system32\0A736.tmp
2010-11-16 08:32:28 ----A---- C:\Windows\system32\0AE09.tmp
2010-11-15 16:55:33 ----A---- C:\Windows\system32\0A9B6.tmp
2010-11-14 12:18:28 ----A---- C:\Windows\system32\0BB81.tmp
2010-11-13 14:31:09 ----A---- C:\Windows\system32\0A958.tmp
2010-11-12 12:19:23 ----A---- C:\Windows\system32\0A64C.tmp
2010-11-12 08:49:02 ----A---- C:\Windows\system32\0AFDD.tmp
2010-11-11 20:37:20 ----RASHD---- C:\autorun.inf
2010-11-11 18:09:19 ----D---- C:\Users\euro\AppData\Roaming\Server121
2010-11-11 17:51:47 ----D---- C:\Windows\system32\world
2010-11-11 17:51:47 ----A---- C:\Windows\system32\ops.txt
2010-11-11 17:51:47 ----A---- C:\Windows\system32\banned-players.txt
2010-11-11 17:51:47 ----A---- C:\Windows\system32\banned-ips.txt
2010-11-11 17:44:53 ----D---- C:\Users\euro\AppData\Roaming\bckup
2010-11-11 13:29:20 ----D---- C:\Program Files\LogMeIn Hamachi
2010-11-11 11:12:09 ----D---- C:\Users\euro\AppData\Roaming\.minecraft
2010-11-11 10:12:21 ----A---- C:\Windows\system32\08851.tmp
2010-11-10 17:22:35 ----A---- C:\Windows\system32\08313.tmp
2010-11-09 17:03:16 ----A---- C:\Windows\system32\084BA.tmp
2010-11-09 08:23:40 ----A---- C:\Windows\system32\0F343.tmp
2010-10-29 15:29:41 ----D---- C:\Program Files\Razer

======List of files/folders modified in the last 1 months======

2010-11-23 19:28:53 ----D---- C:\Windows\Temp
2010-11-23 16:01:00 ----D---- C:\Windows\inf
2010-11-23 16:01:00 ----AD---- C:\Windows\System32
2010-11-23 16:01:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-23 14:02:12 ----RD---- C:\Program Files
2010-11-23 13:38:01 ----D---- C:\Users\euro\AppData\Roaming\DMCache
2010-11-23 13:37:45 ----D---- C:\ProgramData\Kaspersky Lab
2010-11-23 13:34:38 ----A---- C:\Windows\ntbtlog.txt
2010-11-19 19:09:32 ----SHD---- C:\System Volume Information
2010-11-19 17:48:52 ----D---- C:\Windows
2010-11-19 16:44:48 ----D---- C:\Windows\system32\catroot
2010-11-19 16:15:30 ----D---- C:\Windows\system32\catroot2
2010-11-19 16:14:18 ----SHD---- C:\Windows\Installer
2010-11-19 13:43:14 ----RSD---- C:\Windows\assembly
2010-11-19 13:32:20 ----HD---- C:\ProgramData
2010-11-19 12:12:36 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-19 11:44:13 ----D---- C:\Windows\system32\drivers
2010-11-19 10:33:03 ----D---- C:\Program Files\Common Files
2010-11-07 14:23:22 ----D---- C:\ProgramData\Media Center Programs
2010-11-07 14:23:20 ----D---- C:\Program Files\Mozilla Firefox
2010-11-06 14:19:53 ----D---- C:\Windows\Prefetch
2010-11-05 18:00:40 ----D---- C:\Users\euro\AppData\Roaming\IDM
2010-10-24 11:23:41 ----D---- C:\Windows\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2008-04-28 14352]
R0 klbg;Kaspersky Lab Boot Guard Driver; C:\Windows\system32\drivers\klbg.sys [2009-10-14 36880]
R0 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2008-05-07 25896]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-02-23 43872]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-12-28 691696]
R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2008-08-19 279376]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]
R1 dk2drv;DK2 WindowsNT Driver; \??\C:\Windows\SYSTEM32\Drivers\dk2drv.sys [2010-11-19 49720]
R1 jswpslwf;JumpStart Wireless Filter Driver; C:\Windows\system32\DRIVERS\jswpslwf.sys [2008-04-28 20384]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-09-01 128016]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2009-12-06 311312]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2009-09-14 21520]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2008-05-13 64000]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-12-28 281760]
R2 FLE5WNNT;FLE-5 WindowsNT Driver; \??\C:\Windows\System32\Drivers\fle5wnnt.sys [2010-11-19 33404]
R2 FLSIFACE;FLSIface; \??\C:\Windows\System32\Drivers\flsiface.sys [2010-11-19 13440]
R2 FLSPAR;FLSPar; \??\C:\Windows\System32\Drivers\flspar.sys [2010-11-19 16314]
R2 FLSSER;FLSSer; \??\C:\Windows\System32\Drivers\flsser.sys [2010-11-19 8344]
R2 FLSVCOM;FLSVCom; \??\C:\Windows\System32\Drivers\flsvcom.sys [2010-11-19 34048]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-12-28 25888]
R2 PARLDR2K;ParLdr2k; \??\C:\Windows\system32\drivers\parldr2k.sys [2010-11-19 10454]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2008-02-06 166448]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-07-28 919552]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-09-30 103440]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-11-04 5079040]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-08-24 2754336]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-10-02 19472]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 8192]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-08-06 124928]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2009-11-20 25984]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2007-12-14 24200]
R3 toshidpt;Bluetooth HID Port; C:\Windows\system32\drivers\Toshidpt.sys [2005-07-11 3712]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2008-03-25 41472]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2008-04-23 131712]
R3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2007-11-29 36608]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2008-03-19 74112]
R3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-07 18612]
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2008-05-23 41856]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2008-07-15 17960]
S3 aa81j98y;aa81j98y; C:\Windows\system32\drivers\aa81j98y.sys []
S3 awy9ipzn;awy9ipzn; C:\Windows\system32\drivers\awy9ipzn.sys []
S3 Dot4;Sterownik MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Sterownik klasy drukowania dla IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Sterownik funkcji Microsoft 1.1 UAA dla usługi standardu High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536]
S3 LLRING0;LLRING0; \??\C:\Program Files\Dark Stars Network\Season 5\MuGuard\llck.sys [2010-10-11 5120]
S3 MSKSSRV;Serwer proxy usługi Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Serwer proxy zegara Microsoft Streaming; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Serwer proxy menedżera jakości Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2009-10-06 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2009-10-06 8320]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2008-01-22 54144]
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\Windows\System32\DRIVERS\vserial.sys []
S3 wanatw;WAN Miniport (ATW); C:\Windows\system32\DRIVERS\wanatw4.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\atiesrxx.exe [2009-11-04 172032]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2008-07-10 40960]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-12-05 935208]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 TempoMonitoringService;Notebook Performance Tuning Service ; C:\Program Files\Toshiba TEMPRO\TempoSVC.exe [2008-08-26 99720]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-08-19 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2008-08-18 431456]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2008-05-22 120168]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2008-07-15 106496]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-10-30 1021256]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv; C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [2008-08-25 77824]
S2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2010-09-05 340520]
S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-06 135664]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-02-02 654848]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-06 182768]
S3 jswpsapi;Jumpstart Wifi Protected Setup; C:\Program Files\Jumpstart\jswpsapi.exe [2008-04-16 954368]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-01-01 321320]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2009-12-16 435016]

-----------------EOF-----------------
[/log]

info.txt
[log]info.txt logfile of random's system information tool 1.08 2010-11-23 19:29:17

======Uninstall list======

-->"C:\Program Files\InstallShield Installation Information\{A644254B-92F6-4970-8635-AB0775371E72}\setup.exe" --u:{A644254B-92F6-4970-8635-AB0775371E72}
-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{622E6F16-0904-49B6-BBE1-4CC836314CCF}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{697AFC77-F318-4CD4-BF16-F50F4C1072DA}\setup.exe" -l0x9
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe"
ACE Mega CoDecS Pack-->"C:\Program Files\ACE Mega CoDecS Pack\unins000.exe"
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Ad Muncher v4.8 Build 31318-->"e:\Programy\Ad Muncher\AM-Install.exe" /P "InstallerAction=Uninstall" /P "InstallTarget=e:\Programy\Ad Muncher"
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}
Adobe Color JA Extra Settings-->MsiExec.exe /I{D92B72E2-C854-4738-8ED6-4C3661CC17AE}
Adobe Color NA Extra Settings-->MsiExec.exe /I{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\678cd98c8365a5647f9a2e539d120a8\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{78EFD06D-7583-42F1-9E77-671D8782EB70}
Adobe Reader 8 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A81200000003}
Adobe Setup-->MsiExec.exe /I{CBF4DADD-974D-49C8-BC83-C6F31554001E}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
ALPS Touch Pad Driver-->C:\Program Files\Apoint2K\Uninstap.exe ADDREMOVE
Archiwizator WinRAR-->E:\Programy\WinRAR\uninstall.exe
Atheros Driver Installation Program-->C:\Program Files\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\setup.exe -runfromtemp -l0x0015
Atheros Wi-Fi Protected Setup Library-->C:\Program Files\InstallShield Installation Information\{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}\setup.exe -runfromtemp -l0x0015 -removeonly
BioShock 2-->MsiExec.exe /I{5454085C-840F-4070-8FAA-441000018301}
BioShock 2-->MsiExec.exe /I{5454085C-840F-4070-8FAA-441000028301}
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Camera Assistant Software for Toshiba-->C:\Program Files\InstallShield Installation Information\{37C866E4-AA67-4725-9E95-A39968DD7960}\setup.exe -runfromtemp -l0x0015
Catalyst Control Center - Branding-->MsiExec.exe /I{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}
CD/DVD Drive Acoustic Silencer-->C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\setup.exe -runfromtemp -l0x0015 -removeonly
Cisco EAP-FAST Module-->MsiExec.exe /I{415B2719-AD3A-4944-B404-C472DB6085B3}
Cisco LEAP Module-->MsiExec.exe /I{83770D14-21B9-44B3-8689-F7B523F94560}
Cisco PEAP Module-->MsiExec.exe /I{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}
Counter-Strike-->"E:\gry\Steam\steam.exe" steam://uninstall/10
Crash Time II-->"e:\gry\City Interactive\Crash Time II\unins000.exe"
DH Mobility Modder.NET-->e:\Programy\MobilityDotNET\Uninstall.exe
DK2 DESkey Drivers v7.14.0.25-->rundll32 C:\Windows\system32\DK2INST.DLL,RunDLL_Uninstall
Dolby Control Center-->MsiExec.exe /I{87725CEF-1BC6-47C5-B2CD-96DD6D392EE3}
Dsnet-->MsiExec.exe /I{E0260DCA-6F65-4FA2-96AB-E11C97F08CFF}
Dual-Core Optimizer-->MsiExec.exe /X{9FD6F1A8-5550-46AF-8509-271DF0E768B5}
DVD MovieFactory for TOSHIBA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}\setup.exe" -l0x9
Fences-->"C:\ProgramData\{A87EB928-0C6C-4071-AEF1-59E32BAEDF1B}\Fences.exe" REMOVE=TRUE MODIFY=FALSE
Fences-->C:\ProgramData\{A87EB928-0C6C-4071-AEF1-59E32BAEDF1B}\Fences.exe
FileZilla Client 3.3.0.1-->e:\Programy\FileZilla FTP Client\uninstall.exe
FlatOut Ultimate Carnage-->e:\gry\Empire Interactive\FlatOut Ultimate Carnage\Uninstall.exe
FLS-4 Driver Installation-->C:\Windows\system32\FLSUInst.exe
FreeVPN v3.20-->"C:\Program Files\FreeVPN\unins000.exe"
GIMP 2.6.7-->"e:\Programy\GIMP-2.0\setup\unins000.exe"
GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
Google Earth Plug-in-->MsiExec.exe /X{171E6C1E-B5FC-11DF-B115-005056C00008}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_AC0049E063DE2AEA.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Grand Theft Auto: Episodes from Liberty City-->MsiExec.exe /I{5454083B-1308-4485-BF17-111000028701}
Haali Media Splitter-->"C:\Program Files\Matroska Pack\haali\uninstall.exe"
HDMI Control Manager-->C:\Program Files\InstallShield Installation Information\{F81AB80B-5BB7-4E36-8BA5-E07541CE1BFC}\setup.exe -runfromtemp -l0x0015 -removeonly
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Customer Participation Program 9.0-->E:\Programy\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 9.0-->E:\Programy\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP OCR Software 9.0-->E:\Programy\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Photosmart All-In-One Software 9.0-->E:\Programy\HP\Digital Imaging\{B22C19AE-6A67-4f28-B541-5AE72FB17A25}\setup\hpzscr01.exe -datfile hposcr15.dat
HP Photosmart Essential 2.01-->E:\Programy\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Smart Web Printing-->MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7}
HP Solution Center 9.0-->E:\Programy\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
Internet Download Manager-->e:\Programy\Internet Download Manager\Uninstall.exe
JAF Setup-->"C:\Program Files\ODEON\JAF\uninstall.exe"
Java(TM) 6 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}
Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
JMicron JMB38X Flash Media Controller-->"C:\Program Files\InstallShield Installation Information\{26604C7E-A313-4D12-867F-7C6E7820BE4C}\setup.exe" delpkg
Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA}
Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA}
LogMeIn Hamachi-->C:\Windows\system32\\msiexec.exe /i {8A74DEFD-A224-49CC-AB80-4E88BC730125} REMOVE=ALL
LogMeIn Hamachi-->MsiExec.exe /I{8A74DEFD-A224-49CC-AB80-4E88BC730125}
Mafia II DLC Jimmy's Vendetta-->"E:\gry\2K Games\MAFIA II\Mafia II\unins001.exe"
MAFIA II-->"C:\Program Files\InstallShield Installation Information\{D6DB1C8B-598C-49B9-9215-1EBB58C4A968}\setup.exe" -runfromtemp -l0x0015 -removeonly
Mass Effect-->C:\Program Files\Common Files\BioWare\Uninstall Mass Effect.exe
Matroska Pack-->C:\Program Files\Matroska Pack\uninstall.exe
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{A1C962E2-2426-49C6-A38B-9A07E40D607C}
Microsoft Office Access MUI (Polish) 2007-->MsiExec.exe /X{90120000-0015-0415-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Polish) 2007-->MsiExec.exe /X{90120000-0016-0415-0000-0000000FF1CE}
Microsoft Office Groove MUI (Polish) 2007-->MsiExec.exe /X{90120000-00BA-0415-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Polish) 2007-->MsiExec.exe /X{90120000-0044-0415-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Polish) 2007-->MsiExec.exe /X{90120000-00A1-0415-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Polish) 2007-->MsiExec.exe /X{90120000-001A-0415-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Polish) 2007-->MsiExec.exe /X{90120000-0018-0415-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (Polish)-->MsiExec.exe /X{95120000-00AF-0415-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE}
Microsoft Office Proofing (Polish) 2007-->MsiExec.exe /X{90120000-002C-0415-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Polish) 2007-->MsiExec.exe /X{90120000-0019-0415-0000-0000000FF1CE}
Microsoft Office Shared MUI (Polish) 2007-->MsiExec.exe /X{90120000-006E-0415-0000-0000000FF1CE}
Microsoft Office Word MUI (Polish) 2007-->MsiExec.exe /X{90120000-001B-0415-0000-0000000FF1CE}
Microsoft SQL Server Compact 3.5 SP1 English-->MsiExec.exe /I{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Works-->MsiExec.exe /I{306B39C9-3AB1-4161-8567-9C7E50B41AE3}
Mozilla Firefox (3.6.12)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mp3 Knife 3.2-->"e:\Programy\Mp3 Knife\unins000.exe"
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
My Function Keys-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\MFK.INF, DefaultUninstall.ntx86
NapiProjekt 1.0.6.7-->"e:\Programy\NAPI-PROJEKT\unins000.exe"
Need for Speed(TM) Hot Pursuit-->MsiExec.exe /X{83A606F5-BF6F-42ED-9F33-B9F74297CDED}
Need For Speed™ World-->"e:\gry\Electronic Arts\Need For Speed World\unins000.exe"
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{C50EF365-2898-489A-B6C7-30DAA466E9A2}
Nokia Firmware RM-504 EUROPE-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9563A01F-8B9E-40BD-9E9E-9FEDAA3B9A98}\setup.exe" -l0x9 -removeonly
Nokia Flashing Cable Driver-->MsiExec.exe /X{2A0A6470-FD0F-4F45-9B11-85F3167DB943}
Nokia Service Tool Drivers-->MsiExec.exe /I{3DAD83B9-4C8B-4AC6-BF5E-B9FB181CCBE8}
Nullsoft Tray Control Icon Pack 2.2-->e:\Programy\Winamp\TrayIconPackuninst.exe
NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
Pakiet zgodności dla systemu Office 2007-->MsiExec.exe /X{90120000-0020-0415-0000-0000000FF1CE}
PDF Settings-->MsiExec.exe /I{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}
Phoenix Service Software 2009.20.010.39068-->"C:\Program Files\Nokia\Phoenix\unins000.exe"
Phoenix Service Software-->MsiExec.exe /I{002FA4C4-DDFE-4E83-A5E0-E2A18B965468}
Phoenix Service Software-->MsiExec.exe /I{5A32C25A-7E99-4A77-B419-B47DA290DD67}
Phoenix Service Software-->MsiExec.exe /I{B08B44B5-36E1-4104-B4A7-062D96AD7FB5}
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
Podreczniki TOSHIBA-->C:\Program Files\InstallShield Installation Information\{10DFB03F-845F-4BC6-BE9E-7FEC377A0CD0}\setup.exe -runfromtemp -l0x0015 -removeonly
Razer Orochi-->MsiExec.exe /X{306D4754-BECE-4FC7-85F3-B7FEED274AA8}
Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0015 -removeonly
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd.exe -r -m -nrg2709
RelevantKnowledge-->C:\Program Files\RelevantKnowledge\rlvknlg.exe -bootremove -uninst:RelevantKnowledge
Risen - PL Font Hotfix-->e:\gry\Deep Silver\Risen\Uninstall_Risen_Font_Hotfix.exe
Risen Hotfix 1.01-->"C:\Program Files\InstallShield Installation Information\{EE91E474-9298-47B8-817F-8E0042408998}\setup.exe" -runfromtemp -l0x0009 -removeonly
Risen-->"C:\Program Files\InstallShield Installation Information\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}\setup.exe" -runfromtemp -l0x0015 -removeonly
Rockstar Games Social Club-->"C:\Program Files\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x0009 -removeonly
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb
Security Update for Windows Media Encoder (KB979332)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={950E24CA-CA7E-4606-8F0D-DEDBC94F2A1E} /qb
Sprzęt instalacyjny TOSHIBA-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{5279374D-87FE-4879-9385-F17278EBB9D3} /l1045
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
SubEdit - Vista WMP Patch-->"E:\Programy\SubEdit-Player\WMP6_4\unins000.exe"
SubEdit-Player-->"e:\Programy\SubEdit-Player\unins000.exe"
System Requirements Lab-->MsiExec.exe /I{1E99F5D7-4262-4C7C-9135-F066E7485811}
TeamSpeak 3 Client-->"C:\Program Files\TeamSpeak 3 Client\uninstall.exe"
TOSHIBA Assist-->C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\setup.exe -runfromtemp -l0x0015 -removeonly
TOSHIBA ConfigFree-->MsiExec.exe /X{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}
TOSHIBA Disc Creator-->MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0}
TOSHIBA DVD PLAYER-->C:\Program Files\InstallShield Installation Information\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}\setup.exe -runfromtemp -l0x0015 -ADDREMOVE -removeonly
TOSHIBA Extended Tiles for Windows Mobility Center-->C:\Program Files\InstallShield Installation Information\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\setup.exe -runfromtemp -l0x0415
TOSHIBA Face Recognition-->"C:\Program Files\InstallShield Installation Information\{C730E42C-935A-45BB-A0C5-37E5234D111B}\setup.exe" -runfromtemp -l0x0415 -removeonly
TOSHIBA Face Recognition-->MsiExec.exe /I{C730E42C-935A-45BB-A0C5-37E5234D111B}
TOSHIBA Flash Cards Support Utility-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{620BBA5E-F848-4D56-8BDA-584E44584C5E}
TOSHIBA Hasło administratora-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE} /l1045
Toshiba Online Product Information-->C:\Program Files\InstallShield Installation Information\{2290A680-4083-410A-ADCC-7092C67FC052}\setup.exe -runfromtemp -l0x0015 -removeonly
TOSHIBA Recovery Disc Creator-->MsiExec.exe /X{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}
TOSHIBA SD Memory Utilities-->MsiExec.exe /X{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}
TOSHIBA Software Modem-->Tosmreg -U
Toshiba TEMPRO-->MsiExec.exe /X{03FAA727-E2B7-471C-AC41-2E1C7F29C7EA}
TOSHIBA Value Added Package-->C:\Program Files\InstallShield Installation Information\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\setup.exe -runfromtemp -l0x0415
TRDCReminder-->C:\Program Files\InstallShield Installation Information\{773970F1-5EBA-4474-ADEE-1EA3B0A59492}\setup.exe -runfromtemp -l0x0415
TRORDCLauncher-->C:\Program Files\InstallShield Installation Information\{E65C7D8E-186D-484B-BEA8-DEF0331CE600}\setup.exe -runfromtemp -l0x0415
TuneUp Utilities-->C:\Program Files\TuneUp Utilities 2010\TUInstallHelper.exe --Trigger-Uninstall
Ultra WMV Converter 5.2.1022-->"C:\Program Files\Ultra WMV Converter\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Vista Codec Package-->MsiExec.exe /I{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}
Vista Manager-->MsiExec.exe /I{5977A284-6ADB-4CC1-BEC5-1CDE7908ACA3}
WapSter AQQ-->E:\Programy\WapSter\WapSter AQQ\uninstall.exe
Winamp-->"e:\Programy\Winamp\UninstWA.exe"
Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Worms Reloaded-->"e:\gry\Team17\Worms Reloaded\unins000.exe"
WRC FIA World Rally Championship-->"C:\Program Files\InstallShield Installation Information\{B6E3F2A0-DDBB-4F0A-BA7C-09138605DDAC}\setup.exe" -runfromtemp -l0x0409 -removeonly

======Hosts File======

127.0.0.1 serial.alcohol-soft.com
127.0.0.1 www.alcohol-soft.com
127.0.0.1 images.alcohol-soft.com
127.0.0.1 trial.alcohol-soft.com
127.0.0.1 alcohol-soft.com

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: euro-PC
Event Code: 7036
Message: Usługa Usługa autowykrywania serwera proxy w sieci Web WinHTTP weszła w stan uruchomienia.
Record Number: 122116
Source Name: Service Control Manager
Time Written: 20101123173815.000000-000
Event Type: Informacje
User:

Computer Name: euro-PC
Event Code: 7036
Message: Usługa Usługa autowykrywania serwera proxy w sieci Web WinHTTP weszła w stan zatrzymania.
Record Number: 122117
Source Name: Service Control Manager
Time Written: 20101123180045.000000-000
Event Type: Informacje
User:

Computer Name: euro-PC
Event Code: 10029
Message: Model DCOM uruchomił usługę gusvc z argumentami w celu uruchomienia serwera:
{89DAE4CD-9F17-4980-902A-99BA84A8F5C8}
Record Number: 122118
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20101123182355.000000-000
Event Type: Informacje
User:

Computer Name: euro-PC
Event Code: 7036
Message: Usługa Google Software Updater weszła w stan uruchomienia.
Record Number: 122119
Source Name: Service Control Manager
Time Written: 20101123182356.000000-000
Event Type: Informacje
User:

Computer Name: euro-PC
Event Code: 7036
Message: Usługa Google Software Updater weszła w stan zatrzymania.
Record Number: 122120
Source Name: Service Control Manager
Time Written: 20101123182456.000000-000
Event Type: Informacje
User:

=====Application event log=====

Computer Name: euro-PC
Event Code: 1000
Message: Liczniki wydajności dla usługi WmiApRpl (WmiApRpl) zostały pomyślnie załadowane. Dane rekordu w sekcji danych zawierają nowe wartości indeksu przypisane do tej usługi.
Record Number: 24141
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20101123150100.000000-000
Event Type: Informacje
User:

Computer Name: euro-PC
Event Code: 9010
Message: Proces Need for Speed(TM) Hot Pursuit Application zażądał wyłączenia Menedżera okien pulpitu.
Record Number: 24142
Source Name: Desktop Window Manager
Time Written: 20101123171006.000000-000
Event Type: Informacje
User:

Computer Name: euro-PC
Event Code: 9013
Message: Nie można uruchomić Menedżera okien pulpitu, ponieważ kompozycja została wyłączona przez działającą aplikację.
Record Number: 24143
Source Name: Desktop Window Manager
Time Written: 20101123171006.000000-000
Event Type: Informacje
User:

Computer Name: euro-PC
Event Code: 0
Message:
Record Number: 24144
Source Name: gusvc
Time Written: 20101123182355.000000-000
Event Type: Informacje
User:

Computer Name: euro-PC
Event Code: 0
Message:
Record Number: 24145
Source Name: gusvc
Time Written: 20101123182455.000000-000
Event Type: Informacje
User:

=====Security event log=====

Computer Name: euro-PC
Event Code: 5056
Message: Wykonano autotest funkcji kryptograficznej.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: EURO-PC$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7

Moduł: ncrypt.dll

Kod powrotny: 0x0
Record Number: 22707
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100623090035.281590-000
Event Type: Sukces inspekcji
User:

Computer Name: euro-PC
Event Code: 4648
Message: Podjęto próbę logowania przy użyciu jawnych poświadczeń.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: EURO-PC$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Konto, którego poświadczenia zostały użyte:
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Serwer docelowy:
Nazwa serwera docelowego: localhost
Informacje dodatkowe: localhost

Informacje o procesie:
Identyfikator procesu: 0x384
Nazwa procesu: C:\Windows\System32\services.exe

Informacje o sieci:
Adres sieciowy: -
Port: -

To zdarzenie jest generowane, gdy proces podejmie próbę zalogowania się na koncie, określając w sposób jawny poświadczenia konta. To zdarzenie najczęściej występuje w konfiguracjach wsadowych, takich jak zaplanowane zadania, lub podczas używania polecenia RUNAS.
Record Number: 22708
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100623090036.268590-000
Event Type: Sukces inspekcji
User:

Computer Name: euro-PC
Event Code: 4624
Message: Użytkownik pomyślnie zalogował się na koncie.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: EURO-PC$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7

Typ logowania: 5

Nowe logowanie:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e7
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
Identyfikator procesu: 0x384
Nazwa procesu: C:\Windows\System32\services.exe

Informacje o sieci:
Nazwa stacji roboczej:
Adres źródłowy sieci: -
Port źródłowy: -

Szczegółowe informacje o uwierzytelnianiu:
Proces logowania: Advapi
Pakiet uwierzytelniania: Negotiate
Usługi przejściowe: -
Nazwa pakietu (tylko NTLM): -
Długość klucza: 0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.

Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.

Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.

Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.
- Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
- Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.
- Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.
- Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.
Record Number: 22709
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100623090036.268590-000
Event Type: Sukces inspekcji
User:

Computer Name: euro-PC
Event Code: 4672
Message: Przypisano specjalne uprawnienia do nowego logowania.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e7

Uprawnienia: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 22710
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100623090036.268590-000
Event Type: Sukces inspekcji
User:

Computer Name: euro-PC
Event Code: 5033
Message: Sterownik Zapory systemu Windows został pomyślnie uruchomiony.
Record Number: 22711
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100623090036.932590-000
Event Type: Sukces inspekcji
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=17
"PROCESSOR_IDENTIFIER"=x86 Family 17 Model 3 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0301
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"RGSCLauncher"=e:\gry\Rockstar Games\Rockstar Games Social Club
"RGSC"=e:\gry\Rockstar Games\Rockstar Games Social Club\1_0_0_0

-----------------EOF-----------------
[/log]

Tomek01
komentarz
komentarz

Wygląda na to, że rootkit blokuje dostęp.


W OTL, w oknie Custom scan/fixes wklej:
[code]:Processes
Explorer.exe

:OTL
SRV - File not found [Auto | Stopped] -- -- (xaqrgbg)
O33 - MountPoints2\{f9211843-e2a8-11de-8a8d-00235a01a141}\Shell\AutoRun\command - "" = G:\EXPLORER.EXE -- File not found
O33 - MountPoints2\{f9211843-e2a8-11de-8a8d-00235a01a141}\Shell\explore\Command - "" = G:\EXPLORER.EXE -- File not found
O33 - MountPoints2\{f9211843-e2a8-11de-8a8d-00235a01a141}\Shell\open\Command - "" = G:\EXPLORER.EXE -- File not found

:Files
C:\Windows\System32\wrfhx.dll
C:\Users\euro\AppData\Roaming\.#
C:\Users\euro\AppData\Roaming\EurekaLog
C:\Users\euro\AppData\Roaming\winsec32
C:\Windows\system32\0A591.tmp
C:\Windows\system32\0A7C3.tmp
C:\Windows\system32\0A3FB.tmp
C:\Windows\system32\0A66B.tmp
C:\Windows\system32\0AAEE.tmp
C:\Windows\system32\0A85F.tmp
C:\Windows\system32\0AAAF.tmp
C:\Windows\system32\0FE99.tmp
C:\Windows\system32\0A9A6.tmp
C:\Windows\system32\0A275.tmp
C:\Windows\system32\0A41B.tmp
C:\Windows\system32\0A497.tmp
C:\Windows\system32\0A736.tmp
C:\Windows\system32\0AE09.tmp
C:\Windows\system32\0A9B6.tmp
C:\Windows\system32\0BB81.tmp
C:\Windows\system32\0A958.tmp
C:\Windows\system32\0A64C.tmp
C:\Windows\system32\0AFDD.tmp
C:\Windows\system32\08851.tmp
C:\Windows\system32\08313.tmp
C:\Windows\system32\084BA.tmp
C:\Windows\system32\0F343.tmp

:Reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\winsec32]

:Services
xaqrgbg

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]

Klikasz run fix, komputer uruchamia się ponownie.
Wrzuć log z usuwania oraz nowe logi: OTL i RSIT + Gmer. Odinstaluj sterownik sptd.sys oraz jednostki emulujące napęd, np DeamonTools, Alcohol. Dopiero wtedy uruchom Gmer'a.

kcr
komentarz
komentarz

Usunalem DaemonTools i Alcohol, ale podczas skanowania Gmerem pojawil sie bluescreen i musialem zrestartowac laptopa... Nie wiem czy mam jeszcze raz skanowac gmerem.?

Szczegoly BS'a jak cos:
[log]Podpis problemu:
Nazwa zdarzenia problemu: BlueScreen
Wersja systemu operacyjnego: 6.0.6001.2.1.0.768.3
Identyfikator ustawień regionalnych: 1045

Dodatkowe informacje o problemie:
BCCode: 50
BCP1: C55DA300
BCP2: 00000000
BCP3: 9F1F0EED
BCP4: 00000000
OS Version: 6_0_6001
Service Pack: 1_0
Product: 768_1

Pliki pomagające opisać problem:
C:\Windows\Minidump\Mini112310-01.dmp
C:\Users\euro\AppData\Local\Temp\WER-52837-0.sysdata.xml
C:\Users\euro\AppData\Local\Temp\WER637.tmp.version.txt

[/log]

Log z usuwania:

[log]All processes killed
========== PROCESSES ==========
No active process named Explorer.exe was found!
========== OTL ==========
Service xaqrgbg stopped successfully!
Service xaqrgbg deleted successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f9211843-e2a8-11de-8a8d-00235a01a141}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f9211843-e2a8-11de-8a8d-00235a01a141}\ not found.
File G:\EXPLORER.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f9211843-e2a8-11de-8a8d-00235a01a141}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f9211843-e2a8-11de-8a8d-00235a01a141}\ not found.
File G:\EXPLORER.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f9211843-e2a8-11de-8a8d-00235a01a141}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f9211843-e2a8-11de-8a8d-00235a01a141}\ not found.
File G:\EXPLORER.EXE not found.
========== FILES ==========
File move failed. C:\Windows\System32\wrfhx.dll scheduled to be moved on reboot.
C:\Users\euro\AppData\Roaming\.# folder moved successfully.
C:\Users\euro\AppData\Roaming\EurekaLog folder moved successfully.
C:\Users\euro\AppData\Roaming\winsec32 folder moved successfully.
File move failed. C:\Windows\system32\0A591.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A7C3.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A3FB.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A66B.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0AAEE.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A85F.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0AAAF.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0FE99.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A9A6.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A275.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A41B.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A497.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A736.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0AE09.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A9B6.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0BB81.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A958.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A64C.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0AFDD.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\08851.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\08313.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\084BA.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0F343.tmp scheduled to be moved on reboot.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\winsec32\ deleted successfully.
========== SERVICES/DRIVERS ==========
Error: No service named xaqrgbg was found to stop!
Service\Driver key xaqrgbg not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: euro
->Temp folder emptied: 9466326 bytes
->Temporary Internet Files folder emptied: 59025122 bytes
->Java cache emptied: 22396727 bytes
->FireFox cache emptied: 107713712 bytes
->Flash cache emptied: 426799 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 757760 bytes
%systemroot%\System32 .tmp files removed: 3369184 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 29625301 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 222,00 mb


OTL by OldTimer - Version 3.2.17.3 log created on 11232010_214705

Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\wrfhx.dll scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A591.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A7C3.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A3FB.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A66B.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0AAEE.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A85F.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0AAAF.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0FE99.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A9A6.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A275.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A41B.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A497.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A736.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0AE09.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A9B6.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0BB81.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A958.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A64C.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0AFDD.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\08851.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\08313.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\084BA.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0F343.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\System32\084B9.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\System32\08545.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\System32\08803.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\System32\08861.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\System32\08E0B.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\System32\08F05.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\System32\08F34.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\System32\093D5.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\System32\09953.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\System32\09A4B.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\System32\0D2D8.tmp scheduled to be moved on reboot.

Registry entries deleted on Reboot...
[/log]



OTL

[log]OTL logfile created on: 2010-11-23 22:14:22 - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\euro\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 63,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 3,67 Gb Free Space | 2,46% Space Free | Partition Type: NTFS
Drive E: | 147,58 Gb Total Space | 59,20 Gb Free Space | 40,11% Space Free | Partition Type: NTFS

Computer Name: EURO-PC | User Name: euro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-11-23 19:13:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\euro\Desktop\OTL.exe
PRC - [2010-10-29 14:56:38 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-08-17 14:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2010-03-30 11:16:16 | 001,820,040 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2010-03-30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2009-12-07 15:48:46 | 000,862,208 | ---- | M] (Murray Hurps Corp Pty Ltd) -- E:\Programy\Ad Muncher\AdMunch.exe
PRC - [2009-11-11 16:33:04 | 003,171,760 | ---- | M] (Tonec Inc.) -- E:\Programy\Internet Download Manager\IDMan.exe
PRC - [2009-11-04 16:45:32 | 000,360,448 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009-11-04 16:45:02 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009-10-30 15:08:26 | 000,486,216 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2009-10-30 15:05:48 | 001,021,256 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2009-10-22 08:43:58 | 002,548,056 | ---- | M] (Razer USA Ltd) -- C:\Program Files\Razer\Orochi\RazerOrochiTray.exe
PRC - [2009-10-20 19:34:38 | 000,207,376 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
PRC - [2009-10-15 10:51:51 | 000,263,600 | ---- | M] (Tonec Inc.) -- E:\Programy\Internet Download Manager\IEMonitor.exe
PRC - [2009-08-24 10:27:34 | 007,719,456 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2009-06-15 13:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2009-04-22 17:38:50 | 000,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2009-04-22 17:37:16 | 000,065,536 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2009-03-03 03:16:04 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
PRC - [2008-12-05 16:11:54 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008-10-29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008-10-02 09:05:12 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008-08-26 14:26:44 | 000,099,720 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
PRC - [2008-08-25 09:58:20 | 000,077,824 | ---- | M] (Toshiba) -- C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
PRC - [2008-08-19 21:34:32 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008-08-18 22:22:56 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
PRC - [2008-08-18 22:22:02 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2008-07-30 09:02:08 | 000,667,648 | ---- | M] (TOSHIBA Corporation.) -- C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe
PRC - [2008-07-15 19:12:00 | 000,726,904 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
PRC - [2008-07-15 15:16:58 | 000,106,496 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe
PRC - [2008-07-10 16:58:40 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2008-07-10 16:57:30 | 000,634,880 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
PRC - [2008-07-04 13:51:54 | 000,430,080 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2008-06-24 09:06:14 | 000,509,816 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe
PRC - [2008-06-20 02:14:44 | 000,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
PRC - [2008-05-22 21:54:42 | 000,120,168 | ---- | M] (TOSHIBA CORPORATION) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2008-05-20 13:42:00 | 000,716,800 | ---- | M] (TOSHIBA Corporation.) -- C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
PRC - [2008-04-16 23:19:16 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
PRC - [2008-01-21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2008-01-21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2008-01-21 03:25:00 | 002,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
PRC - [2008-01-21 03:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2008-01-21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2008-01-21 03:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2008-01-21 03:24:44 | 000,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
PRC - [2008-01-21 03:24:44 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2008-01-21 03:23:52 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2008-01-21 03:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2008-01-21 03:23:44 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2008-01-21 03:23:29 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2008-01-21 03:23:29 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanext.exe
PRC - [2007-12-15 14:29:06 | 000,184,320 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\Apoint.exe
PRC - [2007-12-07 17:58:24 | 000,077,824 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\Tss\Instrument API\bin\tray.exe
PRC - [2007-12-07 17:55:08 | 000,380,928 | ---- | M] () -- C:\Program Files\Common Files\Nokia\Tss\Instrument API\bin\root.exe
PRC - [2007-11-21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2007-10-25 16:23:36 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\ApntEx.exe
PRC - [2007-09-28 15:03:46 | 000,075,136 | ---- | M] ( TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
PRC - [2007-09-12 13:40:38 | 000,050,472 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\ApMsgFwd.exe
PRC - [2006-11-06 16:14:44 | 000,034,352 | ---- | M] () -- C:\Program Files\Toshiba\Utilities\KeNotify.exe
PRC - [2006-10-05 11:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006-08-23 15:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006-02-28 12:42:38 | 000,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-11-23 19:13:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\euro\Desktop\OTL.exe
MOD - [2010-09-08 18:23:43 | 000,270,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
MOD - [2010-09-08 18:23:42 | 006,078,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
MOD - [2010-08-31 16:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
MOD - [2010-07-26 17:55:26 | 011,581,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2010-06-28 17:15:53 | 001,315,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2010-04-16 17:10:45 | 000,501,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2009-12-07 15:48:46 | 000,030,208 | ---- | M] (Murray Hurps Corp Pty Ltd) -- E:\Programy\Ad Muncher\AM31318.dll
MOD - [2009-07-17 15:35:11 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009-06-15 16:24:05 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2009-04-23 13:43:04 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2009-03-26 16:35:39 | 000,034,224 | ---- | M] (Tonec Inc.) -- E:\Programy\Internet Download Manager\idmmkb.dll
MOD - [2009-02-13 09:49:05 | 000,888,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2008-10-21 06:25:18 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2008-10-16 05:47:33 | 000,466,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
MOD - [2008-05-27 06:17:46 | 000,754,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2008-02-29 07:53:38 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2008-01-21 03:25:01 | 001,203,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2008-01-21 03:25:00 | 000,563,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2008-01-21 03:24:57 | 000,806,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2008-01-21 03:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll
MOD - [2008-01-21 03:24:47 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll
MOD - [2008-01-21 03:24:46 | 001,590,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2008-01-21 03:24:38 | 000,450,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2008-01-21 03:24:37 | 000,351,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2008-01-21 03:24:37 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
MOD - [2008-01-21 03:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008-01-21 03:24:37 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2008-01-21 03:24:36 | 000,680,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2008-01-21 03:24:27 | 000,798,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2008-01-21 03:24:26 | 001,076,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2008-01-21 03:24:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2008-01-21 03:24:24 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2008-01-21 03:24:24 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2008-01-21 03:24:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2008-01-21 03:24:23 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll
MOD - [2008-01-21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2008-01-21 03:24:14 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
MOD - [2008-01-21 03:24:14 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2008-01-21 03:24:13 | 000,289,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2008-01-21 03:24:11 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2008-01-21 03:24:10 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2008-01-21 03:24:10 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2008-01-21 03:23:50 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2008-01-21 03:23:44 | 001,067,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2008-01-21 03:23:43 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2008-01-21 03:23:42 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2008-01-21 03:23:27 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2006-11-02 10:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-09-05 12:06:37 | 000,340,520 | ---- | M] (Kaspersky Lab) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP)
SRV - [2010-03-30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010-02-02 21:01:27 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010-01-01 11:17:08 | 000,321,320 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009-12-16 19:55:17 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009-11-04 16:45:02 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (Ati External Event Utility)
SRV - [2009-10-30 15:05:48 | 001,021,256 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2009-10-30 15:01:00 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2008-12-05 16:11:54 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008-08-26 14:26:44 | 000,099,720 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files\Toshiba TEMPRO\TempoSVC.exe -- (TempoMonitoringService)
SRV - [2008-08-25 09:58:20 | 000,077,824 | ---- | M] (Toshiba) [On_Demand | Running] -- C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv)
SRV - [2008-08-19 21:34:32 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008-08-18 22:22:02 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2008-07-15 15:16:58 | 000,106,496 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2008-07-10 16:58:40 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008-05-22 21:54:42 | 000,120,168 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2008-04-16 15:53:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\Jumpstart\jswpsapi.exe -- (jswpsapi)
SRV - [2008-01-21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-11-21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2006-10-05 11:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006-08-23 15:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\vserial.sys -- (vserial)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\TpChoice.sys -- (TpChoice)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2010-11-19 10:37:47 | 000,010,454 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\parldr2k.sys -- (PARLDR2K)
DRV - [2010-11-19 10:34:20 | 000,034,048 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\flsvcom.sys -- (FLSVCOM)
DRV - [2010-11-19 10:34:20 | 000,016,314 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\flspar.sys -- (FLSPAR)
DRV - [2010-11-19 10:34:20 | 000,013,440 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\flsiface.sys -- (FLSIFACE)
DRV - [2010-11-19 10:34:20 | 000,008,344 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\flsser.sys -- (FLSSER)
DRV - [2010-11-19 10:34:18 | 000,033,404 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\fle5wnnt.sys -- (FLE5WNNT)
DRV - [2010-11-19 10:33:03 | 000,049,720 | ---- | M] (Data Encryption Systems Limited) [Kernel | System | Running] -- C:\Windows\System32\drivers\dk2drv.sys -- (dk2drv)
DRV - [2010-10-11 18:38:12 | 000,005,120 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Dark Stars Network\Season 5\MuGuard\llck.sys -- (LLRING0)
DRV - [2010-02-03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009-12-28 18:31:35 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009-12-28 18:31:35 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009-12-06 22:55:17 | 000,311,312 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2009-11-20 15:26:50 | 000,025,984 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2009-11-04 17:16:46 | 005,079,040 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009-10-14 20:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\klbg.sys -- (klbg)
DRV - [2009-10-14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009-10-06 11:56:34 | 000,136,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009-10-06 11:56:32 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009-10-02 18:39:36 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009-09-30 15:31:46 | 000,103,440 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009-09-14 13:46:36 | 000,021,520 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009-09-01 14:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
DRV - [2009-08-24 10:19:10 | 002,754,336 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-08-19 21:01:44 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2008-08-07 16:01:44 | 000,097,536 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008-08-06 15:26:08 | 000,124,928 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008-07-28 15:53:48 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008-07-15 19:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2008-05-23 02:07:16 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2008-05-13 15:16:06 | 000,064,000 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2008-05-07 10:30:12 | 000,025,896 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter)
DRV - [2008-04-28 16:59:18 | 000,020,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf)
DRV - [2008-04-28 08:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2008-04-23 16:15:26 | 000,131,712 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2008-03-25 12:54:02 | 000,041,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2008-03-19 10:38:24 | 000,074,112 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2008-02-06 23:23:46 | 000,166,448 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008-01-22 19:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2008-01-21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008-01-21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008-01-21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008-01-21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008-01-21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008-01-21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008-01-21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008-01-21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008-01-21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008-01-21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008-01-21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008-01-21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008-01-21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008-01-21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008-01-21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008-01-21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008-01-21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008-01-21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008-01-21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008-01-21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008-01-21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008-01-21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008-01-21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008-01-21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008-01-21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007-12-14 10:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007-11-29 08:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007-11-09 13:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007-06-29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2006-11-28 14:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006-10-23 15:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2005-07-11 17:58:00 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Toshidpt.sys -- (toshidpt)
DRV - [2005-01-07 04:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-232952699-1772018591-989298238-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;
IE - HKU\S-1-5-21-232952699-1772018591-989298238-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://shop.thefreevpn.com/home.php
IE - HKU\S-1-5-21-232952699-1772018591-989298238-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-232952699-1772018591-989298238-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-232952699-1772018591-989298238-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: autofillForms@blueimp.net:0.9.6.1
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:6.8
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..extensions.enabledItems: check4change-owner@mozdev.org:1.7.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.4
FF - prefs.js..extensions.enabledItems: lockerzplayextended@flies:2.5.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-10-31 21:04:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-10-29 14:56:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2009-12-06 22:49:47 | 000,000,000 | ---D | M]

[2009-12-06 18:22:48 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\mozilla\Extensions
[2010-11-22 23:09:22 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions
[2010-10-22 14:12:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2010-04-27 22:14:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-06-04 17:35:06 | 000,000,000 | ---D | M] (MinimizeToTray Plus) -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\{de1b245c-de57-11da-ba2d-0050c2490048}
[2010-04-27 22:14:35 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010-09-19 10:24:03 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\autofillForms@blueimp.net
[2010-09-19 10:24:03 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\check4change-owner@mozdev.org
[2010-08-29 12:22:05 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies
[2010-05-26 20:55:01 | 000,001,313 | ---- | M] () -- C:\Users\euro\AppData\Roaming\Mozilla\FireFox\Profiles\xf2ajzxv.default\searchplugins\zgapapl.xml
[2010-11-22 23:09:22 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-05-18 18:36:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-08-29 19:10:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2009-12-06 22:50:46 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010-07-17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-08-30 12:50:44 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-08-30 12:50:44 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-08-30 12:50:44 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-08-30 12:50:45 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-08-30 12:50:45 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-08-30 12:50:45 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-10-31 20:46:14 | 000,000,164 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\Programy\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - E:\Programy\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-232952699-1772018591-989298238-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Ad Muncher] e:\Programy\Ad Muncher\AdMunch.exe (Murray Hurps Corp Pty Ltd)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [cfFncEnabler.exe] File not found
O4 - HKLM..\Run: [HDMICtrlMan] C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.)
O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [KeNotify] C:\Program Files\Toshiba\Utilities\KeNotify.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [Razer Orochi Driver] C:\Program Files\Razer\Orochi\RazerOrochiTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-232952699-1772018591-989298238-1000..\Run: [AQQ] E:\Programy\WapSter\WapSter AQQ\AQQ.exe (Creative Team S.A.)
O4 - HKU\S-1-5-21-232952699-1772018591-989298238-1000..\Run: [IDMan] E:\Programy\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-232952699-1772018591-989298238-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-232952699-1772018591-989298238-1000..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-232952699-1772018591-989298238-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-232952699-1772018591-989298238-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKU\S-1-5-21-232952699-1772018591-989298238-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O8 - Extra context menu item: Ściągnij przez IDM - E:\Programy\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - E:\Programy\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - E:\Programy\Internet Download Manager\IEGetVL.htm ()
O9 - Extra Button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Kolekcja wycinków HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - E:\Programy\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Zaznaczanie HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - E:\Programy\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - File not found
O9 - Extra Button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Programy\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-232952699-1772018591-989298238-1000\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)
O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - E:\Programy\Fences\FencesMenu.dll (Stardock)
O24 - Desktop WallPaper: C:\Users\euro\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\euro\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010-11-11 20:37:20 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-11-11 20:37:20 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-11-23 21:47:05 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-11-23 19:29:06 | 000,000,000 | ---D | C] -- C:\rsit
[2010-11-23 19:12:54 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\euro\Desktop\OTL.exe
[2010-11-23 14:02:12 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010-11-22 19:43:44 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Nowy folder
[2010-11-19 19:09:12 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\EuroTEST
[2010-11-19 16:42:07 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\ISO-8859-2__SpCC
[2010-11-19 16:13:59 | 000,000,000 | ---D | C] -- C:\Program Files\ODEON
[2010-11-19 16:13:30 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\jaf_1.98.62__pkeyv5_www.przeklej.pl
[2010-11-19 14:22:56 | 000,000,000 | ---D | C] -- C:\Users\euro\Documents\Criterion Games
[2010-11-19 13:32:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[2010-11-19 12:16:33 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Roaming\Nokia
[2010-11-19 11:38:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2010-11-19 10:37:47 | 000,010,454 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\parldr2k.sys
[2010-11-19 10:34:20 | 000,079,408 | ---- | C] (DESkey) -- C:\Windows\System32\flsport.cpl
[2010-11-19 10:34:20 | 000,051,798 | ---- | C] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLSUSB\FLSUSB.SYS
[2010-11-19 10:34:20 | 000,051,798 | ---- | C] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLSUSB.SYS
[2010-11-19 10:34:20 | 000,050,175 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLSUSB\FlsFWLdr.sys
[2010-11-19 10:34:20 | 000,050,175 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FlsFWLdr.sys
[2010-11-19 10:34:20 | 000,034,048 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flsvcom.sys
[2010-11-19 10:34:20 | 000,016,314 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flspar.sys
[2010-11-19 10:34:20 | 000,013,440 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flsiface.sys
[2010-11-19 10:34:20 | 000,008,344 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flsser.sys
[2010-11-19 10:34:20 | 000,000,000 | ---D | C] -- C:\ProgramData\DESkey
[2010-11-19 10:34:19 | 000,078,997 | ---- | C] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLSUSB\FLS5USB.SYS
[2010-11-19 10:34:19 | 000,078,997 | ---- | C] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLS5USB.SYS
[2010-11-19 10:34:19 | 000,072,479 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLSUSB\FLS5FWLD.SYS
[2010-11-19 10:34:19 | 000,072,479 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLS5FWLD.SYS
[2010-11-19 10:34:19 | 000,003,984 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\flscoins.dll
[2010-11-19 10:34:19 | 000,003,984 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLSUSB\flscoins.dll
[2010-11-19 10:34:18 | 000,417,792 | ---- | C] (NMP) -- C:\Windows\System32\fls1wn32.dll
[2010-11-19 10:34:18 | 000,080,160 | ---- | C] (NMP) -- C:\Windows\System32\fls1wn16.dll
[2010-11-19 10:34:18 | 000,061,440 | ---- | C] (Data Encryption Systems Ltd) -- C:\Windows\System32\fle5wn32.dll
[2010-11-19 10:34:18 | 000,053,248 | ---- | C] (Data Encryption Systems Ltd) -- C:\Windows\System32\FLS5FL32.DLL
[2010-11-19 10:34:18 | 000,033,404 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\fle5wnnt.sys
[2010-11-19 10:34:17 | 000,022,064 | ---- | C] (NMP) -- C:\Windows\System32\fle5wn16.dll
[2010-11-19 10:34:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\FLSUSB
[2010-11-19 10:33:05 | 000,092,984 | ---- | C] (Data Encryption Systems Ltd) -- C:\Windows\System32\DNClnt32.dll
[2010-11-19 10:33:05 | 000,089,400 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\DNCP32.DLL
[2010-11-19 10:33:05 | 000,064,312 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\vercp32.dll
[2010-11-19 10:33:04 | 000,032,208 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\dk2win16.dll
[2010-11-19 10:33:04 | 000,030,520 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\DK2UInst.exe
[2010-11-19 10:33:04 | 000,024,488 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\dk2vdd.dll
[2010-11-19 10:33:04 | 000,011,576 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\DKCLINST.DLL
[2010-11-19 10:33:03 | 000,076,600 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\dk2cp32.dll
[2010-11-19 10:33:03 | 000,060,216 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\DESkey32.cpl
[2010-11-19 10:33:03 | 000,049,720 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\dk2drv.sys
[2010-11-19 10:33:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESkey
[2010-11-19 10:30:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2010-11-19 10:27:18 | 000,090,624 | ---- | C] (Nokia) -- C:\Windows\System32\nmwcdcls.dll
[2010-11-19 10:27:16 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2010-11-14 16:57:34 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\path
[2010-11-11 20:37:20 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010-11-11 18:09:19 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Roaming\Server121
[2010-11-11 18:08:10 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\ServerHey0121
[2010-11-11 17:55:16 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Minecraft_mod 125
[2010-11-11 17:51:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\world
[2010-11-11 17:44:53 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Roaming\bckup
[2010-11-11 13:31:54 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Minecraft Alpha Server by AmanRuleZ[K0xRLZ]
[2010-11-11 13:30:03 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Local\LogMeIn Hamachi
[2010-11-11 13:29:20 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2010-11-11 11:12:09 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Roaming\.minecraft
[2010-11-02 16:53:22 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Eldo - 27 (2007)
[2010-10-29 15:29:41 | 000,000,000 | ---D | C] -- C:\Program Files\Razer
[2010-10-23 18:57:21 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Roaming\BlackBean
[2010-10-22 16:05:08 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Abradab-Ostatni_Poziom_Kontroli-PL-2008
[2010-10-19 17:41:26 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\AbradAb - Abradabing [2010]-P24
[2010-10-15 14:45:41 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010-10-14 12:10:24 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010-10-14 12:10:15 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010-10-14 12:10:06 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010-10-14 12:10:05 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010-10-14 12:10:05 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010-10-14 12:10:04 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010-10-14 12:10:02 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010-10-14 12:09:57 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010-10-14 12:09:56 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010-10-14 12:09:55 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010-10-14 12:09:55 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010-10-14 12:09:55 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010-10-14 12:09:55 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010-10-14 12:09:55 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010-10-14 12:09:55 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010-10-14 12:09:55 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2010-10-14 12:09:55 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010-10-13 20:02:23 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Bass_Time_Continuum_-_Bass_Junkie
[2010-10-10 13:13:12 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\VA _- C A_V 37 2010__
[2010-10-10 12:58:09 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\the_classic_proyect2_by_angel
[2010-10-10 09:41:03 | 000,000,000 | ---D | C] -- C:\Program Files\Dark Stars Network
[2010-10-02 16:12:13 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Opracowania_Lektur
[2010-09-29 16:27:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[34 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-11-23 22:16:48 | 000,688,488 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2010-11-23 22:16:48 | 000,596,566 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010-11-23 22:16:48 | 000,136,144 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2010-11-23 22:16:48 | 000,110,254 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010-11-23 22:10:19 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010-11-23 22:09:58 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010-11-23 22:09:58 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010-11-23 22:09:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-11-23 22:09:47 | 3186,016,256 | -HS- | M] () -- C:\hiberfil.sys
[2010-11-23 21:50:00 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010-11-23 19:24:24 | 000,339,991 | ---- | M] () -- C:\Users\euro\Desktop\rsit_www.przeklej.pl.exe
[2010-11-23 19:13:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\euro\Desktop\OTL.exe
[2010-11-23 14:02:12 | 000,001,885 | ---- | M] () -- C:\Users\euro\Desktop\HijackThis.lnk
[2010-11-22 22:04:42 | 000,144,384 | ---- | M] () -- C:\Users\euro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-11-22 17:45:28 | 003,128,874 | ---- | M] () -- C:\Users\euro\Desktop\Opposite Of Adults - Chiddy Bang.mp3
[2010-11-21 13:39:25 | 008,300,756 | ---- | M] () -- C:\Users\euro\Desktop\Benny Benassi feat. Gary Go - Cinema.mp3
[2010-11-20 00:16:51 | 000,968,402 | ---- | M] () -- C:\Users\euro\Desktop\blife002.jpg
[2010-11-19 16:18:40 | 000,001,786 | ---- | M] () -- C:\Users\euro\Desktop\Launch JAF COM Emulator.lnk
[2010-11-19 16:18:40 | 000,001,745 | ---- | M] () -- C:\Users\euro\Desktop\Launch JAF Logger.lnk
[2010-11-19 16:18:40 | 000,001,699 | ---- | M] () -- C:\Users\euro\Desktop\Launch JAF.lnk
[2010-11-19 14:22:41 | 000,000,841 | ---- | M] () -- C:\Users\euro\Desktop\NFS11 — skrót.lnk
[2010-11-19 12:40:12 | 000,002,182 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TSS Instrument API Tray Utility.lnk
[2010-11-19 12:40:12 | 000,001,905 | ---- | M] () -- C:\Users\Public\Desktop\Phoenix.lnk
[2010-11-19 11:08:36 | 364,270,098 | ---- | M] () -- C:\Users\euro\Documents\BackupRegistry(20101119).reg
[2010-11-19 11:03:22 | 000,004,263 | ---- | M] () -- C:\Windows\System32\FLSINSTU.INI
[2010-11-19 10:41:00 | 000,000,256 | ---- | M] () -- C:\dk2.mem
[2010-11-19 10:37:47 | 000,010,454 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\parldr2k.sys
[2010-11-19 10:37:41 | 000,000,048 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\FLSUSB.INI
[2010-11-19 10:34:20 | 000,091,696 | ---- | M] () -- C:\Windows\System32\FLSDEVCP.EXE
[2010-11-19 10:34:20 | 000,079,408 | ---- | M] (DESkey) -- C:\Windows\System32\flsport.cpl
[2010-11-19 10:34:20 | 000,051,798 | ---- | M] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLSUSB\FLSUSB.SYS
[2010-11-19 10:34:20 | 000,051,798 | ---- | M] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLSUSB.SYS
[2010-11-19 10:34:20 | 000,050,736 | ---- | M] () -- C:\Windows\System32\flsuinst.exe
[2010-11-19 10:34:20 | 000,050,175 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLSUSB\FlsFWLdr.sys
[2010-11-19 10:34:20 | 000,050,175 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FlsFWLdr.sys
[2010-11-19 10:34:20 | 000,034,048 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flsvcom.sys
[2010-11-19 10:34:20 | 000,023,120 | ---- | M] () -- C:\Windows\System32\drivers\FPGA8501.rd4
[2010-11-19 10:34:20 | 000,016,314 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flspar.sys
[2010-11-19 10:34:20 | 000,013,440 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flsiface.sys
[2010-11-19 10:34:20 | 000,010,449 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\flsvser.cat
[2010-11-19 10:34:20 | 000,008,344 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flsser.sys
[2010-11-19 10:34:20 | 000,004,263 | ---- | M] () -- C:\Windows\System32\flsinst.ini
[2010-11-19 10:34:19 | 000,078,997 | ---- | M] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLSUSB\FLS5USB.SYS
[2010-11-19 10:34:19 | 000,078,997 | ---- | M] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLS5USB.SYS
[2010-11-19 10:34:19 | 000,072,479 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLSUSB\FLS5FWLD.SYS
[2010-11-19 10:34:19 | 000,072,479 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLS5FWLD.SYS
[2010-11-19 10:34:19 | 000,039,423 | ---- | M] () -- C:\Windows\System32\drivers\FLS8500.LDR
[2010-11-19 10:34:19 | 000,020,388 | ---- | M] () -- C:\Windows\System32\drivers\fls8200.ldr
[2010-11-19 10:34:19 | 000,020,320 | ---- | M] () -- C:\Windows\System32\drivers\fls8000.ldr
[2010-11-19 10:34:19 | 000,019,277 | ---- | M] () -- C:\Windows\System32\drivers\fls8100.ldr
[2010-11-19 10:34:19 | 000,019,157 | ---- | M] () -- C:\Windows\System32\drivers\fls8400.ldr
[2010-11-19 10:34:19 | 000,011,720 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\fls5usb.cat
[2010-11-19 10:34:19 | 000,003,984 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\flscoins.dll
[2010-11-19 10:34:19 | 000,003,984 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLSUSB\flscoins.dll
[2010-11-19 10:34:19 | 000,003,024 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\FLS5VSER.INF
[2010-11-19 10:34:18 | 000,417,792 | ---- | M] (NMP) -- C:\Windows\System32\fls1wn32.dll
[2010-11-19 10:34:18 | 000,080,160 | ---- | M] (NMP) -- C:\Windows\System32\fls1wn16.dll
[2010-11-19 10:34:18 | 000,061,440 | ---- | M] (Data Encryption Systems Ltd) -- C:\Windows\System32\fle5wn32.dll
[2010-11-19 10:34:18 | 000,053,248 | ---- | M] (Data Encryption Systems Ltd) -- C:\Windows\System32\FLS5FL32.DLL
[2010-11-19 10:34:18 | 000,033,404 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\fle5wnnt.sys
[2010-11-19 10:34:18 | 000,004,186 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\FLS5.INF
[2010-11-19 10:34:17 | 000,022,064 | ---- | M] (NMP) -- C:\Windows\System32\fle5wn16.dll
[2010-11-19 10:34:17 | 000,009,384 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\DKU8.cat
[2010-11-19 10:34:17 | 000,003,887 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\DKU8.inf
[2010-11-19 10:34:16 | 001,859,584 | ---- | M] () -- C:\Windows\System32\FLSINST.DLL
[2010-11-19 10:33:05 | 000,092,984 | ---- | M] (Data Encryption Systems Ltd) -- C:\Windows\System32\DNClnt32.dll
[2010-11-19 10:33:05 | 000,092,984 | ---- | M] () -- C:\Windows\System32\dkcpanel.exe
[2010-11-19 10:33:05 | 000,089,400 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\DNCP32.DLL
[2010-11-19 10:33:05 | 000,064,312 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\vercp32.dll
[2010-11-19 10:33:04 | 000,032,208 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\dk2win16.dll
[2010-11-19 10:33:04 | 000,030,520 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\DK2UInst.exe
[2010-11-19 10:33:04 | 000,024,488 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\dk2vdd.dll
[2010-11-19 10:33:04 | 000,011,576 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\DKCLINST.DLL
[2010-11-19 10:33:03 | 000,076,600 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\dk2cp32.dll
[2010-11-19 10:33:03 | 000,060,216 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\DESkey32.cpl
[2010-11-19 10:33:03 | 000,049,720 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\dk2drv.sys
[2010-11-19 10:32:59 | 002,325,304 | ---- | M] () -- C:\Windows\System32\DK2INST.DLL
[2010-11-14 13:42:25 | 018,434,172 | ---- | M] () -- C:\Users\euro\Desktop\path.rar
[2010-11-14 13:34:34 | 000,616,578 | ---- | M] () -- C:\Users\euro\Desktop\Zdjęcie0133.jpg
[2010-11-14 12:21:43 | 000,579,381 | ---- | M] () -- C:\Users\euro\Desktop\Zdjęcie0135.jpg
[2010-11-13 18:01:57 | 000,001,060 | ---- | M] () -- C:\Users\euro\Desktop\minecraft_server — skrót.lnk
[2010-11-11 18:00:53 | 000,000,843 | ---- | M] () -- C:\Users\euro\Desktop\Loader — skrót.lnk
[2010-11-11 17:51:47 | 000,000,179 | ---- | M] () -- C:\Windows\System32\server.properties
[2010-11-11 13:29:21 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2010-11-09 19:58:39 | 000,000,011 | R--- | M] () -- C:\Windows\amunres.lsl
[2010-11-02 18:58:04 | 000,001,826 | ---- | M] () -- C:\Users\euro\AppData\Roaming\EliseProfile0.dat
[2010-10-31 21:37:47 | 000,000,110 | ---- | M] () -- C:\Users\euro\Documents\ax_files.xml
[2010-10-26 20:41:33 | 000,149,104 | ---- | M] () -- C:\Users\euro\Desktop\Bez tytułu.jpg
[2010-10-24 09:45:26 | 004,684,800 | ---- | M] () -- C:\Users\euro\Desktop\dj_scott_e__live_it_up.mp3
[2010-10-23 18:56:06 | 000,000,742 | ---- | M] () -- C:\Users\Public\Desktop\Play WRC FIA World Rally Championship.lnk
[2010-10-22 18:01:55 | 006,863,449 | ---- | M] () -- C:\Users\euro\Desktop\Travis Mccoy Feat Bruno Mars - Billionaire.mp3
[2010-10-19 10:41:44 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010-10-17 15:10:18 | 004,719,176 | ---- | M] () -- C:\Users\euro\Desktop\4 Non Blondes - What_s Up.mp3
[2010-10-16 09:07:28 | 001,705,272 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010-10-13 20:10:11 | 003,242,109 | ---- | M] () -- C:\Users\euro\Desktop\Vengaboys - Boom Boom Boom.mp3
[2010-10-10 09:48:36 | 000,000,982 | ---- | M] () -- C:\Users\euro\Desktop\Play on DsNet Season 5 Episode 4.lnk
[2010-10-10 09:46:05 | 000,002,553 | ---- | M] () -- C:\Users\Public\Desktop\Update DsNetS5.lnk
[2010-09-28 20:37:09 | 004,820,741 | ---- | M] () -- C:\Users\euro\Desktop\Nirvana - Smells Like Teen Spirit.mp3
[34 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-11-23 19:24:22 | 000,339,991 | ---- | C] () -- C:\Users\euro\Desktop\rsit_www.przeklej.pl.exe
[2010-11-23 14:02:12 | 000,001,885 | ---- | C] () -- C:\Users\euro\Desktop\HijackThis.lnk
[2010-11-23 13:37:01 | 3186,016,256 | -HS- | C] () -- C:\hiberfil.sys
[2010-11-22 17:45:06 | 003,128,874 | ---- | C] () -- C:\Users\euro\Desktop\Opposite Of Adults - Chiddy Bang.mp3
[2010-11-21 13:39:11 | 008,300,756 | ---- | C] () -- C:\Users\euro\Desktop\Benny Benassi feat. Gary Go - Cinema.mp3
[2010-11-20 00:16:50 | 000,968,402 | ---- | C] () -- C:\Users\euro\Desktop\blife002.jpg
[2010-11-19 16:18:40 | 000,001,786 | ---- | C] () -- C:\Users\euro\Desktop\Launch JAF COM Emulator.lnk
[2010-11-19 16:18:40 | 000,001,745 | ---- | C] () -- C:\Users\euro\Desktop\Launch JAF Logger.lnk
[2010-11-19 16:18:40 | 000,001,699 | ---- | C] () -- C:\Users\euro\Desktop\Launch JAF.lnk
[2010-11-19 14:22:41 | 000,000,841 | ---- | C] () -- C:\Users\euro\Desktop\NFS11 — skrót.lnk
[2010-11-19 12:40:12 | 000,002,182 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TSS Instrument API Tray Utility.lnk
[2010-11-19 12:40:12 | 000,001,905 | ---- | C] () -- C:\Users\Public\Desktop\Phoenix.lnk
[2010-11-19 11:08:00 | 364,270,098 | ---- | C] () -- C:\Users\euro\Documents\BackupRegistry(20101119).reg
[2010-11-19 11:03:22 | 000,004,263 | ---- | C] () -- C:\Windows\System32\FLSINSTU.INI
[2010-11-19 10:41:00 | 000,000,256 | ---- | C] () -- C:\dk2.mem
[2010-11-19 10:35:41 | 000,000,048 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\FLSUSB.INI
[2010-11-19 10:34:20 | 000,091,696 | ---- | C] () -- C:\Windows\System32\FLSDEVCP.EXE
[2010-11-19 10:34:20 | 000,050,736 | ---- | C] () -- C:\Windows\System32\flsuinst.exe
[2010-11-19 10:34:20 | 000,023,120 | ---- | C] () -- C:\Windows\System32\drivers\FPGA8501.rd4
[2010-11-19 10:34:20 | 000,010,449 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\flsvser.cat
[2010-11-19 10:34:20 | 000,004,263 | ---- | C] () -- C:\Windows\System32\flsinst.ini
[2010-11-19 10:34:19 | 000,039,423 | ---- | C] () -- C:\Windows\System32\drivers\FLS8500.LDR
[2010-11-19 10:34:19 | 000,020,388 | ---- | C] () -- C:\Windows\System32\drivers\fls8200.ldr
[2010-11-19 10:34:19 | 000,020,320 | ---- | C] () -- C:\Windows\System32\drivers\fls8000.ldr
[2010-11-19 10:34:19 | 000,019,277 | ---- | C] () -- C:\Windows\System32\drivers\fls8100.ldr
[2010-11-19 10:34:19 | 000,019,157 | ---- | C] () -- C:\Windows\System32\drivers\fls8400.ldr
[2010-11-19 10:34:19 | 000,011,720 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\fls5usb.cat
[2010-11-19 10:34:19 | 000,003,024 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\FLS5VSER.INF
[2010-11-19 10:34:18 | 000,004,186 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\FLS5.INF
[2010-11-19 10:34:17 | 000,009,384 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\DKU8.cat
[2010-11-19 10:34:17 | 000,003,887 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\DKU8.inf
[2010-11-19 10:34:16 | 001,859,584 | ---- | C] () -- C:\Windows\System32\FLSINST.DLL
[2010-11-19 10:33:05 | 000,092,984 | ---- | C] () -- C:\Windows\System32\dkcpanel.exe
[2010-11-19 10:32:59 | 002,325,304 | ---- | C] () -- C:\Windows\System32\DK2INST.DLL
[2010-11-14 13:33:34 | 018,434,172 | ---- | C] () -- C:\Users\euro\Desktop\path.rar
[2010-11-14 12:22:01 | 000,616,578 | ---- | C] () -- C:\Users\euro\Desktop\Zdjęcie0133.jpg
[2010-11-14 12:21:28 | 000,579,381 | ---- | C] () -- C:\Users\euro\Desktop\Zdjęcie0135.jpg
[2010-11-13 18:01:57 | 000,001,060 | ---- | C] () -- C:\Users\euro\Desktop\minecraft_server — skrót.lnk
[2010-11-11 18:00:53 | 000,000,843 | ---- | C] () -- C:\Users\euro\Desktop\Loader — skrót.lnk
[2010-11-11 17:51:47 | 000,000,179 | ---- | C] () -- C:\Windows\System32\server.properties
[2010-11-11 13:29:21 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2010-11-09 19:58:39 | 000,000,011 | R--- | C] () -- C:\Windows\amunres.lsl
[2010-10-29 15:39:31 | 000,001,826 | ---- | C] () -- C:\Users\euro\AppData\Roaming\EliseProfile0.dat
[2010-10-26 20:41:32 | 000,149,104 | ---- | C] () -- C:\Users\euro\Desktop\Bez tytułu.jpg
[2010-10-24 09:45:18 | 004,684,800 | ---- | C] () -- C:\Users\euro\Desktop\dj_scott_e__live_it_up.mp3
[2010-10-23 18:56:06 | 000,000,742 | ---- | C] () -- C:\Users\Public\Desktop\Play WRC FIA World Rally Championship.lnk
[2010-10-22 18:01:42 | 006,863,449 | ---- | C] () -- C:\Users\euro\Desktop\Travis Mccoy Feat Bruno Mars - Billionaire.mp3
[2010-10-17 15:09:46 | 004,719,176 | ---- | C] () -- C:\Users\euro\Desktop\4 Non Blondes - What_s Up.mp3
[2010-10-13 20:09:44 | 003,242,109 | ---- | C] () -- C:\Users\euro\Desktop\Vengaboys - Boom Boom Boom.mp3
[2010-10-10 09:48:36 | 000,000,982 | ---- | C] () -- C:\Users\euro\Desktop\Play on DsNet Season 5 Episode 4.lnk
[2010-10-10 09:45:54 | 000,002,553 | ---- | C] () -- C:\Users\Public\Desktop\Update DsNetS5.lnk
[2010-09-28 20:36:08 | 004,820,741 | ---- | C] () -- C:\Users\euro\Desktop\Nirvana - Smells Like Teen Spirit.mp3
[2010-09-26 12:33:18 | 002,482,258 | ---- | C] () -- C:\Users\euro\Desktop\Luna Halo - I'm Alright.mp3
[2010-03-12 21:49:36 | 000,000,002 | ---- | C] () -- C:\Windows\msoffice.ini
[2010-03-10 18:07:11 | 000,019,968 | ---- | C] () -- C:\Windows\System32\cpuinf32.dll
[2010-01-27 17:27:44 | 000,000,097 | ---- | C] () -- C:\Windows\WirelessFTP.INI
[2010-01-15 01:08:40 | 000,000,000 | ---- | C] () -- C:\Windows\tosOBEX.INI
[2009-12-28 17:56:26 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009-12-28 17:56:25 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009-12-28 12:21:44 | 000,000,680 | ---- | C] () -- C:\Users\euro\AppData\Local\d3d9caps.dat
[2009-12-16 18:53:55 | 000,000,785 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2009-12-08 12:10:40 | 000,144,384 | ---- | C] () -- C:\Users\euro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-12-06 19:23:04 | 000,161,612 | RHS- | C] () -- C:\Windows\System32\wrfhx.dll
[2009-11-06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009-09-23 23:46:04 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009-05-30 01:37:40 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009-05-30 01:31:52 | 000,761,856 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009-02-28 10:09:28 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2009-02-28 10:09:28 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2009-02-28 10:09:28 | 000,010,132 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2009-02-28 10:09:28 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2008-10-02 08:48:06 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008-10-02 08:48:06 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008-10-02 08:48:06 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008-10-02 08:48:06 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008-10-02 08:48:06 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008-10-02 08:48:06 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008-10-02 08:39:00 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008-10-02 08:30:09 | 000,040,960 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2008-04-24 08:08:30 | 000,028,672 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2007-12-21 15:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2007-09-04 11:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2007-07-19 11:50:12 | 000,104,520 | ---- | C] () -- C:\Windows\System32\OSD.dll
[2007-02-05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006-11-02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005-07-22 20:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[2001-08-29 14:11:40 | 000,398,848 | R--- | C] () -- C:\Windows\System32\dk2win32.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-11-11 13:37:51 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\.minecraft
[2010-11-11 17:44:59 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\bckup
[2010-02-02 13:03:04 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Bioshock
[2010-06-23 13:09:39 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Bioshock2
[2010-10-23 18:57:21 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\BlackBean
[2010-05-08 12:19:20 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Braid
[2009-12-28 17:33:10 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\DAEMON Tools Lite
[2009-12-06 23:38:30 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\DAEMON Tools Pro
[2010-11-23 22:10:34 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\DMCache
[2010-06-11 19:08:17 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\FileZilla
[2009-12-07 19:45:35 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\GrabPro
[2010-02-17 17:22:49 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\gtk-2.0
[2010-11-05 18:00:40 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\IDM
[2010-09-17 19:42:20 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Need for Speed World
[2010-11-19 12:16:33 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Nokia
[2009-12-16 23:26:15 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Orbit
[2010-02-09 13:57:55 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\runic games
[2010-11-11 18:11:59 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Server121
[2010-05-02 18:45:38 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Stardock
[2010-10-09 18:12:07 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Toshiba
[2010-05-22 19:05:47 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\TS3Client
[2009-12-16 19:54:57 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\TuneUp Software
[2010-04-06 10:55:22 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Ubisoft
[2010-01-13 17:52:21 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\VistaCodecs
[2010-11-23 22:08:53 | 000,032,500 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



< End of report >
[/log]

RSIT

[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by euro at 2010-11-23 23:03:36
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 3 GB (2%) free of 153 GB
Total RAM: 3037 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:03:38, on 2010-11-23
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18527)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files\Toshiba\Utilities\KeNotify.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Apoint2K\Apoint.exe
E:\Programy\Ad Muncher\AdMunch.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Razer\Orochi\RazerOrochiTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
E:\Programy\Internet Download Manager\IDMan.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Nokia\Tss\Instrument API\bin\tray.exe
C:\Program Files\Common Files\Nokia\Tss\Instrument API\bin\root.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\conime.exe
E:\Programy\Internet Download Manager\IEMonitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
C:\Users\euro\Desktop\rsit_www.przeklej.pl.exe
C:\Program Files\trend micro\euro.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://shop.thefreevpn.com/home.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\Programy\Internet Download Manager\IDMIECC.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - E:\Programy\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [Ad Muncher] "e:\Programy\Ad Muncher\AdMunch.exe" /bt
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Razer Orochi Driver] C:\Program Files\Razer\Orochi\RazerOrochiTray.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [AQQ] E:\Programy\WapSter\WAPSTE~1\AQQ.exe
O4 - HKCU\..\Run: [IDMan] E:\Programy\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA SIECIOWA')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: TSS Instrument API Tray Utility.lnk = C:\Program Files\Common Files\Nokia\Tss\Instrument API\bin\tray.exe
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O8 - Extra context menu item: Ściągnij przez IDM - E:\Programy\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - E:\Programy\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - E:\Programy\Internet Download Manager\IEGetVL.htm
O9 - Extra button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Kolekcja wycinków HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - E:\Programy\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Zaznaczanie HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - E:\Programy\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/4908-44618-9400-3/4 (file missing)
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Programy\Microsoft Office\Office12\REFIEBAR.DLL
O9 - Extra button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{911E61D9-C034-4CEF-8F9D-DDA1C4F7618E}: NameServer = 208.67.222.222
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - E:\Programy\Fences\FencesMenu.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ati External Event Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Jumpstart\jswpsapi.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 11619 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - E:\Programy\Internet Download Manager\IDMIECC.dll [2009-11-11 173488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - E:\Programy\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-10-20 68112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-26 297648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2010-10-26 843832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-26 297648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-08-24 7719456]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2007-09-28 75136]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2007-04-16 421888]
"SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2007-09-19 438272]
"KeNotify"=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
"NDSTray.exe"=NDSTray.exe []
"cfFncEnabler.exe"=cfFncEnabler.exe []
"HDMICtrlMan"=C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [2008-05-20 716800]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-08-18 431456]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-10-31 54608]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-06-24 509816]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-07-15 726904]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2007-12-15 184320]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-04 98304]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2010-09-05 340520]
"Ad Muncher"=e:\Programy\Ad Muncher\AdMunch.exe [2009-12-07 862208]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"Razer Orochi Driver"=C:\Program Files\Razer\Orochi\RazerOrochiTray.exe [2009-10-22 2548056]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2010-03-30 1820040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [2008-07-04 430080]
"AQQ"=E:\Programy\WapSter\WAPSTE~1\AQQ.exe [2010-11-19 7965696]
"IDMan"=E:\Programy\Internet Download Manager\IDMan.exe [2009-11-11 3171760]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-02 68856]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2008-08-14 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
E:\Programy\DAEMON Tools Lite\DTLite.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google EULA Launcher]
c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe [2008-05-28 20480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
E:\Programy\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
e:\Programy\Internet Download Manager\IDMan.exe [2009-11-11 3171760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\jswtrayutil]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyKeys]
C:\Program Files\mfk\MFK.EXE [1999-04-18 541184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-02 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\topi]
C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPO]
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe [2008-08-26 103824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
E:\Programy\HP\DIGITA~1\bin\hpqtra08.exe [2007-03-11 210520]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TSS Instrument API Tray Utility.lnk - C:\Program Files\Common Files\Nokia\Tss\Instrument API\bin\tray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\system32\klogon.dll [2009-10-20 219664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - E:\Programy\Fences\FencesMenu.dll [2009-10-02 128360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0xFFFFFFFF
"NoDriveTypeAutoRun"=36

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-11-23 21:47:05 ----D---- C:\_OTL
2010-11-23 19:29:06 ----D---- C:\rsit
2010-11-23 14:02:12 ----D---- C:\Program Files\Trend Micro
2010-11-23 13:37:21 ----A---- C:\Windows\system32\0A591.tmp
2010-11-23 13:37:01 ----ASH---- C:\hiberfil.sys
2010-11-23 10:15:51 ----A---- C:\Windows\system32\0A7C3.tmp
2010-11-22 17:25:50 ----A---- C:\Windows\system32\0A3FB.tmp
2010-11-21 17:02:06 ----A---- C:\Windows\system32\0A66B.tmp
2010-11-21 11:24:52 ----A---- C:\Windows\system32\0AAEE.tmp
2010-11-20 14:24:46 ----A---- C:\Windows\system32\0A85F.tmp
2010-11-20 10:33:59 ----A---- C:\Windows\system32\0AAAF.tmp
2010-11-19 17:48:13 ----A---- C:\Windows\system32\0FE99.tmp
2010-11-19 16:13:59 ----D---- C:\Program Files\ODEON
2010-11-19 13:32:20 ----D---- C:\ProgramData\Solidshield
2010-11-19 12:16:33 ----D---- C:\Users\euro\AppData\Roaming\Nokia
2010-11-19 11:38:45 ----D---- C:\ProgramData\Nokia
2010-11-19 11:03:22 ----A---- C:\Windows\system32\FLSINSTU.INI
2010-11-19 10:37:47 ----A---- C:\Windows\system32\drivers\parldr2k.sys
2010-11-19 10:34:20 ----D---- C:\ProgramData\DESkey
2010-11-19 10:34:20 ----A---- C:\Windows\system32\flsuinst.exe
2010-11-19 10:34:20 ----A---- C:\Windows\system32\flsinst.ini
2010-11-19 10:34:20 ----A---- C:\Windows\system32\FLSDEVCP.EXE
2010-11-19 10:34:20 ----A---- C:\Windows\system32\drivers\flsvcom.sys
2010-11-19 10:34:20 ----A---- C:\Windows\system32\drivers\FLSUSB.SYS
2010-11-19 10:34:20 ----A---- C:\Windows\system32\drivers\flsser.sys
2010-11-19 10:34:20 ----A---- C:\Windows\system32\drivers\flspar.sys
2010-11-19 10:34:20 ----A---- C:\Windows\system32\drivers\flsiface.sys
2010-11-19 10:34:20 ----A---- C:\Windows\system32\drivers\FlsFWLdr.sys
2010-11-19 10:34:19 ----A---- C:\Windows\system32\flscoins.dll
2010-11-19 10:34:19 ----A---- C:\Windows\system32\drivers\FLS5USB.SYS
2010-11-19 10:34:19 ----A---- C:\Windows\system32\drivers\FLS5FWLD.SYS
2010-11-19 10:34:18 ----A---- C:\Windows\system32\FLS5FL32.DLL
2010-11-19 10:34:18 ----A---- C:\Windows\system32\fls1wn32.dll
2010-11-19 10:34:18 ----A---- C:\Windows\system32\fls1wn16.dll
2010-11-19 10:34:18 ----A---- C:\Windows\system32\fle5wn32.dll
2010-11-19 10:34:18 ----A---- C:\Windows\system32\drivers\fle5wnnt.sys
2010-11-19 10:34:17 ----D---- C:\Windows\system32\drivers\FLSUSB
2010-11-19 10:34:17 ----A---- C:\Windows\system32\fle5wn16.dll
2010-11-19 10:34:16 ----A---- C:\Windows\system32\FLSINST.DLL
2010-11-19 10:33:05 ----A---- C:\Windows\system32\vercp32.dll
2010-11-19 10:33:05 ----A---- C:\Windows\system32\DNCP32.DLL
2010-11-19 10:33:05 ----A---- C:\Windows\system32\DNClnt32.dll
2010-11-19 10:33:05 ----A---- C:\Windows\system32\dkcpanel.exe
2010-11-19 10:33:04 ----A---- C:\Windows\system32\DKCLINST.DLL
2010-11-19 10:33:04 ----A---- C:\Windows\system32\dk2win16.dll
2010-11-19 10:33:04 ----A---- C:\Windows\system32\dk2vdd.dll
2010-11-19 10:33:04 ----A---- C:\Windows\system32\DK2UInst.exe
2010-11-19 10:33:03 ----D---- C:\Program Files\Common Files\DESkey
2010-11-19 10:33:03 ----A---- C:\Windows\system32\drivers\dk2drv.sys
2010-11-19 10:33:03 ----A---- C:\Windows\system32\dk2cp32.dll
2010-11-19 10:32:59 ----A---- C:\Windows\system32\DK2INST.DLL
2010-11-19 10:30:21 ----D---- C:\Program Files\Common Files\Nokia
2010-11-19 10:27:18 ----A---- C:\Windows\system32\nmwcdcls.dll
2010-11-19 10:27:16 ----D---- C:\Program Files\Nokia
2010-11-19 09:55:45 ----A---- C:\Windows\system32\0A9A6.tmp
2010-11-18 15:15:09 ----A---- C:\Windows\system32\0A275.tmp
2010-11-17 19:19:56 ----A---- C:\Windows\system32\0A41B.tmp
2010-11-17 16:41:46 ----A---- C:\Windows\system32\0A497.tmp
2010-11-16 16:13:19 ----A---- C:\Windows\system32\0A736.tmp
2010-11-16 08:32:28 ----A---- C:\Windows\system32\0AE09.tmp
2010-11-15 16:55:33 ----A---- C:\Windows\system32\0A9B6.tmp
2010-11-14 12:18:28 ----A---- C:\Windows\system32\0BB81.tmp
2010-11-13 14:31:09 ----A---- C:\Windows\system32\0A958.tmp
2010-11-12 12:19:23 ----A---- C:\Windows\system32\0A64C.tmp
2010-11-12 08:49:02 ----A---- C:\Windows\system32\0AFDD.tmp
2010-11-11 20:37:20 ----RASHD---- C:\autorun.inf
2010-11-11 18:09:19 ----D---- C:\Users\euro\AppData\Roaming\Server121
2010-11-11 17:51:47 ----D---- C:\Windows\system32\world
2010-11-11 17:51:47 ----A---- C:\Windows\system32\ops.txt
2010-11-11 17:51:47 ----A---- C:\Windows\system32\banned-players.txt
2010-11-11 17:51:47 ----A---- C:\Windows\system32\banned-ips.txt
2010-11-11 17:44:53 ----D---- C:\Users\euro\AppData\Roaming\bckup
2010-11-11 13:29:20 ----D---- C:\Program Files\LogMeIn Hamachi
2010-11-11 11:12:09 ----D---- C:\Users\euro\AppData\Roaming\.minecraft
2010-11-11 10:12:21 ----A---- C:\Windows\system32\08851.tmp
2010-11-10 17:22:35 ----A---- C:\Windows\system32\08313.tmp
2010-11-09 17:03:16 ----A---- C:\Windows\system32\084BA.tmp
2010-11-09 08:23:40 ----A---- C:\Windows\system32\0F343.tmp
2010-10-29 15:29:41 ----D---- C:\Program Files\Razer

======List of files/folders modified in the last 1 months======

2010-11-23 23:03:38 ----D---- C:\Windows\Temp
2010-11-23 22:55:11 ----D---- C:\Windows\inf
2010-11-23 22:55:11 ----AD---- C:\Windows\System32
2010-11-23 22:55:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-23 22:51:53 ----D---- C:\ProgramData\Kaspersky Lab
2010-11-23 22:50:52 ----D---- C:\Users\euro\AppData\Roaming\DMCache
2010-11-23 22:50:06 ----D---- C:\Windows\Minidump
2010-11-23 22:49:59 ----D---- C:\Windows
2010-11-23 22:03:57 ----SHD---- C:\System Volume Information
2010-11-23 14:02:12 ----RD---- C:\Program Files
2010-11-23 13:34:38 ----A---- C:\Windows\ntbtlog.txt
2010-11-19 16:44:48 ----D---- C:\Windows\system32\catroot
2010-11-19 16:15:30 ----D---- C:\Windows\system32\catroot2
2010-11-19 16:14:18 ----SHD---- C:\Windows\Installer
2010-11-19 13:43:14 ----RSD---- C:\Windows\assembly
2010-11-19 13:32:20 ----HD---- C:\ProgramData
2010-11-19 12:12:36 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-19 11:44:13 ----D---- C:\Windows\system32\drivers
2010-11-19 10:33:03 ----D---- C:\Program Files\Common Files
2010-11-07 14:23:22 ----D---- C:\ProgramData\Media Center Programs
2010-11-07 14:23:20 ----D---- C:\Program Files\Mozilla Firefox
2010-11-06 14:19:53 ----D---- C:\Windows\Prefetch
2010-11-05 18:00:40 ----D---- C:\Users\euro\AppData\Roaming\IDM
2010-10-24 11:23:41 ----D---- C:\Windows\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2008-04-28 14352]
R0 klbg;Kaspersky Lab Boot Guard Driver; C:\Windows\system32\drivers\klbg.sys [2009-10-14 36880]
R0 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2008-05-07 25896]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-02-23 43872]
R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2008-08-19 279376]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]
R1 dk2drv;DK2 WindowsNT Driver; \??\C:\Windows\SYSTEM32\Drivers\dk2drv.sys [2010-11-19 49720]
R1 jswpslwf;JumpStart Wireless Filter Driver; C:\Windows\system32\DRIVERS\jswpslwf.sys [2008-04-28 20384]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-09-01 128016]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2009-12-06 311312]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2009-09-14 21520]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2008-05-13 64000]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-12-28 281760]
R2 FLE5WNNT;FLE-5 WindowsNT Driver; \??\C:\Windows\System32\Drivers\fle5wnnt.sys [2010-11-19 33404]
R2 FLSIFACE;FLSIface; \??\C:\Windows\System32\Drivers\flsiface.sys [2010-11-19 13440]
R2 FLSPAR;FLSPar; \??\C:\Windows\System32\Drivers\flspar.sys [2010-11-19 16314]
R2 FLSSER;FLSSer; \??\C:\Windows\System32\Drivers\flsser.sys [2010-11-19 8344]
R2 FLSVCOM;FLSVCom; \??\C:\Windows\System32\Drivers\flsvcom.sys [2010-11-19 34048]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-12-28 25888]
R2 PARLDR2K;ParLdr2k; \??\C:\Windows\system32\drivers\parldr2k.sys [2010-11-19 10454]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2008-02-06 166448]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-07-28 919552]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-09-30 103440]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-11-04 5079040]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-08-24 2754336]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-10-02 19472]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 8192]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-08-06 124928]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2009-11-20 25984]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2007-12-14 24200]
R3 toshidpt;Bluetooth HID Port; C:\Windows\system32\drivers\Toshidpt.sys [2005-07-11 3712]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2008-03-25 41472]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2008-04-23 131712]
R3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2007-11-29 36608]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2008-03-19 74112]
R3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-07 18612]
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2008-05-23 41856]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2008-07-15 17960]
S3 Dot4;Sterownik MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Sterownik klasy drukowania dla IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Sterownik funkcji Microsoft 1.1 UAA dla usługi standardu High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536]
S3 LLRING0;LLRING0; \??\C:\Program Files\Dark Stars Network\Season 5\MuGuard\llck.sys [2010-10-11 5120]
S3 MSKSSRV;Serwer proxy usługi Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Serwer proxy zegara Microsoft Streaming; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Serwer proxy menedżera jakości Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2009-10-06 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2009-10-06 8320]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2008-01-22 54144]
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\Windows\System32\DRIVERS\vserial.sys []
S3 wanatw;WAN Miniport (ATW); C:\Windows\system32\DRIVERS\wanatw4.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\atiesrxx.exe [2009-11-04 172032]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2008-07-10 40960]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-12-05 935208]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 TempoMonitoringService;Notebook Performance Tuning Service ; C:\Program Files\Toshiba TEMPRO\TempoSVC.exe [2008-08-26 99720]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-08-19 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2008-08-18 431456]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2008-05-22 120168]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2008-07-15 106496]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-10-30 1021256]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv; C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [2008-08-25 77824]
S2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2010-09-05 340520]
S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-06 135664]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-02-02 654848]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-06 182768]
S3 jswpsapi;Jumpstart Wifi Protected Setup; C:\Program Files\Jumpstart\jswpsapi.exe [2008-04-16 954368]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-01-01 321320]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2009-12-16 435016]

-----------------EOF-----------------
[/log]

Tomek01
komentarz
komentarz

Spróbuj Gmer'em z trybu awaryjnego.

Na temat BS'a przykład: http://windows7forum.pl/printthread.php?tid=10962


Jeszcze raz do OTL:
[code]
:OTL
[2010-08-29 12:22:05 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies

:Files
C:\Windows\system32\0A591.tmp
C:\Windows\system32\0A7C3.tmp
C:\Windows\system32\0A3FB.tmp
C:\Windows\system32\0A66B.tmp
C:\Windows\system32\0AAEE.tmp
C:\Windows\system32\0A85F.tmp
C:\Windows\system32\0AAAF.tmp
C:\Windows\system32\0FE99.tmp
C:\Windows\system32\0A9A6.tmp
C:\Windows\system32\0A275.tmp
C:\Windows\system32\0A41B.tmp
C:\Windows\system32\0A497.tmp
C:\Windows\system32\0A736.tmp
C:\Windows\system32\0AE09.tmp
C:\Windows\system32\0A9B6.tmp
C:\Windows\system32\0BB81.tmp
C:\Windows\system32\0A958.tmp
C:\Windows\system32\0A64C.tmp
C:\Windows\system32\0AFDD.tmp
C:\Windows\system32\08851.tmp
C:\Windows\system32\08313.tmp
C:\Windows\system32\084BA.tmp
C:\Windows\system32\0F343.tmp

:Commands
[emtytemp][/code]


Czy problem nadal występuje ?

Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i wyniki pokaż na forum.

kcr
komentarz
komentarz (edytowane)

Dobra, wiec tak.
Strony jak kaspersky, ms itp dzialaja juz normalnie. Ale wracajac do bluescreena, skanujac, a raczej na sam koniec skanowania programem DrWeb znow sie pojawil.. Ta strona co podales jest do Win7 (mam Viste).
BS log
[log]Podpis problemu:
Nazwa zdarzenia problemu: BlueScreen
Wersja systemu operacyjnego: 6.0.6001.2.1.0.768.3
Identyfikator ustawień regionalnych: 1045

Dodatkowe informacje o problemie:
BCCode: 19
BCP1: 00000021
BCP2: D3965000
BCP3: 00049E38
BCP4: FF435582
OS Version: 6_0_6001
Service Pack: 1_0
Product: 768_1

Pliki pomagające opisać problem:
C:\Windows\Minidump\Mini112410-01.dmp
C:\Users\euro\AppData\Local\Temp\WER-51339-0.sysdata.xml
C:\Users\euro\AppData\Local\Temp\WER12D4.tmp.version.txt
[/log]

Tym drugim nie zdazylem dzis, bo Gmer skanowal kilka h, potem DrWeb, ktorego nie mam logu, bo jak wspominalem bs. Ale z tego z widzialem usunal 34 pliki typu 0A591.tmp w folderu system32. Chyba ze gdzies to sie automatycznie zapisuje.

Pozostale logi

Log z usuwania przez OTL gdyby bylo potrzebne:
[log]========== OTL ==========
C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\skin folder moved successfully.
C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\locale\zh-TW folder moved successfully.
C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\locale\zh-CN folder moved successfully.
C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\locale\sv-SV folder moved successfully.
C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\locale\ru-RU folder moved successfully.
C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\locale\pl-PL folder moved successfully.
C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\locale\nl-NL folder moved successfully.
C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\locale\lv-LV folder moved successfully.
C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\locale\it-IT folder moved successfully.
C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\locale\es-AR folder moved successfully.
C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\locale\en-US folder moved successfully.
C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\locale folder moved successfully.
C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\defaults\preferences folder moved successfully.
C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\defaults folder moved successfully.
C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\content folder moved successfully.
C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies folder moved successfully.
========== FILES ==========
File move failed. C:\Windows\system32\0A591.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A7C3.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A3FB.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A66B.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0AAEE.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A85F.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0AAAF.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0FE99.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A9A6.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A275.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A41B.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A497.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A736.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0AE09.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A9B6.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0BB81.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A958.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A64C.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0AFDD.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\08851.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\08313.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\084BA.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0F343.tmp scheduled to be moved on reboot.
========== COMMANDS ==========
Error: Unable to interpret <[emtytemp]> in the current context!

OTL by OldTimer - Version 3.2.17.3 log created on 11242010_172252

Files\Folders moved on Reboot...
File move failed. C:\Windows\system32\0A591.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A7C3.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A3FB.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A66B.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0AAEE.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A85F.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0AAAF.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0FE99.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A9A6.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A275.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A41B.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A497.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A736.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0AE09.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A9B6.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0BB81.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A958.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0A64C.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0AFDD.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\08851.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\08313.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\084BA.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\0F343.tmp scheduled to be moved on reboot.

Registry entries deleted on Reboot...
[/log]

Log ze skanu Gmer'em w trybie awaryjnym:
[log]GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2010-11-24 21:10:38
Windows 6.0.6001 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 TOSHIBA_MK3252GSX rev.LV010M
Running: gmer.exe; Driver: C:\Users\euro\AppData\Local\Temp\kwldapog.sys


---- Kernel code sections - GMER 1.0.15 ----

.text C:\Windows\system32\DRIVERS\tos_sps32.sys section is writeable [0x8C150480, 0x3C939, 0xE8000020]
.dsrt C:\Windows\system32\DRIVERS\tos_sps32.sys unknown last section [0x8C191900, 0x3CA, 0x48000040]

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [742388B4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [742798A5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7423B9D4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7422FB47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74237A79] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [7422EA65] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [7426B17D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [7423BC9A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [7423074E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [742306B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [742271B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [742BD848] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [74257379] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [7422E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [7422697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [742269A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74232465] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x74 0xD9 0x06 0xD2 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x76 0xC0 0xE7 0x6F ...
Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x74 0xD9 0x06 0xD2 ...
Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x76 0xC0 0xE7 0x6F ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib@Last Counter 5500
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib@Last Help 5501

---- EOF - GMER 1.0.15 ----
[/log]

Tomek01
komentarz
komentarz

Nie usunąłeś sterownika sptd.sys
W takim wypadku log z Gmera nie jest wiarygodny.

kcr
komentarz
komentarz

Chetnie usune ten sterownik, ale nie mam pojecia jak.

Tomek01
komentarz
komentarz

Przeczytaj punkt 4: http://forum.cdrinfo.pl/f11/de-instalacja-daemon-tools-pro-87179/

kcr
komentarz
komentarz (edytowane)

[quote]usuń plik C: \Windows\System32\Drivers\sptd.sys[/quote]

Nie mam tam takiego pliku.
Wczesniej probowalem usunac ten sterownik programem SPTDinst, po uruchomieniu wybralem opcje usuniecia. Widocznie usunalo. WIec czemu piszesz, ze nie usunalem?

Tomek01
komentarz
komentarz

Bo w Gmerze jest ciąg wpisów z rejestru, np: Reg HKLM\SYSTEM\CurrentControlSet\Services\[b]sptd[/b]\Cfg

kcr
komentarz
komentarz

To moze musze usunac wpisy z rejestru?

Tomek01
komentarz
komentarz

Nie, zastosuj jedną z opcji z link'u, który Ci podałem.
Wpierw trzeba go odinstalować by go usunąć.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.