kcr utworzono 23 listopada 2010 utworzono 23 listopada 2010 (edytowane) Witam, Mam problem z wirusami ktore blokuja mi dostep do stron antywirusowych i mirosoft'u itp. Podaje log z Hijackthis: http://wklej.to/fGkq Co zrobic, zeby sie ich pozbyc? Prosze o pomoc.
Tomek01 komentarz 23 listopada 2010 komentarz 23 listopada 2010 Wrzuć logi OTL i RSIT, wstaw je w odpowiednim formacie.
kcr komentarz 23 listopada 2010 Autor komentarz 23 listopada 2010 OTL: [log]OTL logfile created on: 2010-11-23 19:14:34 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\euro\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 58,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,04 Gb Total Space | 3,97 Gb Free Space | 2,66% Space Free | Partition Type: NTFS Drive E: | 147,58 Gb Total Space | 60,07 Gb Free Space | 40,70% Space Free | Partition Type: NTFS Computer Name: EURO-PC | User Name: euro | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-11-23 19:13:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\euro\Desktop\OTL.exe PRC - [2010-11-19 09:21:00 | 007,965,696 | ---- | M] (Creative Team S.A.) -- E:\Programy\WapSter\WapSter AQQ\AQQ.exe PRC - [2010-10-29 14:56:45 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010-10-29 14:56:38 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-08-17 14:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2010-03-30 11:16:16 | 001,820,040 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe PRC - [2010-03-30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe PRC - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2009-12-07 15:48:46 | 000,862,208 | ---- | M] (Murray Hurps Corp Pty Ltd) -- E:\Programy\Ad Muncher\AdMunch.exe PRC - [2009-11-11 16:33:04 | 003,171,760 | ---- | M] (Tonec Inc.) -- E:\Programy\Internet Download Manager\IDMan.exe PRC - [2009-11-04 16:45:32 | 000,360,448 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2009-11-04 16:45:02 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2009-10-30 15:08:26 | 000,486,216 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe PRC - [2009-10-30 15:05:48 | 001,021,256 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe PRC - [2009-10-30 12:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- E:\Programy\DAEMON Tools Lite\DTLite.exe PRC - [2009-10-22 08:43:58 | 002,548,056 | ---- | M] (Razer USA Ltd) -- C:\Program Files\Razer\Orochi\RazerOrochiTray.exe PRC - [2009-10-20 19:34:38 | 000,207,376 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe PRC - [2009-10-15 10:51:51 | 000,263,600 | ---- | M] (Tonec Inc.) -- E:\Programy\Internet Download Manager\IEMonitor.exe PRC - [2009-08-24 10:27:34 | 007,719,456 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe PRC - [2009-06-15 13:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-04-22 17:38:50 | 000,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe PRC - [2009-04-22 17:37:16 | 000,065,536 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe PRC - [2008-12-05 16:11:54 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2008-10-29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008-10-02 09:05:12 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2008-08-26 14:26:44 | 000,099,720 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\TempoSVC.exe PRC - [2008-08-25 09:58:20 | 000,077,824 | ---- | M] (Toshiba) -- C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe PRC - [2008-08-19 21:34:32 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe PRC - [2008-08-18 22:22:56 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TPwrMain.exe PRC - [2008-08-18 22:22:02 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe PRC - [2008-07-30 09:02:08 | 000,667,648 | ---- | M] (TOSHIBA Corporation.) -- C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe PRC - [2008-07-15 19:12:00 | 000,726,904 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\FlashCards\TCrdMain.exe PRC - [2008-07-15 15:16:58 | 000,106,496 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe PRC - [2008-07-10 16:58:40 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe PRC - [2008-07-10 16:57:30 | 000,634,880 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe PRC - [2008-07-04 13:51:54 | 000,430,080 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe PRC - [2008-06-24 09:06:14 | 000,509,816 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe PRC - [2008-06-20 02:14:44 | 000,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe PRC - [2008-05-22 21:54:42 | 000,120,168 | ---- | M] (TOSHIBA CORPORATION) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe PRC - [2008-05-20 13:42:00 | 000,716,800 | ---- | M] (TOSHIBA Corporation.) -- C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe PRC - [2008-04-16 23:19:16 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe PRC - [2008-01-21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2008-01-21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe PRC - [2008-01-21 03:25:00 | 002,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe PRC - [2008-01-21 03:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2008-01-21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2008-01-21 03:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2008-01-21 03:24:44 | 000,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe PRC - [2008-01-21 03:24:44 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2008-01-21 03:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2008-01-21 03:23:44 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2008-01-21 03:23:29 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe PRC - [2008-01-21 03:23:29 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanext.exe PRC - [2007-12-15 14:29:06 | 000,184,320 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\Apoint.exe PRC - [2007-12-07 17:58:24 | 000,077,824 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\Tss\Instrument API\bin\tray.exe PRC - [2007-12-07 17:55:08 | 000,380,928 | ---- | M] () -- C:\Program Files\Common Files\Nokia\Tss\Instrument API\bin\root.exe PRC - [2007-11-21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe PRC - [2007-10-25 16:23:36 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\ApntEx.exe PRC - [2007-09-28 15:03:46 | 000,075,136 | ---- | M] ( TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe PRC - [2007-09-12 13:40:38 | 000,050,472 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\ApMsgFwd.exe PRC - [2006-11-06 16:14:44 | 000,034,352 | ---- | M] () -- C:\Program Files\Toshiba\Utilities\KeNotify.exe PRC - [2006-10-05 11:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe PRC - [2006-08-23 15:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe PRC - [2006-02-28 12:42:38 | 000,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-11-23 19:13:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\euro\Desktop\OTL.exe MOD - [2010-08-31 16:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll MOD - [2010-07-26 17:55:26 | 011,581,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2010-06-28 17:15:53 | 001,315,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-04-16 17:10:45 | 000,501,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2009-12-07 15:48:46 | 000,030,208 | ---- | M] (Murray Hurps Corp Pty Ltd) -- E:\Programy\Ad Muncher\AM31318.dll MOD - [2009-07-17 15:35:11 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-06-15 16:24:05 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2009-04-23 13:43:04 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009-03-26 16:35:39 | 000,034,224 | ---- | M] (Tonec Inc.) -- E:\Programy\Internet Download Manager\idmmkb.dll MOD - [2009-02-13 09:49:05 | 000,888,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2008-10-21 06:25:18 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2008-10-16 05:47:33 | 000,466,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll MOD - [2008-05-27 06:17:46 | 000,754,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2008-02-29 07:53:38 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2008-01-21 03:25:01 | 001,203,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2008-01-21 03:25:00 | 000,563,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2008-01-21 03:24:57 | 000,806,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2008-01-21 03:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2008-01-21 03:24:47 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2008-01-21 03:24:46 | 001,590,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2008-01-21 03:24:38 | 000,450,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2008-01-21 03:24:37 | 000,351,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2008-01-21 03:24:37 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2008-01-21 03:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2008-01-21 03:24:37 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2008-01-21 03:24:36 | 000,680,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2008-01-21 03:24:27 | 000,798,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2008-01-21 03:24:26 | 001,076,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2008-01-21 03:24:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2008-01-21 03:24:24 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2008-01-21 03:24:24 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2008-01-21 03:24:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2008-01-21 03:24:23 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll MOD - [2008-01-21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2008-01-21 03:24:14 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2008-01-21 03:24:14 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2008-01-21 03:24:13 | 000,289,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2008-01-21 03:24:11 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2008-01-21 03:24:10 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2008-01-21 03:24:10 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2008-01-21 03:23:50 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2008-01-21 03:23:44 | 001,067,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2008-01-21 03:23:43 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2008-01-21 03:23:42 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2008-01-21 03:23:27 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2006-11-02 10:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- -- (xaqrgbg) SRV - [2010-09-05 12:06:37 | 000,340,520 | ---- | M] (Kaspersky Lab) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP) SRV - [2010-03-30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2010-02-02 21:01:27 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010-01-01 11:17:08 | 000,321,320 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2009-12-16 19:55:17 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2009-11-04 16:45:02 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (Ati External Event Utility) SRV - [2009-10-30 15:05:48 | 001,021,256 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2009-10-30 15:01:00 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp) SRV - [2008-12-05 16:11:54 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2008-08-26 14:26:44 | 000,099,720 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files\Toshiba TEMPRO\TempoSVC.exe -- (TempoMonitoringService) SRV - [2008-08-25 09:58:20 | 000,077,824 | ---- | M] (Toshiba) [On_Demand | Running] -- C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv) SRV - [2008-08-19 21:34:32 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv) SRV - [2008-08-18 22:22:02 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV - [2008-07-15 15:16:58 | 000,106,496 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service) SRV - [2008-07-10 16:58:40 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service) SRV - [2008-05-22 21:54:42 | 000,120,168 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service) SRV - [2008-04-16 15:53:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\Jumpstart\jswpsapi.exe -- (jswpsapi) SRV - [2008-01-21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-11-21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv) SRV - [2006-10-05 11:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2006-08-23 15:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\vserial.sys -- (vserial) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\TpChoice.sys -- (TpChoice) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - [2010-11-19 10:37:47 | 000,010,454 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\parldr2k.sys -- (PARLDR2K) DRV - [2010-11-19 10:34:20 | 000,034,048 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\flsvcom.sys -- (FLSVCOM) DRV - [2010-11-19 10:34:20 | 000,016,314 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\flspar.sys -- (FLSPAR) DRV - [2010-11-19 10:34:20 | 000,013,440 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\flsiface.sys -- (FLSIFACE) DRV - [2010-11-19 10:34:20 | 000,008,344 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\flsser.sys -- (FLSSER) DRV - [2010-11-19 10:34:18 | 000,033,404 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\fle5wnnt.sys -- (FLE5WNNT) DRV - [2010-11-19 10:33:03 | 000,049,720 | ---- | M] (Data Encryption Systems Limited) [Kernel | System | Running] -- C:\Windows\System32\drivers\dk2drv.sys -- (dk2drv) DRV - [2010-10-11 18:38:12 | 000,005,120 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Dark Stars Network\Season 5\MuGuard\llck.sys -- (LLRING0) DRV - [2010-02-03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2009-12-28 18:31:35 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2009-12-28 18:31:35 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009-12-28 16:01:01 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-12-06 22:55:17 | 000,311,312 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF) DRV - [2009-11-20 15:26:50 | 000,025,984 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901) DRV - [2009-11-04 17:16:46 | 005,079,040 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009-10-14 20:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\klbg.sys -- (klbg) DRV - [2009-10-14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2009-10-06 11:56:34 | 000,136,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2009-10-06 11:56:32 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc) DRV - [2009-10-02 18:39:36 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009-09-30 15:31:46 | 000,103,440 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2009-09-14 13:46:36 | 000,021,520 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6) DRV - [2009-09-01 14:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1) DRV - [2009-08-24 10:19:10 | 002,754,336 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008-08-19 21:01:44 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32) DRV - [2008-08-07 16:01:44 | 000,097,536 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR) DRV - [2008-08-06 15:26:08 | 000,124,928 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2008-07-28 15:53:48 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008-07-15 19:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR) DRV - [2008-05-23 02:07:16 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb) DRV - [2008-05-13 15:16:06 | 000,064,000 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom) DRV - [2008-05-07 10:30:12 | 000,025,896 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter) DRV - [2008-04-28 16:59:18 | 000,020,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf) DRV - [2008-04-28 08:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO) DRV - [2008-04-23 16:15:26 | 000,131,712 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd) DRV - [2008-03-25 12:54:02 | 000,041,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte) DRV - [2008-03-19 10:38:24 | 000,074,112 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid) DRV - [2008-02-06 23:23:46 | 000,166,448 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2008-01-22 19:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd) DRV - [2008-01-21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008-01-21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008-01-21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008-01-21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008-01-21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008-01-21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008-01-21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008-01-21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008-01-21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008-01-21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2008-01-21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008-01-21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008-01-21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008-01-21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008-01-21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008-01-21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008-01-21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008-01-21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008-01-21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008-01-21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008-01-21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008-01-21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008-01-21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008-01-21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008-01-21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2007-12-14 10:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst) DRV - [2007-11-29 08:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp) DRV - [2007-11-09 13:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ) DRV - [2007-06-29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD) DRV - [2006-11-28 14:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006-10-23 15:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec) DRV - [2005-07-11 17:58:00 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Toshidpt.sys -- (toshidpt) DRV - [2005-01-07 04:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-232952699-1772018591-989298238-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA; IE - HKU\S-1-5-21-232952699-1772018591-989298238-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://shop.thefreevpn.com/home.php IE - HKU\S-1-5-21-232952699-1772018591-989298238-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-232952699-1772018591-989298238-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-232952699-1772018591-989298238-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledItems: autofillForms@blueimp.net:0.9.6.1 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:6.8 FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736 FF - prefs.js..extensions.enabledItems: check4change-owner@mozdev.org:1.7.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.4 FF - prefs.js..extensions.enabledItems: lockerzplayextended@flies:2.5.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-10-31 21:04:30 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-10-29 14:56:55 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2009-12-06 22:49:47 | 000,000,000 | ---D | M] [2009-12-06 18:22:48 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\mozilla\Extensions [2010-11-22 23:09:22 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions [2010-10-22 14:12:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2010-04-27 22:14:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-06-04 17:35:06 | 000,000,000 | ---D | M] (MinimizeToTray Plus) -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\{de1b245c-de57-11da-ba2d-0050c2490048} [2010-04-27 22:14:35 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010-09-19 10:24:03 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\autofillForms@blueimp.net [2010-09-19 10:24:03 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\check4change-owner@mozdev.org [2010-08-29 12:22:05 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies [2010-05-26 20:55:01 | 000,001,313 | ---- | M] () -- C:\Users\euro\AppData\Roaming\Mozilla\FireFox\Profiles\xf2ajzxv.default\searchplugins\zgapapl.xml [2010-11-22 23:09:22 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-05-18 18:36:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-08-29 19:10:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2009-12-06 22:50:46 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2010-07-17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-08-30 12:50:44 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-08-30 12:50:44 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-08-30 12:50:44 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-08-30 12:50:45 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-08-30 12:50:45 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-08-30 12:50:45 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-10-31 20:46:14 | 000,000,164 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com O1 - Hosts: 127.0.0.1 www.alcohol-soft.com O1 - Hosts: 127.0.0.1 images.alcohol-soft.com O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com O1 - Hosts: 127.0.0.1 alcohol-soft.com O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\Programy\Internet Download Manager\IDMIECC.dll (Tonec Inc.) O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - E:\Programy\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.) O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-232952699-1772018591-989298238-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Ad Muncher] e:\Programy\Ad Muncher\AdMunch.exe (Murray Hurps Corp Pty Ltd) O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD) O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [cfFncEnabler.exe] File not found O4 - HKLM..\Run: [HDMICtrlMan] C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.) O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.) O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION) O4 - HKLM..\Run: [KeNotify] C:\Program Files\Toshiba\Utilities\KeNotify.exe () O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [NDSTray.exe] File not found O4 - HKLM..\Run: [Razer Orochi Driver] C:\Program Files\Razer\Orochi\RazerOrochiTray.exe (Razer USA Ltd) O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA) O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-232952699-1772018591-989298238-1000..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team) O4 - HKU\S-1-5-21-232952699-1772018591-989298238-1000..\Run: [AQQ] E:\Programy\WapSter\WapSter AQQ\AQQ.exe (Creative Team S.A.) O4 - HKU\S-1-5-21-232952699-1772018591-989298238-1000..\Run: [DAEMON Tools Lite] E:\Programy\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-232952699-1772018591-989298238-1000..\Run: [IDMan] E:\Programy\Internet Download Manager\IDMan.exe (Tonec Inc.) O4 - HKU\S-1-5-21-232952699-1772018591-989298238-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKU\S-1-5-21-232952699-1772018591-989298238-1000..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA) O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-232952699-1772018591-989298238-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-232952699-1772018591-989298238-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O7 - HKU\S-1-5-21-232952699-1772018591-989298238-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.) O8 - Extra context menu item: Ściągnij przez IDM - E:\Programy\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - E:\Programy\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - E:\Programy\Internet Download Manager\IEGetVL.htm () O9 - Extra Button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: Kolekcja wycinków HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - E:\Programy\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.) O9 - Extra Button: Zaznaczanie HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - E:\Programy\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.) O9 - Extra Button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - File not found O9 - Extra Button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - File not found O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Programy\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-232952699-1772018591-989298238-1000\..Trusted Domains: aol.com ([objects] * is out of zone range - 5) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL File not found O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab) O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - E:\Programy\Fences\FencesMenu.dll (Stardock) O24 - Desktop WallPaper: C:\Users\euro\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\euro\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010-11-11 20:37:20 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-11-11 20:37:20 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{f9211843-e2a8-11de-8a8d-00235a01a141}\Shell\AutoRun\command - "" = G:\EXPLORER.EXE -- File not found O33 - MountPoints2\{f9211843-e2a8-11de-8a8d-00235a01a141}\Shell\explore\Command - "" = G:\EXPLORER.EXE -- File not found O33 - MountPoints2\{f9211843-e2a8-11de-8a8d-00235a01a141}\Shell\open\Command - "" = G:\EXPLORER.EXE -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found NetSvcs: xaqrgbg - File not found MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - E:\Programy\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.) MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]Camera Assistant Software[/b] - hkey= - key= - C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony) MsConfig - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - E:\Programy\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) MsConfig - StartUpReg: [b]Google Desktop Search[/b] - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: [b]Google EULA Launcher[/b] - hkey= - key= - c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe ( ) MsConfig - StartUpReg: [b]HP Software Update[/b] - hkey= - key= - E:\Programy\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.) MsConfig - StartUpReg: [b]IDMan[/b] - hkey= - key= - e:\Programy\Internet Download Manager\IDMan.exe (Tonec Inc.) MsConfig - StartUpReg: [b]jswtrayutil[/b] - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: [b]MyKeys[/b] - hkey= - key= - C:\Program Files\mfk\MFK.EXE () MsConfig - StartUpReg: [b]swg[/b] - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) MsConfig - StartUpReg: [b]topi[/b] - hkey= - key= - C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA) MsConfig - StartUpReg: [b]Toshiba TEMPO[/b] - hkey= - key= - C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe (Toshiba Europe GmbH) MsConfig - StartUpReg: [b]winsec32[/b] - hkey= - key= - Reg Error: Value error. File not found MsConfig - State: "startup" - 2 SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: Hamachi2Svc - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-11-23 19:12:54 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\euro\Desktop\OTL.exe [2010-11-23 14:02:12 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2010-11-22 19:43:44 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Nowy folder [2010-11-19 19:09:12 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\EuroTEST [2010-11-19 16:42:07 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\ISO-8859-2__SpCC [2010-11-19 16:13:59 | 000,000,000 | ---D | C] -- C:\Program Files\ODEON [2010-11-19 16:13:30 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\jaf_1.98.62__pkeyv5_www.przeklej.pl [2010-11-19 14:22:56 | 000,000,000 | ---D | C] -- C:\Users\euro\Documents\Criterion Games [2010-11-19 13:32:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield [2010-11-19 12:16:33 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Roaming\Nokia [2010-11-19 11:38:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia [2010-11-19 10:37:47 | 000,010,454 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\parldr2k.sys [2010-11-19 10:34:20 | 000,079,408 | ---- | C] (DESkey) -- C:\Windows\System32\flsport.cpl [2010-11-19 10:34:20 | 000,051,798 | ---- | C] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLSUSB\FLSUSB.SYS [2010-11-19 10:34:20 | 000,051,798 | ---- | C] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLSUSB.SYS [2010-11-19 10:34:20 | 000,050,175 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLSUSB\FlsFWLdr.sys [2010-11-19 10:34:20 | 000,050,175 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FlsFWLdr.sys [2010-11-19 10:34:20 | 000,034,048 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flsvcom.sys [2010-11-19 10:34:20 | 000,016,314 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flspar.sys [2010-11-19 10:34:20 | 000,013,440 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flsiface.sys [2010-11-19 10:34:20 | 000,008,344 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flsser.sys [2010-11-19 10:34:20 | 000,000,000 | ---D | C] -- C:\ProgramData\DESkey [2010-11-19 10:34:19 | 000,078,997 | ---- | C] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLSUSB\FLS5USB.SYS [2010-11-19 10:34:19 | 000,078,997 | ---- | C] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLS5USB.SYS [2010-11-19 10:34:19 | 000,072,479 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLSUSB\FLS5FWLD.SYS [2010-11-19 10:34:19 | 000,072,479 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLS5FWLD.SYS [2010-11-19 10:34:19 | 000,003,984 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\flscoins.dll [2010-11-19 10:34:19 | 000,003,984 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLSUSB\flscoins.dll [2010-11-19 10:34:18 | 000,417,792 | ---- | C] (NMP) -- C:\Windows\System32\fls1wn32.dll [2010-11-19 10:34:18 | 000,080,160 | ---- | C] (NMP) -- C:\Windows\System32\fls1wn16.dll [2010-11-19 10:34:18 | 000,061,440 | ---- | C] (Data Encryption Systems Ltd) -- C:\Windows\System32\fle5wn32.dll [2010-11-19 10:34:18 | 000,053,248 | ---- | C] (Data Encryption Systems Ltd) -- C:\Windows\System32\FLS5FL32.DLL [2010-11-19 10:34:18 | 000,033,404 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\fle5wnnt.sys [2010-11-19 10:34:17 | 000,022,064 | ---- | C] (NMP) -- C:\Windows\System32\fle5wn16.dll [2010-11-19 10:34:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\FLSUSB [2010-11-19 10:33:05 | 000,092,984 | ---- | C] (Data Encryption Systems Ltd) -- C:\Windows\System32\DNClnt32.dll [2010-11-19 10:33:05 | 000,089,400 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\DNCP32.DLL [2010-11-19 10:33:05 | 000,064,312 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\vercp32.dll [2010-11-19 10:33:04 | 000,032,208 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\dk2win16.dll [2010-11-19 10:33:04 | 000,030,520 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\DK2UInst.exe [2010-11-19 10:33:04 | 000,024,488 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\dk2vdd.dll [2010-11-19 10:33:04 | 000,011,576 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\DKCLINST.DLL [2010-11-19 10:33:03 | 000,076,600 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\dk2cp32.dll [2010-11-19 10:33:03 | 000,060,216 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\DESkey32.cpl [2010-11-19 10:33:03 | 000,049,720 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\dk2drv.sys [2010-11-19 10:33:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESkey [2010-11-19 10:30:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia [2010-11-19 10:27:18 | 000,090,624 | ---- | C] (Nokia) -- C:\Windows\System32\nmwcdcls.dll [2010-11-19 10:27:16 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia [2010-11-14 16:57:34 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\path [2010-11-11 20:37:20 | 000,000,000 | RHSD | C] -- C:\autorun.inf [2010-11-11 18:09:19 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Roaming\Server121 [2010-11-11 18:08:10 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\ServerHey0121 [2010-11-11 17:55:16 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Minecraft_mod 125 [2010-11-11 17:51:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\world [2010-11-11 17:44:53 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Roaming\bckup [2010-11-11 13:31:54 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Minecraft Alpha Server by AmanRuleZ[K0xRLZ] [2010-11-11 13:30:03 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Local\LogMeIn Hamachi [2010-11-11 13:29:20 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi [2010-11-11 11:12:09 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Roaming\.minecraft [2010-11-02 16:53:22 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Eldo - 27 (2007) [2010-10-29 15:29:41 | 000,000,000 | ---D | C] -- C:\Program Files\Razer [2010-10-23 18:57:21 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Roaming\BlackBean [2010-10-22 16:05:08 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Abradab-Ostatni_Poziom_Kontroli-PL-2008 [2010-10-19 17:41:26 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\AbradAb - Abradabing [2010]-P24 [2010-10-15 14:45:41 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll [2010-10-14 12:10:24 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2010-10-14 12:10:15 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll [2010-10-14 12:10:06 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll [2010-10-14 12:10:05 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll [2010-10-14 12:10:05 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll [2010-10-14 12:10:04 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010-10-14 12:10:02 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll [2010-10-14 12:09:57 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010-10-14 12:09:56 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2010-10-14 12:09:55 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010-10-14 12:09:55 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010-10-14 12:09:55 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010-10-14 12:09:55 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010-10-14 12:09:55 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2010-10-14 12:09:55 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010-10-14 12:09:55 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll [2010-10-14 12:09:55 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010-10-13 20:02:23 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Bass_Time_Continuum_-_Bass_Junkie [2010-10-10 13:13:12 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\VA _- C A_V 37 2010__ [2010-10-10 12:58:09 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\the_classic_proyect2_by_angel [2010-10-10 09:41:03 | 000,000,000 | ---D | C] -- C:\Program Files\Dark Stars Network [2010-10-02 16:12:13 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Opracowania_Lektur [2010-09-29 16:27:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [38 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-11-23 19:13:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\euro\Desktop\OTL.exe [2010-11-23 18:50:01 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010-11-23 17:37:10 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010-11-23 17:37:10 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010-11-23 16:01:00 | 000,688,488 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2010-11-23 16:01:00 | 000,596,566 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010-11-23 16:01:00 | 000,136,144 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2010-11-23 16:01:00 | 000,110,254 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010-11-23 15:55:53 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010-11-23 14:02:12 | 000,001,885 | ---- | M] () -- C:\Users\euro\Desktop\HijackThis.lnk [2010-11-23 13:37:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010-11-23 13:37:01 | 3186,016,256 | -HS- | M] () -- C:\hiberfil.sys [2010-11-22 22:04:42 | 000,144,384 | ---- | M] () -- C:\Users\euro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-11-22 17:45:28 | 003,128,874 | ---- | M] () -- C:\Users\euro\Desktop\Opposite Of Adults - Chiddy Bang.mp3 [2010-11-21 13:39:25 | 008,300,756 | ---- | M] () -- C:\Users\euro\Desktop\Benny Benassi feat. Gary Go - Cinema.mp3 [2010-11-20 00:16:51 | 000,968,402 | ---- | M] () -- C:\Users\euro\Desktop\blife002.jpg [2010-11-19 16:18:40 | 000,001,786 | ---- | M] () -- C:\Users\euro\Desktop\Launch JAF COM Emulator.lnk [2010-11-19 16:18:40 | 000,001,745 | ---- | M] () -- C:\Users\euro\Desktop\Launch JAF Logger.lnk [2010-11-19 16:18:40 | 000,001,699 | ---- | M] () -- C:\Users\euro\Desktop\Launch JAF.lnk [2010-11-19 14:22:41 | 000,000,841 | ---- | M] () -- C:\Users\euro\Desktop\NFS11 — skrót.lnk [2010-11-19 12:40:12 | 000,002,182 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TSS Instrument API Tray Utility.lnk [2010-11-19 12:40:12 | 000,001,905 | ---- | M] () -- C:\Users\Public\Desktop\Phoenix.lnk [2010-11-19 11:08:36 | 364,270,098 | ---- | M] () -- C:\Users\euro\Documents\BackupRegistry(20101119).reg [2010-11-19 11:03:22 | 000,004,263 | ---- | M] () -- C:\Windows\System32\FLSINSTU.INI [2010-11-19 10:41:00 | 000,000,256 | ---- | M] () -- C:\dk2.mem [2010-11-19 10:37:47 | 000,010,454 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\parldr2k.sys [2010-11-19 10:37:41 | 000,000,048 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\FLSUSB.INI [2010-11-19 10:34:20 | 000,091,696 | ---- | M] () -- C:\Windows\System32\FLSDEVCP.EXE [2010-11-19 10:34:20 | 000,079,408 | ---- | M] (DESkey) -- C:\Windows\System32\flsport.cpl [2010-11-19 10:34:20 | 000,051,798 | ---- | M] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLSUSB\FLSUSB.SYS [2010-11-19 10:34:20 | 000,051,798 | ---- | M] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLSUSB.SYS [2010-11-19 10:34:20 | 000,050,736 | ---- | M] () -- C:\Windows\System32\flsuinst.exe [2010-11-19 10:34:20 | 000,050,175 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLSUSB\FlsFWLdr.sys [2010-11-19 10:34:20 | 000,050,175 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FlsFWLdr.sys [2010-11-19 10:34:20 | 000,034,048 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flsvcom.sys [2010-11-19 10:34:20 | 000,023,120 | ---- | M] () -- C:\Windows\System32\drivers\FPGA8501.rd4 [2010-11-19 10:34:20 | 000,016,314 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flspar.sys [2010-11-19 10:34:20 | 000,013,440 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flsiface.sys [2010-11-19 10:34:20 | 000,010,449 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\flsvser.cat [2010-11-19 10:34:20 | 000,008,344 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flsser.sys [2010-11-19 10:34:20 | 000,004,263 | ---- | M] () -- C:\Windows\System32\flsinst.ini [2010-11-19 10:34:19 | 000,078,997 | ---- | M] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLSUSB\FLS5USB.SYS [2010-11-19 10:34:19 | 000,078,997 | ---- | M] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLS5USB.SYS [2010-11-19 10:34:19 | 000,072,479 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLSUSB\FLS5FWLD.SYS [2010-11-19 10:34:19 | 000,072,479 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLS5FWLD.SYS [2010-11-19 10:34:19 | 000,039,423 | ---- | M] () -- C:\Windows\System32\drivers\FLS8500.LDR [2010-11-19 10:34:19 | 000,020,388 | ---- | M] () -- C:\Windows\System32\drivers\fls8200.ldr [2010-11-19 10:34:19 | 000,020,320 | ---- | M] () -- C:\Windows\System32\drivers\fls8000.ldr [2010-11-19 10:34:19 | 000,019,277 | ---- | M] () -- C:\Windows\System32\drivers\fls8100.ldr [2010-11-19 10:34:19 | 000,019,157 | ---- | M] () -- C:\Windows\System32\drivers\fls8400.ldr [2010-11-19 10:34:19 | 000,011,720 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\fls5usb.cat [2010-11-19 10:34:19 | 000,003,984 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\flscoins.dll [2010-11-19 10:34:19 | 000,003,984 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLSUSB\flscoins.dll [2010-11-19 10:34:19 | 000,003,024 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\FLS5VSER.INF [2010-11-19 10:34:18 | 000,417,792 | ---- | M] (NMP) -- C:\Windows\System32\fls1wn32.dll [2010-11-19 10:34:18 | 000,080,160 | ---- | M] (NMP) -- C:\Windows\System32\fls1wn16.dll [2010-11-19 10:34:18 | 000,061,440 | ---- | M] (Data Encryption Systems Ltd) -- C:\Windows\System32\fle5wn32.dll [2010-11-19 10:34:18 | 000,053,248 | ---- | M] (Data Encryption Systems Ltd) -- C:\Windows\System32\FLS5FL32.DLL [2010-11-19 10:34:18 | 000,033,404 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\fle5wnnt.sys [2010-11-19 10:34:18 | 000,004,186 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\FLS5.INF [2010-11-19 10:34:17 | 000,022,064 | ---- | M] (NMP) -- C:\Windows\System32\fle5wn16.dll [2010-11-19 10:34:17 | 000,009,384 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\DKU8.cat [2010-11-19 10:34:17 | 000,003,887 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\DKU8.inf [2010-11-19 10:34:16 | 001,859,584 | ---- | M] () -- C:\Windows\System32\FLSINST.DLL [2010-11-19 10:33:05 | 000,092,984 | ---- | M] (Data Encryption Systems Ltd) -- C:\Windows\System32\DNClnt32.dll [2010-11-19 10:33:05 | 000,092,984 | ---- | M] () -- C:\Windows\System32\dkcpanel.exe [2010-11-19 10:33:05 | 000,089,400 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\DNCP32.DLL [2010-11-19 10:33:05 | 000,064,312 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\vercp32.dll [2010-11-19 10:33:04 | 000,032,208 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\dk2win16.dll [2010-11-19 10:33:04 | 000,030,520 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\DK2UInst.exe [2010-11-19 10:33:04 | 000,024,488 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\dk2vdd.dll [2010-11-19 10:33:04 | 000,011,576 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\DKCLINST.DLL [2010-11-19 10:33:03 | 000,076,600 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\dk2cp32.dll [2010-11-19 10:33:03 | 000,060,216 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\DESkey32.cpl [2010-11-19 10:33:03 | 000,049,720 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\dk2drv.sys [2010-11-19 10:32:59 | 002,325,304 | ---- | M] () -- C:\Windows\System32\DK2INST.DLL [2010-11-14 13:42:25 | 018,434,172 | ---- | M] () -- C:\Users\euro\Desktop\path.rar [2010-11-14 13:34:34 | 000,616,578 | ---- | M] () -- C:\Users\euro\Desktop\Zdjęcie0133.jpg [2010-11-14 12:21:43 | 000,579,381 | ---- | M] () -- C:\Users\euro\Desktop\Zdjęcie0135.jpg [2010-11-13 18:01:57 | 000,001,060 | ---- | M] () -- C:\Users\euro\Desktop\minecraft_server — skrót.lnk [2010-11-11 18:00:53 | 000,000,843 | ---- | M] () -- C:\Users\euro\Desktop\Loader — skrót.lnk [2010-11-11 17:51:47 | 000,000,179 | ---- | M] () -- C:\Windows\System32\server.properties [2010-11-11 13:29:21 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk [2010-11-09 19:58:39 | 000,000,011 | R--- | M] () -- C:\Windows\amunres.lsl [2010-11-02 18:58:04 | 000,001,826 | ---- | M] () -- C:\Users\euro\AppData\Roaming\EliseProfile0.dat [2010-10-31 21:37:47 | 000,000,110 | ---- | M] () -- C:\Users\euro\Documents\ax_files.xml [2010-10-26 20:41:33 | 000,149,104 | ---- | M] () -- C:\Users\euro\Desktop\Bez tytułu.jpg [2010-10-24 09:45:26 | 004,684,800 | ---- | M] () -- C:\Users\euro\Desktop\dj_scott_e__live_it_up.mp3 [2010-10-23 18:56:06 | 000,000,742 | ---- | M] () -- C:\Users\Public\Desktop\Play WRC FIA World Rally Championship.lnk [2010-10-22 18:01:55 | 006,863,449 | ---- | M] () -- C:\Users\euro\Desktop\Travis Mccoy Feat Bruno Mars - Billionaire.mp3 [2010-10-19 10:41:44 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2010-10-17 15:10:18 | 004,719,176 | ---- | M] () -- C:\Users\euro\Desktop\4 Non Blondes - What_s Up.mp3 [2010-10-16 09:07:28 | 001,705,272 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010-10-13 20:10:11 | 003,242,109 | ---- | M] () -- C:\Users\euro\Desktop\Vengaboys - Boom Boom Boom.mp3 [2010-10-10 09:48:36 | 000,000,982 | ---- | M] () -- C:\Users\euro\Desktop\Play on DsNet Season 5 Episode 4.lnk [2010-10-10 09:46:05 | 000,002,553 | ---- | M] () -- C:\Users\Public\Desktop\Update DsNetS5.lnk [2010-09-28 20:37:09 | 004,820,741 | ---- | M] () -- C:\Users\euro\Desktop\Nirvana - Smells Like Teen Spirit.mp3 [5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [38 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-11-23 14:02:12 | 000,001,885 | ---- | C] () -- C:\Users\euro\Desktop\HijackThis.lnk [2010-11-23 13:37:01 | 3186,016,256 | -HS- | C] () -- C:\hiberfil.sys [2010-11-22 17:45:06 | 003,128,874 | ---- | C] () -- C:\Users\euro\Desktop\Opposite Of Adults - Chiddy Bang.mp3 [2010-11-21 13:39:11 | 008,300,756 | ---- | C] () -- C:\Users\euro\Desktop\Benny Benassi feat. Gary Go - Cinema.mp3 [2010-11-20 00:16:50 | 000,968,402 | ---- | C] () -- C:\Users\euro\Desktop\blife002.jpg [2010-11-19 16:18:40 | 000,001,786 | ---- | C] () -- C:\Users\euro\Desktop\Launch JAF COM Emulator.lnk [2010-11-19 16:18:40 | 000,001,745 | ---- | C] () -- C:\Users\euro\Desktop\Launch JAF Logger.lnk [2010-11-19 16:18:40 | 000,001,699 | ---- | C] () -- C:\Users\euro\Desktop\Launch JAF.lnk [2010-11-19 14:22:41 | 000,000,841 | ---- | C] () -- C:\Users\euro\Desktop\NFS11 — skrót.lnk [2010-11-19 12:40:12 | 000,002,182 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TSS Instrument API Tray Utility.lnk [2010-11-19 12:40:12 | 000,001,905 | ---- | C] () -- C:\Users\Public\Desktop\Phoenix.lnk [2010-11-19 11:08:00 | 364,270,098 | ---- | C] () -- C:\Users\euro\Documents\BackupRegistry(20101119).reg [2010-11-19 11:03:22 | 000,004,263 | ---- | C] () -- C:\Windows\System32\FLSINSTU.INI [2010-11-19 10:41:00 | 000,000,256 | ---- | C] () -- C:\dk2.mem [2010-11-19 10:35:41 | 000,000,048 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\FLSUSB.INI [2010-11-19 10:34:20 | 000,091,696 | ---- | C] () -- C:\Windows\System32\FLSDEVCP.EXE [2010-11-19 10:34:20 | 000,050,736 | ---- | C] () -- C:\Windows\System32\flsuinst.exe [2010-11-19 10:34:20 | 000,023,120 | ---- | C] () -- C:\Windows\System32\drivers\FPGA8501.rd4 [2010-11-19 10:34:20 | 000,010,449 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\flsvser.cat [2010-11-19 10:34:20 | 000,004,263 | ---- | C] () -- C:\Windows\System32\flsinst.ini [2010-11-19 10:34:19 | 000,039,423 | ---- | C] () -- C:\Windows\System32\drivers\FLS8500.LDR [2010-11-19 10:34:19 | 000,020,388 | ---- | C] () -- C:\Windows\System32\drivers\fls8200.ldr [2010-11-19 10:34:19 | 000,020,320 | ---- | C] () -- C:\Windows\System32\drivers\fls8000.ldr [2010-11-19 10:34:19 | 000,019,277 | ---- | C] () -- C:\Windows\System32\drivers\fls8100.ldr [2010-11-19 10:34:19 | 000,019,157 | ---- | C] () -- C:\Windows\System32\drivers\fls8400.ldr [2010-11-19 10:34:19 | 000,011,720 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\fls5usb.cat [2010-11-19 10:34:19 | 000,003,024 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\FLS5VSER.INF [2010-11-19 10:34:18 | 000,004,186 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\FLS5.INF [2010-11-19 10:34:17 | 000,009,384 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\DKU8.cat [2010-11-19 10:34:17 | 000,003,887 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\DKU8.inf [2010-11-19 10:34:16 | 001,859,584 | ---- | C] () -- C:\Windows\System32\FLSINST.DLL [2010-11-19 10:33:05 | 000,092,984 | ---- | C] () -- C:\Windows\System32\dkcpanel.exe [2010-11-19 10:32:59 | 002,325,304 | ---- | C] () -- C:\Windows\System32\DK2INST.DLL [2010-11-14 13:33:34 | 018,434,172 | ---- | C] () -- C:\Users\euro\Desktop\path.rar [2010-11-14 12:22:01 | 000,616,578 | ---- | C] () -- C:\Users\euro\Desktop\Zdjęcie0133.jpg [2010-11-14 12:21:28 | 000,579,381 | ---- | C] () -- C:\Users\euro\Desktop\Zdjęcie0135.jpg [2010-11-13 18:01:57 | 000,001,060 | ---- | C] () -- C:\Users\euro\Desktop\minecraft_server — skrót.lnk [2010-11-11 18:00:53 | 000,000,843 | ---- | C] () -- C:\Users\euro\Desktop\Loader — skrót.lnk [2010-11-11 17:51:47 | 000,000,179 | ---- | C] () -- C:\Windows\System32\server.properties [2010-11-11 13:29:21 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk [2010-11-09 19:58:39 | 000,000,011 | R--- | C] () -- C:\Windows\amunres.lsl [2010-10-29 15:39:31 | 000,001,826 | ---- | C] () -- C:\Users\euro\AppData\Roaming\EliseProfile0.dat [2010-10-26 20:41:32 | 000,149,104 | ---- | C] () -- C:\Users\euro\Desktop\Bez tytułu.jpg [2010-10-24 09:45:18 | 004,684,800 | ---- | C] () -- C:\Users\euro\Desktop\dj_scott_e__live_it_up.mp3 [2010-10-23 18:56:06 | 000,000,742 | ---- | C] () -- C:\Users\Public\Desktop\Play WRC FIA World Rally Championship.lnk [2010-10-22 18:01:42 | 006,863,449 | ---- | C] () -- C:\Users\euro\Desktop\Travis Mccoy Feat Bruno Mars - Billionaire.mp3 [2010-10-17 15:09:46 | 004,719,176 | ---- | C] () -- C:\Users\euro\Desktop\4 Non Blondes - What_s Up.mp3 [2010-10-13 20:09:44 | 003,242,109 | ---- | C] () -- C:\Users\euro\Desktop\Vengaboys - Boom Boom Boom.mp3 [2010-10-10 09:48:36 | 000,000,982 | ---- | C] () -- C:\Users\euro\Desktop\Play on DsNet Season 5 Episode 4.lnk [2010-10-10 09:45:54 | 000,002,553 | ---- | C] () -- C:\Users\Public\Desktop\Update DsNetS5.lnk [2010-09-28 20:36:08 | 004,820,741 | ---- | C] () -- C:\Users\euro\Desktop\Nirvana - Smells Like Teen Spirit.mp3 [2010-09-26 12:33:18 | 002,482,258 | ---- | C] () -- C:\Users\euro\Desktop\Luna Halo - I'm Alright.mp3 [2010-03-12 21:49:36 | 000,000,002 | ---- | C] () -- C:\Windows\msoffice.ini [2010-03-10 18:07:11 | 000,019,968 | ---- | C] () -- C:\Windows\System32\cpuinf32.dll [2010-01-27 17:27:44 | 000,000,097 | ---- | C] () -- C:\Windows\WirelessFTP.INI [2010-01-15 01:08:40 | 000,000,000 | ---- | C] () -- C:\Windows\tosOBEX.INI [2009-12-28 17:56:26 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2009-12-28 17:56:25 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2009-12-28 12:21:44 | 000,000,680 | ---- | C] () -- C:\Users\euro\AppData\Local\d3d9caps.dat [2009-12-16 18:53:55 | 000,000,785 | ---- | C] () -- C:\ProgramData\hpzinstall.log [2009-12-08 12:10:40 | 000,144,384 | ---- | C] () -- C:\Users\euro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-12-06 22:59:28 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2009-12-06 19:23:04 | 000,161,612 | RHS- | C] () -- C:\Windows\System32\wrfhx.dll [2009-11-06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2009-09-23 23:46:04 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2009-05-30 01:37:40 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009-05-30 01:31:52 | 000,761,856 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2009-02-28 10:09:28 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini [2009-02-28 10:09:28 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll [2009-02-28 10:09:28 | 000,010,132 | ---- | C] () -- C:\Windows\System32\tosmreg.ini [2009-02-28 10:09:28 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini [2008-10-02 08:48:06 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll [2008-10-02 08:48:06 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll [2008-10-02 08:48:06 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll [2008-10-02 08:48:06 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll [2008-10-02 08:48:06 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll [2008-10-02 08:48:06 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll [2008-10-02 08:39:00 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI [2008-10-02 08:30:09 | 000,040,960 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll [2008-04-24 08:08:30 | 000,028,672 | ---- | C] () -- C:\Windows\System32\SPCtl.dll [2007-12-21 15:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll [2007-09-04 11:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll [2007-07-19 11:50:12 | 000,104,520 | ---- | C] () -- C:\Windows\System32\OSD.dll [2007-02-05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2006-11-02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2005-07-22 20:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll [2001-08-29 14:11:40 | 000,398,848 | R--- | C] () -- C:\Windows\System32\dk2win32.dll [color=#E56717]========== LOP Check ==========[/color] [2010-05-29 10:05:25 | 000,000,000 | -HSD | M] -- C:\Users\euro\AppData\Roaming\.# [2010-11-11 13:37:51 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\.minecraft [2010-11-11 17:44:59 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\bckup [2010-02-02 13:03:04 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Bioshock [2010-06-23 13:09:39 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Bioshock2 [2010-10-23 18:57:21 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\BlackBean [2010-05-08 12:19:20 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Braid [2009-12-28 17:33:10 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\DAEMON Tools Lite [2009-12-06 23:38:30 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\DAEMON Tools Pro [2010-11-23 13:38:01 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\DMCache [2010-03-05 06:28:18 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\EurekaLog [2010-06-11 19:08:17 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\FileZilla [2009-12-07 19:45:35 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\GrabPro [2010-02-17 17:22:49 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\gtk-2.0 [2010-11-05 18:00:40 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\IDM [2010-09-17 19:42:20 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Need for Speed World [2010-11-19 12:16:33 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Nokia [2009-12-16 23:26:15 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Orbit [2010-02-09 13:57:55 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\runic games [2010-11-11 18:11:59 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Server121 [2010-05-02 18:45:38 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Stardock [2010-10-09 18:12:07 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Toshiba [2010-05-22 19:05:47 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\TS3Client [2009-12-16 19:54:57 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\TuneUp Software [2010-04-06 10:55:22 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Ubisoft [2010-01-13 17:52:21 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\VistaCodecs [2009-12-06 23:24:00 | 000,000,000 | RHSD | M] -- C:\Users\euro\AppData\Roaming\winsec32 [2010-11-23 15:54:50 | 000,032,500 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-03-10 22:22:42 | 000,010,920 | ---- | M] () -- C:\aolconnfix.exe [2010-03-10 22:22:42 | 000,001,039 | ---- | M] () -- C:\aolconnfix.txt [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2008-01-21 03:24:42 | 000,333,203 | RHS- | M] () -- C:\bootmgr [2008-10-02 07:16:42 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2006-09-18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2010-11-19 10:41:00 | 000,000,256 | ---- | M] () -- C:\dk2.mem [2010-11-23 13:37:01 | 3186,016,256 | -HS- | M] () -- C:\hiberfil.sys [2010-01-17 16:38:17 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-01-17 16:38:17 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010-11-23 13:36:59 | 3499,618,304 | -HS- | M] () -- C:\pagefile.sys [2008-10-02 08:21:41 | 000,000,646 | ---- | M] () -- C:\RHDSetup.log [2008-10-02 09:48:36 | 000,000,070 | -H-- | M] () -- C:\SWSTAMP.TXT [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2008-03-25 04:22:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=2D77788D0B7FE269044F58C86AE099CE -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_3e1ecd89\AGP440.sys [2008-03-25 04:22:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=2D77788D0B7FE269044F58C86AE099CE -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.22142_none_ba734aead7ed1bb6\AGP440.sys [2008-03-26 04:38:23 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=ED91751834103DB2A74470CD763A49FE -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_e4087235\AGP440.sys [2008-03-26 04:38:23 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=ED91751834103DB2A74470CD763A49FE -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20800_none_b8b64d46daa7e57a\AGP440.sys [2006-11-02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008-01-21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008-01-21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006-11-02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [2008-06-03 04:29:54 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\System32\drivers\atapi.sys [2008-06-03 04:29:54 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7f3e4ed9\atapi.sys [2008-06-03 04:29:54 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22193_none_dd6376773aedb5e4\atapi.sys [2008-06-03 04:27:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E26DDFE464B464DAF1C739122978D1D6 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b7393fc6\atapi.sys [2008-06-03 04:27:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E26DDFE464B464DAF1C739122978D1D6 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20847_none_dbb74a7b3d9afbc1\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2008-01-21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys [2008-01-21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-01-21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\drivers\cdrom.sys [2008-01-21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys [2008-01-21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys [2006-11-02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys [2008-01-21 03:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys [2008-02-08 05:25:28 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=C8560010A542B5DCA94C62468DC20784 -- C:\Windows\System32\drivers\ndis.sys [2008-02-08 05:25:28 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=C8560010A542B5DCA94C62468DC20784 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.22110_none_a845f8a63534c8d3\ndis.sys [2008-02-08 05:22:00 | 000,503,352 | ---- | M] (Microsoft Corporation) MD5=E50187F20ED749F57C97836FEDE14BD6 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.20768_none_a631acb4382f8e4f\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008-01-21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe [2008-01-21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < End of report >[/log] RSIT log.txt [log]Logfile of random's system information tool 1.08 (written by random/random) Run by euro at 2010-11-23 19:29:06 Microsoft® Windows Vista™ Home Premium Service Pack 1 System drive C: has 4 GB (3%) free of 153 GB Total RAM: 3037 MB (53% free) HijackThis download failed ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}] IDMIEHlprObj Class - E:\Programy\Internet Download Manager\IDMIECC.dll [2009-11-11 173488] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}] HP Print Clips - E:\Programy\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-10-20 68112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-26 297648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2010-10-26 843832] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-26 297648] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-08-24 7719456] "ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2007-09-28 75136] "HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2007-04-16 421888] "SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2007-09-19 438272] "KeNotify"=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352] "NDSTray.exe"=NDSTray.exe [] "cfFncEnabler.exe"=cfFncEnabler.exe [] "HDMICtrlMan"=C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [2008-05-20 716800] "TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-08-18 431456] "HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-10-31 54608] "SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-06-24 509816] "00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-07-15 726904] "Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2007-12-15 184320] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-04 98304] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2010-09-05 340520] "Ad Muncher"=e:\Programy\Ad Muncher\AdMunch.exe [2009-12-07 862208] "amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824] "Razer Orochi Driver"=C:\Program Files\Razer\Orochi\RazerOrochiTray.exe [2009-10-22 2548056] "LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2010-03-30 1820040] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920] "TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [2008-07-04 430080] "AQQ"=E:\Programy\WapSter\WAPSTE~1\AQQ.exe [2010-11-19 7965696] "IDMan"=E:\Programy\Internet Download Manager\IDMan.exe [2009-11-11 3171760] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-02 68856] "AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2009-11-15 33120] "DAEMON Tools Lite"=E:\Programy\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2008-08-14 417792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] E:\Programy\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe [2008-05-28 20480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] E:\Programy\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan] e:\Programy\Internet Download Manager\IDMan.exe [2009-11-11 3171760] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\jswtrayutil] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyKeys] C:\Program Files\mfk\MFK.EXE [1999-04-18 541184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-02 68856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe [2008-08-26 103824] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\winsec32] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] E:\Programy\HP\DIGITA~1\bin\hpqtra08.exe [2007-03-11 210520] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup TSS Instrument API Tray Utility.lnk - C:\Program Files\Common Files\Nokia\Tss\Instrument API\bin\tray.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\Windows\system32\klogon.dll [2009-10-20 219664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler] FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - E:\Programy\Fences\FencesMenu.dll [2009-10-02 128360] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLUA"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=0xFFFFFFFF "NoDriveTypeAutoRun"=36 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======List of files/folders created in the last 1 months====== 2010-11-23 19:29:06 ----D---- C:\rsit 2010-11-23 14:02:12 ----D---- C:\Program Files\Trend Micro 2010-11-23 13:37:21 ----A---- C:\Windows\system32\0A591.tmp 2010-11-23 13:37:01 ----ASH---- C:\hiberfil.sys 2010-11-23 10:15:51 ----A---- C:\Windows\system32\0A7C3.tmp 2010-11-22 17:25:50 ----A---- C:\Windows\system32\0A3FB.tmp 2010-11-21 17:02:06 ----A---- C:\Windows\system32\0A66B.tmp 2010-11-21 11:24:52 ----A---- C:\Windows\system32\0AAEE.tmp 2010-11-20 14:24:46 ----A---- C:\Windows\system32\0A85F.tmp 2010-11-20 10:33:59 ----A---- C:\Windows\system32\0AAAF.tmp 2010-11-19 17:48:13 ----A---- C:\Windows\system32\0FE99.tmp 2010-11-19 16:13:59 ----D---- C:\Program Files\ODEON 2010-11-19 13:32:20 ----D---- C:\ProgramData\Solidshield 2010-11-19 12:16:33 ----D---- C:\Users\euro\AppData\Roaming\Nokia 2010-11-19 11:38:45 ----D---- C:\ProgramData\Nokia 2010-11-19 11:03:22 ----A---- C:\Windows\system32\FLSINSTU.INI 2010-11-19 10:37:47 ----A---- C:\Windows\system32\drivers\parldr2k.sys 2010-11-19 10:34:20 ----D---- C:\ProgramData\DESkey 2010-11-19 10:34:20 ----A---- C:\Windows\system32\flsuinst.exe 2010-11-19 10:34:20 ----A---- C:\Windows\system32\flsinst.ini 2010-11-19 10:34:20 ----A---- C:\Windows\system32\FLSDEVCP.EXE 2010-11-19 10:34:20 ----A---- C:\Windows\system32\drivers\flsvcom.sys 2010-11-19 10:34:20 ----A---- C:\Windows\system32\drivers\FLSUSB.SYS 2010-11-19 10:34:20 ----A---- C:\Windows\system32\drivers\flsser.sys 2010-11-19 10:34:20 ----A---- C:\Windows\system32\drivers\flspar.sys 2010-11-19 10:34:20 ----A---- C:\Windows\system32\drivers\flsiface.sys 2010-11-19 10:34:20 ----A---- C:\Windows\system32\drivers\FlsFWLdr.sys 2010-11-19 10:34:19 ----A---- C:\Windows\system32\flscoins.dll 2010-11-19 10:34:19 ----A---- C:\Windows\system32\drivers\FLS5USB.SYS 2010-11-19 10:34:19 ----A---- C:\Windows\system32\drivers\FLS5FWLD.SYS 2010-11-19 10:34:18 ----A---- C:\Windows\system32\FLS5FL32.DLL 2010-11-19 10:34:18 ----A---- C:\Windows\system32\fls1wn32.dll 2010-11-19 10:34:18 ----A---- C:\Windows\system32\fls1wn16.dll 2010-11-19 10:34:18 ----A---- C:\Windows\system32\fle5wn32.dll 2010-11-19 10:34:18 ----A---- C:\Windows\system32\drivers\fle5wnnt.sys 2010-11-19 10:34:17 ----D---- C:\Windows\system32\drivers\FLSUSB 2010-11-19 10:34:17 ----A---- C:\Windows\system32\fle5wn16.dll 2010-11-19 10:34:16 ----A---- C:\Windows\system32\FLSINST.DLL 2010-11-19 10:33:05 ----A---- C:\Windows\system32\vercp32.dll 2010-11-19 10:33:05 ----A---- C:\Windows\system32\DNCP32.DLL 2010-11-19 10:33:05 ----A---- C:\Windows\system32\DNClnt32.dll 2010-11-19 10:33:05 ----A---- C:\Windows\system32\dkcpanel.exe 2010-11-19 10:33:04 ----A---- C:\Windows\system32\DKCLINST.DLL 2010-11-19 10:33:04 ----A---- C:\Windows\system32\dk2win16.dll 2010-11-19 10:33:04 ----A---- C:\Windows\system32\dk2vdd.dll 2010-11-19 10:33:04 ----A---- C:\Windows\system32\DK2UInst.exe 2010-11-19 10:33:03 ----D---- C:\Program Files\Common Files\DESkey 2010-11-19 10:33:03 ----A---- C:\Windows\system32\drivers\dk2drv.sys 2010-11-19 10:33:03 ----A---- C:\Windows\system32\dk2cp32.dll 2010-11-19 10:32:59 ----A---- C:\Windows\system32\DK2INST.DLL 2010-11-19 10:30:21 ----D---- C:\Program Files\Common Files\Nokia 2010-11-19 10:27:18 ----A---- C:\Windows\system32\nmwcdcls.dll 2010-11-19 10:27:16 ----D---- C:\Program Files\Nokia 2010-11-19 09:55:45 ----A---- C:\Windows\system32\0A9A6.tmp 2010-11-18 15:15:09 ----A---- C:\Windows\system32\0A275.tmp 2010-11-17 19:19:56 ----A---- C:\Windows\system32\0A41B.tmp 2010-11-17 16:41:46 ----A---- C:\Windows\system32\0A497.tmp 2010-11-16 16:13:19 ----A---- C:\Windows\system32\0A736.tmp 2010-11-16 08:32:28 ----A---- C:\Windows\system32\0AE09.tmp 2010-11-15 16:55:33 ----A---- C:\Windows\system32\0A9B6.tmp 2010-11-14 12:18:28 ----A---- C:\Windows\system32\0BB81.tmp 2010-11-13 14:31:09 ----A---- C:\Windows\system32\0A958.tmp 2010-11-12 12:19:23 ----A---- C:\Windows\system32\0A64C.tmp 2010-11-12 08:49:02 ----A---- C:\Windows\system32\0AFDD.tmp 2010-11-11 20:37:20 ----RASHD---- C:\autorun.inf 2010-11-11 18:09:19 ----D---- C:\Users\euro\AppData\Roaming\Server121 2010-11-11 17:51:47 ----D---- C:\Windows\system32\world 2010-11-11 17:51:47 ----A---- C:\Windows\system32\ops.txt 2010-11-11 17:51:47 ----A---- C:\Windows\system32\banned-players.txt 2010-11-11 17:51:47 ----A---- C:\Windows\system32\banned-ips.txt 2010-11-11 17:44:53 ----D---- C:\Users\euro\AppData\Roaming\bckup 2010-11-11 13:29:20 ----D---- C:\Program Files\LogMeIn Hamachi 2010-11-11 11:12:09 ----D---- C:\Users\euro\AppData\Roaming\.minecraft 2010-11-11 10:12:21 ----A---- C:\Windows\system32\08851.tmp 2010-11-10 17:22:35 ----A---- C:\Windows\system32\08313.tmp 2010-11-09 17:03:16 ----A---- C:\Windows\system32\084BA.tmp 2010-11-09 08:23:40 ----A---- C:\Windows\system32\0F343.tmp 2010-10-29 15:29:41 ----D---- C:\Program Files\Razer ======List of files/folders modified in the last 1 months====== 2010-11-23 19:28:53 ----D---- C:\Windows\Temp 2010-11-23 16:01:00 ----D---- C:\Windows\inf 2010-11-23 16:01:00 ----AD---- C:\Windows\System32 2010-11-23 16:01:00 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-11-23 14:02:12 ----RD---- C:\Program Files 2010-11-23 13:38:01 ----D---- C:\Users\euro\AppData\Roaming\DMCache 2010-11-23 13:37:45 ----D---- C:\ProgramData\Kaspersky Lab 2010-11-23 13:34:38 ----A---- C:\Windows\ntbtlog.txt 2010-11-19 19:09:32 ----SHD---- C:\System Volume Information 2010-11-19 17:48:52 ----D---- C:\Windows 2010-11-19 16:44:48 ----D---- C:\Windows\system32\catroot 2010-11-19 16:15:30 ----D---- C:\Windows\system32\catroot2 2010-11-19 16:14:18 ----SHD---- C:\Windows\Installer 2010-11-19 13:43:14 ----RSD---- C:\Windows\assembly 2010-11-19 13:32:20 ----HD---- C:\ProgramData 2010-11-19 12:12:36 ----HD---- C:\Program Files\InstallShield Installation Information 2010-11-19 11:44:13 ----D---- C:\Windows\system32\drivers 2010-11-19 10:33:03 ----D---- C:\Program Files\Common Files 2010-11-07 14:23:22 ----D---- C:\ProgramData\Media Center Programs 2010-11-07 14:23:20 ----D---- C:\Program Files\Mozilla Firefox 2010-11-06 14:19:53 ----D---- C:\Windows\Prefetch 2010-11-05 18:00:40 ----D---- C:\Users\euro\AppData\Roaming\IDM 2010-10-24 11:23:41 ----D---- C:\Windows\system32\Tasks ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2008-04-28 14352] R0 klbg;Kaspersky Lab Boot Guard Driver; C:\Windows\system32\drivers\klbg.sys [2009-10-14 36880] R0 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2008-05-07 25896] R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-02-23 43872] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-12-28 691696] R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2008-08-19 279376] R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640] R1 dk2drv;DK2 WindowsNT Driver; \??\C:\Windows\SYSTEM32\Drivers\dk2drv.sys [2010-11-19 49720] R1 jswpslwf;JumpStart Wireless Filter Driver; C:\Windows\system32\DRIVERS\jswpslwf.sys [2008-04-28 20384] R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-09-01 128016] R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2009-12-06 311312] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2009-09-14 21520] R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2008-05-13 64000] R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-12-28 281760] R2 FLE5WNNT;FLE-5 WindowsNT Driver; \??\C:\Windows\System32\Drivers\fle5wnnt.sys [2010-11-19 33404] R2 FLSIFACE;FLSIface; \??\C:\Windows\System32\Drivers\flsiface.sys [2010-11-19 13440] R2 FLSPAR;FLSPar; \??\C:\Windows\System32\Drivers\flspar.sys [2010-11-19 16314] R2 FLSSER;FLSSer; \??\C:\Windows\System32\Drivers\flsser.sys [2010-11-19 8344] R2 FLSVCOM;FLSVCom; \??\C:\Windows\System32\Drivers\flsvcom.sys [2010-11-19 34048] R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-12-28 25888] R2 PARLDR2K;ParLdr2k; \??\C:\Windows\system32\drivers\parldr2k.sys [2010-11-19 10454] R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888] R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2008-02-06 166448] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-07-28 919552] R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-09-30 103440] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-11-04 5079040] R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-08-24 2754336] R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-10-02 19472] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 8192] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-08-06 124928] R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2009-11-20 25984] R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2007-12-14 24200] R3 toshidpt;Bluetooth HID Port; C:\Windows\system32\drivers\Toshidpt.sys [2005-07-11 3712] R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2008-03-25 41472] R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2008-04-23 131712] R3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2007-11-29 36608] R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216] R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2008-03-19 74112] R3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-07 18612] R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2008-05-23 41856] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064] R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016] R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2008-07-15 17960] S3 aa81j98y;aa81j98y; C:\Windows\system32\drivers\aa81j98y.sys [] S3 awy9ipzn;awy9ipzn; C:\Windows\system32\drivers\awy9ipzn.sys [] S3 Dot4;Sterownik MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584] S3 Dot4Print;Sterownik klasy drukowania dla IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 HdAudAddService;Sterownik funkcji Microsoft 1.1 UAA dla usługi standardu High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536] S3 LLRING0;LLRING0; \??\C:\Program Files\Dark Stars Network\Season 5\MuGuard\llck.sys [2010-10-11 5120] S3 MSKSSRV;Serwer proxy usługi Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Serwer proxy zegara Microsoft Streaming; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Serwer proxy menedżera jakości Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2009-10-06 136704] S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2009-10-06 8320] S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2008-01-22 54144] S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys [] S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328] S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\Windows\System32\DRIVERS\vserial.sys [] S3 wanatw;WAN Miniport (ATW); C:\Windows\system32\DRIVERS\wanatw4.sys [] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216] R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\atiesrxx.exe [2009-11-04 172032] R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376] R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2008-07-10 40960] R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336] R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-12-05 935208] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504] R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688] R2 TempoMonitoringService;Notebook Performance Tuning Service ; C:\Program Files\Toshiba TEMPRO\TempoSVC.exe [2008-08-26 99720] R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-08-19 83312] R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632] R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2008-08-18 431456] R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2008-05-22 120168] R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2008-07-15 106496] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-10-30 1021256] R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152] R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504] R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv; C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [2008-08-25 77824] S2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2010-09-05 340520] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-06 135664] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-02-02 654848] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-06 182768] S3 jswpsapi;Jumpstart Wifi Protected Setup; C:\Program Files\Jumpstart\jswpsapi.exe [2008-04-16 954368] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-01-01 321320] S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2009-12-16 435016] -----------------EOF----------------- [/log] info.txt [log]info.txt logfile of random's system information tool 1.08 2010-11-23 19:29:17 ======Uninstall list====== -->"C:\Program Files\InstallShield Installation Information\{A644254B-92F6-4970-8635-AB0775371E72}\setup.exe" --u:{A644254B-92F6-4970-8635-AB0775371E72} -->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA} -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{622E6F16-0904-49B6-BBE1-4CC836314CCF}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{697AFC77-F318-4CD4-BF16-F50F4C1072DA}\setup.exe" -l0x9 32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7} 7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe" ACE Mega CoDecS Pack-->"C:\Program Files\ACE Mega CoDecS Pack\unins000.exe" Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE Ad Muncher v4.8 Build 31318-->"e:\Programy\Ad Muncher\AM-Install.exe" /P "InstallerAction=Uninstall" /P "InstallTarget=e:\Programy\Ad Muncher" Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7} Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95} Adobe Asset Services CS3-->MsiExec.exe /I{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2} Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394} Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23} Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C} Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E} Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9} Adobe Color EU Recommended Settings-->MsiExec.exe /I{BD087F50-46B2-43E4-BD73-5DB3DC20B47C} Adobe Color JA Extra Settings-->MsiExec.exe /I{D92B72E2-C854-4738-8ED6-4C3661CC17AE} Adobe Color NA Extra Settings-->MsiExec.exe /I{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871} Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D} Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD} Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2} Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B} Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245} Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078} Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C} Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\678cd98c8365a5647f9a2e539d120a8\Setup.exe Adobe Photoshop CS3-->MsiExec.exe /I{78EFD06D-7583-42F1-9E77-671D8782EB70} Adobe Reader 8 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A81200000003} Adobe Setup-->MsiExec.exe /I{CBF4DADD-974D-49C8-BC83-C6F31554001E} Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183} Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312} Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5} Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6} Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923} ALPS Touch Pad Driver-->C:\Program Files\Apoint2K\Uninstap.exe ADDREMOVE Archiwizator WinRAR-->E:\Programy\WinRAR\uninstall.exe Atheros Driver Installation Program-->C:\Program Files\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\setup.exe -runfromtemp -l0x0015 Atheros Wi-Fi Protected Setup Library-->C:\Program Files\InstallShield Installation Information\{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}\setup.exe -runfromtemp -l0x0015 -removeonly BioShock 2-->MsiExec.exe /I{5454085C-840F-4070-8FAA-441000018301} BioShock 2-->MsiExec.exe /I{5454085C-840F-4070-8FAA-441000028301} Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6} Camera Assistant Software for Toshiba-->C:\Program Files\InstallShield Installation Information\{37C866E4-AA67-4725-9E95-A39968DD7960}\setup.exe -runfromtemp -l0x0015 Catalyst Control Center - Branding-->MsiExec.exe /I{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45} CD/DVD Drive Acoustic Silencer-->C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\setup.exe -runfromtemp -l0x0015 -removeonly Cisco EAP-FAST Module-->MsiExec.exe /I{415B2719-AD3A-4944-B404-C472DB6085B3} Cisco LEAP Module-->MsiExec.exe /I{83770D14-21B9-44B3-8689-F7B523F94560} Cisco PEAP Module-->MsiExec.exe /I{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E} Counter-Strike-->"E:\gry\Steam\steam.exe" steam://uninstall/10 Crash Time II-->"e:\gry\City Interactive\Crash Time II\unins000.exe" DH Mobility Modder.NET-->e:\Programy\MobilityDotNET\Uninstall.exe DK2 DESkey Drivers v7.14.0.25-->rundll32 C:\Windows\system32\DK2INST.DLL,RunDLL_Uninstall Dolby Control Center-->MsiExec.exe /I{87725CEF-1BC6-47C5-B2CD-96DD6D392EE3} Dsnet-->MsiExec.exe /I{E0260DCA-6F65-4FA2-96AB-E11C97F08CFF} Dual-Core Optimizer-->MsiExec.exe /X{9FD6F1A8-5550-46AF-8509-271DF0E768B5} DVD MovieFactory for TOSHIBA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}\setup.exe" -l0x9 Fences-->"C:\ProgramData\{A87EB928-0C6C-4071-AEF1-59E32BAEDF1B}\Fences.exe" REMOVE=TRUE MODIFY=FALSE Fences-->C:\ProgramData\{A87EB928-0C6C-4071-AEF1-59E32BAEDF1B}\Fences.exe FileZilla Client 3.3.0.1-->e:\Programy\FileZilla FTP Client\uninstall.exe FlatOut Ultimate Carnage-->e:\gry\Empire Interactive\FlatOut Ultimate Carnage\Uninstall.exe FLS-4 Driver Installation-->C:\Windows\system32\FLSUInst.exe FreeVPN v3.20-->"C:\Program Files\FreeVPN\unins000.exe" GIMP 2.6.7-->"e:\Programy\GIMP-2.0\setup\unins000.exe" GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe" Google Earth Plug-in-->MsiExec.exe /X{171E6C1E-B5FC-11DF-B115-005056C00008} Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_AC0049E063DE2AEA.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Grand Theft Auto: Episodes from Liberty City-->MsiExec.exe /I{5454083B-1308-4485-BF17-111000028701} Haali Media Splitter-->"C:\Program Files\Matroska Pack\haali\uninstall.exe" HDMI Control Manager-->C:\Program Files\InstallShield Installation Information\{F81AB80B-5BB7-4E36-8BA5-E07541CE1BFC}\setup.exe -runfromtemp -l0x0015 -removeonly HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" HP Customer Participation Program 9.0-->E:\Programy\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat HP Imaging Device Functions 9.0-->E:\Programy\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat HP OCR Software 9.0-->E:\Programy\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat HP Photosmart All-In-One Software 9.0-->E:\Programy\HP\Digital Imaging\{B22C19AE-6A67-4f28-B541-5AE72FB17A25}\setup\hpzscr01.exe -datfile hposcr15.dat HP Photosmart Essential 2.01-->E:\Programy\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat HP Smart Web Printing-->MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7} HP Solution Center 9.0-->E:\Programy\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat HP Update-->MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134} HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3} Internet Download Manager-->e:\Programy\Internet Download Manager\Uninstall.exe JAF Setup-->"C:\Program Files\ODEON\JAF\uninstall.exe" Java(TM) 6 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF} Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060} JMicron JMB38X Flash Media Controller-->"C:\Program Files\InstallShield Installation Information\{26604C7E-A313-4D12-867F-7C6E7820BE4C}\setup.exe" delpkg Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA} Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA} LogMeIn Hamachi-->C:\Windows\system32\\msiexec.exe /i {8A74DEFD-A224-49CC-AB80-4E88BC730125} REMOVE=ALL LogMeIn Hamachi-->MsiExec.exe /I{8A74DEFD-A224-49CC-AB80-4E88BC730125} Mafia II DLC Jimmy's Vendetta-->"E:\gry\2K Games\MAFIA II\Mafia II\unins001.exe" MAFIA II-->"C:\Program Files\InstallShield Installation Information\{D6DB1C8B-598C-49B9-9215-1EBB58C4A968}\setup.exe" -runfromtemp -l0x0015 -removeonly Mass Effect-->C:\Program Files\Common Files\BioWare\Uninstall Mass Effect.exe Matroska Pack-->C:\Program Files\Matroska Pack\uninstall.exe Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669} Microsoft Games for Windows - LIVE-->MsiExec.exe /X{A1C962E2-2426-49C6-A38B-9A07E40D607C} Microsoft Office Access MUI (Polish) 2007-->MsiExec.exe /X{90120000-0015-0415-0000-0000000FF1CE} Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (Polish) 2007-->MsiExec.exe /X{90120000-0016-0415-0000-0000000FF1CE} Microsoft Office Groove MUI (Polish) 2007-->MsiExec.exe /X{90120000-00BA-0415-0000-0000000FF1CE} Microsoft Office InfoPath MUI (Polish) 2007-->MsiExec.exe /X{90120000-0044-0415-0000-0000000FF1CE} Microsoft Office OneNote MUI (Polish) 2007-->MsiExec.exe /X{90120000-00A1-0415-0000-0000000FF1CE} Microsoft Office Outlook MUI (Polish) 2007-->MsiExec.exe /X{90120000-001A-0415-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (Polish) 2007-->MsiExec.exe /X{90120000-0018-0415-0000-0000000FF1CE} Microsoft Office PowerPoint Viewer 2007 (Polish)-->MsiExec.exe /X{95120000-00AF-0415-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE} Microsoft Office Proofing (Polish) 2007-->MsiExec.exe /X{90120000-002C-0415-0000-0000000FF1CE} Microsoft Office Publisher MUI (Polish) 2007-->MsiExec.exe /X{90120000-0019-0415-0000-0000000FF1CE} Microsoft Office Shared MUI (Polish) 2007-->MsiExec.exe /X{90120000-006E-0415-0000-0000000FF1CE} Microsoft Office Word MUI (Polish) 2007-->MsiExec.exe /X{90120000-001B-0415-0000-0000000FF1CE} Microsoft SQL Server Compact 3.5 SP1 English-->MsiExec.exe /I{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Works-->MsiExec.exe /I{306B39C9-3AB1-4161-8567-9C7E50B41AE3} Mozilla Firefox (3.6.12)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe Mp3 Knife 3.2-->"e:\Programy\Mp3 Knife\unins000.exe" MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} My Function Keys-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\MFK.INF, DefaultUninstall.ntx86 NapiProjekt 1.0.6.7-->"e:\Programy\NAPI-PROJEKT\unins000.exe" Need for Speed(TM) Hot Pursuit-->MsiExec.exe /X{83A606F5-BF6F-42ED-9F33-B9F74297CDED} Need For Speed™ World-->"e:\gry\Electronic Arts\Need For Speed World\unins000.exe" neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} Nokia Connectivity Cable Driver-->MsiExec.exe /I{C50EF365-2898-489A-B6C7-30DAA466E9A2} Nokia Firmware RM-504 EUROPE-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9563A01F-8B9E-40BD-9E9E-9FEDAA3B9A98}\setup.exe" -l0x9 -removeonly Nokia Flashing Cable Driver-->MsiExec.exe /X{2A0A6470-FD0F-4F45-9B11-85F3167DB943} Nokia Service Tool Drivers-->MsiExec.exe /I{3DAD83B9-4C8B-4AC6-BF5E-B9FB181CCBE8} Nullsoft Tray Control Icon Pack 2.2-->e:\Programy\Winamp\TrayIconPackuninst.exe NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA} OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U Pakiet zgodności dla systemu Office 2007-->MsiExec.exe /X{90120000-0020-0415-0000-0000000FF1CE} PDF Settings-->MsiExec.exe /I{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9} Phoenix Service Software 2009.20.010.39068-->"C:\Program Files\Nokia\Phoenix\unins000.exe" Phoenix Service Software-->MsiExec.exe /I{002FA4C4-DDFE-4E83-A5E0-E2A18B965468} Phoenix Service Software-->MsiExec.exe /I{5A32C25A-7E99-4A77-B419-B47DA290DD67} Phoenix Service Software-->MsiExec.exe /I{B08B44B5-36E1-4104-B4A7-062D96AD7FB5} Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe" Podreczniki TOSHIBA-->C:\Program Files\InstallShield Installation Information\{10DFB03F-845F-4BC6-BE9E-7FEC377A0CD0}\setup.exe -runfromtemp -l0x0015 -removeonly Razer Orochi-->MsiExec.exe /X{306D4754-BECE-4FC7-85F3-B7FEED274AA8} Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0015 -removeonly Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd.exe -r -m -nrg2709 RelevantKnowledge-->C:\Program Files\RelevantKnowledge\rlvknlg.exe -bootremove -uninst:RelevantKnowledge Risen - PL Font Hotfix-->e:\gry\Deep Silver\Risen\Uninstall_Risen_Font_Hotfix.exe Risen Hotfix 1.01-->"C:\Program Files\InstallShield Installation Information\{EE91E474-9298-47B8-817F-8E0042408998}\setup.exe" -runfromtemp -l0x0009 -removeonly Risen-->"C:\Program Files\InstallShield Installation Information\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}\setup.exe" -runfromtemp -l0x0015 -removeonly Rockstar Games Social Club-->"C:\Program Files\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x0009 -removeonly Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT="" Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb Security Update for Windows Media Encoder (KB979332)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={950E24CA-CA7E-4606-8F0D-DEDBC94F2A1E} /qb Sprzęt instalacyjny TOSHIBA-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{5279374D-87FE-4879-9385-F17278EBB9D3} /l1045 Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} SubEdit - Vista WMP Patch-->"E:\Programy\SubEdit-Player\WMP6_4\unins000.exe" SubEdit-Player-->"e:\Programy\SubEdit-Player\unins000.exe" System Requirements Lab-->MsiExec.exe /I{1E99F5D7-4262-4C7C-9135-F066E7485811} TeamSpeak 3 Client-->"C:\Program Files\TeamSpeak 3 Client\uninstall.exe" TOSHIBA Assist-->C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\setup.exe -runfromtemp -l0x0015 -removeonly TOSHIBA ConfigFree-->MsiExec.exe /X{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755} TOSHIBA Disc Creator-->MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0} TOSHIBA DVD PLAYER-->C:\Program Files\InstallShield Installation Information\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}\setup.exe -runfromtemp -l0x0015 -ADDREMOVE -removeonly TOSHIBA Extended Tiles for Windows Mobility Center-->C:\Program Files\InstallShield Installation Information\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\setup.exe -runfromtemp -l0x0415 TOSHIBA Face Recognition-->"C:\Program Files\InstallShield Installation Information\{C730E42C-935A-45BB-A0C5-37E5234D111B}\setup.exe" -runfromtemp -l0x0415 -removeonly TOSHIBA Face Recognition-->MsiExec.exe /I{C730E42C-935A-45BB-A0C5-37E5234D111B} TOSHIBA Flash Cards Support Utility-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{620BBA5E-F848-4D56-8BDA-584E44584C5E} TOSHIBA Hasło administratora-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE} /l1045 Toshiba Online Product Information-->C:\Program Files\InstallShield Installation Information\{2290A680-4083-410A-ADCC-7092C67FC052}\setup.exe -runfromtemp -l0x0015 -removeonly TOSHIBA Recovery Disc Creator-->MsiExec.exe /X{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF} TOSHIBA SD Memory Utilities-->MsiExec.exe /X{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7} TOSHIBA Software Modem-->Tosmreg -U Toshiba TEMPRO-->MsiExec.exe /X{03FAA727-E2B7-471C-AC41-2E1C7F29C7EA} TOSHIBA Value Added Package-->C:\Program Files\InstallShield Installation Information\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\setup.exe -runfromtemp -l0x0415 TRDCReminder-->C:\Program Files\InstallShield Installation Information\{773970F1-5EBA-4474-ADEE-1EA3B0A59492}\setup.exe -runfromtemp -l0x0415 TRORDCLauncher-->C:\Program Files\InstallShield Installation Information\{E65C7D8E-186D-484B-BEA8-DEF0331CE600}\setup.exe -runfromtemp -l0x0415 TuneUp Utilities-->C:\Program Files\TuneUp Utilities 2010\TUInstallHelper.exe --Trigger-Uninstall Ultra WMV Converter 5.2.1022-->"C:\Program Files\Ultra WMV Converter\unins000.exe" Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u Vista Codec Package-->MsiExec.exe /I{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99} Vista Manager-->MsiExec.exe /I{5977A284-6ADB-4CC1-BEC5-1CDE7908ACA3} WapSter AQQ-->E:\Programy\WapSter\WapSter AQQ\uninstall.exe Winamp-->"e:\Programy\Winamp\UninstWA.exe" Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} Worms Reloaded-->"e:\gry\Team17\Worms Reloaded\unins000.exe" WRC FIA World Rally Championship-->"C:\Program Files\InstallShield Installation Information\{B6E3F2A0-DDBB-4F0A-BA7C-09138605DDAC}\setup.exe" -runfromtemp -l0x0409 -removeonly ======Hosts File====== 127.0.0.1 serial.alcohol-soft.com 127.0.0.1 www.alcohol-soft.com 127.0.0.1 images.alcohol-soft.com 127.0.0.1 trial.alcohol-soft.com 127.0.0.1 alcohol-soft.com ======Security center information====== AS: Windows Defender ======System event log====== Computer Name: euro-PC Event Code: 7036 Message: Usługa Usługa autowykrywania serwera proxy w sieci Web WinHTTP weszła w stan uruchomienia. Record Number: 122116 Source Name: Service Control Manager Time Written: 20101123173815.000000-000 Event Type: Informacje User: Computer Name: euro-PC Event Code: 7036 Message: Usługa Usługa autowykrywania serwera proxy w sieci Web WinHTTP weszła w stan zatrzymania. Record Number: 122117 Source Name: Service Control Manager Time Written: 20101123180045.000000-000 Event Type: Informacje User: Computer Name: euro-PC Event Code: 10029 Message: Model DCOM uruchomił usługę gusvc z argumentami w celu uruchomienia serwera: {89DAE4CD-9F17-4980-902A-99BA84A8F5C8} Record Number: 122118 Source Name: Microsoft-Windows-DistributedCOM Time Written: 20101123182355.000000-000 Event Type: Informacje User: Computer Name: euro-PC Event Code: 7036 Message: Usługa Google Software Updater weszła w stan uruchomienia. Record Number: 122119 Source Name: Service Control Manager Time Written: 20101123182356.000000-000 Event Type: Informacje User: Computer Name: euro-PC Event Code: 7036 Message: Usługa Google Software Updater weszła w stan zatrzymania. Record Number: 122120 Source Name: Service Control Manager Time Written: 20101123182456.000000-000 Event Type: Informacje User: =====Application event log===== Computer Name: euro-PC Event Code: 1000 Message: Liczniki wydajności dla usługi WmiApRpl (WmiApRpl) zostały pomyślnie załadowane. Dane rekordu w sekcji danych zawierają nowe wartości indeksu przypisane do tej usługi. Record Number: 24141 Source Name: Microsoft-Windows-LoadPerf Time Written: 20101123150100.000000-000 Event Type: Informacje User: Computer Name: euro-PC Event Code: 9010 Message: Proces Need for Speed(TM) Hot Pursuit Application zażądał wyłączenia Menedżera okien pulpitu. Record Number: 24142 Source Name: Desktop Window Manager Time Written: 20101123171006.000000-000 Event Type: Informacje User: Computer Name: euro-PC Event Code: 9013 Message: Nie można uruchomić Menedżera okien pulpitu, ponieważ kompozycja została wyłączona przez działającą aplikację. Record Number: 24143 Source Name: Desktop Window Manager Time Written: 20101123171006.000000-000 Event Type: Informacje User: Computer Name: euro-PC Event Code: 0 Message: Record Number: 24144 Source Name: gusvc Time Written: 20101123182355.000000-000 Event Type: Informacje User: Computer Name: euro-PC Event Code: 0 Message: Record Number: 24145 Source Name: gusvc Time Written: 20101123182455.000000-000 Event Type: Informacje User: =====Security event log===== Computer Name: euro-PC Event Code: 5056 Message: Wykonano autotest funkcji kryptograficznej. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: EURO-PC$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Moduł: ncrypt.dll Kod powrotny: 0x0 Record Number: 22707 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100623090035.281590-000 Event Type: Sukces inspekcji User: Computer Name: euro-PC Event Code: 4648 Message: Podjęto próbę logowania przy użyciu jawnych poświadczeń. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: EURO-PC$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Konto, którego poświadczenia zostały użyte: Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Serwer docelowy: Nazwa serwera docelowego: localhost Informacje dodatkowe: localhost Informacje o procesie: Identyfikator procesu: 0x384 Nazwa procesu: C:\Windows\System32\services.exe Informacje o sieci: Adres sieciowy: - Port: - To zdarzenie jest generowane, gdy proces podejmie próbę zalogowania się na koncie, określając w sposób jawny poświadczenia konta. To zdarzenie najczęściej występuje w konfiguracjach wsadowych, takich jak zaplanowane zadania, lub podczas używania polecenia RUNAS. Record Number: 22708 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100623090036.268590-000 Event Type: Sukces inspekcji User: Computer Name: euro-PC Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: EURO-PC$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Typ logowania: 5 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x384 Nazwa procesu: C:\Windows\System32\services.exe Informacje o sieci: Nazwa stacji roboczej: Adres źródłowy sieci: - Port źródłowy: - Szczegółowe informacje o uwierzytelnianiu: Proces logowania: Advapi Pakiet uwierzytelniania: Negotiate Usługi przejściowe: - Nazwa pakietu (tylko NTLM): - Długość klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 22709 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100623090036.268590-000 Event Type: Sukces inspekcji User: Computer Name: euro-PC Event Code: 4672 Message: Przypisano specjalne uprawnienia do nowego logowania. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Uprawnienia: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 22710 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100623090036.268590-000 Event Type: Sukces inspekcji User: Computer Name: euro-PC Event Code: 5033 Message: Sterownik Zapory systemu Windows został pomyślnie uruchomiony. Record Number: 22711 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100623090036.932590-000 Event Type: Sukces inspekcji User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=17 "PROCESSOR_IDENTIFIER"=x86 Family 17 Model 3 Stepping 1, AuthenticAMD "PROCESSOR_REVISION"=0301 "NUMBER_OF_PROCESSORS"=2 "TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat "DFSTRACINGON"=FALSE "RGSCLauncher"=e:\gry\Rockstar Games\Rockstar Games Social Club "RGSC"=e:\gry\Rockstar Games\Rockstar Games Social Club\1_0_0_0 -----------------EOF----------------- [/log]
Tomek01 komentarz 23 listopada 2010 komentarz 23 listopada 2010 Wygląda na to, że rootkit blokuje dostęp. W OTL, w oknie Custom scan/fixes wklej: [code]:Processes Explorer.exe :OTL SRV - File not found [Auto | Stopped] -- -- (xaqrgbg) O33 - MountPoints2\{f9211843-e2a8-11de-8a8d-00235a01a141}\Shell\AutoRun\command - "" = G:\EXPLORER.EXE -- File not found O33 - MountPoints2\{f9211843-e2a8-11de-8a8d-00235a01a141}\Shell\explore\Command - "" = G:\EXPLORER.EXE -- File not found O33 - MountPoints2\{f9211843-e2a8-11de-8a8d-00235a01a141}\Shell\open\Command - "" = G:\EXPLORER.EXE -- File not found :Files C:\Windows\System32\wrfhx.dll C:\Users\euro\AppData\Roaming\.# C:\Users\euro\AppData\Roaming\EurekaLog C:\Users\euro\AppData\Roaming\winsec32 C:\Windows\system32\0A591.tmp C:\Windows\system32\0A7C3.tmp C:\Windows\system32\0A3FB.tmp C:\Windows\system32\0A66B.tmp C:\Windows\system32\0AAEE.tmp C:\Windows\system32\0A85F.tmp C:\Windows\system32\0AAAF.tmp C:\Windows\system32\0FE99.tmp C:\Windows\system32\0A9A6.tmp C:\Windows\system32\0A275.tmp C:\Windows\system32\0A41B.tmp C:\Windows\system32\0A497.tmp C:\Windows\system32\0A736.tmp C:\Windows\system32\0AE09.tmp C:\Windows\system32\0A9B6.tmp C:\Windows\system32\0BB81.tmp C:\Windows\system32\0A958.tmp C:\Windows\system32\0A64C.tmp C:\Windows\system32\0AFDD.tmp C:\Windows\system32\08851.tmp C:\Windows\system32\08313.tmp C:\Windows\system32\084BA.tmp C:\Windows\system32\0F343.tmp :Reg [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\winsec32] :Services xaqrgbg :Commands [emptytemp] [start explorer] [Reboot][/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi: OTL i RSIT + Gmer. Odinstaluj sterownik sptd.sys oraz jednostki emulujące napęd, np DeamonTools, Alcohol. Dopiero wtedy uruchom Gmer'a.
kcr komentarz 23 listopada 2010 Autor komentarz 23 listopada 2010 Usunalem DaemonTools i Alcohol, ale podczas skanowania Gmerem pojawil sie bluescreen i musialem zrestartowac laptopa... Nie wiem czy mam jeszcze raz skanowac gmerem.? Szczegoly BS'a jak cos: [log]Podpis problemu: Nazwa zdarzenia problemu: BlueScreen Wersja systemu operacyjnego: 6.0.6001.2.1.0.768.3 Identyfikator ustawień regionalnych: 1045 Dodatkowe informacje o problemie: BCCode: 50 BCP1: C55DA300 BCP2: 00000000 BCP3: 9F1F0EED BCP4: 00000000 OS Version: 6_0_6001 Service Pack: 1_0 Product: 768_1 Pliki pomagające opisać problem: C:\Windows\Minidump\Mini112310-01.dmp C:\Users\euro\AppData\Local\Temp\WER-52837-0.sysdata.xml C:\Users\euro\AppData\Local\Temp\WER637.tmp.version.txt [/log] Log z usuwania: [log]All processes killed ========== PROCESSES ========== No active process named Explorer.exe was found! ========== OTL ========== Service xaqrgbg stopped successfully! Service xaqrgbg deleted successfully! Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f9211843-e2a8-11de-8a8d-00235a01a141}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f9211843-e2a8-11de-8a8d-00235a01a141}\ not found. File G:\EXPLORER.EXE not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f9211843-e2a8-11de-8a8d-00235a01a141}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f9211843-e2a8-11de-8a8d-00235a01a141}\ not found. File G:\EXPLORER.EXE not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f9211843-e2a8-11de-8a8d-00235a01a141}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f9211843-e2a8-11de-8a8d-00235a01a141}\ not found. File G:\EXPLORER.EXE not found. ========== FILES ========== File move failed. C:\Windows\System32\wrfhx.dll scheduled to be moved on reboot. C:\Users\euro\AppData\Roaming\.# folder moved successfully. C:\Users\euro\AppData\Roaming\EurekaLog folder moved successfully. C:\Users\euro\AppData\Roaming\winsec32 folder moved successfully. File move failed. C:\Windows\system32\0A591.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A7C3.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A3FB.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A66B.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0AAEE.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A85F.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0AAAF.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0FE99.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A9A6.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A275.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A41B.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A497.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A736.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0AE09.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A9B6.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0BB81.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A958.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A64C.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0AFDD.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\08851.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\08313.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\084BA.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0F343.tmp scheduled to be moved on reboot. ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\winsec32\ deleted successfully. ========== SERVICES/DRIVERS ========== Error: No service named xaqrgbg was found to stop! Service\Driver key xaqrgbg not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: euro ->Temp folder emptied: 9466326 bytes ->Temporary Internet Files folder emptied: 59025122 bytes ->Java cache emptied: 22396727 bytes ->FireFox cache emptied: 107713712 bytes ->Flash cache emptied: 426799 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 757760 bytes %systemroot%\System32 .tmp files removed: 3369184 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 29625301 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 222,00 mb OTL by OldTimer - Version 3.2.17.3 log created on 11232010_214705 Files\Folders moved on Reboot... File move failed. C:\Windows\System32\wrfhx.dll scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A591.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A7C3.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A3FB.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A66B.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0AAEE.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A85F.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0AAAF.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0FE99.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A9A6.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A275.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A41B.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A497.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A736.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0AE09.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A9B6.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0BB81.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A958.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A64C.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0AFDD.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\08851.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\08313.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\084BA.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0F343.tmp scheduled to be moved on reboot. File move failed. C:\Windows\System32\084B9.tmp scheduled to be moved on reboot. File move failed. C:\Windows\System32\08545.tmp scheduled to be moved on reboot. File move failed. C:\Windows\System32\08803.tmp scheduled to be moved on reboot. File move failed. C:\Windows\System32\08861.tmp scheduled to be moved on reboot. File move failed. C:\Windows\System32\08E0B.tmp scheduled to be moved on reboot. File move failed. C:\Windows\System32\08F05.tmp scheduled to be moved on reboot. File move failed. C:\Windows\System32\08F34.tmp scheduled to be moved on reboot. File move failed. C:\Windows\System32\093D5.tmp scheduled to be moved on reboot. File move failed. C:\Windows\System32\09953.tmp scheduled to be moved on reboot. File move failed. C:\Windows\System32\09A4B.tmp scheduled to be moved on reboot. File move failed. C:\Windows\System32\0D2D8.tmp scheduled to be moved on reboot. Registry entries deleted on Reboot... [/log] OTL [log]OTL logfile created on: 2010-11-23 22:14:22 - Run 2 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\euro\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 63,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,04 Gb Total Space | 3,67 Gb Free Space | 2,46% Space Free | Partition Type: NTFS Drive E: | 147,58 Gb Total Space | 59,20 Gb Free Space | 40,11% Space Free | Partition Type: NTFS Computer Name: EURO-PC | User Name: euro | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-11-23 19:13:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\euro\Desktop\OTL.exe PRC - [2010-10-29 14:56:38 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-08-17 14:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2010-03-30 11:16:16 | 001,820,040 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe PRC - [2010-03-30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe PRC - [2009-12-07 15:48:46 | 000,862,208 | ---- | M] (Murray Hurps Corp Pty Ltd) -- E:\Programy\Ad Muncher\AdMunch.exe PRC - [2009-11-11 16:33:04 | 003,171,760 | ---- | M] (Tonec Inc.) -- E:\Programy\Internet Download Manager\IDMan.exe PRC - [2009-11-04 16:45:32 | 000,360,448 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2009-11-04 16:45:02 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2009-10-30 15:08:26 | 000,486,216 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe PRC - [2009-10-30 15:05:48 | 001,021,256 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe PRC - [2009-10-22 08:43:58 | 002,548,056 | ---- | M] (Razer USA Ltd) -- C:\Program Files\Razer\Orochi\RazerOrochiTray.exe PRC - [2009-10-20 19:34:38 | 000,207,376 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe PRC - [2009-10-15 10:51:51 | 000,263,600 | ---- | M] (Tonec Inc.) -- E:\Programy\Internet Download Manager\IEMonitor.exe PRC - [2009-08-24 10:27:34 | 007,719,456 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe PRC - [2009-06-15 13:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-04-22 17:38:50 | 000,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe PRC - [2009-04-22 17:37:16 | 000,065,536 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe PRC - [2009-03-03 03:16:04 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe PRC - [2008-12-05 16:11:54 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2008-10-29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008-10-02 09:05:12 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2008-08-26 14:26:44 | 000,099,720 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\TempoSVC.exe PRC - [2008-08-25 09:58:20 | 000,077,824 | ---- | M] (Toshiba) -- C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe PRC - [2008-08-19 21:34:32 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe PRC - [2008-08-18 22:22:56 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TPwrMain.exe PRC - [2008-08-18 22:22:02 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe PRC - [2008-07-30 09:02:08 | 000,667,648 | ---- | M] (TOSHIBA Corporation.) -- C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe PRC - [2008-07-15 19:12:00 | 000,726,904 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\FlashCards\TCrdMain.exe PRC - [2008-07-15 15:16:58 | 000,106,496 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe PRC - [2008-07-10 16:58:40 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe PRC - [2008-07-10 16:57:30 | 000,634,880 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe PRC - [2008-07-04 13:51:54 | 000,430,080 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe PRC - [2008-06-24 09:06:14 | 000,509,816 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe PRC - [2008-06-20 02:14:44 | 000,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe PRC - [2008-05-22 21:54:42 | 000,120,168 | ---- | M] (TOSHIBA CORPORATION) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe PRC - [2008-05-20 13:42:00 | 000,716,800 | ---- | M] (TOSHIBA Corporation.) -- C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe PRC - [2008-04-16 23:19:16 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe PRC - [2008-01-21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2008-01-21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe PRC - [2008-01-21 03:25:00 | 002,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe PRC - [2008-01-21 03:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2008-01-21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2008-01-21 03:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2008-01-21 03:24:44 | 000,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe PRC - [2008-01-21 03:24:44 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2008-01-21 03:23:52 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE PRC - [2008-01-21 03:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2008-01-21 03:23:44 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2008-01-21 03:23:29 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe PRC - [2008-01-21 03:23:29 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanext.exe PRC - [2007-12-15 14:29:06 | 000,184,320 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\Apoint.exe PRC - [2007-12-07 17:58:24 | 000,077,824 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\Tss\Instrument API\bin\tray.exe PRC - [2007-12-07 17:55:08 | 000,380,928 | ---- | M] () -- C:\Program Files\Common Files\Nokia\Tss\Instrument API\bin\root.exe PRC - [2007-11-21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe PRC - [2007-10-25 16:23:36 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\ApntEx.exe PRC - [2007-09-28 15:03:46 | 000,075,136 | ---- | M] ( TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe PRC - [2007-09-12 13:40:38 | 000,050,472 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\ApMsgFwd.exe PRC - [2006-11-06 16:14:44 | 000,034,352 | ---- | M] () -- C:\Program Files\Toshiba\Utilities\KeNotify.exe PRC - [2006-10-05 11:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe PRC - [2006-08-23 15:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe PRC - [2006-02-28 12:42:38 | 000,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-11-23 19:13:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\euro\Desktop\OTL.exe MOD - [2010-09-08 18:23:43 | 000,270,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll MOD - [2010-09-08 18:23:42 | 006,078,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll MOD - [2010-08-31 16:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll MOD - [2010-07-26 17:55:26 | 011,581,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2010-06-28 17:15:53 | 001,315,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-04-16 17:10:45 | 000,501,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2009-12-07 15:48:46 | 000,030,208 | ---- | M] (Murray Hurps Corp Pty Ltd) -- E:\Programy\Ad Muncher\AM31318.dll MOD - [2009-07-17 15:35:11 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-06-15 16:24:05 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2009-04-23 13:43:04 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009-03-26 16:35:39 | 000,034,224 | ---- | M] (Tonec Inc.) -- E:\Programy\Internet Download Manager\idmmkb.dll MOD - [2009-02-13 09:49:05 | 000,888,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2008-10-21 06:25:18 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2008-10-16 05:47:33 | 000,466,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll MOD - [2008-05-27 06:17:46 | 000,754,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2008-02-29 07:53:38 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2008-01-21 03:25:01 | 001,203,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2008-01-21 03:25:00 | 000,563,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2008-01-21 03:24:57 | 000,806,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2008-01-21 03:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2008-01-21 03:24:47 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2008-01-21 03:24:46 | 001,590,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2008-01-21 03:24:38 | 000,450,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2008-01-21 03:24:37 | 000,351,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2008-01-21 03:24:37 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2008-01-21 03:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2008-01-21 03:24:37 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2008-01-21 03:24:36 | 000,680,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2008-01-21 03:24:27 | 000,798,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2008-01-21 03:24:26 | 001,076,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2008-01-21 03:24:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2008-01-21 03:24:24 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2008-01-21 03:24:24 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2008-01-21 03:24:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2008-01-21 03:24:23 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll MOD - [2008-01-21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2008-01-21 03:24:14 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2008-01-21 03:24:14 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2008-01-21 03:24:13 | 000,289,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2008-01-21 03:24:11 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2008-01-21 03:24:10 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2008-01-21 03:24:10 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2008-01-21 03:23:50 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2008-01-21 03:23:44 | 001,067,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2008-01-21 03:23:43 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2008-01-21 03:23:42 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2008-01-21 03:23:27 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2006-11-02 10:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-09-05 12:06:37 | 000,340,520 | ---- | M] (Kaspersky Lab) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP) SRV - [2010-03-30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2010-02-02 21:01:27 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010-01-01 11:17:08 | 000,321,320 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009-12-16 19:55:17 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2009-11-04 16:45:02 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (Ati External Event Utility) SRV - [2009-10-30 15:05:48 | 001,021,256 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2009-10-30 15:01:00 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp) SRV - [2008-12-05 16:11:54 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2008-08-26 14:26:44 | 000,099,720 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files\Toshiba TEMPRO\TempoSVC.exe -- (TempoMonitoringService) SRV - [2008-08-25 09:58:20 | 000,077,824 | ---- | M] (Toshiba) [On_Demand | Running] -- C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv) SRV - [2008-08-19 21:34:32 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv) SRV - [2008-08-18 22:22:02 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV - [2008-07-15 15:16:58 | 000,106,496 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service) SRV - [2008-07-10 16:58:40 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service) SRV - [2008-05-22 21:54:42 | 000,120,168 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service) SRV - [2008-04-16 15:53:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\Jumpstart\jswpsapi.exe -- (jswpsapi) SRV - [2008-01-21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-11-21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv) SRV - [2006-10-05 11:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2006-08-23 15:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\vserial.sys -- (vserial) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\TpChoice.sys -- (TpChoice) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - [2010-11-19 10:37:47 | 000,010,454 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\parldr2k.sys -- (PARLDR2K) DRV - [2010-11-19 10:34:20 | 000,034,048 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\flsvcom.sys -- (FLSVCOM) DRV - [2010-11-19 10:34:20 | 000,016,314 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\flspar.sys -- (FLSPAR) DRV - [2010-11-19 10:34:20 | 000,013,440 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\flsiface.sys -- (FLSIFACE) DRV - [2010-11-19 10:34:20 | 000,008,344 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\flsser.sys -- (FLSSER) DRV - [2010-11-19 10:34:18 | 000,033,404 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\fle5wnnt.sys -- (FLE5WNNT) DRV - [2010-11-19 10:33:03 | 000,049,720 | ---- | M] (Data Encryption Systems Limited) [Kernel | System | Running] -- C:\Windows\System32\drivers\dk2drv.sys -- (dk2drv) DRV - [2010-10-11 18:38:12 | 000,005,120 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Dark Stars Network\Season 5\MuGuard\llck.sys -- (LLRING0) DRV - [2010-02-03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2009-12-28 18:31:35 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2009-12-28 18:31:35 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009-12-06 22:55:17 | 000,311,312 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF) DRV - [2009-11-20 15:26:50 | 000,025,984 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901) DRV - [2009-11-04 17:16:46 | 005,079,040 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009-10-14 20:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\klbg.sys -- (klbg) DRV - [2009-10-14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2009-10-06 11:56:34 | 000,136,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2009-10-06 11:56:32 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc) DRV - [2009-10-02 18:39:36 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009-09-30 15:31:46 | 000,103,440 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2009-09-14 13:46:36 | 000,021,520 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6) DRV - [2009-09-01 14:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1) DRV - [2009-08-24 10:19:10 | 002,754,336 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008-08-19 21:01:44 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32) DRV - [2008-08-07 16:01:44 | 000,097,536 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR) DRV - [2008-08-06 15:26:08 | 000,124,928 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2008-07-28 15:53:48 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008-07-15 19:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR) DRV - [2008-05-23 02:07:16 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb) DRV - [2008-05-13 15:16:06 | 000,064,000 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom) DRV - [2008-05-07 10:30:12 | 000,025,896 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter) DRV - [2008-04-28 16:59:18 | 000,020,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf) DRV - [2008-04-28 08:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO) DRV - [2008-04-23 16:15:26 | 000,131,712 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd) DRV - [2008-03-25 12:54:02 | 000,041,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte) DRV - [2008-03-19 10:38:24 | 000,074,112 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid) DRV - [2008-02-06 23:23:46 | 000,166,448 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2008-01-22 19:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd) DRV - [2008-01-21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008-01-21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008-01-21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008-01-21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008-01-21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008-01-21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008-01-21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008-01-21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008-01-21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008-01-21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2008-01-21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008-01-21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008-01-21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008-01-21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008-01-21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008-01-21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008-01-21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008-01-21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008-01-21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008-01-21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008-01-21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008-01-21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008-01-21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008-01-21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008-01-21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2007-12-14 10:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst) DRV - [2007-11-29 08:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp) DRV - [2007-11-09 13:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ) DRV - [2007-06-29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD) DRV - [2006-11-28 14:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006-10-23 15:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec) DRV - [2005-07-11 17:58:00 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Toshidpt.sys -- (toshidpt) DRV - [2005-01-07 04:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-232952699-1772018591-989298238-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA; IE - HKU\S-1-5-21-232952699-1772018591-989298238-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://shop.thefreevpn.com/home.php IE - HKU\S-1-5-21-232952699-1772018591-989298238-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-232952699-1772018591-989298238-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-232952699-1772018591-989298238-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledItems: autofillForms@blueimp.net:0.9.6.1 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:6.8 FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736 FF - prefs.js..extensions.enabledItems: check4change-owner@mozdev.org:1.7.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.4 FF - prefs.js..extensions.enabledItems: lockerzplayextended@flies:2.5.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-10-31 21:04:30 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-10-29 14:56:55 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2009-12-06 22:49:47 | 000,000,000 | ---D | M] [2009-12-06 18:22:48 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\mozilla\Extensions [2010-11-22 23:09:22 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions [2010-10-22 14:12:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2010-04-27 22:14:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-06-04 17:35:06 | 000,000,000 | ---D | M] (MinimizeToTray Plus) -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\{de1b245c-de57-11da-ba2d-0050c2490048} [2010-04-27 22:14:35 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010-09-19 10:24:03 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\autofillForms@blueimp.net [2010-09-19 10:24:03 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\check4change-owner@mozdev.org [2010-08-29 12:22:05 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies [2010-05-26 20:55:01 | 000,001,313 | ---- | M] () -- C:\Users\euro\AppData\Roaming\Mozilla\FireFox\Profiles\xf2ajzxv.default\searchplugins\zgapapl.xml [2010-11-22 23:09:22 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-05-18 18:36:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-08-29 19:10:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2009-12-06 22:50:46 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2010-07-17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-08-30 12:50:44 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-08-30 12:50:44 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-08-30 12:50:44 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-08-30 12:50:45 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-08-30 12:50:45 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-08-30 12:50:45 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-10-31 20:46:14 | 000,000,164 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com O1 - Hosts: 127.0.0.1 www.alcohol-soft.com O1 - Hosts: 127.0.0.1 images.alcohol-soft.com O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com O1 - Hosts: 127.0.0.1 alcohol-soft.com O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\Programy\Internet Download Manager\IDMIECC.dll (Tonec Inc.) O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - E:\Programy\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.) O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-232952699-1772018591-989298238-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Ad Muncher] e:\Programy\Ad Muncher\AdMunch.exe (Murray Hurps Corp Pty Ltd) O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD) O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [cfFncEnabler.exe] File not found O4 - HKLM..\Run: [HDMICtrlMan] C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.) O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.) O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION) O4 - HKLM..\Run: [KeNotify] C:\Program Files\Toshiba\Utilities\KeNotify.exe () O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [NDSTray.exe] File not found O4 - HKLM..\Run: [Razer Orochi Driver] C:\Program Files\Razer\Orochi\RazerOrochiTray.exe (Razer USA Ltd) O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA) O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-232952699-1772018591-989298238-1000..\Run: [AQQ] E:\Programy\WapSter\WapSter AQQ\AQQ.exe (Creative Team S.A.) O4 - HKU\S-1-5-21-232952699-1772018591-989298238-1000..\Run: [IDMan] E:\Programy\Internet Download Manager\IDMan.exe (Tonec Inc.) O4 - HKU\S-1-5-21-232952699-1772018591-989298238-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKU\S-1-5-21-232952699-1772018591-989298238-1000..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA) O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-232952699-1772018591-989298238-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-232952699-1772018591-989298238-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O7 - HKU\S-1-5-21-232952699-1772018591-989298238-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.) O8 - Extra context menu item: Ściągnij przez IDM - E:\Programy\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - E:\Programy\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - E:\Programy\Internet Download Manager\IEGetVL.htm () O9 - Extra Button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: Kolekcja wycinków HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - E:\Programy\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.) O9 - Extra Button: Zaznaczanie HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - E:\Programy\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.) O9 - Extra Button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - File not found O9 - Extra Button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - File not found O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Programy\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-232952699-1772018591-989298238-1000\..Trusted Domains: aol.com ([objects] * is out of zone range - 5) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL File not found O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab) O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - E:\Programy\Fences\FencesMenu.dll (Stardock) O24 - Desktop WallPaper: C:\Users\euro\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\euro\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010-11-11 20:37:20 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-11-11 20:37:20 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-11-23 21:47:05 | 000,000,000 | ---D | C] -- C:\_OTL [2010-11-23 19:29:06 | 000,000,000 | ---D | C] -- C:\rsit [2010-11-23 19:12:54 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\euro\Desktop\OTL.exe [2010-11-23 14:02:12 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2010-11-22 19:43:44 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Nowy folder [2010-11-19 19:09:12 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\EuroTEST [2010-11-19 16:42:07 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\ISO-8859-2__SpCC [2010-11-19 16:13:59 | 000,000,000 | ---D | C] -- C:\Program Files\ODEON [2010-11-19 16:13:30 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\jaf_1.98.62__pkeyv5_www.przeklej.pl [2010-11-19 14:22:56 | 000,000,000 | ---D | C] -- C:\Users\euro\Documents\Criterion Games [2010-11-19 13:32:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield [2010-11-19 12:16:33 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Roaming\Nokia [2010-11-19 11:38:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia [2010-11-19 10:37:47 | 000,010,454 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\parldr2k.sys [2010-11-19 10:34:20 | 000,079,408 | ---- | C] (DESkey) -- C:\Windows\System32\flsport.cpl [2010-11-19 10:34:20 | 000,051,798 | ---- | C] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLSUSB\FLSUSB.SYS [2010-11-19 10:34:20 | 000,051,798 | ---- | C] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLSUSB.SYS [2010-11-19 10:34:20 | 000,050,175 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLSUSB\FlsFWLdr.sys [2010-11-19 10:34:20 | 000,050,175 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FlsFWLdr.sys [2010-11-19 10:34:20 | 000,034,048 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flsvcom.sys [2010-11-19 10:34:20 | 000,016,314 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flspar.sys [2010-11-19 10:34:20 | 000,013,440 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flsiface.sys [2010-11-19 10:34:20 | 000,008,344 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flsser.sys [2010-11-19 10:34:20 | 000,000,000 | ---D | C] -- C:\ProgramData\DESkey [2010-11-19 10:34:19 | 000,078,997 | ---- | C] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLSUSB\FLS5USB.SYS [2010-11-19 10:34:19 | 000,078,997 | ---- | C] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLS5USB.SYS [2010-11-19 10:34:19 | 000,072,479 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLSUSB\FLS5FWLD.SYS [2010-11-19 10:34:19 | 000,072,479 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLS5FWLD.SYS [2010-11-19 10:34:19 | 000,003,984 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\flscoins.dll [2010-11-19 10:34:19 | 000,003,984 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLSUSB\flscoins.dll [2010-11-19 10:34:18 | 000,417,792 | ---- | C] (NMP) -- C:\Windows\System32\fls1wn32.dll [2010-11-19 10:34:18 | 000,080,160 | ---- | C] (NMP) -- C:\Windows\System32\fls1wn16.dll [2010-11-19 10:34:18 | 000,061,440 | ---- | C] (Data Encryption Systems Ltd) -- C:\Windows\System32\fle5wn32.dll [2010-11-19 10:34:18 | 000,053,248 | ---- | C] (Data Encryption Systems Ltd) -- C:\Windows\System32\FLS5FL32.DLL [2010-11-19 10:34:18 | 000,033,404 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\fle5wnnt.sys [2010-11-19 10:34:17 | 000,022,064 | ---- | C] (NMP) -- C:\Windows\System32\fle5wn16.dll [2010-11-19 10:34:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\FLSUSB [2010-11-19 10:33:05 | 000,092,984 | ---- | C] (Data Encryption Systems Ltd) -- C:\Windows\System32\DNClnt32.dll [2010-11-19 10:33:05 | 000,089,400 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\DNCP32.DLL [2010-11-19 10:33:05 | 000,064,312 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\vercp32.dll [2010-11-19 10:33:04 | 000,032,208 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\dk2win16.dll [2010-11-19 10:33:04 | 000,030,520 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\DK2UInst.exe [2010-11-19 10:33:04 | 000,024,488 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\dk2vdd.dll [2010-11-19 10:33:04 | 000,011,576 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\DKCLINST.DLL [2010-11-19 10:33:03 | 000,076,600 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\dk2cp32.dll [2010-11-19 10:33:03 | 000,060,216 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\DESkey32.cpl [2010-11-19 10:33:03 | 000,049,720 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\dk2drv.sys [2010-11-19 10:33:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESkey [2010-11-19 10:30:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia [2010-11-19 10:27:18 | 000,090,624 | ---- | C] (Nokia) -- C:\Windows\System32\nmwcdcls.dll [2010-11-19 10:27:16 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia [2010-11-14 16:57:34 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\path [2010-11-11 20:37:20 | 000,000,000 | RHSD | C] -- C:\autorun.inf [2010-11-11 18:09:19 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Roaming\Server121 [2010-11-11 18:08:10 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\ServerHey0121 [2010-11-11 17:55:16 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Minecraft_mod 125 [2010-11-11 17:51:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\world [2010-11-11 17:44:53 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Roaming\bckup [2010-11-11 13:31:54 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Minecraft Alpha Server by AmanRuleZ[K0xRLZ] [2010-11-11 13:30:03 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Local\LogMeIn Hamachi [2010-11-11 13:29:20 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi [2010-11-11 11:12:09 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Roaming\.minecraft [2010-11-02 16:53:22 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Eldo - 27 (2007) [2010-10-29 15:29:41 | 000,000,000 | ---D | C] -- C:\Program Files\Razer [2010-10-23 18:57:21 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Roaming\BlackBean [2010-10-22 16:05:08 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Abradab-Ostatni_Poziom_Kontroli-PL-2008 [2010-10-19 17:41:26 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\AbradAb - Abradabing [2010]-P24 [2010-10-15 14:45:41 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll [2010-10-14 12:10:24 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2010-10-14 12:10:15 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll [2010-10-14 12:10:06 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll [2010-10-14 12:10:05 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll [2010-10-14 12:10:05 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll [2010-10-14 12:10:04 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010-10-14 12:10:02 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll [2010-10-14 12:09:57 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010-10-14 12:09:56 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2010-10-14 12:09:55 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010-10-14 12:09:55 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010-10-14 12:09:55 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010-10-14 12:09:55 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010-10-14 12:09:55 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2010-10-14 12:09:55 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010-10-14 12:09:55 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll [2010-10-14 12:09:55 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010-10-13 20:02:23 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Bass_Time_Continuum_-_Bass_Junkie [2010-10-10 13:13:12 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\VA _- C A_V 37 2010__ [2010-10-10 12:58:09 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\the_classic_proyect2_by_angel [2010-10-10 09:41:03 | 000,000,000 | ---D | C] -- C:\Program Files\Dark Stars Network [2010-10-02 16:12:13 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Opracowania_Lektur [2010-09-29 16:27:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [34 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-11-23 22:16:48 | 000,688,488 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2010-11-23 22:16:48 | 000,596,566 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010-11-23 22:16:48 | 000,136,144 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2010-11-23 22:16:48 | 000,110,254 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010-11-23 22:10:19 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010-11-23 22:09:58 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010-11-23 22:09:58 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010-11-23 22:09:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010-11-23 22:09:47 | 3186,016,256 | -HS- | M] () -- C:\hiberfil.sys [2010-11-23 21:50:00 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010-11-23 19:24:24 | 000,339,991 | ---- | M] () -- C:\Users\euro\Desktop\rsit_www.przeklej.pl.exe [2010-11-23 19:13:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\euro\Desktop\OTL.exe [2010-11-23 14:02:12 | 000,001,885 | ---- | M] () -- C:\Users\euro\Desktop\HijackThis.lnk [2010-11-22 22:04:42 | 000,144,384 | ---- | M] () -- C:\Users\euro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-11-22 17:45:28 | 003,128,874 | ---- | M] () -- C:\Users\euro\Desktop\Opposite Of Adults - Chiddy Bang.mp3 [2010-11-21 13:39:25 | 008,300,756 | ---- | M] () -- C:\Users\euro\Desktop\Benny Benassi feat. Gary Go - Cinema.mp3 [2010-11-20 00:16:51 | 000,968,402 | ---- | M] () -- C:\Users\euro\Desktop\blife002.jpg [2010-11-19 16:18:40 | 000,001,786 | ---- | M] () -- C:\Users\euro\Desktop\Launch JAF COM Emulator.lnk [2010-11-19 16:18:40 | 000,001,745 | ---- | M] () -- C:\Users\euro\Desktop\Launch JAF Logger.lnk [2010-11-19 16:18:40 | 000,001,699 | ---- | M] () -- C:\Users\euro\Desktop\Launch JAF.lnk [2010-11-19 14:22:41 | 000,000,841 | ---- | M] () -- C:\Users\euro\Desktop\NFS11 — skrót.lnk [2010-11-19 12:40:12 | 000,002,182 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TSS Instrument API Tray Utility.lnk [2010-11-19 12:40:12 | 000,001,905 | ---- | M] () -- C:\Users\Public\Desktop\Phoenix.lnk [2010-11-19 11:08:36 | 364,270,098 | ---- | M] () -- C:\Users\euro\Documents\BackupRegistry(20101119).reg [2010-11-19 11:03:22 | 000,004,263 | ---- | M] () -- C:\Windows\System32\FLSINSTU.INI [2010-11-19 10:41:00 | 000,000,256 | ---- | M] () -- C:\dk2.mem [2010-11-19 10:37:47 | 000,010,454 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\parldr2k.sys [2010-11-19 10:37:41 | 000,000,048 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\FLSUSB.INI [2010-11-19 10:34:20 | 000,091,696 | ---- | M] () -- C:\Windows\System32\FLSDEVCP.EXE [2010-11-19 10:34:20 | 000,079,408 | ---- | M] (DESkey) -- C:\Windows\System32\flsport.cpl [2010-11-19 10:34:20 | 000,051,798 | ---- | M] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLSUSB\FLSUSB.SYS [2010-11-19 10:34:20 | 000,051,798 | ---- | M] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLSUSB.SYS [2010-11-19 10:34:20 | 000,050,736 | ---- | M] () -- C:\Windows\System32\flsuinst.exe [2010-11-19 10:34:20 | 000,050,175 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLSUSB\FlsFWLdr.sys [2010-11-19 10:34:20 | 000,050,175 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FlsFWLdr.sys [2010-11-19 10:34:20 | 000,034,048 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flsvcom.sys [2010-11-19 10:34:20 | 000,023,120 | ---- | M] () -- C:\Windows\System32\drivers\FPGA8501.rd4 [2010-11-19 10:34:20 | 000,016,314 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flspar.sys [2010-11-19 10:34:20 | 000,013,440 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flsiface.sys [2010-11-19 10:34:20 | 000,010,449 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\flsvser.cat [2010-11-19 10:34:20 | 000,008,344 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\flsser.sys [2010-11-19 10:34:20 | 000,004,263 | ---- | M] () -- C:\Windows\System32\flsinst.ini [2010-11-19 10:34:19 | 000,078,997 | ---- | M] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLSUSB\FLS5USB.SYS [2010-11-19 10:34:19 | 000,078,997 | ---- | M] (Data Encryption Systems) -- C:\Windows\System32\drivers\FLS5USB.SYS [2010-11-19 10:34:19 | 000,072,479 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLSUSB\FLS5FWLD.SYS [2010-11-19 10:34:19 | 000,072,479 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLS5FWLD.SYS [2010-11-19 10:34:19 | 000,039,423 | ---- | M] () -- C:\Windows\System32\drivers\FLS8500.LDR [2010-11-19 10:34:19 | 000,020,388 | ---- | M] () -- C:\Windows\System32\drivers\fls8200.ldr [2010-11-19 10:34:19 | 000,020,320 | ---- | M] () -- C:\Windows\System32\drivers\fls8000.ldr [2010-11-19 10:34:19 | 000,019,277 | ---- | M] () -- C:\Windows\System32\drivers\fls8100.ldr [2010-11-19 10:34:19 | 000,019,157 | ---- | M] () -- C:\Windows\System32\drivers\fls8400.ldr [2010-11-19 10:34:19 | 000,011,720 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\fls5usb.cat [2010-11-19 10:34:19 | 000,003,984 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\flscoins.dll [2010-11-19 10:34:19 | 000,003,984 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\FLSUSB\flscoins.dll [2010-11-19 10:34:19 | 000,003,024 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\FLS5VSER.INF [2010-11-19 10:34:18 | 000,417,792 | ---- | M] (NMP) -- C:\Windows\System32\fls1wn32.dll [2010-11-19 10:34:18 | 000,080,160 | ---- | M] (NMP) -- C:\Windows\System32\fls1wn16.dll [2010-11-19 10:34:18 | 000,061,440 | ---- | M] (Data Encryption Systems Ltd) -- C:\Windows\System32\fle5wn32.dll [2010-11-19 10:34:18 | 000,053,248 | ---- | M] (Data Encryption Systems Ltd) -- C:\Windows\System32\FLS5FL32.DLL [2010-11-19 10:34:18 | 000,033,404 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\fle5wnnt.sys [2010-11-19 10:34:18 | 000,004,186 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\FLS5.INF [2010-11-19 10:34:17 | 000,022,064 | ---- | M] (NMP) -- C:\Windows\System32\fle5wn16.dll [2010-11-19 10:34:17 | 000,009,384 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\DKU8.cat [2010-11-19 10:34:17 | 000,003,887 | ---- | M] () -- C:\Windows\System32\drivers\FLSUSB\DKU8.inf [2010-11-19 10:34:16 | 001,859,584 | ---- | M] () -- C:\Windows\System32\FLSINST.DLL [2010-11-19 10:33:05 | 000,092,984 | ---- | M] (Data Encryption Systems Ltd) -- C:\Windows\System32\DNClnt32.dll [2010-11-19 10:33:05 | 000,092,984 | ---- | M] () -- C:\Windows\System32\dkcpanel.exe [2010-11-19 10:33:05 | 000,089,400 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\DNCP32.DLL [2010-11-19 10:33:05 | 000,064,312 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\vercp32.dll [2010-11-19 10:33:04 | 000,032,208 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\dk2win16.dll [2010-11-19 10:33:04 | 000,030,520 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\DK2UInst.exe [2010-11-19 10:33:04 | 000,024,488 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\dk2vdd.dll [2010-11-19 10:33:04 | 000,011,576 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\DKCLINST.DLL [2010-11-19 10:33:03 | 000,076,600 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\dk2cp32.dll [2010-11-19 10:33:03 | 000,060,216 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\DESkey32.cpl [2010-11-19 10:33:03 | 000,049,720 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\System32\drivers\dk2drv.sys [2010-11-19 10:32:59 | 002,325,304 | ---- | M] () -- C:\Windows\System32\DK2INST.DLL [2010-11-14 13:42:25 | 018,434,172 | ---- | M] () -- C:\Users\euro\Desktop\path.rar [2010-11-14 13:34:34 | 000,616,578 | ---- | M] () -- C:\Users\euro\Desktop\Zdjęcie0133.jpg [2010-11-14 12:21:43 | 000,579,381 | ---- | M] () -- C:\Users\euro\Desktop\Zdjęcie0135.jpg [2010-11-13 18:01:57 | 000,001,060 | ---- | M] () -- C:\Users\euro\Desktop\minecraft_server — skrót.lnk [2010-11-11 18:00:53 | 000,000,843 | ---- | M] () -- C:\Users\euro\Desktop\Loader — skrót.lnk [2010-11-11 17:51:47 | 000,000,179 | ---- | M] () -- C:\Windows\System32\server.properties [2010-11-11 13:29:21 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk [2010-11-09 19:58:39 | 000,000,011 | R--- | M] () -- C:\Windows\amunres.lsl [2010-11-02 18:58:04 | 000,001,826 | ---- | M] () -- C:\Users\euro\AppData\Roaming\EliseProfile0.dat [2010-10-31 21:37:47 | 000,000,110 | ---- | M] () -- C:\Users\euro\Documents\ax_files.xml [2010-10-26 20:41:33 | 000,149,104 | ---- | M] () -- C:\Users\euro\Desktop\Bez tytułu.jpg [2010-10-24 09:45:26 | 004,684,800 | ---- | M] () -- C:\Users\euro\Desktop\dj_scott_e__live_it_up.mp3 [2010-10-23 18:56:06 | 000,000,742 | ---- | M] () -- C:\Users\Public\Desktop\Play WRC FIA World Rally Championship.lnk [2010-10-22 18:01:55 | 006,863,449 | ---- | M] () -- C:\Users\euro\Desktop\Travis Mccoy Feat Bruno Mars - Billionaire.mp3 [2010-10-19 10:41:44 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2010-10-17 15:10:18 | 004,719,176 | ---- | M] () -- C:\Users\euro\Desktop\4 Non Blondes - What_s Up.mp3 [2010-10-16 09:07:28 | 001,705,272 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010-10-13 20:10:11 | 003,242,109 | ---- | M] () -- C:\Users\euro\Desktop\Vengaboys - Boom Boom Boom.mp3 [2010-10-10 09:48:36 | 000,000,982 | ---- | M] () -- C:\Users\euro\Desktop\Play on DsNet Season 5 Episode 4.lnk [2010-10-10 09:46:05 | 000,002,553 | ---- | M] () -- C:\Users\Public\Desktop\Update DsNetS5.lnk [2010-09-28 20:37:09 | 004,820,741 | ---- | M] () -- C:\Users\euro\Desktop\Nirvana - Smells Like Teen Spirit.mp3 [34 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-11-23 19:24:22 | 000,339,991 | ---- | C] () -- C:\Users\euro\Desktop\rsit_www.przeklej.pl.exe [2010-11-23 14:02:12 | 000,001,885 | ---- | C] () -- C:\Users\euro\Desktop\HijackThis.lnk [2010-11-23 13:37:01 | 3186,016,256 | -HS- | C] () -- C:\hiberfil.sys [2010-11-22 17:45:06 | 003,128,874 | ---- | C] () -- C:\Users\euro\Desktop\Opposite Of Adults - Chiddy Bang.mp3 [2010-11-21 13:39:11 | 008,300,756 | ---- | C] () -- C:\Users\euro\Desktop\Benny Benassi feat. Gary Go - Cinema.mp3 [2010-11-20 00:16:50 | 000,968,402 | ---- | C] () -- C:\Users\euro\Desktop\blife002.jpg [2010-11-19 16:18:40 | 000,001,786 | ---- | C] () -- C:\Users\euro\Desktop\Launch JAF COM Emulator.lnk [2010-11-19 16:18:40 | 000,001,745 | ---- | C] () -- C:\Users\euro\Desktop\Launch JAF Logger.lnk [2010-11-19 16:18:40 | 000,001,699 | ---- | C] () -- C:\Users\euro\Desktop\Launch JAF.lnk [2010-11-19 14:22:41 | 000,000,841 | ---- | C] () -- C:\Users\euro\Desktop\NFS11 — skrót.lnk [2010-11-19 12:40:12 | 000,002,182 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TSS Instrument API Tray Utility.lnk [2010-11-19 12:40:12 | 000,001,905 | ---- | C] () -- C:\Users\Public\Desktop\Phoenix.lnk [2010-11-19 11:08:00 | 364,270,098 | ---- | C] () -- C:\Users\euro\Documents\BackupRegistry(20101119).reg [2010-11-19 11:03:22 | 000,004,263 | ---- | C] () -- C:\Windows\System32\FLSINSTU.INI [2010-11-19 10:41:00 | 000,000,256 | ---- | C] () -- C:\dk2.mem [2010-11-19 10:35:41 | 000,000,048 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\FLSUSB.INI [2010-11-19 10:34:20 | 000,091,696 | ---- | C] () -- C:\Windows\System32\FLSDEVCP.EXE [2010-11-19 10:34:20 | 000,050,736 | ---- | C] () -- C:\Windows\System32\flsuinst.exe [2010-11-19 10:34:20 | 000,023,120 | ---- | C] () -- C:\Windows\System32\drivers\FPGA8501.rd4 [2010-11-19 10:34:20 | 000,010,449 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\flsvser.cat [2010-11-19 10:34:20 | 000,004,263 | ---- | C] () -- C:\Windows\System32\flsinst.ini [2010-11-19 10:34:19 | 000,039,423 | ---- | C] () -- C:\Windows\System32\drivers\FLS8500.LDR [2010-11-19 10:34:19 | 000,020,388 | ---- | C] () -- C:\Windows\System32\drivers\fls8200.ldr [2010-11-19 10:34:19 | 000,020,320 | ---- | C] () -- C:\Windows\System32\drivers\fls8000.ldr [2010-11-19 10:34:19 | 000,019,277 | ---- | C] () -- C:\Windows\System32\drivers\fls8100.ldr [2010-11-19 10:34:19 | 000,019,157 | ---- | C] () -- C:\Windows\System32\drivers\fls8400.ldr [2010-11-19 10:34:19 | 000,011,720 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\fls5usb.cat [2010-11-19 10:34:19 | 000,003,024 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\FLS5VSER.INF [2010-11-19 10:34:18 | 000,004,186 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\FLS5.INF [2010-11-19 10:34:17 | 000,009,384 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\DKU8.cat [2010-11-19 10:34:17 | 000,003,887 | ---- | C] () -- C:\Windows\System32\drivers\FLSUSB\DKU8.inf [2010-11-19 10:34:16 | 001,859,584 | ---- | C] () -- C:\Windows\System32\FLSINST.DLL [2010-11-19 10:33:05 | 000,092,984 | ---- | C] () -- C:\Windows\System32\dkcpanel.exe [2010-11-19 10:32:59 | 002,325,304 | ---- | C] () -- C:\Windows\System32\DK2INST.DLL [2010-11-14 13:33:34 | 018,434,172 | ---- | C] () -- C:\Users\euro\Desktop\path.rar [2010-11-14 12:22:01 | 000,616,578 | ---- | C] () -- C:\Users\euro\Desktop\Zdjęcie0133.jpg [2010-11-14 12:21:28 | 000,579,381 | ---- | C] () -- C:\Users\euro\Desktop\Zdjęcie0135.jpg [2010-11-13 18:01:57 | 000,001,060 | ---- | C] () -- C:\Users\euro\Desktop\minecraft_server — skrót.lnk [2010-11-11 18:00:53 | 000,000,843 | ---- | C] () -- C:\Users\euro\Desktop\Loader — skrót.lnk [2010-11-11 17:51:47 | 000,000,179 | ---- | C] () -- C:\Windows\System32\server.properties [2010-11-11 13:29:21 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk [2010-11-09 19:58:39 | 000,000,011 | R--- | C] () -- C:\Windows\amunres.lsl [2010-10-29 15:39:31 | 000,001,826 | ---- | C] () -- C:\Users\euro\AppData\Roaming\EliseProfile0.dat [2010-10-26 20:41:32 | 000,149,104 | ---- | C] () -- C:\Users\euro\Desktop\Bez tytułu.jpg [2010-10-24 09:45:18 | 004,684,800 | ---- | C] () -- C:\Users\euro\Desktop\dj_scott_e__live_it_up.mp3 [2010-10-23 18:56:06 | 000,000,742 | ---- | C] () -- C:\Users\Public\Desktop\Play WRC FIA World Rally Championship.lnk [2010-10-22 18:01:42 | 006,863,449 | ---- | C] () -- C:\Users\euro\Desktop\Travis Mccoy Feat Bruno Mars - Billionaire.mp3 [2010-10-17 15:09:46 | 004,719,176 | ---- | C] () -- C:\Users\euro\Desktop\4 Non Blondes - What_s Up.mp3 [2010-10-13 20:09:44 | 003,242,109 | ---- | C] () -- C:\Users\euro\Desktop\Vengaboys - Boom Boom Boom.mp3 [2010-10-10 09:48:36 | 000,000,982 | ---- | C] () -- C:\Users\euro\Desktop\Play on DsNet Season 5 Episode 4.lnk [2010-10-10 09:45:54 | 000,002,553 | ---- | C] () -- C:\Users\Public\Desktop\Update DsNetS5.lnk [2010-09-28 20:36:08 | 004,820,741 | ---- | C] () -- C:\Users\euro\Desktop\Nirvana - Smells Like Teen Spirit.mp3 [2010-09-26 12:33:18 | 002,482,258 | ---- | C] () -- C:\Users\euro\Desktop\Luna Halo - I'm Alright.mp3 [2010-03-12 21:49:36 | 000,000,002 | ---- | C] () -- C:\Windows\msoffice.ini [2010-03-10 18:07:11 | 000,019,968 | ---- | C] () -- C:\Windows\System32\cpuinf32.dll [2010-01-27 17:27:44 | 000,000,097 | ---- | C] () -- C:\Windows\WirelessFTP.INI [2010-01-15 01:08:40 | 000,000,000 | ---- | C] () -- C:\Windows\tosOBEX.INI [2009-12-28 17:56:26 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2009-12-28 17:56:25 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2009-12-28 12:21:44 | 000,000,680 | ---- | C] () -- C:\Users\euro\AppData\Local\d3d9caps.dat [2009-12-16 18:53:55 | 000,000,785 | ---- | C] () -- C:\ProgramData\hpzinstall.log [2009-12-08 12:10:40 | 000,144,384 | ---- | C] () -- C:\Users\euro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-12-06 19:23:04 | 000,161,612 | RHS- | C] () -- C:\Windows\System32\wrfhx.dll [2009-11-06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2009-09-23 23:46:04 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2009-05-30 01:37:40 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009-05-30 01:31:52 | 000,761,856 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2009-02-28 10:09:28 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini [2009-02-28 10:09:28 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll [2009-02-28 10:09:28 | 000,010,132 | ---- | C] () -- C:\Windows\System32\tosmreg.ini [2009-02-28 10:09:28 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini [2008-10-02 08:48:06 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll [2008-10-02 08:48:06 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll [2008-10-02 08:48:06 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll [2008-10-02 08:48:06 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll [2008-10-02 08:48:06 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll [2008-10-02 08:48:06 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll [2008-10-02 08:39:00 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI [2008-10-02 08:30:09 | 000,040,960 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll [2008-04-24 08:08:30 | 000,028,672 | ---- | C] () -- C:\Windows\System32\SPCtl.dll [2007-12-21 15:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll [2007-09-04 11:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll [2007-07-19 11:50:12 | 000,104,520 | ---- | C] () -- C:\Windows\System32\OSD.dll [2007-02-05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2006-11-02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2005-07-22 20:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll [2001-08-29 14:11:40 | 000,398,848 | R--- | C] () -- C:\Windows\System32\dk2win32.dll [color=#E56717]========== LOP Check ==========[/color] [2010-11-11 13:37:51 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\.minecraft [2010-11-11 17:44:59 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\bckup [2010-02-02 13:03:04 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Bioshock [2010-06-23 13:09:39 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Bioshock2 [2010-10-23 18:57:21 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\BlackBean [2010-05-08 12:19:20 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Braid [2009-12-28 17:33:10 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\DAEMON Tools Lite [2009-12-06 23:38:30 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\DAEMON Tools Pro [2010-11-23 22:10:34 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\DMCache [2010-06-11 19:08:17 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\FileZilla [2009-12-07 19:45:35 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\GrabPro [2010-02-17 17:22:49 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\gtk-2.0 [2010-11-05 18:00:40 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\IDM [2010-09-17 19:42:20 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Need for Speed World [2010-11-19 12:16:33 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Nokia [2009-12-16 23:26:15 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Orbit [2010-02-09 13:57:55 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\runic games [2010-11-11 18:11:59 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Server121 [2010-05-02 18:45:38 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Stardock [2010-10-09 18:12:07 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Toshiba [2010-05-22 19:05:47 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\TS3Client [2009-12-16 19:54:57 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\TuneUp Software [2010-04-06 10:55:22 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Ubisoft [2010-01-13 17:52:21 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\VistaCodecs [2010-11-23 22:08:53 | 000,032,500 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report > [/log] RSIT [log]Logfile of random's system information tool 1.08 (written by random/random) Run by euro at 2010-11-23 23:03:36 Microsoft® Windows Vista™ Home Premium Service Pack 1 System drive C: has 3 GB (2%) free of 153 GB Total RAM: 3037 MB (63% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:03:38, on 2010-11-23 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18527) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe C:\Windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe C:\Program Files\Toshiba\Utilities\KeNotify.exe C:\Program Files\Toshiba\ConfigFree\NDSTray.exe C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe C:\Program Files\Toshiba\Power Saver\TPwrMain.exe C:\Program Files\Toshiba\SmoothView\SmoothView.exe C:\Program Files\Toshiba\FlashCards\TCrdMain.exe C:\Program Files\Apoint2K\Apoint.exe E:\Programy\Ad Muncher\AdMunch.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Razer\Orochi\RazerOrochiTray.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe E:\Programy\Internet Download Manager\IDMan.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Common Files\Nokia\Tss\Instrument API\bin\tray.exe C:\Program Files\Common Files\Nokia\Tss\Instrument API\bin\root.exe C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Apoint2K\Apntex.exe C:\Windows\system32\conime.exe E:\Programy\Internet Download Manager\IEMonitor.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe C:\Users\euro\Desktop\rsit_www.przeklej.pl.exe C:\Program Files\trend micro\euro.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://shop.thefreevpn.com/home.php R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\Programy\Internet Download Manager\IDMIECC.dll O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - E:\Programy\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKLM\..\Run: [Ad Muncher] "e:\Programy\Ad Muncher\AdMunch.exe" /bt O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe O4 - HKLM\..\Run: [Razer Orochi Driver] C:\Program Files\Razer\Orochi\RazerOrochiTray.exe O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe O4 - HKCU\..\Run: [AQQ] E:\Programy\WapSter\WAPSTE~1\AQQ.exe O4 - HKCU\..\Run: [IDMan] E:\Programy\Internet Download Manager\IDMan.exe /onboot O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA SIECIOWA') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user') O4 - Global Startup: TSS Instrument API Tray Utility.lnk = C:\Program Files\Common Files\Nokia\Tss\Instrument API\bin\tray.exe O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html O8 - Extra context menu item: Ściągnij przez IDM - E:\Programy\Internet Download Manager\IEExt.htm O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - E:\Programy\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - E:\Programy\Internet Download Manager\IEGetVL.htm O9 - Extra button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Kolekcja wycinków HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - E:\Programy\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Zaznaczanie HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - E:\Programy\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/4908-44618-9400-3/4 (file missing) O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Programy\Microsoft Office\Office12\REFIEBAR.DLL O9 - Extra button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{911E61D9-C034-4CEF-8F9D-DDA1C4F7618E}: NameServer = 208.67.222.222 O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - E:\Programy\Fences\FencesMenu.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Ati External Event Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Jumpstart\jswpsapi.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 11619 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}] IDMIEHlprObj Class - E:\Programy\Internet Download Manager\IDMIECC.dll [2009-11-11 173488] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}] HP Print Clips - E:\Programy\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-10-20 68112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-26 297648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2010-10-26 843832] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-26 297648] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-08-24 7719456] "ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2007-09-28 75136] "HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2007-04-16 421888] "SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2007-09-19 438272] "KeNotify"=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352] "NDSTray.exe"=NDSTray.exe [] "cfFncEnabler.exe"=cfFncEnabler.exe [] "HDMICtrlMan"=C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [2008-05-20 716800] "TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-08-18 431456] "HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-10-31 54608] "SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-06-24 509816] "00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-07-15 726904] "Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2007-12-15 184320] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-04 98304] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2010-09-05 340520] "Ad Muncher"=e:\Programy\Ad Muncher\AdMunch.exe [2009-12-07 862208] "amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824] "Razer Orochi Driver"=C:\Program Files\Razer\Orochi\RazerOrochiTray.exe [2009-10-22 2548056] "LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2010-03-30 1820040] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920] "TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [2008-07-04 430080] "AQQ"=E:\Programy\WapSter\WAPSTE~1\AQQ.exe [2010-11-19 7965696] "IDMan"=E:\Programy\Internet Download Manager\IDMan.exe [2009-11-11 3171760] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-02 68856] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2008-08-14 417792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] E:\Programy\DAEMON Tools Lite\DTLite.exe -autorun [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe [2008-05-28 20480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] E:\Programy\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan] e:\Programy\Internet Download Manager\IDMan.exe [2009-11-11 3171760] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\jswtrayutil] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyKeys] C:\Program Files\mfk\MFK.EXE [1999-04-18 541184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-02 68856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe [2008-08-26 103824] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] E:\Programy\HP\DIGITA~1\bin\hpqtra08.exe [2007-03-11 210520] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup TSS Instrument API Tray Utility.lnk - C:\Program Files\Common Files\Nokia\Tss\Instrument API\bin\tray.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\Windows\system32\klogon.dll [2009-10-20 219664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler] FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - E:\Programy\Fences\FencesMenu.dll [2009-10-02 128360] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLUA"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=0xFFFFFFFF "NoDriveTypeAutoRun"=36 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======List of files/folders created in the last 1 months====== 2010-11-23 21:47:05 ----D---- C:\_OTL 2010-11-23 19:29:06 ----D---- C:\rsit 2010-11-23 14:02:12 ----D---- C:\Program Files\Trend Micro 2010-11-23 13:37:21 ----A---- C:\Windows\system32\0A591.tmp 2010-11-23 13:37:01 ----ASH---- C:\hiberfil.sys 2010-11-23 10:15:51 ----A---- C:\Windows\system32\0A7C3.tmp 2010-11-22 17:25:50 ----A---- C:\Windows\system32\0A3FB.tmp 2010-11-21 17:02:06 ----A---- C:\Windows\system32\0A66B.tmp 2010-11-21 11:24:52 ----A---- C:\Windows\system32\0AAEE.tmp 2010-11-20 14:24:46 ----A---- C:\Windows\system32\0A85F.tmp 2010-11-20 10:33:59 ----A---- C:\Windows\system32\0AAAF.tmp 2010-11-19 17:48:13 ----A---- C:\Windows\system32\0FE99.tmp 2010-11-19 16:13:59 ----D---- C:\Program Files\ODEON 2010-11-19 13:32:20 ----D---- C:\ProgramData\Solidshield 2010-11-19 12:16:33 ----D---- C:\Users\euro\AppData\Roaming\Nokia 2010-11-19 11:38:45 ----D---- C:\ProgramData\Nokia 2010-11-19 11:03:22 ----A---- C:\Windows\system32\FLSINSTU.INI 2010-11-19 10:37:47 ----A---- C:\Windows\system32\drivers\parldr2k.sys 2010-11-19 10:34:20 ----D---- C:\ProgramData\DESkey 2010-11-19 10:34:20 ----A---- C:\Windows\system32\flsuinst.exe 2010-11-19 10:34:20 ----A---- C:\Windows\system32\flsinst.ini 2010-11-19 10:34:20 ----A---- C:\Windows\system32\FLSDEVCP.EXE 2010-11-19 10:34:20 ----A---- C:\Windows\system32\drivers\flsvcom.sys 2010-11-19 10:34:20 ----A---- C:\Windows\system32\drivers\FLSUSB.SYS 2010-11-19 10:34:20 ----A---- C:\Windows\system32\drivers\flsser.sys 2010-11-19 10:34:20 ----A---- C:\Windows\system32\drivers\flspar.sys 2010-11-19 10:34:20 ----A---- C:\Windows\system32\drivers\flsiface.sys 2010-11-19 10:34:20 ----A---- C:\Windows\system32\drivers\FlsFWLdr.sys 2010-11-19 10:34:19 ----A---- C:\Windows\system32\flscoins.dll 2010-11-19 10:34:19 ----A---- C:\Windows\system32\drivers\FLS5USB.SYS 2010-11-19 10:34:19 ----A---- C:\Windows\system32\drivers\FLS5FWLD.SYS 2010-11-19 10:34:18 ----A---- C:\Windows\system32\FLS5FL32.DLL 2010-11-19 10:34:18 ----A---- C:\Windows\system32\fls1wn32.dll 2010-11-19 10:34:18 ----A---- C:\Windows\system32\fls1wn16.dll 2010-11-19 10:34:18 ----A---- C:\Windows\system32\fle5wn32.dll 2010-11-19 10:34:18 ----A---- C:\Windows\system32\drivers\fle5wnnt.sys 2010-11-19 10:34:17 ----D---- C:\Windows\system32\drivers\FLSUSB 2010-11-19 10:34:17 ----A---- C:\Windows\system32\fle5wn16.dll 2010-11-19 10:34:16 ----A---- C:\Windows\system32\FLSINST.DLL 2010-11-19 10:33:05 ----A---- C:\Windows\system32\vercp32.dll 2010-11-19 10:33:05 ----A---- C:\Windows\system32\DNCP32.DLL 2010-11-19 10:33:05 ----A---- C:\Windows\system32\DNClnt32.dll 2010-11-19 10:33:05 ----A---- C:\Windows\system32\dkcpanel.exe 2010-11-19 10:33:04 ----A---- C:\Windows\system32\DKCLINST.DLL 2010-11-19 10:33:04 ----A---- C:\Windows\system32\dk2win16.dll 2010-11-19 10:33:04 ----A---- C:\Windows\system32\dk2vdd.dll 2010-11-19 10:33:04 ----A---- C:\Windows\system32\DK2UInst.exe 2010-11-19 10:33:03 ----D---- C:\Program Files\Common Files\DESkey 2010-11-19 10:33:03 ----A---- C:\Windows\system32\drivers\dk2drv.sys 2010-11-19 10:33:03 ----A---- C:\Windows\system32\dk2cp32.dll 2010-11-19 10:32:59 ----A---- C:\Windows\system32\DK2INST.DLL 2010-11-19 10:30:21 ----D---- C:\Program Files\Common Files\Nokia 2010-11-19 10:27:18 ----A---- C:\Windows\system32\nmwcdcls.dll 2010-11-19 10:27:16 ----D---- C:\Program Files\Nokia 2010-11-19 09:55:45 ----A---- C:\Windows\system32\0A9A6.tmp 2010-11-18 15:15:09 ----A---- C:\Windows\system32\0A275.tmp 2010-11-17 19:19:56 ----A---- C:\Windows\system32\0A41B.tmp 2010-11-17 16:41:46 ----A---- C:\Windows\system32\0A497.tmp 2010-11-16 16:13:19 ----A---- C:\Windows\system32\0A736.tmp 2010-11-16 08:32:28 ----A---- C:\Windows\system32\0AE09.tmp 2010-11-15 16:55:33 ----A---- C:\Windows\system32\0A9B6.tmp 2010-11-14 12:18:28 ----A---- C:\Windows\system32\0BB81.tmp 2010-11-13 14:31:09 ----A---- C:\Windows\system32\0A958.tmp 2010-11-12 12:19:23 ----A---- C:\Windows\system32\0A64C.tmp 2010-11-12 08:49:02 ----A---- C:\Windows\system32\0AFDD.tmp 2010-11-11 20:37:20 ----RASHD---- C:\autorun.inf 2010-11-11 18:09:19 ----D---- C:\Users\euro\AppData\Roaming\Server121 2010-11-11 17:51:47 ----D---- C:\Windows\system32\world 2010-11-11 17:51:47 ----A---- C:\Windows\system32\ops.txt 2010-11-11 17:51:47 ----A---- C:\Windows\system32\banned-players.txt 2010-11-11 17:51:47 ----A---- C:\Windows\system32\banned-ips.txt 2010-11-11 17:44:53 ----D---- C:\Users\euro\AppData\Roaming\bckup 2010-11-11 13:29:20 ----D---- C:\Program Files\LogMeIn Hamachi 2010-11-11 11:12:09 ----D---- C:\Users\euro\AppData\Roaming\.minecraft 2010-11-11 10:12:21 ----A---- C:\Windows\system32\08851.tmp 2010-11-10 17:22:35 ----A---- C:\Windows\system32\08313.tmp 2010-11-09 17:03:16 ----A---- C:\Windows\system32\084BA.tmp 2010-11-09 08:23:40 ----A---- C:\Windows\system32\0F343.tmp 2010-10-29 15:29:41 ----D---- C:\Program Files\Razer ======List of files/folders modified in the last 1 months====== 2010-11-23 23:03:38 ----D---- C:\Windows\Temp 2010-11-23 22:55:11 ----D---- C:\Windows\inf 2010-11-23 22:55:11 ----AD---- C:\Windows\System32 2010-11-23 22:55:11 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-11-23 22:51:53 ----D---- C:\ProgramData\Kaspersky Lab 2010-11-23 22:50:52 ----D---- C:\Users\euro\AppData\Roaming\DMCache 2010-11-23 22:50:06 ----D---- C:\Windows\Minidump 2010-11-23 22:49:59 ----D---- C:\Windows 2010-11-23 22:03:57 ----SHD---- C:\System Volume Information 2010-11-23 14:02:12 ----RD---- C:\Program Files 2010-11-23 13:34:38 ----A---- C:\Windows\ntbtlog.txt 2010-11-19 16:44:48 ----D---- C:\Windows\system32\catroot 2010-11-19 16:15:30 ----D---- C:\Windows\system32\catroot2 2010-11-19 16:14:18 ----SHD---- C:\Windows\Installer 2010-11-19 13:43:14 ----RSD---- C:\Windows\assembly 2010-11-19 13:32:20 ----HD---- C:\ProgramData 2010-11-19 12:12:36 ----HD---- C:\Program Files\InstallShield Installation Information 2010-11-19 11:44:13 ----D---- C:\Windows\system32\drivers 2010-11-19 10:33:03 ----D---- C:\Program Files\Common Files 2010-11-07 14:23:22 ----D---- C:\ProgramData\Media Center Programs 2010-11-07 14:23:20 ----D---- C:\Program Files\Mozilla Firefox 2010-11-06 14:19:53 ----D---- C:\Windows\Prefetch 2010-11-05 18:00:40 ----D---- C:\Users\euro\AppData\Roaming\IDM 2010-10-24 11:23:41 ----D---- C:\Windows\system32\Tasks ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2008-04-28 14352] R0 klbg;Kaspersky Lab Boot Guard Driver; C:\Windows\system32\drivers\klbg.sys [2009-10-14 36880] R0 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2008-05-07 25896] R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-02-23 43872] R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2008-08-19 279376] R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640] R1 dk2drv;DK2 WindowsNT Driver; \??\C:\Windows\SYSTEM32\Drivers\dk2drv.sys [2010-11-19 49720] R1 jswpslwf;JumpStart Wireless Filter Driver; C:\Windows\system32\DRIVERS\jswpslwf.sys [2008-04-28 20384] R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-09-01 128016] R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2009-12-06 311312] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2009-09-14 21520] R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2008-05-13 64000] R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-12-28 281760] R2 FLE5WNNT;FLE-5 WindowsNT Driver; \??\C:\Windows\System32\Drivers\fle5wnnt.sys [2010-11-19 33404] R2 FLSIFACE;FLSIface; \??\C:\Windows\System32\Drivers\flsiface.sys [2010-11-19 13440] R2 FLSPAR;FLSPar; \??\C:\Windows\System32\Drivers\flspar.sys [2010-11-19 16314] R2 FLSSER;FLSSer; \??\C:\Windows\System32\Drivers\flsser.sys [2010-11-19 8344] R2 FLSVCOM;FLSVCom; \??\C:\Windows\System32\Drivers\flsvcom.sys [2010-11-19 34048] R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-12-28 25888] R2 PARLDR2K;ParLdr2k; \??\C:\Windows\system32\drivers\parldr2k.sys [2010-11-19 10454] R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888] R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2008-02-06 166448] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-07-28 919552] R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-09-30 103440] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-11-04 5079040] R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-08-24 2754336] R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-10-02 19472] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 8192] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-08-06 124928] R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2009-11-20 25984] R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2007-12-14 24200] R3 toshidpt;Bluetooth HID Port; C:\Windows\system32\drivers\Toshidpt.sys [2005-07-11 3712] R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2008-03-25 41472] R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2008-04-23 131712] R3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2007-11-29 36608] R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216] R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2008-03-19 74112] R3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-07 18612] R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2008-05-23 41856] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064] R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016] R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2008-07-15 17960] S3 Dot4;Sterownik MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584] S3 Dot4Print;Sterownik klasy drukowania dla IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 HdAudAddService;Sterownik funkcji Microsoft 1.1 UAA dla usługi standardu High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536] S3 LLRING0;LLRING0; \??\C:\Program Files\Dark Stars Network\Season 5\MuGuard\llck.sys [2010-10-11 5120] S3 MSKSSRV;Serwer proxy usługi Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Serwer proxy zegara Microsoft Streaming; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Serwer proxy menedżera jakości Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2009-10-06 136704] S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2009-10-06 8320] S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2008-01-22 54144] S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys [] S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328] S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\Windows\System32\DRIVERS\vserial.sys [] S3 wanatw;WAN Miniport (ATW); C:\Windows\system32\DRIVERS\wanatw4.sys [] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576] S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216] R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\atiesrxx.exe [2009-11-04 172032] R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376] R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2008-07-10 40960] R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336] R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-12-05 935208] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504] R2 TempoMonitoringService;Notebook Performance Tuning Service ; C:\Program Files\Toshiba TEMPRO\TempoSVC.exe [2008-08-26 99720] R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-08-19 83312] R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632] R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2008-08-18 431456] R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2008-05-22 120168] R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2008-07-15 106496] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-10-30 1021256] R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152] R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504] R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv; C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [2008-08-25 77824] S2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2010-09-05 340520] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-06 135664] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-02-02 654848] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-06 182768] S3 jswpsapi;Jumpstart Wifi Protected Setup; C:\Program Files\Jumpstart\jswpsapi.exe [2008-04-16 954368] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-01-01 321320] S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2009-12-16 435016] -----------------EOF----------------- [/log]
Tomek01 komentarz 23 listopada 2010 komentarz 23 listopada 2010 Spróbuj Gmer'em z trybu awaryjnego. Na temat BS'a przykład: http://windows7forum.pl/printthread.php?tid=10962 Jeszcze raz do OTL: [code] :OTL [2010-08-29 12:22:05 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies :Files C:\Windows\system32\0A591.tmp C:\Windows\system32\0A7C3.tmp C:\Windows\system32\0A3FB.tmp C:\Windows\system32\0A66B.tmp C:\Windows\system32\0AAEE.tmp C:\Windows\system32\0A85F.tmp C:\Windows\system32\0AAAF.tmp C:\Windows\system32\0FE99.tmp C:\Windows\system32\0A9A6.tmp C:\Windows\system32\0A275.tmp C:\Windows\system32\0A41B.tmp C:\Windows\system32\0A497.tmp C:\Windows\system32\0A736.tmp C:\Windows\system32\0AE09.tmp C:\Windows\system32\0A9B6.tmp C:\Windows\system32\0BB81.tmp C:\Windows\system32\0A958.tmp C:\Windows\system32\0A64C.tmp C:\Windows\system32\0AFDD.tmp C:\Windows\system32\08851.tmp C:\Windows\system32\08313.tmp C:\Windows\system32\084BA.tmp C:\Windows\system32\0F343.tmp :Commands [emtytemp][/code] Czy problem nadal występuje ? Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i wyniki pokaż na forum.
kcr komentarz 24 listopada 2010 Autor komentarz 24 listopada 2010 (edytowane) Dobra, wiec tak. Strony jak kaspersky, ms itp dzialaja juz normalnie. Ale wracajac do bluescreena, skanujac, a raczej na sam koniec skanowania programem DrWeb znow sie pojawil.. Ta strona co podales jest do Win7 (mam Viste). BS log [log]Podpis problemu: Nazwa zdarzenia problemu: BlueScreen Wersja systemu operacyjnego: 6.0.6001.2.1.0.768.3 Identyfikator ustawień regionalnych: 1045 Dodatkowe informacje o problemie: BCCode: 19 BCP1: 00000021 BCP2: D3965000 BCP3: 00049E38 BCP4: FF435582 OS Version: 6_0_6001 Service Pack: 1_0 Product: 768_1 Pliki pomagające opisać problem: C:\Windows\Minidump\Mini112410-01.dmp C:\Users\euro\AppData\Local\Temp\WER-51339-0.sysdata.xml C:\Users\euro\AppData\Local\Temp\WER12D4.tmp.version.txt [/log] Tym drugim nie zdazylem dzis, bo Gmer skanowal kilka h, potem DrWeb, ktorego nie mam logu, bo jak wspominalem bs. Ale z tego z widzialem usunal 34 pliki typu 0A591.tmp w folderu system32. Chyba ze gdzies to sie automatycznie zapisuje. Pozostale logi Log z usuwania przez OTL gdyby bylo potrzebne: [log]========== OTL ========== C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\skin folder moved successfully. C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\locale\zh-TW folder moved successfully. C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\locale\zh-CN folder moved successfully. C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\locale\sv-SV folder moved successfully. C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\locale\ru-RU folder moved successfully. C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\locale\pl-PL folder moved successfully. C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\locale\nl-NL folder moved successfully. C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\locale\lv-LV folder moved successfully. C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\locale\it-IT folder moved successfully. C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\locale\es-AR folder moved successfully. C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\locale\en-US folder moved successfully. C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\locale folder moved successfully. C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\defaults\preferences folder moved successfully. C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\defaults folder moved successfully. C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies\content folder moved successfully. C:\Users\euro\AppData\Roaming\mozilla\Firefox\Profiles\xf2ajzxv.default\extensions\lockerzplayextended@flies folder moved successfully. ========== FILES ========== File move failed. C:\Windows\system32\0A591.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A7C3.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A3FB.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A66B.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0AAEE.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A85F.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0AAAF.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0FE99.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A9A6.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A275.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A41B.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A497.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A736.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0AE09.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A9B6.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0BB81.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A958.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A64C.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0AFDD.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\08851.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\08313.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\084BA.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0F343.tmp scheduled to be moved on reboot. ========== COMMANDS ========== Error: Unable to interpret <[emtytemp]> in the current context! OTL by OldTimer - Version 3.2.17.3 log created on 11242010_172252 Files\Folders moved on Reboot... File move failed. C:\Windows\system32\0A591.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A7C3.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A3FB.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A66B.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0AAEE.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A85F.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0AAAF.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0FE99.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A9A6.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A275.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A41B.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A497.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A736.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0AE09.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A9B6.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0BB81.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A958.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0A64C.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0AFDD.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\08851.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\08313.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\084BA.tmp scheduled to be moved on reboot. File move failed. C:\Windows\system32\0F343.tmp scheduled to be moved on reboot. Registry entries deleted on Reboot... [/log] Log ze skanu Gmer'em w trybie awaryjnym: [log]GMER 1.0.15.15530 - http://www.gmer.net Rootkit scan 2010-11-24 21:10:38 Windows 6.0.6001 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 TOSHIBA_MK3252GSX rev.LV010M Running: gmer.exe; Driver: C:\Users\euro\AppData\Local\Temp\kwldapog.sys ---- Kernel code sections - GMER 1.0.15 ---- .text C:\Windows\system32\DRIVERS\tos_sps32.sys section is writeable [0x8C150480, 0x3C939, 0xE8000020] .dsrt C:\Windows\system32\DRIVERS\tos_sps32.sys unknown last section [0x8C191900, 0x3CA, 0x48000040] ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [742388B4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [742798A5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7423B9D4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7422FB47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74237A79] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [7422EA65] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [7426B17D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [7423BC9A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [7423074E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [742306B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [742271B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [742BD848] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [74257379] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [7422E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [7422697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [742269A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1080] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74232465] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x74 0xD9 0x06 0xD2 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x76 0xC0 0xE7 0x6F ... Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1 Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x74 0xD9 0x06 0xD2 ... Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ... Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x76 0xC0 0xE7 0x6F ... Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib@Last Counter 5500 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib@Last Help 5501 ---- EOF - GMER 1.0.15 ---- [/log]
Tomek01 komentarz 25 listopada 2010 komentarz 25 listopada 2010 Nie usunąłeś sterownika sptd.sys W takim wypadku log z Gmera nie jest wiarygodny.
kcr komentarz 25 listopada 2010 Autor komentarz 25 listopada 2010 Chetnie usune ten sterownik, ale nie mam pojecia jak.
Tomek01 komentarz 25 listopada 2010 komentarz 25 listopada 2010 Przeczytaj punkt 4: http://forum.cdrinfo.pl/f11/de-instalacja-daemon-tools-pro-87179/
kcr komentarz 25 listopada 2010 Autor komentarz 25 listopada 2010 (edytowane) [quote]usuń plik C: \Windows\System32\Drivers\sptd.sys[/quote] Nie mam tam takiego pliku. Wczesniej probowalem usunac ten sterownik programem SPTDinst, po uruchomieniu wybralem opcje usuniecia. Widocznie usunalo. WIec czemu piszesz, ze nie usunalem?
Tomek01 komentarz 25 listopada 2010 komentarz 25 listopada 2010 Bo w Gmerze jest ciąg wpisów z rejestru, np: Reg HKLM\SYSTEM\CurrentControlSet\Services\[b]sptd[/b]\Cfg
kcr komentarz 25 listopada 2010 Autor komentarz 25 listopada 2010 To moze musze usunac wpisy z rejestru?
Tomek01 komentarz 25 listopada 2010 komentarz 25 listopada 2010 Nie, zastosuj jedną z opcji z link'u, który Ci podałem. Wpierw trzeba go odinstalować by go usunąć.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.