x-kom hosting

Hidserv.exe Kto mi prześle?

carder
utworzono
utworzono

Potrzeba mi plik Hidserv.exe z win vista Ultimate. U mnie plik został zarażony przez wirusa a reinstalacji systemu nie chcę robić... Bez tego pliku szwankują mi urządzenia USB i połowa gier nie działa. Myślę że podmiana pliku na nowy załatwi sprawę. :)
Chyba że znacie inny działający sposób, bo np. PENDRIVE jak podłączę to wywala mi komunikat którego nie da się wyłączyć, więc go przesuwam poza ekran ale w tedy większość rzeczy systemowych nie działa (Defragmentacja, synchronizacja plików itp).
Na starcie wywala mi że Hidserv.exe nie działa.
Więc Błagam, pomóżcie :)
P.S. Jest on w Folderze C:\Users\[NAZWA UŻYTKOWNIKA]\AppData\roaming\

rokko
komentarz
komentarz

[quote]Myślę że podmiana pliku na nowy załatwi sprawę. :)[/quote]
To jesteś w błędzie. Hidserv.exe to nie jest plik systemowy, zobacz sobie też lokalizację jaką podałeś. Praktycznie każda kluczowa funkcja realizowana przez system operacyjny ładowana jest z katalogu systemowego.

Lepiej zrobisz jak dasz nam logi do analizy według regulaminu działu Bezpieczeństwo => http://www.forumpc.pl/index.php?showtopic=168073

carder
komentarz
komentarz

Zrobiłem logi programem OTL.

OTL.Txt
[log]OTL logfile created on: 2010-12-03 14:32:49 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\carder
Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 43,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 58,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 23,61 Gb Free Space | 24,20% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 186,23 Gb Free Space | 50,59% Space Free | Partition Type: NTFS
Drive F: | 4,08 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 697,87 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive M: | 11,75 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive X: | 232,88 Gb Total Space | 112,51 Gb Free Space | 48,31% Space Free | Partition Type: NTFS

Computer Name: CARDER-PC | User Name: carder | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010-10-29 18:15:25 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-10-29 18:15:25 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-10-19 13:29:03 | 006,917,416 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer.exe
PRC - [2010-10-19 13:29:03 | 002,011,944 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2010-10-16 12:42:38 | 000,792,680 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2010-10-16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010-10-16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010-10-07 09:04:26 | 012,661,344 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2010-10-01 11:22:44 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\javaw.exe
PRC - [2010-08-12 14:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2010-08-12 14:16:12 | 002,215,064 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2010-06-15 02:54:22 | 002,320,304 | ---- | M] (Beepa P/L) -- C:\Fraps\fraps.exe
PRC - [2010-03-06 03:04:24 | 000,310,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2009-01-19 07:37:10 | 001,150,976 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
PRC - [2008-11-26 09:25:36 | 000,221,184 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe
PRC - [2008-10-24 10:44:34 | 000,872,448 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
PRC - [2008-07-17 13:55:29 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008-07-17 13:54:50 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008-07-17 13:52:33 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007-09-02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
PRC - [2007-05-15 15:55:46 | 001,628,208 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
PRC - [2007-05-15 15:55:46 | 001,550,896 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
PRC - [2007-05-15 15:55:26 | 001,057,328 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCD.exe
PRC - [2006-12-03 00:14:03 | 000,310,784 | ---- | M] (http://autoconnect.prv.pl) -- C:\Nowy folder\AutoConnect\AutoConnect.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010-06-15 02:54:34 | 000,206,768 | ---- | M] (Beepa P/L) -- C:\Fraps\fraps32.dll
MOD - [2008-07-17 13:53:15 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
MOD - [2007-09-02 12:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-11-30 08:30:00 | 003,020,376 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_5632d69.dll -- (Akamai)
SRV - [2010-11-20 14:37:59 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010-11-10 23:02:10 | 004,134,480 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2010-10-19 13:29:03 | 002,011,944 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010-10-16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010-10-16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010-08-12 14:18:40 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010-08-12 14:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2010-02-19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2008-07-17 13:52:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-05-15 15:55:46 | 001,550,896 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Garena\safedrv.sys -- (GGSAFERDriver)
DRV - [2010-10-22 07:23:05 | 010,084,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010-10-15 15:23:41 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2010-10-13 18:18:52 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-07-29 13:31:26 | 000,136,632 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2010-07-29 13:31:26 | 000,134,512 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2010-07-29 13:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010-07-29 13:31:26 | 000,041,336 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2010-07-29 13:31:26 | 000,032,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2010-05-18 19:28:28 | 000,100,368 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2010-05-18 19:28:26 | 000,142,864 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2010-05-18 19:28:26 | 000,111,248 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2010-05-18 19:28:26 | 000,041,744 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2010-05-18 19:28:26 | 000,031,504 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxUSB.sys -- (VBoxUSB)
DRV - [2008-07-17 13:52:13 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008-07-17 13:52:13 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008-07-17 13:52:12 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008-07-17 13:52:10 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008-07-17 13:52:10 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008-07-17 13:52:09 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008-07-17 13:52:07 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008-07-17 13:52:07 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008-07-17 13:52:05 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008-07-17 13:52:03 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008-07-17 13:52:02 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008-07-17 13:52:02 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008-07-17 13:52:01 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008-07-17 13:52:01 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008-07-17 13:52:00 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008-07-17 13:51:59 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008-07-17 13:51:57 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008-07-17 13:51:52 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008-07-17 13:51:52 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008-07-17 13:51:50 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008-07-17 13:51:48 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008-07-17 13:50:05 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008-07-17 13:50:05 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008-07-17 13:50:05 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008-03-17 10:05:30 | 000,101,632 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007-05-15 15:55:36 | 000,118,576 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\Windows\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2007-05-15 15:55:36 | 000,038,576 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\InCDRm.sys -- (incdrm)
DRV - [2007-05-15 15:55:36 | 000,037,040 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006-11-02 08:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2006-11-02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2304157
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-12-02 20:16:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-11-29 15:53:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b6\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 6\components [2010-11-29 15:53:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b6\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 6\plugins [2010-11-29 15:53:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-11-29 14:21:36 | 000,000,000 | ---D | M]

[2010-12-03 14:28:14 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-10-01 11:22:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-10-01 11:22:44 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2007-12-17 18:16:14 | 000,065,536 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npkimi.dll
[2010-09-14 22:29:36 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-09-14 22:29:36 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-09-14 22:29:36 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-09-14 22:29:36 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-09-14 22:29:36 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-09-14 22:29:36 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-10-15 21:20:02 | 000,001,303 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe (Nero AG)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Update System] C:\Users\carder\AppData\Roaming\hidserv.exe File not found
O4 - HKCU..\Run: [AutoConnect] C:\Nowy folder\AutoConnect\AutoConnect.exe (http://autoconnect.prv.pl)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - HKCU..\Run: [Windows Update System] C:\Users\carder\AppData\Roaming\hidserv.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WBSrv: DllName - C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll - C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll (Stardock Corporation)
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006-11-02 07:00:00 | 000,000,043 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2007-03-26 07:36:13 | 000,000,000 | -H-D | M] - G:\AutoPlay -- [ CDFS ]
O32 - AutoRun File - [2007-03-26 07:36:08 | 002,408,448 | R--- | M] () - G:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2007-03-26 07:36:08 | 000,000,043 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2008-04-23 22:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) - M:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008-07-04 12:03:32 | 000,000,051 | R--- | M] () - M:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{0179e3b8-e364-11df-84d2-0800270008e9}\Shell - "" = AutoRun
O33 - MountPoints2\{0179e3b8-e364-11df-84d2-0800270008e9}\Shell\AutoRun\command - "" = M:\AutoRun.exe -- [2008-04-23 22:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{0179e3bc-e364-11df-84d2-0800270008e9}\Shell - "" = AutoRun
O33 - MountPoints2\{0179e3bc-e364-11df-84d2-0800270008e9}\Shell\AutoRun\command - "" = M:\AutoRun.exe -- [2008-04-23 22:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{0179e3ed-e364-11df-84d2-0800270008e9}\Shell - "" = AutoRun
O33 - MountPoints2\{0179e3ed-e364-11df-84d2-0800270008e9}\Shell\AutoRun\command - "" = M:\AutoRun.exe -- [2008-04-23 22:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{1e182a6a-f867-11df-b417-0800270008e9}\Shell\AutoRun\command - "" = 62.exe
O33 - MountPoints2\{1e182a6a-f867-11df-b417-0800270008e9}\Shell\open\Command - "" = 62.exe
O33 - MountPoints2\{30b396ce-cd36-11df-9c4f-8eba6f7850c6}\Shell - "" = AutoRun
O33 - MountPoints2\{30b396ce-cd36-11df-9c4f-8eba6f7850c6}\Shell\AutoRun\command - "" = N:\AutoRun.exe -- File not found
O33 - MountPoints2\{30b396ee-cd36-11df-9c4f-8eba6f7850c6}\Shell - "" = AutoRun
O33 - MountPoints2\{30b396ee-cd36-11df-9c4f-8eba6f7850c6}\Shell\AutoRun\command - "" = N:\AutoRun.exe -- File not found
O33 - MountPoints2\{3110a9f3-de9c-11df-b48d-0800270008e9}\Shell - "" = AutoRun
O33 - MountPoints2\{3110a9f3-de9c-11df-b48d-0800270008e9}\Shell\AutoRun\command - "" = N:\AutoRun.exe -- File not found
O33 - MountPoints2\{3110aa17-de9c-11df-b48d-0800270008e9}\Shell - "" = AutoRun
O33 - MountPoints2\{3110aa17-de9c-11df-b48d-0800270008e9}\Shell\AutoRun\command - "" = M:\AutoRun.exe -- [2008-04-23 22:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{502a358e-d123-11df-9fbf-0800270008e9}\Shell - "" = AutoRun
O33 - MountPoints2\{502a358e-d123-11df-9fbf-0800270008e9}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -- File not found
O33 - MountPoints2\{c6a2908f-e29f-11df-8d4b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c6a2908f-e29f-11df-8d4b-806e6f6e6963}\Shell\AutoRun\command - "" = M:\AutoRun.exe -- [2008-04-23 22:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{c6ee0253-d03f-11df-9f67-0800270008e9}\Shell - "" = AutoRun
O33 - MountPoints2\{c6ee0253-d03f-11df-9f67-0800270008e9}\Shell\AutoRun\command - "" = G:\autorun.exe -- [2007-03-26 07:36:08 | 002,408,448 | R--- | M] ()
O33 - MountPoints2\{c6ee027b-d03f-11df-9f67-0800270008e9}\Shell - "" = AutoRun
O33 - MountPoints2\{c6ee027b-d03f-11df-9f67-0800270008e9}\Shell\AutoRun\command - "" = N:\AutoRun.exe -- File not found
O33 - MountPoints2\{d4444c47-fb02-11df-b81d-0800270008e9}\Shell - "" = AutoRun
O33 - MountPoints2\{d4444c47-fb02-11df-b81d-0800270008e9}\Shell\AutoRun\command - "" = N:\AutoRun.exe -- File not found
O33 - MountPoints2\{de208002-f3c3-11df-9fdc-0800270008e9}\Shell - "" = AutoRun
O33 - MountPoints2\{de208002-f3c3-11df-9fdc-0800270008e9}\Shell\AutoRun\command - "" = M:\AutoRun.exe -- [2008-04-23 22:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\M\Shell - "" = AutoRun
O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\AutoRun.exe -- [2008-04-23 22:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010-12-02 20:40:18 | 000,000,000 | ---D | C] -- C:\Windows\.jagex_cache_32
[2010-12-02 07:12:49 | 000,000,000 | ---D | C] -- C:\Program Files\DVDMenu
[2010-11-30 19:27:17 | 000,000,000 | ---D | C] -- C:\Program Files\Tsarfin Computing
[2010-11-29 19:00:33 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2010-11-29 15:56:57 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2010-11-29 15:55:36 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010-11-29 15:55:28 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010-11-29 15:55:23 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010-11-29 15:50:35 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010-11-29 15:50:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010-11-29 15:49:29 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010-11-29 15:45:40 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010-11-29 15:44:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010-11-29 15:44:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010-11-29 14:21:35 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2010-11-29 14:21:35 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010-11-27 23:23:17 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2010-11-27 23:21:25 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2010-11-25 08:56:29 | 004,134,480 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des
[2010-11-25 08:52:56 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys
[2010-11-25 08:50:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2010-11-23 22:12:02 | 000,713,312 | ---- | C] (NHN USA) -- C:\Windows\System32\ijjiSetup.exe
[2010-11-23 22:12:02 | 000,062,048 | ---- | C] (NHN USA Inc.) -- C:\Windows\System32\ijjiProcessRestarter.exe
[2010-11-23 22:12:01 | 000,000,000 | ---D | C] -- C:\Program Files\REACTOR
[2010-11-23 16:38:41 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010-11-23 16:38:20 | 001,948,763 | ---- | C] ( ) -- C:\Users\carder\wrar393pl.exe
[2010-11-22 14:51:44 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2010-11-22 14:49:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2010-11-22 14:48:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Ahead
[2010-11-22 14:46:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010-11-22 14:46:18 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2010-11-22 14:46:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2010-11-21 11:27:51 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2010-11-20 14:33:54 | 000,000,000 | ---D | C] -- C:\Program Files\Garena
[2010-11-20 14:32:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2010-11-19 19:28:12 | 000,000,000 | ---D | C] -- C:\Program Files\ZOTAC FireStorm
[2010-11-19 19:22:31 | 000,000,000 | ---D | C] -- C:\Program Files\Badaboom
[2010-11-19 19:09:57 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010-11-19 19:09:50 | 000,000,000 | ---D | C] -- C:\Program Files\vReveal
[2010-11-17 14:36:12 | 000,000,000 | ---D | C] -- C:\Users\carder\New Folder (1)
[2010-11-16 23:20:03 | 000,000,000 | ---D | C] -- C:\Users\carder\New Folder
[2010-11-15 17:11:18 | 000,000,000 | ---D | C] -- C:\ProgramData\DDD
[2010-11-15 17:10:53 | 000,000,000 | ---D | C] -- C:\Program Files\TriDef 3D
[2010-11-15 13:40:33 | 014,899,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2010-11-15 13:40:33 | 013,019,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2010-11-15 13:40:33 | 010,084,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2010-11-15 13:40:33 | 005,473,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2010-11-15 13:40:33 | 004,837,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2010-11-15 13:40:33 | 002,912,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2010-11-15 13:40:33 | 002,666,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2010-11-15 13:40:33 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010-11-15 13:40:33 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2010-11-13 18:47:16 | 000,598,368 | ---- | C] (RealNetworks, Inc.) -- C:\Users\carder\RealPlayer.exe
[2010-11-13 14:19:23 | 000,000,000 | ---D | C] -- C:\Users\carder\.thumbnails
[2010-11-12 05:03:22 | 002,811,584 | ---- | C] (Piriform Ltd) -- C:\Users\carder\ccsetup300.exe
[2010-11-10 14:56:30 | 000,000,000 | ---D | C] -- C:\Users\carder\.gimp-2.6
[2010-11-10 14:56:19 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2010-11-10 14:35:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Akamai
[2010-11-09 21:29:11 | 000,000,000 | ---D | C] -- C:\Program Files\XfireXO
[2010-11-09 21:28:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2010-11-09 21:28:14 | 000,000,000 | ---D | C] -- C:\Program Files\Xfire
[2010-11-08 13:26:29 | 000,000,000 | ---D | C] -- C:\Program Files\Good Shot
[2010-11-08 13:18:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Brontes Processing
[2010-11-08 13:18:25 | 000,000,000 | ---D | C] -- C:\Program Files\Brontes Processing
[2010-11-08 13:09:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010-11-08 07:08:59 | 000,000,000 | ---D | C] -- C:\Program Files\OvO
[2010-11-08 06:58:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2010-11-08 06:56:54 | 004,750,496 | ---- | C] (Adobe Systems Inc.) -- C:\Users\carder\Shockwave_Installer_Slim.exe
[2010-11-06 22:38:32 | 000,000,000 | ---D | C] -- C:\ProgramData\WebcamWallpaper
[2010-11-06 22:38:32 | 000,000,000 | ---D | C] -- C:\Program Files\WebcamWallpaper
[2010-11-06 20:27:21 | 000,000,000 | ---D | C] -- C:\Program Files\Fantastic Flame Screensaver
[2010-11-06 20:20:51 | 000,291,776 | ---- | C] (Vendio Services, Inc. ) -- C:\Windows\System32\DealioKit1-stub-0.exe
[2010-11-06 20:20:51 | 000,000,000 | ---D | C] -- C:\Program Files\3D Desktop
[2010-11-06 20:20:26 | 001,037,481 | ---- | C] (3D Desktop, Ltd ) -- C:\Users\carder\crash_icons.exe
[2010-11-06 20:04:11 | 000,528,384 | ---- | C] (Astro Gemini Software) -- C:\Windows\System32\Astro Gemini Screensaver Manager.scr
[2010-11-06 20:04:10 | 000,000,000 | ---D | C] -- C:\Program Files\Astro Gemini Software
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010-12-03 14:31:27 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\carder\Freelancer Mod Manager.lnk.exe
[2010-12-03 13:47:59 | 000,589,884 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010-12-03 13:47:59 | 000,101,896 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010-12-03 13:47:40 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010-12-03 13:44:33 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010-12-03 13:44:33 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010-12-03 06:42:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-12-02 15:06:10 | 000,001,863 | ---- | M] () -- C:\Users\Public\Desktop\GenesisAD.lnk
[2010-12-01 21:48:57 | 000,047,769 | ---- | M] () -- C:\Users\carder\.recently-used.xbel
[2010-11-30 19:27:17 | 000,002,094 | ---- | M] () -- C:\Users\Public\Desktop\NetInfo.lnk
[2010-11-29 19:09:34 | 000,022,328 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010-11-29 15:57:07 | 000,001,637 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010-11-29 15:51:27 | 000,001,699 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010-11-29 14:29:48 | 000,000,038 | ---- | M] () -- C:\Windows\AviSplitter.INI
[2010-11-29 02:00:43 | 000,001,675 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2010-11-27 23:34:19 | 000,000,810 | ---- | M] () -- C:\Users\Public\Desktop\Need For Speed World.lnk
[2010-11-27 18:24:00 | 000,148,281 | ---- | M] () -- C:\Users\carder\kiukljh.jpg
[2010-11-23 22:14:43 | 000,000,171 | ---- | M] () -- C:\Users\Public\Desktop\ijji.url
[2010-11-23 22:14:39 | 000,001,687 | ---- | M] () -- C:\Users\carder\Application Data\Microsoft\Internet Explorer\Quick Launch\ijji REACTOR.lnk
[2010-11-23 22:14:38 | 000,001,661 | ---- | M] () -- C:\Users\Public\Desktop\ijji REACTOR.lnk
[2010-11-23 16:38:26 | 001,948,763 | ---- | M] ( ) -- C:\Users\carder\wrar393pl.exe
[2010-11-22 14:49:22 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\LightScribe.lnk
[2010-11-22 14:48:56 | 000,002,516 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
[2010-11-22 14:39:34 | 036,725,326 | ---- | M] () -- C:\Users\carder\Untitled.bmp
[2010-11-21 10:54:33 | 001,661,952 | ---- | M] (NoPremium.pl) -- C:\Users\carder\nopremium.exe
[2010-11-20 17:20:27 | 000,000,731 | ---- | M] () -- C:\Zotac FireStorm.lnk
[2010-11-19 19:43:59 | 000,000,015 | ---- | M] () -- C:\Windows\Firestorm.INI
[2010-11-19 19:09:54 | 000,000,775 | ---- | M] () -- C:\Users\Public\Desktop\vReveal.lnk
[2010-11-15 18:00:52 | 000,001,673 | ---- | M] () -- C:\Users\carder\shkjku.jpg
[2010-11-13 18:47:17 | 000,598,368 | ---- | M] (RealNetworks, Inc.) -- C:\Users\carder\RealPlayer.exe
[2010-11-12 05:03:40 | 002,811,584 | ---- | M] (Piriform Ltd) -- C:\Users\carder\ccsetup300.exe
[2010-11-10 23:02:10 | 004,134,480 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des
[2010-11-10 14:56:25 | 000,000,873 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2010-11-09 22:33:57 | 000,000,711 | ---- | M] () -- C:\Users\carder\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2010-11-09 22:33:57 | 000,000,687 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010-11-08 14:32:40 | 000,000,512 | ---- | M] () -- C:\Windows\Fantastic Flame Screensaver.ini
[2010-11-08 06:57:28 | 004,750,496 | ---- | M] (Adobe Systems Inc.) -- C:\Users\carder\Shockwave_Installer_Slim.exe
[2010-11-06 22:38:32 | 000,000,857 | ---- | M] () -- C:\Users\Public\Desktop\Webcam Wallpaper.lnk
[2010-11-06 22:38:25 | 002,918,544 | ---- | M] () -- C:\Users\carder\setup.exe
[2010-11-06 20:22:39 | 000,000,001 | ---- | M] () -- C:\Windows\System32\sav85014.sys
[2010-11-06 20:20:40 | 001,037,481 | ---- | M] (3D Desktop, Ltd ) -- C:\Users\carder\crash_icons.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-12-01 21:48:57 | 000,047,769 | ---- | C] () -- C:\Users\carder\.recently-used.xbel
[2010-11-30 19:27:17 | 000,002,094 | ---- | C] () -- C:\Users\Public\Desktop\NetInfo.lnk
[2010-11-29 19:09:34 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010-11-29 19:09:27 | 000,103,736 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010-11-29 19:08:51 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010-11-29 15:57:07 | 000,001,637 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010-11-29 15:51:27 | 000,001,699 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010-11-29 14:29:48 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2010-11-29 01:11:53 | 000,001,675 | ---- | C] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2010-11-27 23:34:19 | 000,000,810 | ---- | C] () -- C:\Users\Public\Desktop\Need For Speed World.lnk
[2010-11-27 18:24:00 | 000,148,281 | ---- | C] () -- C:\Users\carder\kiukljh.jpg
[2010-11-25 08:52:55 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd
[2010-11-24 20:30:06 | 000,001,863 | ---- | C] () -- C:\Users\Public\Desktop\GenesisAD.lnk
[2010-11-23 22:14:43 | 000,000,171 | ---- | C] () -- C:\Users\Public\Desktop\ijji.url
[2010-11-23 22:14:39 | 000,001,687 | ---- | C] () -- C:\Users\carder\Application Data\Microsoft\Internet Explorer\Quick Launch\ijji REACTOR.lnk
[2010-11-23 22:14:38 | 000,001,661 | ---- | C] () -- C:\Users\Public\Desktop\ijji REACTOR.lnk
[2010-11-22 16:49:05 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010-11-22 14:49:22 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\LightScribe.lnk
[2010-11-22 14:48:56 | 000,002,516 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
[2010-11-22 14:39:19 | 036,725,326 | ---- | C] () -- C:\Users\carder\Untitled.bmp
[2010-11-20 14:32:45 | 000,000,759 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010-11-19 19:43:59 | 000,000,015 | ---- | C] () -- C:\Windows\Firestorm.INI
[2010-11-19 19:41:23 | 000,000,065 | ---- | C] () -- C:\Users\carder\ZOTAC FireStorm.txt
[2010-11-19 19:29:14 | 000,000,731 | ---- | C] () -- C:\Zotac FireStorm.lnk
[2010-11-19 19:29:14 | 000,000,731 | ---- | C] () -- \Zotac FireStorm.lnk
[2010-11-19 19:09:54 | 000,000,775 | ---- | C] () -- C:\Users\Public\Desktop\vReveal.lnk
[2010-11-10 14:56:25 | 000,000,873 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2010-11-06 22:38:32 | 000,000,857 | ---- | C] () -- C:\Users\Public\Desktop\Webcam Wallpaper.lnk
[2010-11-06 22:38:02 | 002,918,544 | ---- | C] () -- C:\Users\carder\setup.exe
[2010-11-06 20:27:21 | 000,000,512 | ---- | C] () -- C:\Windows\Fantastic Flame Screensaver.ini
[2010-11-06 20:21:25 | 000,000,001 | ---- | C] () -- C:\Windows\System32\sav85014.sys
[2010-10-31 10:26:54 | 000,020,102 | ---- | C] () -- C:\Program Files\Readme.txt
[2010-10-31 10:26:54 | 000,010,960 | ---- | C] () -- C:\Program Files\EULA.txt
[2010-10-31 10:26:54 | 000,000,344 | ---- | C] () -- C:\Program Files\INSTALL.LOG
[2010-10-23 16:38:31 | 000,118,784 | ---- | C] () -- C:\Windows\System32\NxExtensions.dll
[2010-10-13 18:18:52 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010-10-05 19:38:00 | 000,000,404 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010-10-01 19:12:39 | 000,008,192 | R-S- | C] () -- \BOOTSECT.BAK
[2010-10-01 19:12:39 | 000,000,213 | -HS- | C] () -- \Boot.BAK
[2010-10-01 19:12:38 | 000,333,203 | RHS- | C] () -- \bootmgr
[2010-10-01 19:12:16 | 000,171,136 | RHS- | C] () -- \grldr
[2010-10-01 10:42:03 | 000,000,000 | ---- | C] () -- C:\Windows\WB.ini
[2010-10-01 10:00:49 | 000,057,904 | ---- | C] () -- C:\Windows\System32\wbload.dll
[2010-10-01 09:29:51 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010-10-01 09:29:49 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2010-10-01 09:29:49 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010-10-01 09:22:00 | 000,000,357 | -HS- | C] () -- \Boot.ini.saved
[2010-09-20 13:27:11 | 2456,981,504 | -HS- | C] () --
[2010-08-15 20:09:32 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2010-08-15 20:09:32 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2010-08-15 00:14:30 | 000,192,144 | ---- | C] () -- \AnalysisLog.sr0
[2010-08-13 18:13:47 | 1607,376,896 | -HS- | C] () -- \hiberfil.sys
[2010-07-09 20:00:32 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009-12-02 10:11:04 | 000,002,045 | -H-- | C] () -- C:\Windows\System32\whlpdms32a.dll
[2008-07-17 13:59:45 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en
[2007-11-26 20:56:28 | 000,151,415 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2007-03-21 12:00:00 | 000,298,720 | RHS- | C] () -- \ntldr
[2007-03-21 12:00:00 | 000,047,772 | RHS- | C] () -- \NTDETECT.COM
[2007-03-21 12:00:00 | 000,004,952 | RHS- | C] () -- \bootfont.bin
[2006-11-02 13:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 11:23:09 | 000,000,024 | ---- | C] () -- \autoexec.bat
[2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006-11-02 07:25:08 | 000,000,010 | ---- | C] () -- \config.sys
[2006-11-01 06:54:30 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2006-11-01 06:52:38 | 000,758,018 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2006-06-12 08:21:24 | 000,580,114 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
[2005-02-05 21:46:00 | 000,004,608 | ---- | C] () -- C:\Windows\fgexec.dll
[2004-08-04 03:07:00 | 000,002,000 | ---- | C] () -- C:\Windows\System32\netcache32.sys
[2002-11-15 13:11:28 | 000,077,824 | ---- | C] () -- C:\Windows\System32\MMSwitch.dll

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 966 bytes -> C:\ProgramData\TEMP:24721E3C

< End of report >[/log]

Extras.Txt
[log]OTL Extras logfile created on: 2010-12-03 14:32:49 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\carder
Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 43,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 58,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 23,61 Gb Free Space | 24,20% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 186,23 Gb Free Space | 50,59% Space Free | Partition Type: NTFS
Drive F: | 4,08 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 697,87 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive M: | 11,75 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive X: | 232,88 Gb Total Space | 112,51 Gb Free Space | 48,31% Space Free | Partition Type: NTFS

Computer Name: CARDER-PC | User Name: carder | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Play_with_TriDef_Media_Player] -- "C:\Program Files\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe" "%1" File not found
Directory [takeown] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Directory [text console] -- cmd.exe /k cd %1 (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"Windows Update System" = C:\Users\carder\AppData\Roaming\hidserv.exe -- File not found
"C:\Program Files\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe" = C:\Program Files\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe:*:Enabled:TriDef 3D Media Player -- File not found
"C:\Users\carder\nopremium.exe" = C:\Users\carder\nopremium.exe:*:Enabled:nopremium.exe -- (NoPremium.pl)
"X:\gry\Gameforge4D\AirRivals_PL\Launcher.atm" = X:\gry\Gameforge4D\AirRivals_PL\Launcher.atm:Enabled:GameExe2 -- File not found
"X:\gry\Gameforge4D\AirRivals_PL\Res-Voip\SCVoIP.exe" = X:\gry\Gameforge4D\AirRivals_PL\Res-Voip\SCVoIP.exe:Enabled:GameVoIP -- File not found


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1753E84E-75D9-4697-A31B-250A22A92C7F}" = lport=57797 | protocol=6 | dir=in | name=pando media booster |
"{859566AA-730B-4EB5-8269-D4F88C080385}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{9D462BCC-19AD-4A0B-AEEC-C3EF23BF9B11}" = lport=57797 | protocol=17 | dir=in | name=pando media booster |
"{A4472505-8EF5-438B-BD6F-AE6C5C7A1972}" = lport=57797 | protocol=6 | dir=in | name=pando media booster |
"{AF552381-0513-4FFB-B45B-5BF587D1AE6D}" = lport=57797 | protocol=17 | dir=in | name=pando media booster |
"{C8CC3151-4DCB-4E28-AE54-F460A894F45F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{F7EDC0D2-D6AE-486B-88B4-E5E4508A8C43}" = lport=49168 | protocol=6 | dir=in | name=akamai netsession interface |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00BA573B-5F5B-4B68-96D9-127155A0BB9F}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{0DBC520D-5CC5-414E-A68E-C39BAE758023}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{122A8AA5-1EF1-4968-A2D7-4649BCCC8D6D}" = protocol=17 | dir=in | app=x:\gry\ijji\english\genesisad\gameconsole.bin |
"{1BAC72F8-05FA-4F6E-9B77-B29351B9E565}" = protocol=6 | dir=in | app=x:\gry\ijji\english\genesisad\gameconsole.bin |
"{2240BB3D-0D3E-4972-B5DB-A56D2E42ADBF}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{234513A6-A79A-4270-8845-29F58F77A47E}" = protocol=17 | dir=in | app=d:\ubisoft\lost - zagubieni\detection\launcher.exe |
"{3CEEF7BA-54A4-4F9F-AD84-FA99849F9817}" = protocol=6 | dir=in | app=c:\program files\reactor\ijjioptimizer.exe |
"{4D326D95-5B3C-42F3-AD61-C3BD0DF8E132}" = protocol=6 | dir=in | app=d:\ubisoft\lost - zagubieni\detection\launcher.exe |
"{5F4CD770-B7F3-4BE1-A44F-5514BB6A7B8F}" = protocol=17 | dir=in | app=x:\gry\ijji\english\genesisad\anotherday.exe |
"{608234FE-120A-446F-A980-5EB0FD589E6F}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{622556FD-D7DF-488C-8F75-3A71637665A7}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{7F99DFF6-7DF0-4F36-B269-1E116E334161}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{83B090D5-1F6E-4861-9B9D-BCBCB3A2B3E8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9B37D61C-B73D-44CD-A53A-8BB38EEC4C77}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{A3A4A49A-8297-460C-8A78-515074C5E69B}" = protocol=17 | dir=in | app=d:\ubisoft\lost - zagubieni\gu.exe |
"{A4EB2968-0FA9-4996-9167-85F456080A39}" = protocol=6 | dir=in | app=x:\gry\ijji\english\genesisad\anotherday.exe |
"{B45F717D-FDA0-4783-BD0D-45AFF31052A0}" = protocol=6 | dir=in | app=d:\ubisoft\lost - zagubieni\gu.exe |
"{C01059E0-2D73-4AB7-ADFA-865AE03BCB46}" = protocol=6 | dir=in | app=d:\ubisoft\lost - zagubieni\yeti_final_win32.exe |
"{D0DEB391-599D-4A75-BF00-539934F4F94A}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{D699024B-9307-41B4-BEA6-82E73718C927}" = protocol=17 | dir=in | app=d:\ubisoft\lost - zagubieni\yeti_final_win32.exe |
"{D998BB88-743E-4BBD-B64E-C6E7D9B53DCB}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{FD727C02-DF0E-464F-B065-FE892340BB92}" = protocol=17 | dir=in | app=c:\program files\reactor\ijjioptimizer.exe |
"TCP Query User{0F1332EC-3C0A-4950-BFD1-CBDB564351FB}X:\gry\ubisoft\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe" = protocol=6 | dir=in | app=x:\gry\ubisoft\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe |
"TCP Query User{2A076D64-E504-4FAD-BA8F-C354635AEB9C}X:\gry\left 4 dead\left4dead.exe" = protocol=6 | dir=in | app=x:\gry\left 4 dead\left4dead.exe |
"TCP Query User{5F86CABE-838D-4C74-8824-8C34629072B0}C:0\gry\left 4 dead\left4dead.exe" = protocol=6 | dir=in | app=c:0\gry\left 4 dead\left4dead.exe |
"TCP Query User{C6D8EDD2-CC60-4ADD-8436-4D98CD61D9CD}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"TCP Query User{CA47F106-69F1-4DB1-AE1D-DCCAFC817831}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{E32E14B0-3EC7-4956-AE77-B4A3A77C6226}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{39EEA52A-8BAB-409B-AF00-AC32428EADC2}X:\gry\ubisoft\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe" = protocol=17 | dir=in | app=x:\gry\ubisoft\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe |
"UDP Query User{527BA1E2-8AEA-4235-B5E2-A554DA32D4A9}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{92227728-3641-41F0-B6AB-036169442331}C:0\gry\left 4 dead\left4dead.exe" = protocol=17 | dir=in | app=c:0\gry\left 4 dead\left4dead.exe |
"UDP Query User{976EDF08-5960-4B00-894B-F95890A04632}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"UDP Query User{B884C5A2-07EB-4242-8F6E-B1802645C523}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{E108A2CE-594F-4FF1-8D3E-B0AC7B95E12A}X:\gry\left 4 dead\left4dead.exe" = protocol=17 | dir=in | app=x:\gry\left 4 dead\left4dead.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007BECB0-17DD-4230-9D2F-185287262B14}" = Microsoft XNA Game Studio 3.0 (Platformer)
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0C19D563-5F25-4621-BF10-01F741BD283F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools English
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0DC0350A-B2E1-4C3A-8438-90DA35E3038C}_is1" = 3D Crash Icons Screensaver
"{0DC16794-7E69-4534-82FA-9DD0500FF338}" = Microsoft XNA Game Studio 3.0 (Redists)
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{2702B8FC-6003-4AC6-ADBC-EC65746D800A}" = Lost Via Domus
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{300A470B-681B-449F-82AE-6D19114702CE}" = PhysX Screen Saver
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
"{3BA37E38-B53D-4520-B8DA-1DD62AD3A74E}" = Microsoft XNA Game Studio 3.0 (VCSExpress)
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FD3EFE2-C856-4C55-AF0F-B29C1E2D6A24}" = NetInfo
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5BE1E709-30E4-3D6D-A708-96CE8D5E5E8D}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{5E7CA6C3-6CE4-404A-96BB-0A54D26A5A5C}" = Microsoft Visual C++ 2005 Redistributable for StarCodec
"{5EB3F5E2-1533-42D2-97C2-E0BA06CA6939}" = GenesisAD
"{62621555-6310-433D-983E-957D707DC535}" = ESET Smart Security
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = Brother MFL-Pro Suite DCP-375CW
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{753B50B1-8A12-4EEE-A151-A9EFA0FF3116}" = Oracle VM VirtualBox 3.2.0
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7FD30AE7-281D-455F-AF9F-0C6C5E334EAD}" = Microsoft XNA Game Studio 3.0 Documentation
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CA53298-AB86-49C7-8040-D5E7BA2F703A}" = NVIDIA PhysX Particle Fluid Demo
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = REACTOR
"{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{A2104078-AAA5-449E-95DD-55C9443A1045}" = Nero 7 Essentials
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A4418082-E601-3954-805B-D56A2B50EC8B}" = Microsoft Visual C# 2008 Express Edition with SP1 - ENU
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC3F9FEE-1A44-4FCE-BD72-BD27D4BC6279}" = Microsoft XNA Game Studio Platform Tools
"{AF9BDE67-11A5-449A-B9F0-BE572A093DDB}" = Microsoft XNA Game Studio 3.0 (Shared Components)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 260.99
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9B4D7EE-481C-4C36-86AB-A8F7417725FF}" = LightScribe 1.6.43.1
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DFB81F19-ED3A-4DA5-AFE4-1B999E2A8DC5}" = Microsoft XNA Game Studio 3.0 (XnaLiveProxy)
"{E1D78366-91DA-4AD0-B417-28155743CC22}" = Microsoft XNA Game Studio 3.0 (ARP entry)
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EC0B2A03-9FBF-4B21-AD3B-14C49C2232C7}" = GenesisAD_Setup
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{F731791B-E17A-4402-9FC7-F0E65E8D93BD}" = Microsoft XNA Game Studio 3.0 - Racing Game Starter Kit (Windows)
"{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3Planesoft Screensaver Manager_is1" = 3Planesoft Screensaver Manager 1.4
"7-Zip" = 7-Zip 4.42
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"Astro Gemini Screensaver Manager_is1" = Astro Gemini Screensaver Manager 1.2
"AutoConnect" = AutoConnect v0.1.3.1
"Badaboom" = Badaboom 1.2.1.13
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"conduitEngine" = Conduit Engine
"Debiut Małego Cyklopa_is1" = Debiut Małego Cyklopa
"Defraggler" = Defraggler
"Delphi 10 Lite v3.0_is1" = Delphi 10 Lite v3.0 [SP1 Integrated]
"DivX Codec" = DivX Codec
"DriftCity_EU_eng" = Drift City (EU_ENG)
"DVD Menu Studio_is1" = DVD Menu Studio 1.1
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fantastic Flame Screensaver" = Fantastic Flame Screensaver
"FormatFactory" = FormatFactory 2.50
"Fraps" = Fraps (remove only)
"FreePascal_is1" = Free Pascal 2.4.0
"Gadu-Gadu 10" = Gadu-Gadu 10
"Game Maker 8.0" = Game Maker 8.0
"Garena" = Garena 2010
"Good Shot_is1" = Good Shot 1.17
"ImgBurn" = ImgBurn (Remove Only)
"Imikimi Plugin" = Imikimi Plugin
"InstallShield_{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}" = Quake 4(TM)
"InstallShield_{578FA426-47C0-4A3F-98A4-01ACD26B7556}" = LEGO Star Wars II
"iWisoft Flash SWF to Video Converter_is1" = iWisoft Flash SWF to Video Converter 3.2
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.9.5 (Full)
"LockHunter_is1" = LockHunter version 1.0 beta 3, 32 bit edition
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Visual C# 2008 Express Edition with SP1 - ENU" = Microsoft Visual C# 2008 Express Edition with SP1 - ENU
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Mozilla Firefox 4.0b6 (x86 pl)" = Mozilla Firefox 4.0b6 (x86 pl)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OvO" = OvO
"PLAY ONLINE" = PLAY ONLINE
"Star Wars 3D Screensaver_is1" = Star Wars 3D Screensaver 1.3
"StarCodec" = StarCodec
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 5" = TeamViewer 5
"The One Ring 3D Screensaver_is1" = The One Ring 3D Screensaver 1.0
"uTorrent" = µTorrent
"vReveal" = vReveal
"Webcam Wallpaper" = Webcam Wallpaper 1.3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR archiver
"Xfire" = Xfire (remove only)
"XfireXO Toolbar" = XfireXO Toolbar
"XNA Game Studio 3.0" = Microsoft XNA Game Studio 3.0
"ZOTAC FireStorm" = ZOTAC FireStorm

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre" = PhotoFiltre
"UnityWebPlayer" = Unity Web Player

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-12-01 14:23:53 | Computer Name = carder-PC | Source = RasClient | ID = 20227
Description =

Error - 2010-12-01 14:23:59 | Computer Name = carder-PC | Source = RasClient | ID = 20227
Description =

Error - 2010-12-01 14:24:05 | Computer Name = carder-PC | Source = RasClient | ID = 20227
Description =

Error - 2010-12-01 14:24:11 | Computer Name = carder-PC | Source = RasClient | ID = 20227
Description =

Error - 2010-12-01 14:24:17 | Computer Name = carder-PC | Source = RasClient | ID = 20227
Description =

Error - 2010-12-01 14:24:23 | Computer Name = carder-PC | Source = RasClient | ID = 20227
Description =

Error - 2010-12-01 14:24:29 | Computer Name = carder-PC | Source = RasClient | ID = 20227
Description =

Error - 2010-12-01 14:24:35 | Computer Name = carder-PC | Source = RasClient | ID = 20227
Description =

Error - 2010-12-02 10:36:23 | Computer Name = carder-PC | Source = Application Error | ID = 1000
Description = Faulting application AAM Updates Notifier.exe, version 1.0.175.0,
time stamp 0x4b918408, faulting module npggNT.des_unloaded, version 0.0.0.0, time
stamp 0x4cb50450, exception code 0xc0000005, fault offset 0x458aeb20, process id
0x1354, application start time 0x01cb90b659256186.

Error - 2010-12-02 15:05:44 | Computer Name = carder-PC | Source = Application Error | ID = 1000
Description = Faulting application nopremium.exe, version 1.12.0.2000, time stamp
0x2a425e19, faulting module kernel32.dll, version 6.0.6001.18000, time stamp 0x4791a76d,
exception code 0xc0000005, fault offset 0x00048989, process id 0x6e0, application
start time 0x01cb924f69b60aa6.

[ System Events ]
Error - 2010-11-25 17:57:24 | Computer Name = carder-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 2010-11-25 18:37:37 | Computer Name = carder-PC | Source = DCOM | ID = 10010
Description =

Error - 2010-11-25 18:41:04 | Computer Name = carder-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 23:39:42 on 2010-11-25 was unexpected.

Error - 2010-11-25 18:41:06 | Computer Name = carder-PC | Source = HTTP | ID = 15016
Description =

Error - 2010-11-25 18:45:08 | Computer Name = carder-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 23:43:04 on 2010-11-25 was unexpected.

Error - 2010-11-25 18:45:10 | Computer Name = carder-PC | Source = HTTP | ID = 15016
Description =

Error - 2010-11-25 18:47:10 | Computer Name = carder-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 2010-11-25 18:47:10 | Computer Name = carder-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 2010-11-25 18:49:24 | Computer Name = carder-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 23:47:08 on 2010-11-25 was unexpected.

Error - 2010-11-25 18:49:25 | Computer Name = carder-PC | Source = HTTP | ID = 15016
Description =


< End of report >[/log]

Skasowałem ten plik Hidserv.exe i nie krzyczał gdy podłączyłem Pendriva.
Dam jeszcze log z antywirusa ESET:
[log]2010-12-03 13:52:13 Ochrona systemu plików w czasie rzeczywistym plik D:\New Folder (2)\Nowy folder (2)\gta2 - Kopia\TRAINER.exe prawdopodobnie odmiana wirusa Win32/Agent.LHXYZJT koń trojański wyleczony przez usunięcie - poddany kwarantannie carder-PC\carder Zdarzenie wystąpiło podczas tworzenia nowego pliku przez aplikację: C:\Windows\explorer.exe.
2010-12-03 13:52:03 Ochrona systemu plików w czasie rzeczywistym plik D:\New Folder (2)\Nowy folder (2)\gta2\TRAINER.exe prawdopodobnie odmiana wirusa Win32/Agent.LHXYZJT koń trojański wyleczony przez usunięcie - poddany kwarantannie carder-PC\carder Zdarzenie wystąpiło podczas tworzenia nowego pliku przez aplikację: C:\Windows\explorer.exe.
2010-12-02 13:19:08 Skaner przy uruchamianiu plik C:\Users\carder\AppData\Roaming\hidserv.exe odmiana wirusa Win32/Injector.DDU koń trojański wyleczony przez usunięcie (po następnym uruchomieniu) - poddany kwarantannie
2010-11-30 11:04:02 Ochrona systemu plików w czasie rzeczywistym plik D:\program files (x86)\narzędzia\win tools\wintools.net 8.8.1 professional\1000000c00002i\verclsid.exe prawdopodobnie odmiana wirusa Win32/IRCBot.ZJSFYM koń trojański wyleczony przez usunięcie - poddany kwarantannie NT AUTHORITY\SYSTEM Zdarzenie wystąpiło podczas próby uzyskania dostępu do pliku przez aplikację: C:\Windows\System32\SearchProtocolHost.exe.
2010-11-30 11:04:02 Ochrona systemu plików w czasie rzeczywistym plik D:\program files (x86)\narzędzia\win tools\wintools.net 8.8.1 professional\10000006700002i\regedit.exe prawdopodobnie odmiana wirusa Win32/IRCBot.CNZZZMN koń trojański wyleczony przez usunięcie - poddany kwarantannie NT AUTHORITY\SYSTEM Zdarzenie wystąpiło podczas próby uzyskania dostępu do pliku przez aplikację: C:\Windows\System32\SearchProtocolHost.exe.
2010-11-30 11:04:02 Ochrona systemu plików w czasie rzeczywistym plik D:\program files (x86)\narzędzia\win tools\wintools.net 8.8.1 professional\4000001400002i\language.exe prawdopodobnie odmiana wirusa Win32/IRCBot.POHXVK koń trojański wyleczony przez usunięcie - poddany kwarantannie NT AUTHORITY\SYSTEM Zdarzenie wystąpiło podczas próby uzyskania dostępu do pliku przez aplikację: C:\Windows\System32\SearchProtocolHost.exe.
2010-11-29 14:52:10 Ochrona systemu plików w czasie rzeczywistym plik C:\Users\carder\Desktop\brewers.exe prawdopodobnie odmiana wirusa Win32/Agent.ZSIYTJ koń trojański wyleczony przez usunięcie - poddany kwarantannie carder-PC\carder Zdarzenie wystąpiło podczas próby uzyskania dostępu do pliku przez aplikację: C:\Windows\explorer.exe.[/log]

[color="#FF0000"]//Przenoszę do ''Bezpieki''.
//Magellan[/color]

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.