carder utworzono 2 grudnia 2010 utworzono 2 grudnia 2010 Potrzeba mi plik Hidserv.exe z win vista Ultimate. U mnie plik został zarażony przez wirusa a reinstalacji systemu nie chcę robić... Bez tego pliku szwankują mi urządzenia USB i połowa gier nie działa. Myślę że podmiana pliku na nowy załatwi sprawę. Chyba że znacie inny działający sposób, bo np. PENDRIVE jak podłączę to wywala mi komunikat którego nie da się wyłączyć, więc go przesuwam poza ekran ale w tedy większość rzeczy systemowych nie działa (Defragmentacja, synchronizacja plików itp). Na starcie wywala mi że Hidserv.exe nie działa. Więc Błagam, pomóżcie P.S. Jest on w Folderze C:\Users\[NAZWA UŻYTKOWNIKA]\AppData\roaming\
rokko komentarz 2 grudnia 2010 komentarz 2 grudnia 2010 [quote]Myślę że podmiana pliku na nowy załatwi sprawę. [/quote] To jesteś w błędzie. Hidserv.exe to nie jest plik systemowy, zobacz sobie też lokalizację jaką podałeś. Praktycznie każda kluczowa funkcja realizowana przez system operacyjny ładowana jest z katalogu systemowego. Lepiej zrobisz jak dasz nam logi do analizy według regulaminu działu Bezpieczeństwo => http://www.forumpc.pl/index.php?showtopic=168073
carder komentarz 3 grudnia 2010 Autor komentarz 3 grudnia 2010 Zrobiłem logi programem OTL. OTL.Txt [log]OTL logfile created on: 2010-12-03 14:32:49 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\carder Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 43,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 58,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 97,56 Gb Total Space | 23,61 Gb Free Space | 24,20% Space Free | Partition Type: NTFS Drive D: | 368,10 Gb Total Space | 186,23 Gb Free Space | 50,59% Space Free | Partition Type: NTFS Drive F: | 4,08 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Drive G: | 697,87 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive M: | 11,75 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive X: | 232,88 Gb Total Space | 112,51 Gb Free Space | 48,31% Space Free | Partition Type: NTFS Computer Name: CARDER-PC | User Name: carder | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010-10-29 18:15:25 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-10-29 18:15:25 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010-10-19 13:29:03 | 006,917,416 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer.exe PRC - [2010-10-19 13:29:03 | 002,011,944 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe PRC - [2010-10-16 12:42:38 | 000,792,680 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe PRC - [2010-10-16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2010-10-16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010-10-07 09:04:26 | 012,661,344 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2010-10-01 11:22:44 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\javaw.exe PRC - [2010-08-12 14:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe PRC - [2010-08-12 14:16:12 | 002,215,064 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe PRC - [2010-06-15 02:54:22 | 002,320,304 | ---- | M] (Beepa P/L) -- C:\Fraps\fraps.exe PRC - [2010-03-06 03:04:24 | 000,310,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe PRC - [2009-01-19 07:37:10 | 001,150,976 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe PRC - [2008-11-26 09:25:36 | 000,221,184 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe PRC - [2008-10-24 10:44:34 | 000,872,448 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe PRC - [2008-07-17 13:55:29 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008-07-17 13:54:50 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2008-07-17 13:52:33 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2007-09-02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe PRC - [2007-05-15 15:55:46 | 001,628,208 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe PRC - [2007-05-15 15:55:46 | 001,550,896 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe PRC - [2007-05-15 15:55:26 | 001,057,328 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCD.exe PRC - [2006-12-03 00:14:03 | 000,310,784 | ---- | M] (http://autoconnect.prv.pl) -- C:\Nowy folder\AutoConnect\AutoConnect.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-06-15 02:54:34 | 000,206,768 | ---- | M] (Beepa P/L) -- C:\Fraps\fraps32.dll MOD - [2008-07-17 13:53:15 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll MOD - [2007-09-02 12:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-11-30 08:30:00 | 003,020,376 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_5632d69.dll -- (Akamai) SRV - [2010-11-20 14:37:59 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010-11-10 23:02:10 | 004,134,480 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2010-10-19 13:29:03 | 002,011,944 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5) SRV - [2010-10-16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010-10-16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010-08-12 14:18:40 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV - [2010-08-12 14:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn) SRV - [2010-02-19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2008-07-17 13:52:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-05-15 15:55:46 | 001,550,896 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Garena\safedrv.sys -- (GGSAFERDriver) DRV - [2010-10-22 07:23:05 | 010,084,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2010-10-15 15:23:41 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\teamviewervpn.sys -- (teamviewervpn) DRV - [2010-10-13 18:18:52 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-07-29 13:31:26 | 000,136,632 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm) DRV - [2010-07-29 13:31:26 | 000,134,512 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw) DRV - [2010-07-29 13:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010-07-29 13:31:26 | 000,041,336 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp) DRV - [2010-07-29 13:31:26 | 000,032,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis) DRV - [2010-05-18 19:28:28 | 000,100,368 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV - [2010-05-18 19:28:26 | 000,142,864 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv) DRV - [2010-05-18 19:28:26 | 000,111,248 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt) DRV - [2010-05-18 19:28:26 | 000,041,744 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon) DRV - [2010-05-18 19:28:26 | 000,031,504 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxUSB.sys -- (VBoxUSB) DRV - [2008-07-17 13:52:13 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008-07-17 13:52:13 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008-07-17 13:52:12 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008-07-17 13:52:10 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008-07-17 13:52:10 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008-07-17 13:52:09 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008-07-17 13:52:07 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008-07-17 13:52:07 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008-07-17 13:52:05 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008-07-17 13:52:03 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008-07-17 13:52:02 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008-07-17 13:52:02 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008-07-17 13:52:01 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008-07-17 13:52:01 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008-07-17 13:52:00 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008-07-17 13:51:59 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008-07-17 13:51:57 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008-07-17 13:51:52 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008-07-17 13:51:52 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008-07-17 13:51:50 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008-07-17 13:51:48 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008-07-17 13:50:05 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008-07-17 13:50:05 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008-07-17 13:50:05 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2008-03-17 10:05:30 | 000,101,632 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2007-05-15 15:55:36 | 000,118,576 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\Windows\System32\drivers\InCDfs.sys -- (InCDfs) DRV - [2007-05-15 15:55:36 | 000,038,576 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\InCDRm.sys -- (incdrm) DRV - [2007-05-15 15:55:36 | 000,037,040 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\InCDPass.sys -- (InCDPass) DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006-11-02 08:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2006-11-02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2304157 IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-12-02 20:16:57 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-11-29 15:53:02 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0b6\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 6\components [2010-11-29 15:53:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0b6\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 6\plugins [2010-11-29 15:53:02 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-11-29 14:21:36 | 000,000,000 | ---D | M] [2010-12-03 14:28:14 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-10-01 11:22:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010-10-01 11:22:44 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2007-12-17 18:16:14 | 000,065,536 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npkimi.dll [2010-09-14 22:29:36 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-09-14 22:29:36 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-09-14 22:29:36 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-09-14 22:29:36 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-09-14 22:29:36 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-09-14 22:29:36 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-10-15 21:20:02 | 000,001,303 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe (Nero AG) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe (Nero AG) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Windows Update System] C:\Users\carder\AppData\Roaming\hidserv.exe File not found O4 - HKCU..\Run: [AutoConnect] C:\Nowy folder\AutoConnect\AutoConnect.exe (http://autoconnect.prv.pl) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe () O4 - HKCU..\Run: [Windows Update System] C:\Users\carder\AppData\Roaming\hidserv.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\WBSrv: DllName - C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll - C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll (Stardock Corporation) O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2006-11-02 07:00:00 | 000,000,043 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ] O32 - AutoRun File - [2007-03-26 07:36:13 | 000,000,000 | -H-D | M] - G:\AutoPlay -- [ CDFS ] O32 - AutoRun File - [2007-03-26 07:36:08 | 002,408,448 | R--- | M] () - G:\autorun.exe -- [ CDFS ] O32 - AutoRun File - [2007-03-26 07:36:08 | 000,000,043 | R--- | M] () - G:\autorun.inf -- [ CDFS ] O32 - AutoRun File - [2008-04-23 22:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) - M:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2008-07-04 12:03:32 | 000,000,051 | R--- | M] () - M:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{0179e3b8-e364-11df-84d2-0800270008e9}\Shell - "" = AutoRun O33 - MountPoints2\{0179e3b8-e364-11df-84d2-0800270008e9}\Shell\AutoRun\command - "" = M:\AutoRun.exe -- [2008-04-23 22:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{0179e3bc-e364-11df-84d2-0800270008e9}\Shell - "" = AutoRun O33 - MountPoints2\{0179e3bc-e364-11df-84d2-0800270008e9}\Shell\AutoRun\command - "" = M:\AutoRun.exe -- [2008-04-23 22:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{0179e3ed-e364-11df-84d2-0800270008e9}\Shell - "" = AutoRun O33 - MountPoints2\{0179e3ed-e364-11df-84d2-0800270008e9}\Shell\AutoRun\command - "" = M:\AutoRun.exe -- [2008-04-23 22:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{1e182a6a-f867-11df-b417-0800270008e9}\Shell\AutoRun\command - "" = 62.exe O33 - MountPoints2\{1e182a6a-f867-11df-b417-0800270008e9}\Shell\open\Command - "" = 62.exe O33 - MountPoints2\{30b396ce-cd36-11df-9c4f-8eba6f7850c6}\Shell - "" = AutoRun O33 - MountPoints2\{30b396ce-cd36-11df-9c4f-8eba6f7850c6}\Shell\AutoRun\command - "" = N:\AutoRun.exe -- File not found O33 - MountPoints2\{30b396ee-cd36-11df-9c4f-8eba6f7850c6}\Shell - "" = AutoRun O33 - MountPoints2\{30b396ee-cd36-11df-9c4f-8eba6f7850c6}\Shell\AutoRun\command - "" = N:\AutoRun.exe -- File not found O33 - MountPoints2\{3110a9f3-de9c-11df-b48d-0800270008e9}\Shell - "" = AutoRun O33 - MountPoints2\{3110a9f3-de9c-11df-b48d-0800270008e9}\Shell\AutoRun\command - "" = N:\AutoRun.exe -- File not found O33 - MountPoints2\{3110aa17-de9c-11df-b48d-0800270008e9}\Shell - "" = AutoRun O33 - MountPoints2\{3110aa17-de9c-11df-b48d-0800270008e9}\Shell\AutoRun\command - "" = M:\AutoRun.exe -- [2008-04-23 22:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{502a358e-d123-11df-9fbf-0800270008e9}\Shell - "" = AutoRun O33 - MountPoints2\{502a358e-d123-11df-9fbf-0800270008e9}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -- File not found O33 - MountPoints2\{c6a2908f-e29f-11df-8d4b-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{c6a2908f-e29f-11df-8d4b-806e6f6e6963}\Shell\AutoRun\command - "" = M:\AutoRun.exe -- [2008-04-23 22:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{c6ee0253-d03f-11df-9f67-0800270008e9}\Shell - "" = AutoRun O33 - MountPoints2\{c6ee0253-d03f-11df-9f67-0800270008e9}\Shell\AutoRun\command - "" = G:\autorun.exe -- [2007-03-26 07:36:08 | 002,408,448 | R--- | M] () O33 - MountPoints2\{c6ee027b-d03f-11df-9f67-0800270008e9}\Shell - "" = AutoRun O33 - MountPoints2\{c6ee027b-d03f-11df-9f67-0800270008e9}\Shell\AutoRun\command - "" = N:\AutoRun.exe -- File not found O33 - MountPoints2\{d4444c47-fb02-11df-b81d-0800270008e9}\Shell - "" = AutoRun O33 - MountPoints2\{d4444c47-fb02-11df-b81d-0800270008e9}\Shell\AutoRun\command - "" = N:\AutoRun.exe -- File not found O33 - MountPoints2\{de208002-f3c3-11df-9fdc-0800270008e9}\Shell - "" = AutoRun O33 - MountPoints2\{de208002-f3c3-11df-9fdc-0800270008e9}\Shell\AutoRun\command - "" = M:\AutoRun.exe -- [2008-04-23 22:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\M\Shell - "" = AutoRun O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\AutoRun.exe -- [2008-04-23 22:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-12-02 20:40:18 | 000,000,000 | ---D | C] -- C:\Windows\.jagex_cache_32 [2010-12-02 07:12:49 | 000,000,000 | ---D | C] -- C:\Program Files\DVDMenu [2010-11-30 19:27:17 | 000,000,000 | ---D | C] -- C:\Program Files\Tsarfin Computing [2010-11-29 19:00:33 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch [2010-11-29 15:56:57 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll [2010-11-29 15:55:36 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2010-11-29 15:55:28 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2010-11-29 15:55:23 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2010-11-29 15:50:35 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2010-11-29 15:50:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2010-11-29 15:49:29 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update [2010-11-29 15:45:40 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2010-11-29 15:44:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2010-11-29 15:44:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2010-11-29 14:21:35 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET [2010-11-29 14:21:35 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2010-11-27 23:23:17 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2010-11-27 23:21:25 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks [2010-11-25 08:56:29 | 004,134,480 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des [2010-11-25 08:52:56 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys [2010-11-25 08:50:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared [2010-11-23 22:12:02 | 000,713,312 | ---- | C] (NHN USA) -- C:\Windows\System32\ijjiSetup.exe [2010-11-23 22:12:02 | 000,062,048 | ---- | C] (NHN USA Inc.) -- C:\Windows\System32\ijjiProcessRestarter.exe [2010-11-23 22:12:01 | 000,000,000 | ---D | C] -- C:\Program Files\REACTOR [2010-11-23 16:38:41 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2010-11-23 16:38:20 | 001,948,763 | ---- | C] ( ) -- C:\Users\carder\wrar393pl.exe [2010-11-22 14:51:44 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe [2010-11-22 14:49:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe [2010-11-22 14:48:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Ahead [2010-11-22 14:46:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2010-11-22 14:46:18 | 000,000,000 | ---D | C] -- C:\Program Files\Nero [2010-11-22 14:46:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead [2010-11-21 11:27:51 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache [2010-11-20 14:33:54 | 000,000,000 | ---D | C] -- C:\Program Files\Garena [2010-11-20 14:32:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam [2010-11-19 19:28:12 | 000,000,000 | ---D | C] -- C:\Program Files\ZOTAC FireStorm [2010-11-19 19:22:31 | 000,000,000 | ---D | C] -- C:\Program Files\Badaboom [2010-11-19 19:09:57 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2010-11-19 19:09:50 | 000,000,000 | ---D | C] -- C:\Program Files\vReveal [2010-11-17 14:36:12 | 000,000,000 | ---D | C] -- C:\Users\carder\New Folder (1) [2010-11-16 23:20:03 | 000,000,000 | ---D | C] -- C:\Users\carder\New Folder [2010-11-15 17:11:18 | 000,000,000 | ---D | C] -- C:\ProgramData\DDD [2010-11-15 17:10:53 | 000,000,000 | ---D | C] -- C:\Program Files\TriDef 3D [2010-11-15 13:40:33 | 014,899,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2010-11-15 13:40:33 | 013,019,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2010-11-15 13:40:33 | 010,084,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2010-11-15 13:40:33 | 005,473,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll [2010-11-15 13:40:33 | 004,837,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2010-11-15 13:40:33 | 002,912,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2010-11-15 13:40:33 | 002,666,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2010-11-15 13:40:33 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2010-11-15 13:40:33 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd [2010-11-13 18:47:16 | 000,598,368 | ---- | C] (RealNetworks, Inc.) -- C:\Users\carder\RealPlayer.exe [2010-11-13 14:19:23 | 000,000,000 | ---D | C] -- C:\Users\carder\.thumbnails [2010-11-12 05:03:22 | 002,811,584 | ---- | C] (Piriform Ltd) -- C:\Users\carder\ccsetup300.exe [2010-11-10 14:56:30 | 000,000,000 | ---D | C] -- C:\Users\carder\.gimp-2.6 [2010-11-10 14:56:19 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0 [2010-11-10 14:35:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Akamai [2010-11-09 21:29:11 | 000,000,000 | ---D | C] -- C:\Program Files\XfireXO [2010-11-09 21:28:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire [2010-11-09 21:28:14 | 000,000,000 | ---D | C] -- C:\Program Files\Xfire [2010-11-08 13:26:29 | 000,000,000 | ---D | C] -- C:\Program Files\Good Shot [2010-11-08 13:18:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Brontes Processing [2010-11-08 13:18:25 | 000,000,000 | ---D | C] -- C:\Program Files\Brontes Processing [2010-11-08 13:09:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2010-11-08 07:08:59 | 000,000,000 | ---D | C] -- C:\Program Files\OvO [2010-11-08 06:58:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe [2010-11-08 06:56:54 | 004,750,496 | ---- | C] (Adobe Systems Inc.) -- C:\Users\carder\Shockwave_Installer_Slim.exe [2010-11-06 22:38:32 | 000,000,000 | ---D | C] -- C:\ProgramData\WebcamWallpaper [2010-11-06 22:38:32 | 000,000,000 | ---D | C] -- C:\Program Files\WebcamWallpaper [2010-11-06 20:27:21 | 000,000,000 | ---D | C] -- C:\Program Files\Fantastic Flame Screensaver [2010-11-06 20:20:51 | 000,291,776 | ---- | C] (Vendio Services, Inc. ) -- C:\Windows\System32\DealioKit1-stub-0.exe [2010-11-06 20:20:51 | 000,000,000 | ---D | C] -- C:\Program Files\3D Desktop [2010-11-06 20:20:26 | 001,037,481 | ---- | C] (3D Desktop, Ltd ) -- C:\Users\carder\crash_icons.exe [2010-11-06 20:04:11 | 000,528,384 | ---- | C] (Astro Gemini Software) -- C:\Windows\System32\Astro Gemini Screensaver Manager.scr [2010-11-06 20:04:10 | 000,000,000 | ---D | C] -- C:\Program Files\Astro Gemini Software [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-12-03 14:31:27 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\carder\Freelancer Mod Manager.lnk.exe [2010-12-03 13:47:59 | 000,589,884 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010-12-03 13:47:59 | 000,101,896 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010-12-03 13:47:40 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini [2010-12-03 13:44:33 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010-12-03 13:44:33 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010-12-03 06:42:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010-12-02 15:06:10 | 000,001,863 | ---- | M] () -- C:\Users\Public\Desktop\GenesisAD.lnk [2010-12-01 21:48:57 | 000,047,769 | ---- | M] () -- C:\Users\carder\.recently-used.xbel [2010-11-30 19:27:17 | 000,002,094 | ---- | M] () -- C:\Users\Public\Desktop\NetInfo.lnk [2010-11-29 19:09:34 | 000,022,328 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010-11-29 15:57:07 | 000,001,637 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2010-11-29 15:51:27 | 000,001,699 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2010-11-29 14:29:48 | 000,000,038 | ---- | M] () -- C:\Windows\AviSplitter.INI [2010-11-29 02:00:43 | 000,001,675 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk [2010-11-27 23:34:19 | 000,000,810 | ---- | M] () -- C:\Users\Public\Desktop\Need For Speed World.lnk [2010-11-27 18:24:00 | 000,148,281 | ---- | M] () -- C:\Users\carder\kiukljh.jpg [2010-11-23 22:14:43 | 000,000,171 | ---- | M] () -- C:\Users\Public\Desktop\ijji.url [2010-11-23 22:14:39 | 000,001,687 | ---- | M] () -- C:\Users\carder\Application Data\Microsoft\Internet Explorer\Quick Launch\ijji REACTOR.lnk [2010-11-23 22:14:38 | 000,001,661 | ---- | M] () -- C:\Users\Public\Desktop\ijji REACTOR.lnk [2010-11-23 16:38:26 | 001,948,763 | ---- | M] ( ) -- C:\Users\carder\wrar393pl.exe [2010-11-22 14:49:22 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\LightScribe.lnk [2010-11-22 14:48:56 | 000,002,516 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk [2010-11-22 14:39:34 | 036,725,326 | ---- | M] () -- C:\Users\carder\Untitled.bmp [2010-11-21 10:54:33 | 001,661,952 | ---- | M] (NoPremium.pl) -- C:\Users\carder\nopremium.exe [2010-11-20 17:20:27 | 000,000,731 | ---- | M] () -- C:\Zotac FireStorm.lnk [2010-11-19 19:43:59 | 000,000,015 | ---- | M] () -- C:\Windows\Firestorm.INI [2010-11-19 19:09:54 | 000,000,775 | ---- | M] () -- C:\Users\Public\Desktop\vReveal.lnk [2010-11-15 18:00:52 | 000,001,673 | ---- | M] () -- C:\Users\carder\shkjku.jpg [2010-11-13 18:47:17 | 000,598,368 | ---- | M] (RealNetworks, Inc.) -- C:\Users\carder\RealPlayer.exe [2010-11-12 05:03:40 | 002,811,584 | ---- | M] (Piriform Ltd) -- C:\Users\carder\ccsetup300.exe [2010-11-10 23:02:10 | 004,134,480 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des [2010-11-10 14:56:25 | 000,000,873 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk [2010-11-09 22:33:57 | 000,000,711 | ---- | M] () -- C:\Users\carder\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk [2010-11-09 22:33:57 | 000,000,687 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk [2010-11-08 14:32:40 | 000,000,512 | ---- | M] () -- C:\Windows\Fantastic Flame Screensaver.ini [2010-11-08 06:57:28 | 004,750,496 | ---- | M] (Adobe Systems Inc.) -- C:\Users\carder\Shockwave_Installer_Slim.exe [2010-11-06 22:38:32 | 000,000,857 | ---- | M] () -- C:\Users\Public\Desktop\Webcam Wallpaper.lnk [2010-11-06 22:38:25 | 002,918,544 | ---- | M] () -- C:\Users\carder\setup.exe [2010-11-06 20:22:39 | 000,000,001 | ---- | M] () -- C:\Windows\System32\sav85014.sys [2010-11-06 20:20:40 | 001,037,481 | ---- | M] (3D Desktop, Ltd ) -- C:\Users\carder\crash_icons.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-12-01 21:48:57 | 000,047,769 | ---- | C] () -- C:\Users\carder\.recently-used.xbel [2010-11-30 19:27:17 | 000,002,094 | ---- | C] () -- C:\Users\Public\Desktop\NetInfo.lnk [2010-11-29 19:09:34 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010-11-29 19:09:27 | 000,103,736 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2010-11-29 19:08:51 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2010-11-29 15:57:07 | 000,001,637 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2010-11-29 15:51:27 | 000,001,699 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2010-11-29 14:29:48 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2010-11-29 01:11:53 | 000,001,675 | ---- | C] () -- C:\Users\Public\Desktop\Defraggler.lnk [2010-11-27 23:34:19 | 000,000,810 | ---- | C] () -- C:\Users\Public\Desktop\Need For Speed World.lnk [2010-11-27 18:24:00 | 000,148,281 | ---- | C] () -- C:\Users\carder\kiukljh.jpg [2010-11-25 08:52:55 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd [2010-11-24 20:30:06 | 000,001,863 | ---- | C] () -- C:\Users\Public\Desktop\GenesisAD.lnk [2010-11-23 22:14:43 | 000,000,171 | ---- | C] () -- C:\Users\Public\Desktop\ijji.url [2010-11-23 22:14:39 | 000,001,687 | ---- | C] () -- C:\Users\carder\Application Data\Microsoft\Internet Explorer\Quick Launch\ijji REACTOR.lnk [2010-11-23 22:14:38 | 000,001,661 | ---- | C] () -- C:\Users\Public\Desktop\ijji REACTOR.lnk [2010-11-22 16:49:05 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2010-11-22 14:49:22 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\LightScribe.lnk [2010-11-22 14:48:56 | 000,002,516 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk [2010-11-22 14:39:19 | 036,725,326 | ---- | C] () -- C:\Users\carder\Untitled.bmp [2010-11-20 14:32:45 | 000,000,759 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2010-11-19 19:43:59 | 000,000,015 | ---- | C] () -- C:\Windows\Firestorm.INI [2010-11-19 19:41:23 | 000,000,065 | ---- | C] () -- C:\Users\carder\ZOTAC FireStorm.txt [2010-11-19 19:29:14 | 000,000,731 | ---- | C] () -- C:\Zotac FireStorm.lnk [2010-11-19 19:29:14 | 000,000,731 | ---- | C] () -- \Zotac FireStorm.lnk [2010-11-19 19:09:54 | 000,000,775 | ---- | C] () -- C:\Users\Public\Desktop\vReveal.lnk [2010-11-10 14:56:25 | 000,000,873 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk [2010-11-06 22:38:32 | 000,000,857 | ---- | C] () -- C:\Users\Public\Desktop\Webcam Wallpaper.lnk [2010-11-06 22:38:02 | 002,918,544 | ---- | C] () -- C:\Users\carder\setup.exe [2010-11-06 20:27:21 | 000,000,512 | ---- | C] () -- C:\Windows\Fantastic Flame Screensaver.ini [2010-11-06 20:21:25 | 000,000,001 | ---- | C] () -- C:\Windows\System32\sav85014.sys [2010-10-31 10:26:54 | 000,020,102 | ---- | C] () -- C:\Program Files\Readme.txt [2010-10-31 10:26:54 | 000,010,960 | ---- | C] () -- C:\Program Files\EULA.txt [2010-10-31 10:26:54 | 000,000,344 | ---- | C] () -- C:\Program Files\INSTALL.LOG [2010-10-23 16:38:31 | 000,118,784 | ---- | C] () -- C:\Windows\System32\NxExtensions.dll [2010-10-13 18:18:52 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2010-10-05 19:38:00 | 000,000,404 | ---- | C] () -- C:\Windows\BRWMARK.INI [2010-10-01 19:12:39 | 000,008,192 | R-S- | C] () -- \BOOTSECT.BAK [2010-10-01 19:12:39 | 000,000,213 | -HS- | C] () -- \Boot.BAK [2010-10-01 19:12:38 | 000,333,203 | RHS- | C] () -- \bootmgr [2010-10-01 19:12:16 | 000,171,136 | RHS- | C] () -- \grldr [2010-10-01 10:42:03 | 000,000,000 | ---- | C] () -- C:\Windows\WB.ini [2010-10-01 10:00:49 | 000,057,904 | ---- | C] () -- C:\Windows\System32\wbload.dll [2010-10-01 09:29:51 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll [2010-10-01 09:29:49 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2010-10-01 09:29:49 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010-10-01 09:22:00 | 000,000,357 | -HS- | C] () -- \Boot.ini.saved [2010-09-20 13:27:11 | 2456,981,504 | -HS- | C] () -- [2010-08-15 20:09:32 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS [2010-08-15 20:09:32 | 000,000,000 | RHS- | C] () -- \IO.SYS [2010-08-15 00:14:30 | 000,192,144 | ---- | C] () -- \AnalysisLog.sr0 [2010-08-13 18:13:47 | 1607,376,896 | -HS- | C] () -- \hiberfil.sys [2010-07-09 20:00:32 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll [2009-12-02 10:11:04 | 000,002,045 | -H-- | C] () -- C:\Windows\System32\whlpdms32a.dll [2008-07-17 13:59:45 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en [2007-11-26 20:56:28 | 000,151,415 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2007-03-21 12:00:00 | 000,298,720 | RHS- | C] () -- \ntldr [2007-03-21 12:00:00 | 000,047,772 | RHS- | C] () -- \NTDETECT.COM [2007-03-21 12:00:00 | 000,004,952 | RHS- | C] () -- \bootfont.bin [2006-11-02 13:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006-11-02 11:23:09 | 000,000,024 | ---- | C] () -- \autoexec.bat [2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006-11-02 07:25:08 | 000,000,010 | ---- | C] () -- \config.sys [2006-11-01 06:54:30 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2006-11-01 06:52:38 | 000,758,018 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2006-06-12 08:21:24 | 000,580,114 | ---- | C] () -- C:\Windows\System32\x264vfw.dll [2005-02-05 21:46:00 | 000,004,608 | ---- | C] () -- C:\Windows\fgexec.dll [2004-08-04 03:07:00 | 000,002,000 | ---- | C] () -- C:\Windows\System32\netcache32.sys [2002-11-15 13:11:28 | 000,077,824 | ---- | C] () -- C:\Windows\System32\MMSwitch.dll [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 966 bytes -> C:\ProgramData\TEMP:24721E3C < End of report >[/log] Extras.Txt [log]OTL Extras logfile created on: 2010-12-03 14:32:49 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\carder Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 43,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 58,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 97,56 Gb Total Space | 23,61 Gb Free Space | 24,20% Space Free | Partition Type: NTFS Drive D: | 368,10 Gb Total Space | 186,23 Gb Free Space | 50,59% Space Free | Partition Type: NTFS Drive F: | 4,08 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Drive G: | 697,87 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive M: | 11,75 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive X: | 232,88 Gb Total Space | 112,51 Gb Free Space | 48,31% Space Free | Partition Type: NTFS Computer Name: CARDER-PC | User Name: carder | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Play_with_TriDef_Media_Player] -- "C:\Program Files\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe" "%1" File not found Directory [takeown] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation) Directory [text console] -- cmd.exe /k cd %1 (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "Windows Update System" = C:\Users\carder\AppData\Roaming\hidserv.exe -- File not found "C:\Program Files\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe" = C:\Program Files\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe:*:Enabled:TriDef 3D Media Player -- File not found "C:\Users\carder\nopremium.exe" = C:\Users\carder\nopremium.exe:*:Enabled:nopremium.exe -- (NoPremium.pl) "X:\gry\Gameforge4D\AirRivals_PL\Launcher.atm" = X:\gry\Gameforge4D\AirRivals_PL\Launcher.atm:Enabled:GameExe2 -- File not found "X:\gry\Gameforge4D\AirRivals_PL\Res-Voip\SCVoIP.exe" = X:\gry\Gameforge4D\AirRivals_PL\Res-Voip\SCVoIP.exe:Enabled:GameVoIP -- File not found [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1753E84E-75D9-4697-A31B-250A22A92C7F}" = lport=57797 | protocol=6 | dir=in | name=pando media booster | "{859566AA-730B-4EB5-8269-D4F88C080385}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | "{9D462BCC-19AD-4A0B-AEEC-C3EF23BF9B11}" = lport=57797 | protocol=17 | dir=in | name=pando media booster | "{A4472505-8EF5-438B-BD6F-AE6C5C7A1972}" = lport=57797 | protocol=6 | dir=in | name=pando media booster | "{AF552381-0513-4FFB-B45B-5BF587D1AE6D}" = lport=57797 | protocol=17 | dir=in | name=pando media booster | "{C8CC3151-4DCB-4E28-AE54-F460A894F45F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{F7EDC0D2-D6AE-486B-88B4-E5E4508A8C43}" = lport=49168 | protocol=6 | dir=in | name=akamai netsession interface | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00BA573B-5F5B-4B68-96D9-127155A0BB9F}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{0DBC520D-5CC5-414E-A68E-C39BAE758023}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{122A8AA5-1EF1-4968-A2D7-4649BCCC8D6D}" = protocol=17 | dir=in | app=x:\gry\ijji\english\genesisad\gameconsole.bin | "{1BAC72F8-05FA-4F6E-9B77-B29351B9E565}" = protocol=6 | dir=in | app=x:\gry\ijji\english\genesisad\gameconsole.bin | "{2240BB3D-0D3E-4972-B5DB-A56D2E42ADBF}" = dir=in | app=c:\program files\itunes\itunes.exe | "{234513A6-A79A-4270-8845-29F58F77A47E}" = protocol=17 | dir=in | app=d:\ubisoft\lost - zagubieni\detection\launcher.exe | "{3CEEF7BA-54A4-4F9F-AD84-FA99849F9817}" = protocol=6 | dir=in | app=c:\program files\reactor\ijjioptimizer.exe | "{4D326D95-5B3C-42F3-AD61-C3BD0DF8E132}" = protocol=6 | dir=in | app=d:\ubisoft\lost - zagubieni\detection\launcher.exe | "{5F4CD770-B7F3-4BE1-A44F-5514BB6A7B8F}" = protocol=17 | dir=in | app=x:\gry\ijji\english\genesisad\anotherday.exe | "{608234FE-120A-446F-A980-5EB0FD589E6F}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{622556FD-D7DF-488C-8F75-3A71637665A7}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{7F99DFF6-7DF0-4F36-B269-1E116E334161}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{83B090D5-1F6E-4861-9B9D-BCBCB3A2B3E8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{9B37D61C-B73D-44CD-A53A-8BB38EEC4C77}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{A3A4A49A-8297-460C-8A78-515074C5E69B}" = protocol=17 | dir=in | app=d:\ubisoft\lost - zagubieni\gu.exe | "{A4EB2968-0FA9-4996-9167-85F456080A39}" = protocol=6 | dir=in | app=x:\gry\ijji\english\genesisad\anotherday.exe | "{B45F717D-FDA0-4783-BD0D-45AFF31052A0}" = protocol=6 | dir=in | app=d:\ubisoft\lost - zagubieni\gu.exe | "{C01059E0-2D73-4AB7-ADFA-865AE03BCB46}" = protocol=6 | dir=in | app=d:\ubisoft\lost - zagubieni\yeti_final_win32.exe | "{D0DEB391-599D-4A75-BF00-539934F4F94A}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{D699024B-9307-41B4-BEA6-82E73718C927}" = protocol=17 | dir=in | app=d:\ubisoft\lost - zagubieni\yeti_final_win32.exe | "{D998BB88-743E-4BBD-B64E-C6E7D9B53DCB}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{FD727C02-DF0E-464F-B065-FE892340BB92}" = protocol=17 | dir=in | app=c:\program files\reactor\ijjioptimizer.exe | "TCP Query User{0F1332EC-3C0A-4950-BFD1-CBDB564351FB}X:\gry\ubisoft\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe" = protocol=6 | dir=in | app=x:\gry\ubisoft\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe | "TCP Query User{2A076D64-E504-4FAD-BA8F-C354635AEB9C}X:\gry\left 4 dead\left4dead.exe" = protocol=6 | dir=in | app=x:\gry\left 4 dead\left4dead.exe | "TCP Query User{5F86CABE-838D-4C74-8824-8C34629072B0}C:0\gry\left 4 dead\left4dead.exe" = protocol=6 | dir=in | app=c:0\gry\left 4 dead\left4dead.exe | "TCP Query User{C6D8EDD2-CC60-4ADD-8436-4D98CD61D9CD}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "TCP Query User{CA47F106-69F1-4DB1-AE1D-DCCAFC817831}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "TCP Query User{E32E14B0-3EC7-4956-AE77-B4A3A77C6226}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "UDP Query User{39EEA52A-8BAB-409B-AF00-AC32428EADC2}X:\gry\ubisoft\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe" = protocol=17 | dir=in | app=x:\gry\ubisoft\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe | "UDP Query User{527BA1E2-8AEA-4235-B5E2-A554DA32D4A9}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "UDP Query User{92227728-3641-41F0-B6AB-036169442331}C:0\gry\left 4 dead\left4dead.exe" = protocol=17 | dir=in | app=c:0\gry\left 4 dead\left4dead.exe | "UDP Query User{976EDF08-5960-4B00-894B-F95890A04632}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{B884C5A2-07EB-4242-8F6E-B1802645C523}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "UDP Query User{E108A2CE-594F-4FF1-8D3E-B0AC7B95E12A}X:\gry\left 4 dead\left4dead.exe" = protocol=17 | dir=in | app=x:\gry\left 4 dead\left4dead.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{007BECB0-17DD-4230-9D2F-185287262B14}" = Microsoft XNA Game Studio 3.0 (Platformer) "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0C19D563-5F25-4621-BF10-01F741BD283F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools English "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0DC0350A-B2E1-4C3A-8438-90DA35E3038C}_is1" = 3D Crash Icons Screensaver "{0DC16794-7E69-4534-82FA-9DD0500FF338}" = Microsoft XNA Game Studio 3.0 (Redists) "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21 "{2702B8FC-6003-4AC6-ADBC-EC65746D800A}" = Lost Via Domus "{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour "{300A470B-681B-449F-82AE-6D19114702CE}" = PhysX Screen Saver "{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support "{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types "{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0 "{3BA37E38-B53D-4520-B8DA-1DD62AD3A74E}" = Microsoft XNA Game Studio 3.0 (VCSExpress) "{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4FD3EFE2-C856-4C55-AF0F-B29C1E2D6A24}" = NetInfo "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5BE1E709-30E4-3D6D-A708-96CE8D5E5E8D}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu "{5E7CA6C3-6CE4-404A-96BB-0A54D26A5A5C}" = Microsoft Visual C++ 2005 Redistributable for StarCodec "{5EB3F5E2-1533-42D2-97C2-E0BA06CA6939}" = GenesisAD "{62621555-6310-433D-983E-957D707DC535}" = ESET Smart Security "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = Brother MFL-Pro Suite DCP-375CW "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{753B50B1-8A12-4EEE-A151-A9EFA0FF3116}" = Oracle VM VirtualBox 3.2.0 "{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World "{7FD30AE7-281D-455F-AF9F-0C6C5E334EAD}" = Microsoft XNA Game Studio 3.0 Documentation "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8CA53298-AB86-49C7-8040-D5E7BA2F703A}" = NVIDIA PhysX Particle Fluid Demo "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = REACTOR "{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{A2104078-AAA5-449E-95DD-55C9443A1045}" = Nero 7 Essentials "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A4418082-E601-3954-805B-D56A2B50EC8B}" = Microsoft Visual C# 2008 Express Edition with SP1 - ENU "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{AC3F9FEE-1A44-4FCE-BD72-BD27D4BC6279}" = Microsoft XNA Game Studio Platform Tools "{AF9BDE67-11A5-449A-B9F0-BE572A093DDB}" = Microsoft XNA Game Studio 3.0 (Shared Components) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 260.99 "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 260.99 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 260.99 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{D9B4D7EE-481C-4C36-86AB-A8F7417725FF}" = LightScribe 1.6.43.1 "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{DFB81F19-ED3A-4DA5-AFE4-1B999E2A8DC5}" = Microsoft XNA Game Studio 3.0 (XnaLiveProxy) "{E1D78366-91DA-4AD0-B417-28155743CC22}" = Microsoft XNA Game Studio 3.0 (ARP entry) "{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English "{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime "{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004) "{EC0B2A03-9FBF-4B21-AD3B-14C49C2232C7}" = GenesisAD_Setup "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects "{F731791B-E17A-4402-9FC7-F0E65E8D93BD}" = Microsoft XNA Game Studio 3.0 - Racing Game Starter Kit (Windows) "{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "3Planesoft Screensaver Manager_is1" = 3Planesoft Screensaver Manager 1.4 "7-Zip" = 7-Zip 4.42 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Akamai" = Akamai NetSession Interface "Astro Gemini Screensaver Manager_is1" = Astro Gemini Screensaver Manager 1.2 "AutoConnect" = AutoConnect v0.1.3.1 "Badaboom" = Badaboom 1.2.1.13 "CCleaner" = CCleaner "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "conduitEngine" = Conduit Engine "Debiut Małego Cyklopa_is1" = Debiut Małego Cyklopa "Defraggler" = Defraggler "Delphi 10 Lite v3.0_is1" = Delphi 10 Lite v3.0 [SP1 Integrated] "DivX Codec" = DivX Codec "DriftCity_EU_eng" = Drift City (EU_ENG) "DVD Menu Studio_is1" = DVD Menu Studio 1.1 "ENTERPRISE" = Microsoft Office Enterprise 2007 "Fantastic Flame Screensaver" = Fantastic Flame Screensaver "FormatFactory" = FormatFactory 2.50 "Fraps" = Fraps (remove only) "FreePascal_is1" = Free Pascal 2.4.0 "Gadu-Gadu 10" = Gadu-Gadu 10 "Game Maker 8.0" = Game Maker 8.0 "Garena" = Garena 2010 "Good Shot_is1" = Good Shot 1.17 "ImgBurn" = ImgBurn (Remove Only) "Imikimi Plugin" = Imikimi Plugin "InstallShield_{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}" = Quake 4(TM) "InstallShield_{578FA426-47C0-4A3F-98A4-01ACD26B7556}" = LEGO Star Wars II "iWisoft Flash SWF to Video Converter_is1" = iWisoft Flash SWF to Video Converter 3.2 "KLiteCodecPack_is1" = K-Lite Codec Pack 3.9.5 (Full) "LockHunter_is1" = LockHunter version 1.0 beta 3, 32 bit edition "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft Visual C# 2008 Express Edition with SP1 - ENU" = Microsoft Visual C# 2008 Express Edition with SP1 - ENU "Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12) "Mozilla Firefox 4.0b6 (x86 pl)" = Mozilla Firefox 4.0b6 (x86 pl) "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "OvO" = OvO "PLAY ONLINE" = PLAY ONLINE "Star Wars 3D Screensaver_is1" = Star Wars 3D Screensaver 1.3 "StarCodec" = StarCodec "SystemRequirementsLab" = System Requirements Lab "TeamViewer 5" = TeamViewer 5 "The One Ring 3D Screensaver_is1" = The One Ring 3D Screensaver 1.0 "uTorrent" = µTorrent "vReveal" = vReveal "Webcam Wallpaper" = Webcam Wallpaper 1.3 "WinGimp-2.0_is1" = GIMP 2.6.11 "WinRAR archiver" = WinRAR archiver "Xfire" = Xfire (remove only) "XfireXO Toolbar" = XfireXO Toolbar "XNA Game Studio 3.0" = Microsoft XNA Game Studio 3.0 "ZOTAC FireStorm" = ZOTAC FireStorm [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "PhotoFiltre" = PhotoFiltre "UnityWebPlayer" = Unity Web Player [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-12-01 14:23:53 | Computer Name = carder-PC | Source = RasClient | ID = 20227 Description = Error - 2010-12-01 14:23:59 | Computer Name = carder-PC | Source = RasClient | ID = 20227 Description = Error - 2010-12-01 14:24:05 | Computer Name = carder-PC | Source = RasClient | ID = 20227 Description = Error - 2010-12-01 14:24:11 | Computer Name = carder-PC | Source = RasClient | ID = 20227 Description = Error - 2010-12-01 14:24:17 | Computer Name = carder-PC | Source = RasClient | ID = 20227 Description = Error - 2010-12-01 14:24:23 | Computer Name = carder-PC | Source = RasClient | ID = 20227 Description = Error - 2010-12-01 14:24:29 | Computer Name = carder-PC | Source = RasClient | ID = 20227 Description = Error - 2010-12-01 14:24:35 | Computer Name = carder-PC | Source = RasClient | ID = 20227 Description = Error - 2010-12-02 10:36:23 | Computer Name = carder-PC | Source = Application Error | ID = 1000 Description = Faulting application AAM Updates Notifier.exe, version 1.0.175.0, time stamp 0x4b918408, faulting module npggNT.des_unloaded, version 0.0.0.0, time stamp 0x4cb50450, exception code 0xc0000005, fault offset 0x458aeb20, process id 0x1354, application start time 0x01cb90b659256186. Error - 2010-12-02 15:05:44 | Computer Name = carder-PC | Source = Application Error | ID = 1000 Description = Faulting application nopremium.exe, version 1.12.0.2000, time stamp 0x2a425e19, faulting module kernel32.dll, version 6.0.6001.18000, time stamp 0x4791a76d, exception code 0xc0000005, fault offset 0x00048989, process id 0x6e0, application start time 0x01cb924f69b60aa6. [ System Events ] Error - 2010-11-25 17:57:24 | Computer Name = carder-PC | Source = volsnap | ID = 393252 Description = The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error - 2010-11-25 18:37:37 | Computer Name = carder-PC | Source = DCOM | ID = 10010 Description = Error - 2010-11-25 18:41:04 | Computer Name = carder-PC | Source = EventLog | ID = 6008 Description = The previous system shutdown at 23:39:42 on 2010-11-25 was unexpected. Error - 2010-11-25 18:41:06 | Computer Name = carder-PC | Source = HTTP | ID = 15016 Description = Error - 2010-11-25 18:45:08 | Computer Name = carder-PC | Source = EventLog | ID = 6008 Description = The previous system shutdown at 23:43:04 on 2010-11-25 was unexpected. Error - 2010-11-25 18:45:10 | Computer Name = carder-PC | Source = HTTP | ID = 15016 Description = Error - 2010-11-25 18:47:10 | Computer Name = carder-PC | Source = Service Control Manager | ID = 7022 Description = Error - 2010-11-25 18:47:10 | Computer Name = carder-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2010-11-25 18:49:24 | Computer Name = carder-PC | Source = EventLog | ID = 6008 Description = The previous system shutdown at 23:47:08 on 2010-11-25 was unexpected. Error - 2010-11-25 18:49:25 | Computer Name = carder-PC | Source = HTTP | ID = 15016 Description = < End of report >[/log] Skasowałem ten plik Hidserv.exe i nie krzyczał gdy podłączyłem Pendriva. Dam jeszcze log z antywirusa ESET: [log]2010-12-03 13:52:13 Ochrona systemu plików w czasie rzeczywistym plik D:\New Folder (2)\Nowy folder (2)\gta2 - Kopia\TRAINER.exe prawdopodobnie odmiana wirusa Win32/Agent.LHXYZJT koń trojański wyleczony przez usunięcie - poddany kwarantannie carder-PC\carder Zdarzenie wystąpiło podczas tworzenia nowego pliku przez aplikację: C:\Windows\explorer.exe. 2010-12-03 13:52:03 Ochrona systemu plików w czasie rzeczywistym plik D:\New Folder (2)\Nowy folder (2)\gta2\TRAINER.exe prawdopodobnie odmiana wirusa Win32/Agent.LHXYZJT koń trojański wyleczony przez usunięcie - poddany kwarantannie carder-PC\carder Zdarzenie wystąpiło podczas tworzenia nowego pliku przez aplikację: C:\Windows\explorer.exe. 2010-12-02 13:19:08 Skaner przy uruchamianiu plik C:\Users\carder\AppData\Roaming\hidserv.exe odmiana wirusa Win32/Injector.DDU koń trojański wyleczony przez usunięcie (po następnym uruchomieniu) - poddany kwarantannie 2010-11-30 11:04:02 Ochrona systemu plików w czasie rzeczywistym plik D:\program files (x86)\narzędzia\win tools\wintools.net 8.8.1 professional\1000000c00002i\verclsid.exe prawdopodobnie odmiana wirusa Win32/IRCBot.ZJSFYM koń trojański wyleczony przez usunięcie - poddany kwarantannie NT AUTHORITY\SYSTEM Zdarzenie wystąpiło podczas próby uzyskania dostępu do pliku przez aplikację: C:\Windows\System32\SearchProtocolHost.exe. 2010-11-30 11:04:02 Ochrona systemu plików w czasie rzeczywistym plik D:\program files (x86)\narzędzia\win tools\wintools.net 8.8.1 professional\10000006700002i\regedit.exe prawdopodobnie odmiana wirusa Win32/IRCBot.CNZZZMN koń trojański wyleczony przez usunięcie - poddany kwarantannie NT AUTHORITY\SYSTEM Zdarzenie wystąpiło podczas próby uzyskania dostępu do pliku przez aplikację: C:\Windows\System32\SearchProtocolHost.exe. 2010-11-30 11:04:02 Ochrona systemu plików w czasie rzeczywistym plik D:\program files (x86)\narzędzia\win tools\wintools.net 8.8.1 professional\4000001400002i\language.exe prawdopodobnie odmiana wirusa Win32/IRCBot.POHXVK koń trojański wyleczony przez usunięcie - poddany kwarantannie NT AUTHORITY\SYSTEM Zdarzenie wystąpiło podczas próby uzyskania dostępu do pliku przez aplikację: C:\Windows\System32\SearchProtocolHost.exe. 2010-11-29 14:52:10 Ochrona systemu plików w czasie rzeczywistym plik C:\Users\carder\Desktop\brewers.exe prawdopodobnie odmiana wirusa Win32/Agent.ZSIYTJ koń trojański wyleczony przez usunięcie - poddany kwarantannie carder-PC\carder Zdarzenie wystąpiło podczas próby uzyskania dostępu do pliku przez aplikację: C:\Windows\explorer.exe.[/log] [color="#FF0000"]//Przenoszę do ''Bezpieki''. //Magellan[/color]
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.