wklejto.pl

Dodane przez: mihas7f (2010-10-29 09:27) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
368.
369.
370.
371.
372.
373.
374.
375.
376.
377.
378.
379.
380.
381.
382.
383.
384.
385.
386.
387.
388.
389.
390.
391.
392.
393.
394.
395.
396.
397.
398.
399.
400.
401.
402.
403.
404.
405.
406.
407.
408.
409.
410.
411.
412.
413.
414.
415.
416.
417.
418.
419.
420.
421.
422.
423.
424.
425.
426.
427.
428.
429.
430.
431.
432.
433.
434.
435.
436.
437.
438.
439.
440.
441.
442.
443.
444.
445.
446.
447.
448.
449.
450.
451.
452.
453.
454.
455.
456.
457.
458.
459.
460.
461.
462.
463.
464.
465.
466.
467.
468.
469.
470.
471.
472.
473.
474.
475.
476.
477.
478.
479.
480.
481.
482.
483.
484.
485.
486.
487.
488.
489.
490.
491.
492.
493.
494.
495.
496.
497.
498.
499.
500.
501.
 
OTL logfile created on: 2010-10-29 09:16:32 - Run 2
OTL by OldTimer - Version 3.2.17.1     Folder = C:\\Users\\marta.CAPTIMAX\\Downloads
Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000041D | Country: Sweden | Language: SVE | Date Format: yyyy-MM-dd
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 31,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 61,00% Paging File free
Paging file location(s): ?:\\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\\windows | %ProgramFiles% = C:\\Program Files
Drive C: | 216,87 Gb Total Space | 44,09 Gb Free Space | 20,33% Space Free | Partition Type: NTFS
Drive D: | 14,05 Gb Total Space | 5,15 Gb Free Space | 36,64% Space Free | Partition Type: NTFS
Drive E: | 1,96 Gb Total Space | 1,70 Gb Free Space | 86,81% Space Free | Partition Type: NTFS
Drive G: | 21,20 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: NEWNEPTUNE | User Name: Marta | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2010-10-27 16:11:55 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\\Users\\marta.CAPTIMAX\\Downloads\\OTL.exe
PRC - [2010-09-23 09:47:50 | 001,588,184 | ---- | M] (PC Tools) -- C:\\Program Files\\PC Tools Security\\pctsGui.exe
PRC - [2010-09-02 15:00:28 | 000,235,472 | ---- | M] (Threat Expert Ltd.) -- C:\\Program Files\\PC Tools Security\\BDT\\BDTUpdateService.exe
PRC - [2010-09-02 14:48:16 | 000,108,496 | ---- | M] (Threat Expert Ltd.) -- C:\\Program Files\\PC Tools Security\\BDT\\FGuard.exe
PRC - [2010-08-30 08:03:22 | 001,145,816 | ---- | M] (PC Tools) -- C:\\Program Files\\PC Tools Security\\pctsSvc.exe
PRC - [2010-08-26 11:39:46 | 000,070,928 | ---- | M] (PC Tools) -- C:\\Program Files\\PC Tools Security\\TFEngine\\TFService.exe
PRC - [2010-06-18 00:45:06 | 000,219,136 | ---- | M] (Visioneer Inc.) -- C:\\Program Files\\Visioneer\\OneTouch 4.0\\OtService.exe
PRC - [2010-03-15 13:02:36 | 000,366,840 | ---- | M] (PC Tools) -- C:\\Program Files\\PC Tools Security\\pctsAuxs.exe
PRC - [2009-12-08 12:33:44 | 000,160,592 | ---- | M] (Siber Systems) -- C:\\Program Files\\Siber Systems\\AI RoboForm\\robotaskbaricon.exe
PRC - [2009-09-15 17:42:42 | 001,819,648 | ---- | M] (Samsung Electronics, Inc.) -- C:\\Program Files\\MagicRotation\\MagicPvt.exe
PRC - [2008-10-29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\explorer.exe
PRC - [2008-08-20 03:24:32 | 000,329,520 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\\Program Files\\Hewlett-Packard\\HP ProtectTools Security Manager\\pthosttr.exe
PRC - [2008-08-20 03:03:42 | 000,032,768 | ---- | M] (Hewlett-Packard Development Company, L.P) -- C:\\Program Files\\Hewlett-Packard\\HP ProtectTools Security Manager\\PTChangeFilterService.exe
PRC - [2008-08-13 20:09:00 | 000,439,632 | ---- | M] () -- C:\\Windows\\SMINST\\Scheduler.exe
PRC - [2008-08-08 02:23:08 | 000,256,512 | ---- | M] (SafeBoot International) -- C:\\Program Files\\Hewlett-Packard\\Drive Encryption\\HpFkCrypt.exe
PRC - [2008-07-23 14:08:16 | 000,065,808 | ---- | M] (Bioscrypt Inc.) -- C:\\Program Files\\Hewlett-Packard\\IAM\\Bin\\asghost.exe
PRC - [2008-07-19 12:40:58 | 002,054,680 | ---- | M] (Intel Corporation) -- C:\\Program Files\\Common Files\\Intel\\Privacy Icon\\UNS\\UNS.exe
PRC - [2008-07-19 12:40:54 | 000,773,144 | ---- | M] (Intel Corporation) -- C:\\Program Files\\Common Files\\Intel\\Privacy Icon\\PrivacyIconClient.exe
PRC - [2008-07-19 12:40:52 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\\Program Files\\Intel\\AMT\\LMS.exe
PRC - [2008-05-20 09:05:16 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) -- C:\\Windows\\System32\\AEADISRV.EXE
PRC - [2008-04-07 17:10:52 | 000,576,024 | ---- | M] (PDF Complete Inc) -- C:\\Program Files\\PDF Complete\\pdfsvc.exe
PRC - [2008-04-04 17:10:24 | 001,314,816 | ---- | M] (Analog Devices, Inc.) -- C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe
PRC - [2007-11-28 03:42:14 | 000,185,896 | ---- | M] (ActivIdentity) -- C:\\Program Files\\ActivIdentity\\ActivClient\\accoca.exe
PRC - [2007-11-28 03:42:12 | 000,093,736 | ---- | M] (ActivIdentity) -- C:\\Program Files\\ActivIdentity\\ActivClient\\acevents.exe
PRC - [2007-11-28 03:40:42 | 000,298,536 | ---- | M] (ActivIdentity) -- C:\\Program Files\\ActivIdentity\\ActivClient\\accrdsub.exe
PRC - [2007-01-05 05:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\\Program Files\\Common Files\\InterVideo\\RegMgr\\iviRegMgr.exe
PRC - [2005-09-12 17:00:40 | 000,266,240 | ---- | M] (Philips) -- C:\\Windows\\System32\\drivers\\Tray900.exe
PRC - [2003-05-14 12:25:21 | 000,503,808 | ---- | M] (intY Ltd.) -- C:\\Program Files\\intY\\cmgrwin32.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2010-10-27 16:11:55 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\\Users\\marta.CAPTIMAX\\Downloads\\OTL.exe
MOD - [2010-08-31 17:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\winsxs\\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\\comctl32.dll
MOD - [2010-08-26 11:39:46 | 000,406,800 | ---- | M] (PC Tools) -- C:\\Program Files\\PC Tools Security\\TFEngine\\TFWAH.dll
MOD - [2010-08-04 12:19:26 | 000,150,576 | ---- | M] (PC Tools) -- C:\\Program Files\\PC Tools Security\\PCTGMhk.dll
MOD - [2008-07-23 14:03:28 | 000,076,048 | ---- | M] (Bioscrypt Inc.) -- C:\\Windows\\System32\\APSHook.dll
MOD - [2008-01-21 04:25:26 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\cscapi.dll
MOD - [2008-01-21 04:25:19 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\ntlanman.dll
MOD - [2008-01-21 04:24:34 | 002,226,688 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\networkexplorer.dll
MOD - [2006-11-02 14:34:57 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\davclnt.dll
MOD - [2006-11-02 11:46:04 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\drprov.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Auto | Stopped] -- C:\\Users\\ADMINI~1\\AppData\\Local\\Temp\\003728~1.EXE -- (0037281232571833mcinstcleanup) McAfee Application Installer Cleanup (0037281232571833)
SRV - [2010-09-02 15:00:28 | 000,235,472 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\\Program Files\\PC Tools Security\\BDT\\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010-08-30 08:03:22 | 001,145,816 | ---- | M] (PC Tools) [Auto | Running] -- C:\\Program Files\\PC Tools Security\\pctsSvc.exe -- (sdCoreService)
SRV - [2010-08-26 11:39:46 | 000,070,928 | ---- | M] (PC Tools) [On_Demand | Running] -- C:\\Program Files\\PC Tools Security\\TFEngine\\TFService.exe -- (ThreatFire)
SRV - [2010-06-18 00:45:06 | 000,219,136 | ---- | M] (Visioneer Inc.) [Auto | Running] -- C:\\Program Files\\Visioneer\\OneTouch 4.0\\OtService.exe -- (OneTouch 4.0 Monitor)
SRV - [2010-03-18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\WPF\\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-03-15 13:02:36 | 000,366,840 | ---- | M] (PC Tools) [Auto | Running] -- C:\\Program Files\\PC Tools Security\\pctsAuxs.exe -- (sdAuxService)
SRV - [2009-01-21 23:05:36 | 000,341,280 | ---- | M] () [Disabled | Stopped] -- C:\\Program Files\\SiteAdvisor\\6173\\SAService.exe -- (SiteAdvisor Service)
SRV - [2008-08-20 03:03:42 | 000,032,768 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Running] -- C:\\Program Files\\Hewlett-Packard\\HP ProtectTools Security Manager\\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2008-08-08 02:23:08 | 000,256,512 | ---- | M] (SafeBoot International) [Auto | Running] -- C:\\Program Files\\Hewlett-Packard\\Drive Encryption\\HpFkCrypt.exe -- (HpFkCryptService)
SRV - [2008-08-07 14:57:54 | 000,202,048 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\\Program Files\\McAfee\\Managed VirusScan\\Agent\\myAgtSvc.Exe -- (myAgtSvc)
SRV - [2008-08-07 01:24:40 | 000,349,432 | ---- | M] (Hewlett-Packard Ltd) [On_Demand | Stopped] -- C:\\Windows\\System32\\flcdlock.exe -- (FLCDLOCK)
SRV - [2008-07-23 14:03:38 | 000,158,992 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- C:\\Program Files\\Hewlett-Packard\\IAM\\Bin\\ASWLNPkg.dll -- (ASBroker)
SRV - [2008-07-23 14:03:32 | 000,137,488 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- C:\\Program Files\\Hewlett-Packard\\IAM\\Bin\\ASChnl.dll -- (ASChannel)
SRV - [2008-07-19 12:40:58 | 002,054,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\\Program Files\\Common Files\\Intel\\Privacy Icon\\UNS\\UNS.exe -- (UNS) Intel(R)
SRV - [2008-07-19 12:40:52 | 000,174,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\\Program Files\\Intel\\AMT\\LMS.exe -- (LMS) Intel(R)
SRV - [2008-05-20 09:05:16 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\\Windows\\System32\\AEADISRV.EXE -- (AEADIFilters)
SRV - [2008-04-29 02:21:28 | 000,144,704 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\\Program Files\\McAfee\\Managed VirusScan\\VScan\\McShield.exe -- (McShield)
SRV - [2008-04-29 02:18:04 | 000,013,632 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\\Program Files\\McAfee\\Managed VirusScan\\VScan\\EngineServer.exe -- (EngineServer)
SRV - [2008-04-07 17:10:52 | 000,576,024 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\\Program Files\\PDF Complete\\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2008-01-21 04:23:59 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\\Program Files\\Windows Defender\\MpSvc.dll -- (WinDefend)
SRV - [2007-11-28 03:42:14 | 000,185,896 | ---- | M] (ActivIdentity) [Auto | Running] -- C:\\Program Files\\ActivIdentity\\ActivClient\\accoca.exe -- (accoca)
SRV - [2007-05-24 00:30:32 | 000,841,256 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\\Program Files\\McAfee\\MPF\\MPFSrv.exe -- (MpfService)
SRV - [2007-02-13 22:09:12 | 000,540,776 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\\Program Files\\Common Files\\McAfee\\HackerWatch\\HWAPI.exe -- (McAfee HackerWatch Service)
SRV - [2007-01-05 05:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\\Program Files\\Common Files\\InterVideo\\RegMgr\\iviRegMgr.exe -- (IviRegMgr)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\\windows\\System32\\DRIVERS\\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\\windows\\System32\\DRIVERS\\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\\windows\\System32\\DRIVERS\\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\\windows\\System32\\drivers\\EagleNT.sys -- (EagleNT)
DRV - [2010-09-01 10:13:04 | 000,247,824 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\\Windows\\System32\\drivers\\pctgntdi.sys -- (pctgntdi)
DRV - [2010-08-27 08:26:40 | 000,070,536 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\pctplsg.sys -- (pctplsg)
DRV - [2010-08-26 11:39:46 | 000,068,880 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\\windows\\system32\\drivers\\TfSysMon.sys -- (TfSysMon)
DRV - [2010-08-26 11:39:46 | 000,051,984 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\\windows\\system32\\drivers\\TfFsMon.sys -- (TfFsMon)
DRV - [2010-08-26 11:39:46 | 000,033,552 | --S- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\TfNetMon.sys -- (TfNetMon)
DRV - [2010-08-18 13:51:26 | 000,237,632 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\\windows\\system32\\drivers\\PCTCore.sys -- (PCTCore)
DRV - [2010-07-16 14:59:54 | 000,656,320 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\\windows\\system32\\drivers\\pctEFA.sys -- (pctEFA)
DRV - [2010-07-16 14:59:54 | 000,338,880 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\\windows\\system32\\drivers\\pctDS.sys -- (pctDS)
DRV - [2009-01-09 16:25:06 | 000,101,760 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\ewusbmdm.sys -- (hwdatacard)
DRV - [2008-09-12 15:32:56 | 000,327,192 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\\windows\\system32\\drivers\\iastor.sys -- (iaStor)
DRV - [2008-08-08 03:47:50 | 000,051,376 | ---- | M] (SafeBoot N.V.) [Kernel | Boot | Running] -- C:\\windows\\System32\\drivers\\SbAlg.sys -- (SbAlg)
DRV - [2008-08-08 03:47:46 | 000,012,928 | ---- | M] (SafeBoot International) [File_System | Boot | Running] -- C:\\windows\\System32\\drivers\\SbFsLock.sys -- (SbFsLock)
DRV - [2008-08-08 03:47:44 | 000,012,496 | ---- | M] (SafeBoot International) [Kernel | System | Running] -- C:\\windows\\System32\\drivers\\rsvlock.sys -- (RsvLock)
DRV - [2008-08-08 03:47:42 | 000,109,184 | ---- | M] () [Kernel | Boot | Running] -- C:\\windows\\System32\\drivers\\SafeBoot.sys -- (SafeBoot)
DRV - [2008-08-07 00:43:30 | 000,032,256 | ---- | M] (Hewlett-Packard Development Company L.P.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\DAMDrv.sys -- (DAMDrv)
DRV - [2008-07-25 18:40:54 | 000,165,984 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\e1k6032.sys -- (e1kexpress) Intel(R)
DRV - [2008-07-19 12:40:46 | 000,040,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\HECI.sys -- (HECI) Intel(R)
DRV - [2008-07-12 00:44:00 | 000,191,872 | ---- | M] (Altiris, Inc.) [File_System | System | Running] -- C:\\Windows\\System32\\drivers\\fslx.sys -- (FSLX)
DRV - [2008-07-07 13:15:24 | 002,378,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\igdkmd32.sys -- (igfx)
DRV - [2008-05-13 15:53:34 | 000,382,976 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2008-05-07 22:29:32 | 000,120,608 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\\Windows\\System32\\drivers\\Mpfp.sys -- (MPFP)
DRV - [2008-04-29 02:25:00 | 000,055,112 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\\Windows\\System32\\drivers\\mfetdik.sys -- (mfetdik)
DRV - [2008-04-29 02:23:22 | 000,034,088 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\MfeRKDK.sys -- (MfeRKDK)
DRV - [2008-04-29 02:22:44 | 000,205,608 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\\Windows\\System32\\drivers\\mfehidk.sys -- (mfehidk)
DRV - [2008-04-29 02:22:18 | 000,035,240 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\MfeBOPK.sys -- (MfeBOPK)
DRV - [2008-04-29 02:22:10 | 000,079,560 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\MfeAVFK.sys -- (MfeAVFK)
DRV - [2008-01-21 04:23:51 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\megasr.sys -- (MegaSR)
DRV - [2008-01-21 04:23:51 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\adpu320.sys -- (adpu320)
DRV - [2008-01-21 04:23:51 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\sisraid4.sys -- (SiSRaid4)
DRV - [2008-01-21 04:23:51 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\tpm.sys -- (TPM)
DRV - [2008-01-21 04:23:51 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\hpcisss.sys -- (HpCISSs)
DRV - [2008-01-21 04:23:51 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\megasas.sys -- (megasas)
DRV - [2008-01-21 04:23:50 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\adpahci.sys -- (adpahci)
DRV - [2008-01-21 04:23:50 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\adpu160m.sys -- (adpu160m)
DRV - [2008-01-21 04:23:50 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\lsi_sas.sys -- (LSI_SAS)
DRV - [2008-01-21 04:23:49 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\ql2300.sys -- (ql2300)
DRV - [2008-01-21 04:23:49 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008-01-21 04:23:49 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\arcsas.sys -- (arcsas)
DRV - [2008-01-21 04:23:48 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\vsmraid.sys -- (vsmraid)
DRV - [2008-01-21 04:23:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\lsi_fc.sys -- (LSI_FC)
DRV - [2008-01-21 04:23:48 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\arc.sys -- (arc)
DRV - [2008-01-21 04:23:47 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\iastorv.sys -- (iaStorV)
DRV - [2008-01-21 04:23:47 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\ulsata2.sys -- (ulsata2)
DRV - [2008-01-21 04:23:47 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008-01-21 04:23:46 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\elxstor.sys -- (elxstor)
DRV - [2008-01-21 04:23:46 | 000,073,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008-01-21 04:23:45 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\adp94xx.sys -- (adp94xx)
DRV - [2008-01-21 04:23:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\uliahci.sys -- (uliahci)
DRV - [2008-01-21 04:23:45 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\nvraid.sys -- (nvraid)
DRV - [2008-01-21 04:23:45 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\nvstor.sys -- (nvstor)
DRV - [2008-01-21 04:23:44 | 000,179,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\b57nd60x.sys -- (b57nd60x)
DRV - [2008-01-21 04:23:26 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\viaide.sys -- (viaide)
DRV - [2008-01-21 04:23:26 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\cmdide.sys -- (cmdide)
DRV - [2008-01-21 04:23:26 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\aliide.sys -- (aliide)
DRV - [2007-04-23 15:44:10 | 001,347,584 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\camdrv41.sys -- (camdrv41)
DRV - [2006-12-04 01:36:00 | 000,026,240 | ---- | M] (Samsung Electronics, Inc.) [Kernel | System | Running] -- C:\\Windows\\System32\\drivers\\magicpvt.sys -- (magicpvt)
DRV - [2006-11-02 11:50:52 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\WimFltr.sys -- (WimFltr)
DRV - [2006-11-02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\ulsata.sys -- (UlSata)
DRV - [2006-11-02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\iirsp.sys -- (iirsp)
DRV - [2006-11-02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\iteraid.sys -- (iteraid)
DRV - [2006-11-02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\\windows\\system32\\drivers\\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\\windows\\system32\\drivers\\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\\windows\\system32\\drivers\\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\ntrigdigi.sys -- (ntrigdigi)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_se&c=91&bd=all&pf=cmdt
IE - HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Local Page = %SystemRoot%\\system32\\blank.htm
IE - HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_se&c=91&bd=all&pf=cmdt
 
 
IE - HKU\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyEnable\" = 0
 
IE - HKU\\S-1-5-18\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyEnable\" = 0
 
 
 
IE - HKU\\S-1-5-21-2083490932-3391324787-1819471116-2200\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_se&c=91&bd=all&pf=cmdt
IE - HKU\\S-1-5-21-2083490932-3391324787-1819471116-2200\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Start Page = http://www.google.co.uk/
IE - HKU\\S-1-5-21-2083490932-3391324787-1819471116-2200\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,StartPageCache = 1
IE - HKU\\S-1-5-21-2083490932-3391324787-1819471116-2200\\..\\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\\Program Files\\PC Tools Security\\BDT\\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKU\\S-1-5-21-2083490932-3391324787-1819471116-2200\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyEnable\" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: \"http://www.google.co.uk\"
FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:6.9.97
FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:2.0.6
FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0
FF - prefs.js..extensions.enabledItems: {BCC877E7-7F3F-4632-8338-DAEE4475DE35}:0.18
 
FF - HKLM\\software\\mozilla\\Firefox\\Extensions\\\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\\Program Files\\Siber Systems\\AI RoboForm\\Firefox [2009-12-08 12:34:04 | 000,000,000 | ---D | M]
FF - HKLM\\software\\mozilla\\Firefox\\Extensions\\\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\\Program Files\\PC Tools Security\\BDT\\Firefox\\ [2010-10-25 12:59:04 | 000,000,000 | ---D | M]
FF - HKLM\\software\\mozilla\\Mozilla Firefox 3.5.12\\extensions\\\\Components: C:\\Program Files\\Mozilla Firefox\\components [2010-09-30 20:10:13 | 000,000,000 | ---D | M]
FF - HKLM\\software\\mozilla\\Mozilla Firefox 3.5.12\\extensions\\\\Plugins: C:\\Program Files\\Mozilla Firefox\\plugins [2010-09-13 13:11:46 | 000,000,000 | ---D | M]
 
[2009-12-03 21:53:51 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\mozilla\\Extensions
[2010-10-29 08:21:15 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\3k7rhe1q.default\\extensions
[2009-12-03 22:19:49 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\3k7rhe1q.default\\extensions\\{20a82645-c095-46ed-80e3-08825760534b}
[2010-09-24 19:42:39 | 000,000,000 | ---D | M] (Mega Manager Integration) -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\3k7rhe1q.default\\extensions\\{40a1f5d7-afc2-498f-b264-02668d616ff6}
[2009-12-08 19:35:58 | 000,000,000 | ---D | M] (Go To Google) -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\3k7rhe1q.default\\extensions\\{BCC877E7-7F3F-4632-8338-DAEE4475DE35}
[2010-01-18 20:21:13 | 000,000,000 | ---D | M] (flashget3 Extension) -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\3k7rhe1q.default\\extensions\\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}
[2010-01-04 21:46:46 | 000,000,000 | ---D | M] (New Tab King) -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\3k7rhe1q.default\\extensions\\{FC5BAC7D-D696-4ba6-B913-CF8F000C33DF}
[2010-10-25 11:25:01 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\3k7rhe1q.default\\extensions\\DivXWebPlayer@divx.com
[2010-10-25 13:23:11 | 000,000,749 | ---- | M] () -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\Mozilla\\FireFox\\Profiles\\3k7rhe1q.default\\searchplugins\\search-defender.xml
[2010-10-25 18:43:18 | 000,000,000 | ---D | M] -- C:\\Program Files\\Mozilla Firefox\\extensions
[2010-10-25 18:43:18 | 000,000,000 | ---D | M] -- C:\\Program Files\\Mozilla Firefox\\extensions\\KavAntiBanner@Kaspersky.ru
[2010-10-25 18:42:58 | 000,000,000 | ---D | M] -- C:\\Program Files\\Mozilla Firefox\\extensions\\linkfilter@kaspersky.ru
[2010-09-13 13:11:40 | 000,001,538 | ---- | M] () -- C:\\Program Files\\Mozilla Firefox\\searchplugins\\amazon-en-GB.xml
[2010-09-13 13:11:40 | 000,000,947 | ---- | M] () -- C:\\Program Files\\Mozilla Firefox\\searchplugins\\chambers-en-GB.xml
[2010-09-13 13:11:41 | 000,000,769 | ---- | M] () -- C:\\Program Files\\Mozilla Firefox\\searchplugins\\eBay-en-GB.xml
[2010-09-13 13:11:41 | 000,000,831 | ---- | M] () -- C:\\Program Files\\Mozilla Firefox\\searchplugins\\yahoo-en-GB.xml
 
O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\\Windows\\System32\\drivers\\etc\\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\\Program Files\\SiteAdvisor\\6173\\SiteAdv.dll ()
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\\Program Files\\PC Tools Security\\BDT\\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\\Program Files\\FlashGet\\jccatch.dll (www.flashget.com)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\\Program Files\\AVG\\AVG10\\avgssie.dll File not found
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\\Program Files\\Siber Systems\\AI RoboForm\\roboform.dll (Siber Systems Inc.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files\\Java\\jre1.6.0_07\\bin\\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\\Program Files\\Megaupload\\Mega Manager\\MegaIEMn.dll (Megaupload Limited)
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\\Program Files\\Hewlett-Packard\\IAM\\Bin\\ItIEAddIn.dll (Bioscrypt Inc.)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\\Program Files\\FlashGet\\getflash.dll (www.flashget.com)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\Gadu-Gadu 10\\_userdata\\ggbho.2.dll (GG Network S.A.)
O3 - HKLM\\..\\Toolbar: (McAfee SiteAdvisor) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\\Program Files\\SiteAdvisor\\6173\\SiteAdv.dll ()
O3 - HKLM\\..\\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\\Program Files\\PC Tools Security\\BDT\\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\\..\\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\\Program Files\\Siber Systems\\AI RoboForm\\roboform.dll (Siber Systems Inc.)
O3 - HKU\\S-1-5-21-2083490932-3391324787-1819471116-2200\\..\\Toolbar\\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\\Program Files\\Siber Systems\\AI RoboForm\\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\\Run: [accrdsub] C:\\Program Files\\ActivIdentity\\ActivClient\\accrdsub.exe (ActivIdentity)
O4 - HKLM..\\Run: [CognizanceTS] C:\\Program Files\\Hewlett-Packard\\IAM\\Bin\\ASTSVCC.dll (Bioscrypt Inc.)
O4 - HKLM..\\Run: [ISTray] C:\\Program Files\\PC Tools Security\\pctsGui.exe (PC Tools)
O4 - HKLM..\\Run: [MagicRotation] C:\\Program Files\\MagicRotation\\MagicPvt.exe (Samsung Electronics, Inc.)
O4 - HKLM..\\Run: [PCTools FGuard] C:\\Program Files\\PC Tools Security\\BDT\\FGuard.exe (Threat Expert Ltd.)
O4 - HKLM..\\Run: [PDF Complete] C:\\Program Files\\PDF Complete\\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\\Run: [picon] C:\\Program Files\\Common Files\\Intel\\Privacy Icon\\PrivacyIconClient.exe (Intel Corporation)
O4 - HKLM..\\Run: [PTHOSTTR] C:\\Program Files\\Hewlett-Packard\\HP ProtectTools Security Manager\\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\\Run: [SetRefresh] C:\\Program Files\\HP\\SetRefresh\\SetRefresh.exe (Hewlett-Packard Company)
O4 - HKLM..\\Run: [SoundMAXPnP] C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\\Run: [StartintY] C:\\Program Files\\intY\\cmgrwin32.exe (intY Ltd.)
O4 - HKLM..\\Run: [TrayMin900] C:\\Windows\\System32\\drivers\\Tray900.exe (Philips)
O4 - HKLM..\\Run: [Windows Defender] C:\\Program Files\\Windows Defender\\MSASCui.exe (Microsoft Corporation)
O4 - HKU\\S-1-5-19..\\Run: [WindowsWelcomeCenter] C:\\windows\\System32\\oobefldr.dll (Microsoft Corporation)
O4 - HKU\\S-1-5-20..\\Run: [WindowsWelcomeCenter] C:\\windows\\System32\\oobefldr.dll (Microsoft Corporation)
O4 - HKU\\S-1-5-21-2083490932-3391324787-1819471116-2200..\\Run: [OfficeSyncProcess] C:\\Program Files\\Microsoft Office\\Office14\\MSOSYNC.EXE File not found
O4 - HKU\\S-1-5-21-2083490932-3391324787-1819471116-2200..\\Run: [RoboForm] C:\\Program Files\\Siber Systems\\AI RoboForm\\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKLM..\\RunOnce: [ST Recovery Launcher] C:\\Windows\\SMINST\\Launcher.exe (soft thinks)
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoWelcomeScreen = 1
O8 - Extra context menu item: Customize Menu - C:\\Program Files\\Siber Systems\\AI RoboForm\\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\\Program Files\\Siber Systems\\AI RoboForm\\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\\Program Files\\Siber Systems\\AI RoboForm\\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\\Program Files\\Siber Systems\\AI RoboForm\\RoboFormComSavePass.html ()
O9 - Extra \'Tools\' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\\Program Files\\Java\\jre1.6.0_07\\bin\\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\\Program Files\\Siber Systems\\AI RoboForm\\RoboFormComFillForms.html ()
O9 - Extra \'Tools\' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\\Program Files\\Siber Systems\\AI RoboForm\\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\\Program Files\\Siber Systems\\AI RoboForm\\RoboFormComSavePass.html ()
O9 - Extra \'Tools\' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\\Program Files\\Siber Systems\\AI RoboForm\\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\\Program Files\\Siber Systems\\AI RoboForm\\RoboFormComShowToolbar.html ()
O9 - Extra \'Tools\' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\\Program Files\\Siber Systems\\AI RoboForm\\RoboFormComShowToolbar.html ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\\Program Files\\FlashGet\\flashget.exe (FlashGet.com)
O9 - Extra \'Tools\' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\\Program Files\\FlashGet\\flashget.exe (FlashGet.com)
O10 - NameSpace_Catalog5\\Catalog_Entries\\000000000007 [] - C:\\Program Files\\Bonjour\\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\\Catalog_Entries\\000000000001 - C:\\Program Files\\Common Files\\PC Tools\\Lsp\\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\\Catalog_Entries\\000000000002 - C:\\Program Files\\Common Files\\PC Tools\\Lsp\\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\\Catalog_Entries\\000000000003 - C:\\Program Files\\Common Files\\PC Tools\\Lsp\\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\\Catalog_Entries\\000000000004 - C:\\Program Files\\Common Files\\PC Tools\\Lsp\\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\\Catalog_Entries\\000000000005 - C:\\Program Files\\Common Files\\PC Tools\\Lsp\\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\\Catalog_Entries\\000000000006 - C:\\Program Files\\Common Files\\PC Tools\\Lsp\\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\\Catalog_Entries\\000000000017 - C:\\Program Files\\Common Files\\PC Tools\\Lsp\\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O15 - HKU\\S-1-5-21-2083490932-3391324787-1819471116-2200\\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters: Domain = captimax.local
O18 - Protocol\\Handler\\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\\Program Files\\AVG\\AVG10\\avgpp.dll File not found
O18 - Protocol\\Handler\\myrm {4D034FC3-013F-4b95-B544-44D49ABE3E76} - C:\\Program Files\\McAfee\\Managed VirusScan\\Agent\\myRmProt4.9.0.387.dll (McAfee, Inc.)
O18 - Protocol\\Handler\\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\\Program Files\\SiteAdvisor\\6173\\SiteAdv.dll ()
O18 - Protocol\\Handler\\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\\Program Files\\Common Files\\Skype\\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (APSHook.dll) - C:\\windows\\System32\\APSHook.dll (Bioscrypt Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\\windows\\explorer.exe (Microsoft Corporation)
O20 - Winlogon\\Notify\\DeviceNP: DllName - DeviceNP.dll - C:\\windows\\System32\\DeviceNP.dll (Hewlett-Packard Limited)
O20 - Winlogon\\Notify\\igfxcui: DllName - igfxdev.dll - C:\\windows\\System32\\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\\Windows\\Web\\Wallpaper\\img24.jpg
O24 - Desktop BackupWallPaper: C:\\Windows\\Web\\Wallpaper\\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008-04-23 23:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) - G:\\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008-11-24 15:37:48 | 000,027,750 | R--- | M] () - G:\\Autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2007-10-29 14:25:38 | 000,000,047 | R--- | M] () - G:\\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\\{a8dbbc23-3d2c-11df-bd32-00215ae99712}\\Shell - \"\" = AutoRun
O33 - MountPoints2\\{a8dbbc23-3d2c-11df-bd32-00215ae99712}\\Shell\\AutoRun\\command - \"\" = F:\\LaunchU3.exe -- File not found
O33 - MountPoints2\\{acd57072-1e4d-11df-84ee-00215ae99712}\\Shell - \"\" = AutoRun
O33 - MountPoints2\\{acd57072-1e4d-11df-84ee-00215ae99712}\\Shell\\AutoRun\\command - \"\" = H:\\LaunchU3.exe -- File not found
O33 - MountPoints2\\{d5c16054-e1ad-11df-ab81-806e6f6e6963}\\Shell - \"\" = AutoRun
O33 - MountPoints2\\{d5c16054-e1ad-11df-ab81-806e6f6e6963}\\Shell\\AutoRun\\command - \"\" = G:\\AutoRun.exe -- [2008-04-23 23:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\\{e6ccc6ad-e019-11df-b9e0-806e6f6e6963}\\Shell - \"\" = AutoRun
O33 - MountPoints2\\{e6ccc6ad-e019-11df-b9e0-806e6f6e6963}\\Shell\\AutoRun\\command - \"\" = H:\\AutoRun.exe -- File not found
O33 - MountPoints2\\{e6ccc718-e019-11df-b9e0-00215ae99712}\\Shell - \"\" = AutoRun
O33 - MountPoints2\\{e6ccc718-e019-11df-b9e0-00215ae99712}\\Shell\\AutoRun\\command - \"\" = G:\\AutoRun.exe -- [2008-04-23 23:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\\{e6ccc77a-e019-11df-b9e0-00215ae99712}\\Shell - \"\" = AutoRun
O33 - MountPoints2\\{e6ccc77a-e019-11df-b9e0-00215ae99712}\\Shell\\AutoRun\\command - \"\" = H:\\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (C:\\PROGRA~1\\AVG\\AVG10\\avgchsvx.exe /sync) - C:\\PROGRA~1\\AVG\\AVG10\\avgchsvx.exe File not found
O34 - HKLM BootExecute: (C:\\PROGRA~1\\AVG\\AVG10\\avgrsx.exe /sync /restart) - C:\\PROGRA~1\\AVG\\AVG10\\avgrsx.exe File not found
O35 - HKLM\\..comfile [open] -- \"%1\" %*
O35 - HKLM\\..exefile [open] -- \"%1\" %*
O37 - HKLM\\...com [@ = comfile] -- \"%1\" %*
O37 - HKLM\\...exe [@ = exefile] -- \"%1\" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010-10-28 13:10:28 | 000,000,000 | ---D | C] -- C:\\ProgramData\\AVG10
[2010-10-28 12:10:52 | 000,000,000 | ---D | C] -- C:\\ProgramData\\MFAData
[2010-10-28 12:07:55 | 000,000,000 | ---D | C] -- C:\\Program Files\\CCleaner
[2010-10-28 09:42:12 | 000,000,000 | ---D | C] -- C:\\Users\\marta.CAPTIMAX\\Desktop\\marta roboform backup
[2010-10-28 03:01:08 | 000,000,000 | ---D | C] -- C:\\windows\\CheckSur
[2010-10-27 16:59:51 | 000,000,000 | ---D | C] -- C:\\_OTL
[2010-10-27 15:40:48 | 000,000,000 | ---D | C] -- C:\\windows\\System32\\appmgmt
[2010-10-27 15:29:32 | 000,000,000 | ---D | C] -- C:\\Users\\marta.CAPTIMAX\\Desktop\\Marta Docs
[2010-10-27 15:28:47 | 000,000,000 | ---D | C] -- C:\\Users\\marta.CAPTIMAX\\Desktop\\Marta to sort
[2010-10-27 15:28:23 | 000,000,000 | ---D | C] -- C:\\Users\\marta.CAPTIMAX\\Desktop\\Marta Images
[2010-10-27 11:50:18 | 004,240,384 | ---- | C] (Microsoft) -- C:\\windows\\System32\\GameUXLegacyGDFs.dll
[2010-10-27 11:50:16 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\Apphlpdm.dll
[2010-10-27 11:41:28 | 000,000,000 | ---D | C] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\SiteAdvisor
[2010-10-27 11:38:23 | 000,000,000 | ---D | C] -- C:\\ProgramData\\SiteAdvisor
[2010-10-25 18:38:09 | 000,000,000 | ---D | C] -- C:\\Program Files\\Kaspersky Lab
[2010-10-25 18:38:07 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Kaspersky Lab
[2010-10-25 12:59:15 | 000,068,880 | --S- | C] (PC Tools) -- C:\\windows\\System32\\drivers\\TfSysMon.sys
[2010-10-25 12:59:15 | 000,051,984 | --S- | C] (PC Tools) -- C:\\windows\\System32\\drivers\\TfFsMon.sys
[2010-10-25 12:59:15 | 000,033,552 | --S- | C] (PC Tools) -- C:\\windows\\System32\\drivers\\TfNetMon.sys
[2010-10-25 12:59:03 | 001,865,680 | ---- | C] (Threat Expert Ltd.) -- C:\\windows\\PCTBDCore.dll
[2010-10-25 12:59:03 | 000,739,280 | ---- | C] (Threat Expert Ltd.) -- C:\\windows\\PCTBDRes.dll
[2010-10-25 12:59:03 | 000,149,456 | ---- | C] (PC Tools) -- C:\\windows\\SGDetectionTool.dll
[2010-10-25 12:49:04 | 000,656,320 | ---- | C] (PC Tools) -- C:\\windows\\System32\\drivers\\pctEFA.sys
[2010-10-25 12:49:04 | 000,338,880 | ---- | C] (PC Tools) -- C:\\windows\\System32\\drivers\\pctDS.sys
[2010-10-25 12:49:04 | 000,247,824 | ---- | C] (PC Tools) -- C:\\windows\\System32\\drivers\\pctgntdi.sys
[2010-10-25 12:49:04 | 000,102,184 | ---- | C] (PC Tools) -- C:\\windows\\System32\\drivers\\pctwfpfilter.sys
[2010-10-25 12:48:55 | 000,237,632 | ---- | C] (PC Tools) -- C:\\windows\\System32\\drivers\\PCTCore.sys
[2010-10-25 12:48:55 | 000,159,296 | ---- | C] (PC Tools) -- C:\\windows\\System32\\drivers\\PCTAppEvent.sys
[2010-10-25 12:48:50 | 000,087,400 | ---- | C] (PC Tools) -- C:\\windows\\System32\\drivers\\pctNdis-PacketFilter.sys
[2010-10-25 12:48:50 | 000,031,960 | ---- | C] (PC Tools) -- C:\\windows\\System32\\drivers\\pctNdis-DNS.sys
[2010-10-25 12:48:49 | 000,123,968 | ---- | C] (PC Tools) -- C:\\windows\\System32\\drivers\\pctplfw.sys
[2010-10-25 12:48:49 | 000,070,536 | ---- | C] (PC Tools) -- C:\\windows\\System32\\drivers\\pctplsg.sys
[2010-10-25 12:29:04 | 000,621,056 | ---- | C] (DiBcom SA) -- C:\\windows\\System32\\drivers\\mod7700.sys
[2010-10-25 12:29:04 | 000,113,152 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\\windows\\System32\\drivers\\ewusbnet.sys
[2010-10-25 12:29:04 | 000,101,760 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\\windows\\System32\\drivers\\ewusbmdm.sys
[2010-10-25 12:29:04 | 000,023,424 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\\windows\\System32\\drivers\\ewdcsc.sys
[2010-10-25 03:01:14 | 000,000,000 | ---D | C] -- C:\\Program Files\\Microsoft CAPICOM 2.1.0.2
[2010-10-24 16:25:23 | 000,000,000 | ---D | C] -- C:\\ProgramData\\TEMP
[2010-10-24 16:25:23 | 000,000,000 | ---D | C] -- C:\\Program Files\\PC Tools Security
[2010-10-24 16:25:23 | 000,000,000 | ---D | C] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\PC Tools
[2010-10-24 16:25:23 | 000,000,000 | ---D | C] -- C:\\Program Files\\Common Files\\PC Tools
[2010-10-24 16:14:40 | 000,000,000 | ---D | C] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\Birdstep Technology
[2010-10-24 16:14:06 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Birdstep Technology
[2010-10-24 16:09:59 | 000,000,000 | ---D | C] -- C:\\Program Files\\Huawei Modems
[2010-10-24 16:09:39 | 000,000,000 | ---D | C] -- C:\\Program Files\\3
[2010-10-24 15:32:32 | 000,000,000 | ---D | C] -- C:\\ProgramData\\PC Tools
[2010-10-16 18:41:54 | 000,000,000 | ---D | C] -- \\\\Serverstorage\\PUBLIC\\Captimax Users\\Users\\marta\\My Documents\\Scanned Documents
[2010-10-16 18:41:54 | 000,000,000 | ---D | C] -- \\\\Serverstorage\\PUBLIC\\Captimax Users\\Users\\marta\\My Documents\\Fax
[2010-10-14 10:38:41 | 000,000,000 | ---D | C] -- C:\\downloads
[2010-10-14 03:02:31 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\msshsq.dll
[2010-10-13 22:51:19 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\wmploc.DLL
[2010-10-13 22:51:06 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\netevent.dll
[2010-10-13 22:51:00 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\t2embed.dll
[2010-10-13 22:50:59 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\mfc40.dll
[2010-10-13 22:50:59 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\mfc40u.dll
[2010-10-13 22:50:58 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\win32k.sys
[2010-10-13 22:50:57 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\wmpmde.dll
[2010-10-13 22:50:50 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\msfeeds.dll
[2010-10-13 22:50:49 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\mstime.dll
[2010-10-13 22:50:49 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\ieapfltr.dll
[2010-10-13 22:50:49 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\ieaksie.dll
[2010-10-13 22:50:48 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\mshtml.tlb
[2010-10-13 22:50:48 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\html.iec
[2010-10-13 22:50:48 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\iedkcs32.dll
[2010-10-13 22:50:48 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\iepeers.dll
[2010-10-13 22:50:48 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\ieencode.dll
[2010-10-13 22:50:48 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\jsproxy.dll
[2010-10-08 15:17:12 | 000,000,000 | ---D | C] -- C:\\Program Files\\MediaFeed
[2010-10-04 10:24:09 | 000,000,000 | ---D | C] -- C:\\Users\\marta.CAPTIMAX\\Desktop\\media feed
[2010-10-04 10:22:36 | 000,000,000 | ---D | C] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\FFSJ
[2010-09-29 09:39:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\tzres.dll
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010-10-29 09:20:14 | 000,598,702 | ---- | M] () -- C:\\windows\\System32\\perfh009.dat
[2010-10-29 09:20:14 | 000,104,716 | ---- | M] () -- C:\\windows\\System32\\perfc009.dat
[2010-10-29 09:14:03 | 000,003,216 | -H-- | M] () -- C:\\windows\\System32\\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010-10-29 09:14:03 | 000,003,216 | -H-- | M] () -- C:\\windows\\System32\\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010-10-29 09:13:58 | 000,067,584 | --S- | M] () -- C:\\windows\\bootstat.dat
[2010-10-29 09:13:56 | 2071,302,144 | -HS- | M] () -- C:\\hiberfil.sys
[2010-10-29 08:40:30 | 000,000,731 | ---- | M] () -- C:\\Users\\marta.CAPTIMAX\\Desktop\\Downloads - Shortcut.lnk
[2010-10-28 15:14:10 | 000,012,957 | ---- | M] () -- C:\\windows\\System32\\Config.MPF
[2010-10-28 14:12:44 | 000,886,965 | ---- | M] () -- C:\\Users\\marta.CAPTIMAX\\Desktop\\AVGInstLog.cab
[2010-10-28 12:07:57 | 000,000,804 | ---- | M] () -- C:\\Users\\marta.CAPTIMAX\\Desktop\\CCleaner.lnk
[2010-10-28 08:41:14 | 000,002,127 | ---- | M] () -- C:\\Users\\marta.CAPTIMAX\\Desktop\\Google Chrome.lnk
[2010-10-28 08:41:14 | 000,002,089 | ---- | M] () -- C:\\Users\\marta.CAPTIMAX\\Application Data\\Microsoft\\Internet Explorer\\Quick Launch\\Google Chrome.lnk
[2010-10-27 15:34:39 | 000,178,688 | ---- | M] () -- C:\\Users\\marta.CAPTIMAX\\AppData\\Local\\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-10-27 11:50:52 | 001,905,738 | ---- | M] () -- C:\\windows\\System32\\drivers\\Cat.DB
[2010-10-25 12:30:13 | 000,001,748 | ---- | M] () -- C:\\Users\\Public\\Desktop\\3Connect.lnk
[2010-10-25 12:30:13 | 000,001,716 | ---- | M] () -- C:\\Users\\marta.CAPTIMAX\\Application Data\\Microsoft\\Internet Explorer\\Quick Launch\\3Connect.lnk
[2010-10-25 12:26:26 | 000,070,671 | ---- | M] () -- C:\\windows\\Huawei ModemsUninstall.exe
[2010-10-23 18:32:31 | 000,000,680 | ---- | M] () -- C:\\Users\\marta.CAPTIMAX\\AppData\\Local\\d3d9caps.dat
[2010-10-19 11:41:44 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\\windows\\System32\\MpSigStub.exe
[2010-10-14 11:08:21 | 000,000,926 | ---- | M] () -- C:\\windows\\tasks\\GoogleUpdateTaskUserS-1-5-21-2083490932-3391324787-1819471116-2200Core1cb6b7f597ce1f5.job
[2010-10-14 03:25:03 | 000,377,648 | ---- | M] () -- C:\\windows\\System32\\FNTCACHE.DAT
[2010-10-08 15:17:16 | 000,000,816 | ---- | M] () -- C:\\Users\\marta.CAPTIMAX\\Desktop\\MediaFeed.lnk
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010-10-29 08:40:30 | 000,000,731 | ---- | C] () -- C:\\Users\\marta.CAPTIMAX\\Desktop\\Downloads - Shortcut.lnk
[2010-10-28 14:12:44 | 000,886,965 | ---- | C] () -- C:\\Users\\marta.CAPTIMAX\\Desktop\\AVGInstLog.cab
[2010-10-28 12:07:57 | 000,000,804 | ---- | C] () -- C:\\Users\\marta.CAPTIMAX\\Desktop\\CCleaner.lnk
[2010-10-27 15:27:12 | 000,002,127 | ---- | C] () -- C:\\Users\\marta.CAPTIMAX\\Desktop\\Google Chrome.lnk
[2010-10-27 10:42:08 | 2071,302,144 | -HS- | C] () -- C:\\hiberfil.sys
[2010-10-25 12:59:03 | 000,767,952 | ---- | C] () -- C:\\windows\\BDTSupport.dll
[2010-10-25 12:59:03 | 000,002,074 | ---- | C] () -- C:\\windows\\UDB.zip
[2010-10-25 12:59:03 | 000,000,882 | ---- | C] () -- C:\\windows\\RegSDImport.xml
[2010-10-25 12:59:03 | 000,000,879 | ---- | C] () -- C:\\windows\\RegISSImport.xml
[2010-10-25 12:59:03 | 000,000,131 | ---- | C] () -- C:\\windows\\IDB.zip
[2010-10-25 12:30:13 | 000,001,748 | ---- | C] () -- C:\\Users\\Public\\Desktop\\3Connect.lnk
[2010-10-25 12:30:13 | 000,001,716 | ---- | C] () -- C:\\Users\\marta.CAPTIMAX\\Application Data\\Microsoft\\Internet Explorer\\Quick Launch\\3Connect.lnk
[2010-10-25 12:26:26 | 000,070,671 | ---- | C] () -- C:\\windows\\Huawei ModemsUninstall.exe
[2010-10-25 11:25:15 | 001,905,738 | ---- | C] () -- C:\\windows\\System32\\drivers\\Cat.DB
[2010-10-23 18:32:31 | 000,000,680 | ---- | C] () -- C:\\Users\\marta.CAPTIMAX\\AppData\\Local\\d3d9caps.dat
[2010-10-14 11:08:21 | 000,000,926 | ---- | C] () -- C:\\windows\\tasks\\GoogleUpdateTaskUserS-1-5-21-2083490932-3391324787-1819471116-2200Core1cb6b7f597ce1f5.job
[2010-10-08 15:17:16 | 000,000,816 | ---- | C] () -- C:\\Users\\marta.CAPTIMAX\\Desktop\\MediaFeed.lnk
[2010-09-23 13:21:49 | 000,000,038 | ---- | C] () -- C:\\windows\\avisplitter.ini
[2010-09-23 13:21:48 | 000,790,528 | ---- | C] () -- C:\\windows\\System32\\xvidcore.dll
[2010-09-23 13:21:48 | 000,134,144 | ---- | C] () -- C:\\windows\\System32\\xvidvfw.dll
[2010-09-23 13:21:48 | 000,108,032 | ---- | C] () -- C:\\windows\\System32\\ff_vfw.dll
[2010-02-03 19:32:20 | 000,165,376 | ---- | C] () -- C:\\windows\\System32\\unrar.dll
[2010-01-18 20:18:21 | 000,000,025 | ---- | C] () -- C:\\windows\\libem.INI
[2009-12-10 15:39:13 | 000,000,056 | -H-- | C] () -- C:\\ProgramData\\ezsidmv.dat
[2009-12-09 18:32:44 | 000,178,688 | ---- | C] () -- C:\\Users\\marta.CAPTIMAX\\AppData\\Local\\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-12-03 20:35:45 | 000,031,007 | ---- | C] () -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\UserTile.png
[2009-11-27 15:24:23 | 000,055,476 | RHS- | C] () -- C:\\ProgramData\\ntuser.pol
[2009-01-21 22:52:53 | 000,204,800 | ---- | C] () -- C:\\windows\\System32\\IVIresizeW7.dll
[2009-01-21 22:52:53 | 000,200,704 | ---- | C] () -- C:\\windows\\System32\\IVIresizeA6.dll
[2009-01-21 22:52:53 | 000,192,512 | ---- | C] () -- C:\\windows\\System32\\IVIresizeP6.dll
[2009-01-21 22:52:53 | 000,192,512 | ---- | C] () -- C:\\windows\\System32\\IVIresizeM6.dll
[2009-01-21 22:52:53 | 000,188,416 | ---- | C] () -- C:\\windows\\System32\\IVIresizePX.dll
[2009-01-21 22:52:53 | 000,020,480 | ---- | C] () -- C:\\windows\\System32\\IVIresize.dll
[2009-01-21 22:35:46 | 000,147,456 | ---- | C] () -- C:\\windows\\System32\\igfxCoIn_v1518.dll
[2008-08-08 03:47:42 | 000,109,184 | ---- | C] () -- C:\\windows\\System32\\drivers\\SafeBoot.sys
[2008-08-07 01:19:14 | 000,294,912 | ---- | C] () -- C:\\windows\\System32\\flcdlmsg.dll
[2007-11-28 03:41:06 | 000,114,688 | ---- | C] () -- C:\\windows\\System32\\aicext.dll
[2007-04-23 15:44:10 | 001,347,584 | ---- | C] () -- C:\\windows\\System32\\drivers\\camdrv41.sys
[2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\\windows\\System32\\pacerprf.ini
[2005-04-04 00:30:00 | 000,110,592 | ---- | C] () -- C:\\windows\\System32\\scardsyn.dll
[1998-05-07 05:10:00 | 000,069,632 | ---- | C] () -- C:\\windows\\System32\\ODMA32.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010-06-16 12:22:13 | 000,000,000 | ---D | M] -- C:\\Users\\Elisabeth\\AppData\\Roaming\\FlashGet
[2010-08-24 14:16:17 | 000,000,000 | ---D | M] -- C:\\Users\\Elisabeth\\AppData\\Roaming\\OpenFM
[2010-10-24 16:14:40 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\Birdstep Technology
[2010-02-21 18:39:58 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\BITS
[2010-10-04 10:22:36 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\FFSJ
[2010-02-21 18:42:49 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\FlashGet
[2010-01-18 20:17:34 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\FlashGetBHO
[2009-12-12 17:52:59 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\Gadu-Gadu 10
[2010-03-25 13:48:09 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\InterVideo
[2010-08-05 14:32:39 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\LinkManager 4.0
[2009-12-03 20:35:45 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\PeerNetworking
[2010-08-05 14:32:38 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\Visioneer
[2010-10-28 18:17:12 | 000,032,546 | ---- | M] () -- C:\\Windows\\Tasks\\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 211 bytes -> C:\\ProgramData\\TEMP:DFC5A2B2
@Alternate Data Stream - 102 bytes -> C:\\ProgramData\\TEMP:430C6D84
 
< End of report >
 
Wygenerowano w 0.400s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!