wklejto.pl

Dodane przez: mihas7f (2010-11-04 14:04) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
368.
369.
370.
371.
372.
373.
374.
375.
376.
377.
378.
379.
380.
381.
382.
383.
384.
385.
386.
387.
388.
389.
390.
391.
392.
393.
394.
395.
396.
397.
398.
399.
400.
401.
402.
403.
404.
405.
406.
407.
408.
409.
410.
411.
412.
413.
414.
415.
416.
417.
418.
419.
420.
421.
422.
423.
424.
425.
426.
427.
428.
429.
430.
431.
432.
433.
434.
435.
436.
437.
438.
439.
440.
441.
442.
443.
444.
445.
446.
447.
448.
449.
450.
451.
452.
453.
454.
455.
456.
457.
458.
459.
460.
461.
462.
463.
464.
465.
466.
467.
468.
469.
470.
471.
472.
473.
474.
475.
476.
477.
478.
479.
480.
481.
482.
483.
484.
485.
486.
487.
488.
489.
490.
491.
492.
493.
494.
495.
496.
497.
498.
499.
500.
501.
502.
503.
504.
505.
506.
507.
508.
509.
510.
511.
512.
513.
514.
OTL logfile created on: 2010-11-04 13:42:48 - Run 4
OTL by OldTimer - Version 3.2.17.1     Folder = C:\\Users\\marta.CAPTIMAX\\Downloads
Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000041D | Country: Sweden | Language: SVE | Date Format: yyyy-MM-dd
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 41,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): ?:\\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\\windows | %ProgramFiles% = C:\\Program Files
Drive C: | 216,87 Gb Total Space | 44,56 Gb Free Space | 20,55% Space Free | Partition Type: NTFS
Drive D: | 14,05 Gb Total Space | 5,15 Gb Free Space | 36,64% Space Free | Partition Type: NTFS
Drive E: | 1,96 Gb Total Space | 1,70 Gb Free Space | 86,81% Space Free | Partition Type: NTFS
Drive G: | 21,20 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: NEWNEPTUNE | User Name: Marta | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2010-10-27 15:11:55 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\\Users\\marta.CAPTIMAX\\Downloads\\OTL.exe
PRC - [2010-10-11 11:58:12 | 006,104,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\\Program Files\\AVG\\AVG10\\Identity Protection\\Agent\\Bin\\AVGIDSAgent.exe
PRC - [2010-10-11 11:58:12 | 000,725,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\\Program Files\\AVG\\AVG10\\Identity Protection\\Agent\\Bin\\AVGIDSMonitor.exe
PRC - [2010-10-06 16:24:38 | 000,652,640 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\\Program Files\\AVG\\AVG10\\avgrsx.exe
PRC - [2010-10-06 16:24:36 | 001,065,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\\Program Files\\AVG\\AVG10\\avgnsx.exe
PRC - [2010-10-06 16:24:08 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\\Program Files\\AVG\\AVG10\\avgcsrvx.exe
PRC - [2010-10-06 16:24:08 | 000,647,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\\Program Files\\AVG\\AVG10\\avgchsvx.exe
PRC - [2010-09-15 04:29:10 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\\Program Files\\AVG\\AVG10\\avgtray.exe
PRC - [2010-09-10 00:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\\Program Files\\AVG\\AVG10\\avgwdsvc.exe
PRC - [2010-09-07 02:50:22 | 001,047,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\\Program Files\\AVG\\AVG10\\avgemcx.exe
PRC - [2010-09-02 14:00:28 | 000,235,472 | ---- | M] (Threat Expert Ltd.) -- C:\\Program Files\\PC Tools Security\\BDT\\BDTUpdateService.exe
PRC - [2010-09-02 13:48:16 | 000,108,496 | ---- | M] (Threat Expert Ltd.) -- C:\\Program Files\\PC Tools Security\\BDT\\FGuard.exe
PRC - [2010-06-17 23:45:06 | 000,219,136 | ---- | M] (Visioneer Inc.) -- C:\\Program Files\\Visioneer\\OneTouch 4.0\\OtService.exe
PRC - [2009-12-08 11:33:44 | 000,160,592 | ---- | M] (Siber Systems) -- C:\\Program Files\\Siber Systems\\AI RoboForm\\robotaskbaricon.exe
PRC - [2009-09-15 16:42:42 | 001,819,648 | ---- | M] (Samsung Electronics, Inc.) -- C:\\Program Files\\MagicRotation\\MagicPvt.exe
PRC - [2009-01-22 15:11:02 | 003,934,744 | ---- | M] (Birdstep Technology) -- C:\\Program Files\\3\\3Connect\\Wilog.exe
PRC - [2009-01-22 15:11:02 | 000,670,256 | ---- | M] (Birdstep Technology) -- C:\\Program Files\\3\\3Connect\\AutoUpdateSrv.exe
PRC - [2008-10-29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\explorer.exe
PRC - [2008-08-20 02:24:32 | 000,329,520 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\\Program Files\\Hewlett-Packard\\HP ProtectTools Security Manager\\pthosttr.exe
PRC - [2008-08-20 02:03:42 | 000,032,768 | ---- | M] (Hewlett-Packard Development Company, L.P) -- C:\\Program Files\\Hewlett-Packard\\HP ProtectTools Security Manager\\PTChangeFilterService.exe
PRC - [2008-08-13 19:09:00 | 000,439,632 | ---- | M] () -- C:\\Windows\\SMINST\\Scheduler.exe
PRC - [2008-08-08 01:23:08 | 000,256,512 | ---- | M] (SafeBoot International) -- C:\\Program Files\\Hewlett-Packard\\Drive Encryption\\HpFkCrypt.exe
PRC - [2008-07-23 13:08:16 | 000,065,808 | ---- | M] (Bioscrypt Inc.) -- C:\\Program Files\\Hewlett-Packard\\IAM\\Bin\\asghost.exe
PRC - [2008-07-19 11:40:58 | 002,054,680 | ---- | M] (Intel Corporation) -- C:\\Program Files\\Common Files\\Intel\\Privacy Icon\\UNS\\UNS.exe
PRC - [2008-07-19 11:40:54 | 000,773,144 | ---- | M] (Intel Corporation) -- C:\\Program Files\\Common Files\\Intel\\Privacy Icon\\PrivacyIconClient.exe
PRC - [2008-07-19 11:40:52 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\\Program Files\\Intel\\AMT\\LMS.exe
PRC - [2008-05-20 08:05:16 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) -- C:\\Windows\\System32\\AEADISRV.EXE
PRC - [2008-04-07 16:10:52 | 000,576,024 | ---- | M] (PDF Complete Inc) -- C:\\Program Files\\PDF Complete\\pdfsvc.exe
PRC - [2008-04-04 16:10:24 | 001,314,816 | ---- | M] (Analog Devices, Inc.) -- C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe
PRC - [2007-11-28 02:42:14 | 000,185,896 | ---- | M] (ActivIdentity) -- C:\\Program Files\\ActivIdentity\\ActivClient\\accoca.exe
PRC - [2007-11-28 02:42:12 | 000,093,736 | ---- | M] (ActivIdentity) -- C:\\Program Files\\ActivIdentity\\ActivClient\\acevents.exe
PRC - [2007-11-28 02:40:42 | 000,298,536 | ---- | M] (ActivIdentity) -- C:\\Program Files\\ActivIdentity\\ActivClient\\accrdsub.exe
PRC - [2007-01-05 04:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\\Program Files\\Common Files\\InterVideo\\RegMgr\\iviRegMgr.exe
PRC - [2005-09-12 16:00:40 | 000,266,240 | ---- | M] (Philips) -- C:\\Windows\\System32\\drivers\\Tray900.exe
PRC - [2003-05-14 11:25:21 | 000,503,808 | ---- | M] (intY Ltd.) -- C:\\Program Files\\intY\\cmgrwin32.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2010-10-27 15:11:55 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\\Users\\marta.CAPTIMAX\\Downloads\\OTL.exe
MOD - [2010-08-31 16:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\winsxs\\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\\comctl32.dll
MOD - [2008-07-23 13:03:28 | 000,076,048 | ---- | M] (Bioscrypt Inc.) -- C:\\Windows\\System32\\APSHook.dll
MOD - [2008-01-21 03:25:26 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\cscapi.dll
MOD - [2008-01-21 03:25:19 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\ntlanman.dll
MOD - [2008-01-21 03:24:34 | 002,226,688 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\networkexplorer.dll
MOD - [2006-11-02 13:34:57 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\davclnt.dll
MOD - [2006-11-02 10:46:04 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\drprov.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled | Stopped] -- C:\\Program Files\\McAfee\\Managed VirusScan\\Agent\\myAgtSvc.Exe -- (myAgtSvc)
SRV - File not found [Disabled | Stopped] -- C:\\PROGRA~1\\McAfee\\MANAGE~1\\VScan\\ENGINE~1.EXE -- (EngineServer)
SRV - File not found [Auto | Stopped] -- C:\\Users\\ADMINI~1\\AppData\\Local\\Temp\\003728~1.EXE -- (0037281232571833mcinstcleanup) McAfee Application Installer Cleanup (0037281232571833)
SRV - [2010-10-11 11:58:12 | 006,104,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\\Program Files\\AVG\\AVG10\\Identity Protection\\Agent\\Bin\\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010-09-10 00:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\\Program Files\\AVG\\AVG10\\avgwdsvc.exe -- (avgwd)
SRV - [2010-09-02 14:00:28 | 000,235,472 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\\Program Files\\PC Tools Security\\BDT\\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010-08-30 07:03:22 | 001,145,816 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\\Program Files\\PC Tools Security\\pctsSvc.exe -- (sdCoreService)
SRV - [2010-08-26 10:39:46 | 000,070,928 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\\Program Files\\PC Tools Security\\TFEngine\\TFService.exe -- (ThreatFire)
SRV - [2010-06-17 23:45:06 | 000,219,136 | ---- | M] (Visioneer Inc.) [Auto | Running] -- C:\\Program Files\\Visioneer\\OneTouch 4.0\\OtService.exe -- (OneTouch 4.0 Monitor)
SRV - [2010-03-18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\WPF\\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-03-15 12:02:36 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\\Program Files\\PC Tools Security\\pctsAuxs.exe -- (sdAuxService)
SRV - [2008-08-20 02:03:42 | 000,032,768 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Running] -- C:\\Program Files\\Hewlett-Packard\\HP ProtectTools Security Manager\\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2008-08-08 01:23:08 | 000,256,512 | ---- | M] (SafeBoot International) [Auto | Running] -- C:\\Program Files\\Hewlett-Packard\\Drive Encryption\\HpFkCrypt.exe -- (HpFkCryptService)
SRV - [2008-08-07 00:24:40 | 000,349,432 | ---- | M] (Hewlett-Packard Ltd) [On_Demand | Stopped] -- C:\\Windows\\System32\\flcdlock.exe -- (FLCDLOCK)
SRV - [2008-07-23 13:03:38 | 000,158,992 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- C:\\Program Files\\Hewlett-Packard\\IAM\\Bin\\ASWLNPkg.dll -- (ASBroker)
SRV - [2008-07-23 13:03:32 | 000,137,488 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- C:\\Program Files\\Hewlett-Packard\\IAM\\Bin\\ASChnl.dll -- (ASChannel)
SRV - [2008-07-19 11:40:58 | 002,054,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\\Program Files\\Common Files\\Intel\\Privacy Icon\\UNS\\UNS.exe -- (UNS) Intel(R)
SRV - [2008-07-19 11:40:52 | 000,174,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\\Program Files\\Intel\\AMT\\LMS.exe -- (LMS) Intel(R)
SRV - [2008-05-20 08:05:16 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\\Windows\\System32\\AEADISRV.EXE -- (AEADIFilters)
SRV - [2008-04-07 16:10:52 | 000,576,024 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\\Program Files\\PDF Complete\\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2008-01-21 03:23:59 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\\Program Files\\Windows Defender\\MpSvc.dll -- (WinDefend)
SRV - [2007-11-28 02:42:14 | 000,185,896 | ---- | M] (ActivIdentity) [Auto | Running] -- C:\\Program Files\\ActivIdentity\\ActivClient\\accoca.exe -- (accoca)
SRV - [2007-01-05 04:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\\Program Files\\Common Files\\InterVideo\\RegMgr\\iviRegMgr.exe -- (IviRegMgr)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\\windows\\System32\\DRIVERS\\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\\windows\\System32\\DRIVERS\\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\\windows\\System32\\DRIVERS\\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\\windows\\System32\\drivers\\EagleNT.sys -- (EagleNT)
DRV - [2010-09-13 15:27:40 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\\windows\\system32\\DRIVERS\\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010-09-07 02:49:00 | 000,298,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\\Windows\\System32\\drivers\\avgtdix.sys -- (Avgtdix)
DRV - [2010-09-07 02:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\\Windows\\System32\\drivers\\avgmfx86.sys -- (Avgmfx86)
DRV - [2010-09-07 02:48:54 | 000,249,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\\Windows\\System32\\drivers\\avgldx86.sys -- (Avgldx86)
DRV - [2010-09-07 02:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\\windows\\system32\\DRIVERS\\avgrkx86.sys -- (Avgrkx86)
DRV - [2010-09-01 09:13:04 | 000,247,824 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\\Windows\\System32\\drivers\\pctgntdi.sys -- (pctgntdi)
DRV - [2010-08-27 07:26:40 | 000,070,536 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\pctplsg.sys -- (pctplsg)
DRV - [2010-08-26 10:39:46 | 000,068,880 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\\windows\\system32\\drivers\\TfSysMon.sys -- (TfSysMon)
DRV - [2010-08-26 10:39:46 | 000,051,984 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\\windows\\system32\\drivers\\TfFsMon.sys -- (TfFsMon)
DRV - [2010-08-26 10:39:46 | 000,033,552 | --S- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\TfNetMon.sys -- (TfNetMon)
DRV - [2010-08-19 20:42:38 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010-08-19 20:42:38 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010-08-19 20:42:36 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010-08-18 12:51:26 | 000,237,632 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\\windows\\system32\\drivers\\PCTCore.sys -- (PCTCore)
DRV - [2010-07-16 13:59:54 | 000,656,320 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\\windows\\system32\\drivers\\pctEFA.sys -- (pctEFA)
DRV - [2010-07-16 13:59:54 | 000,338,880 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\\windows\\system32\\drivers\\pctDS.sys -- (pctDS)
DRV - [2010-04-29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2009-01-09 15:25:06 | 000,101,760 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\ewusbmdm.sys -- (hwdatacard)
DRV - [2008-09-12 14:32:56 | 000,327,192 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\\windows\\system32\\drivers\\iastor.sys -- (iaStor)
DRV - [2008-08-08 02:47:50 | 000,051,376 | ---- | M] (SafeBoot N.V.) [Kernel | Boot | Running] -- C:\\windows\\System32\\drivers\\SbAlg.sys -- (SbAlg)
DRV - [2008-08-08 02:47:46 | 000,012,928 | ---- | M] (SafeBoot International) [File_System | Boot | Running] -- C:\\windows\\System32\\drivers\\SbFsLock.sys -- (SbFsLock)
DRV - [2008-08-08 02:47:44 | 000,012,496 | ---- | M] (SafeBoot International) [Kernel | System | Running] -- C:\\windows\\System32\\drivers\\rsvlock.sys -- (RsvLock)
DRV - [2008-08-08 02:47:42 | 000,109,184 | ---- | M] () [Kernel | Boot | Running] -- C:\\windows\\System32\\drivers\\SafeBoot.sys -- (SafeBoot)
DRV - [2008-08-06 23:43:30 | 000,032,256 | ---- | M] (Hewlett-Packard Development Company L.P.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\DAMDrv.sys -- (DAMDrv)
DRV - [2008-07-25 17:40:54 | 000,165,984 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\e1k6032.sys -- (e1kexpress) Intel(R)
DRV - [2008-07-19 11:40:46 | 000,040,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\HECI.sys -- (HECI) Intel(R)
DRV - [2008-07-11 23:44:00 | 000,191,872 | ---- | M] (Altiris, Inc.) [File_System | System | Running] -- C:\\Windows\\System32\\drivers\\fslx.sys -- (FSLX)
DRV - [2008-07-07 12:15:24 | 002,378,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\igdkmd32.sys -- (igfx)
DRV - [2008-05-13 14:53:34 | 000,382,976 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2008-04-29 01:25:00 | 000,055,112 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\\Windows\\System32\\drivers\\mfetdik.sys -- (mfetdik)
DRV - [2008-01-21 03:23:51 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\megasr.sys -- (MegaSR)
DRV - [2008-01-21 03:23:51 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\adpu320.sys -- (adpu320)
DRV - [2008-01-21 03:23:51 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\sisraid4.sys -- (SiSRaid4)
DRV - [2008-01-21 03:23:51 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\tpm.sys -- (TPM)
DRV - [2008-01-21 03:23:51 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\hpcisss.sys -- (HpCISSs)
DRV - [2008-01-21 03:23:51 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\megasas.sys -- (megasas)
DRV - [2008-01-21 03:23:50 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\adpahci.sys -- (adpahci)
DRV - [2008-01-21 03:23:50 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\adpu160m.sys -- (adpu160m)
DRV - [2008-01-21 03:23:50 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\lsi_sas.sys -- (LSI_SAS)
DRV - [2008-01-21 03:23:49 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\ql2300.sys -- (ql2300)
DRV - [2008-01-21 03:23:49 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008-01-21 03:23:49 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\arcsas.sys -- (arcsas)
DRV - [2008-01-21 03:23:48 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\vsmraid.sys -- (vsmraid)
DRV - [2008-01-21 03:23:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\lsi_fc.sys -- (LSI_FC)
DRV - [2008-01-21 03:23:48 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\arc.sys -- (arc)
DRV - [2008-01-21 03:23:47 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\iastorv.sys -- (iaStorV)
DRV - [2008-01-21 03:23:47 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\ulsata2.sys -- (ulsata2)
DRV - [2008-01-21 03:23:47 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008-01-21 03:23:46 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\elxstor.sys -- (elxstor)
DRV - [2008-01-21 03:23:46 | 000,073,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008-01-21 03:23:45 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\adp94xx.sys -- (adp94xx)
DRV - [2008-01-21 03:23:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\uliahci.sys -- (uliahci)
DRV - [2008-01-21 03:23:45 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\nvraid.sys -- (nvraid)
DRV - [2008-01-21 03:23:45 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\nvstor.sys -- (nvstor)
DRV - [2008-01-21 03:23:44 | 000,179,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\b57nd60x.sys -- (b57nd60x)
DRV - [2008-01-21 03:23:26 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\viaide.sys -- (viaide)
DRV - [2008-01-21 03:23:26 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\cmdide.sys -- (cmdide)
DRV - [2008-01-21 03:23:26 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\aliide.sys -- (aliide)
DRV - [2007-04-23 14:44:10 | 001,347,584 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\camdrv41.sys -- (camdrv41)
DRV - [2006-12-04 00:36:00 | 000,026,240 | ---- | M] (Samsung Electronics, Inc.) [Kernel | System | Running] -- C:\\Windows\\System32\\drivers\\magicpvt.sys -- (magicpvt)
DRV - [2006-11-02 10:50:52 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\WimFltr.sys -- (WimFltr)
DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\ulsata.sys -- (UlSata)
DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\iirsp.sys -- (iirsp)
DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\iteraid.sys -- (iteraid)
DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\\windows\\system32\\drivers\\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\\windows\\system32\\drivers\\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\\windows\\system32\\drivers\\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\\windows\\system32\\drivers\\ntrigdigi.sys -- (ntrigdigi)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_se&c=91&bd=all&pf=cmdt
IE - HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Local Page = %SystemRoot%\\system32\\blank.htm
IE - HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_se&c=91&bd=all&pf=cmdt
 
 
IE - HKU\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyEnable\" = 0
 
IE - HKU\\S-1-5-18\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyEnable\" = 0
 
 
 
IE - HKU\\S-1-5-21-2083490932-3391324787-1819471116-2200\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_se&c=91&bd=all&pf=cmdt
IE - HKU\\S-1-5-21-2083490932-3391324787-1819471116-2200\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Start Page = http://www.google.co.uk/
IE - HKU\\S-1-5-21-2083490932-3391324787-1819471116-2200\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,StartPageCache = 1
IE - HKU\\S-1-5-21-2083490932-3391324787-1819471116-2200\\..\\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\\Program Files\\PC Tools Security\\BDT\\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKU\\S-1-5-21-2083490932-3391324787-1819471116-2200\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyEnable\" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: \"http://www.google.co.uk\"
FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:6.9.97
FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:11.0.1.400
FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:2.0.6
FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0
FF - prefs.js..extensions.enabledItems: {BCC877E7-7F3F-4632-8338-DAEE4475DE35}:0.18
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1151
 
FF - HKLM\\software\\mozilla\\Firefox\\Extensions\\\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\\Program Files\\Siber Systems\\AI RoboForm\\Firefox [2009-12-08 11:34:04 | 000,000,000 | ---D | M]
FF - HKLM\\software\\mozilla\\Firefox\\Extensions\\\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\\Program Files\\PC Tools Security\\BDT\\Firefox\\ [2010-10-25 11:59:04 | 000,000,000 | ---D | M]
FF - HKLM\\software\\mozilla\\Firefox\\Extensions\\\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\\Program Files\\AVG\\AVG10\\Firefox\\ [2010-10-29 14:24:12 | 000,000,000 | ---D | M]
FF - HKLM\\software\\mozilla\\Mozilla Firefox 3.5.12\\extensions\\\\Components: C:\\Program Files\\Mozilla Firefox\\components [2010-09-30 19:10:13 | 000,000,000 | ---D | M]
FF - HKLM\\software\\mozilla\\Mozilla Firefox 3.5.12\\extensions\\\\Plugins: C:\\Program Files\\Mozilla Firefox\\plugins [2010-09-13 12:11:46 | 000,000,000 | ---D | M]
 
[2009-12-03 20:53:51 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\mozilla\\Extensions
[2010-11-03 14:52:12 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\3k7rhe1q.default\\extensions
[2009-12-03 21:19:49 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\3k7rhe1q.default\\extensions\\{20a82645-c095-46ed-80e3-08825760534b}
[2009-12-08 18:35:58 | 000,000,000 | ---D | M] (Go To Google) -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\3k7rhe1q.default\\extensions\\{BCC877E7-7F3F-4632-8338-DAEE4475DE35}
[2010-01-18 19:21:13 | 000,000,000 | ---D | M] (flashget3 Extension) -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\3k7rhe1q.default\\extensions\\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}
[2010-10-29 10:10:59 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\3k7rhe1q.default\\extensions\\{dc572301-7619-498c-a57d-39143191b318}
[2010-10-25 10:25:01 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\3k7rhe1q.default\\extensions\\DivXWebPlayer@divx.com
[2010-10-25 12:23:11 | 000,000,749 | ---- | M] () -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\Mozilla\\FireFox\\Profiles\\3k7rhe1q.default\\searchplugins\\search-defender.xml
[2010-10-29 09:56:11 | 000,000,000 | ---D | M] -- C:\\Program Files\\Mozilla Firefox\\extensions
[2010-10-29 09:55:25 | 000,000,000 | ---D | M] -- C:\\Program Files\\Mozilla Firefox\\extensions\\KavAntiBanner@Kaspersky.ru
[2010-09-13 12:11:40 | 000,001,538 | ---- | M] () -- C:\\Program Files\\Mozilla Firefox\\searchplugins\\amazon-en-GB.xml
[2010-09-13 12:11:40 | 000,000,947 | ---- | M] () -- C:\\Program Files\\Mozilla Firefox\\searchplugins\\chambers-en-GB.xml
[2010-09-13 12:11:41 | 000,000,769 | ---- | M] () -- C:\\Program Files\\Mozilla Firefox\\searchplugins\\eBay-en-GB.xml
[2010-09-13 12:11:41 | 000,000,831 | ---- | M] () -- C:\\Program Files\\Mozilla Firefox\\searchplugins\\yahoo-en-GB.xml
 
O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\\Windows\\System32\\drivers\\etc\\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\\Program Files\\PC Tools Security\\BDT\\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\\Program Files\\FlashGet\\jccatch.dll (www.flashget.com)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\\Program Files\\AVG\\AVG10\\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\\Program Files\\Siber Systems\\AI RoboForm\\roboform.dll (Siber Systems Inc.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files\\Java\\jre1.6.0_07\\bin\\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\\Program Files\\Megaupload\\Mega Manager\\MegaIEMn.dll (Megaupload Limited)
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\\Program Files\\Hewlett-Packard\\IAM\\Bin\\ItIEAddIn.dll (Bioscrypt Inc.)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\\Program Files\\FlashGet\\getflash.dll (www.flashget.com)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\Gadu-Gadu 10\\_userdata\\ggbho.2.dll (GG Network S.A.)
O3 - HKLM\\..\\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\\Program Files\\PC Tools Security\\BDT\\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\\..\\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\\Program Files\\Siber Systems\\AI RoboForm\\roboform.dll (Siber Systems Inc.)
O3 - HKU\\S-1-5-21-2083490932-3391324787-1819471116-2200\\..\\Toolbar\\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\\Program Files\\Siber Systems\\AI RoboForm\\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\\Run: [accrdsub] C:\\Program Files\\ActivIdentity\\ActivClient\\accrdsub.exe (ActivIdentity)
O4 - HKLM..\\Run: [AVG_TRAY] C:\\Program Files\\AVG\\AVG10\\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\\Run: [CognizanceTS] C:\\Program Files\\Hewlett-Packard\\IAM\\Bin\\ASTSVCC.dll (Bioscrypt Inc.)
O4 - HKLM..\\Run: [MagicRotation] C:\\Program Files\\MagicRotation\\MagicPvt.exe (Samsung Electronics, Inc.)
O4 - HKLM..\\Run: [PCTools FGuard] C:\\Program Files\\PC Tools Security\\BDT\\FGuard.exe (Threat Expert Ltd.)
O4 - HKLM..\\Run: [PDF Complete] C:\\Program Files\\PDF Complete\\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\\Run: [picon] C:\\Program Files\\Common Files\\Intel\\Privacy Icon\\PrivacyIconClient.exe (Intel Corporation)
O4 - HKLM..\\Run: [PTHOSTTR] C:\\Program Files\\Hewlett-Packard\\HP ProtectTools Security Manager\\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\\Run: [SetRefresh] C:\\Program Files\\HP\\SetRefresh\\SetRefresh.exe (Hewlett-Packard Company)
O4 - HKLM..\\Run: [SoundMAXPnP] C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\\Run: [StartintY] C:\\Program Files\\intY\\cmgrwin32.exe (intY Ltd.)
O4 - HKLM..\\Run: [TrayMin900] C:\\Windows\\System32\\drivers\\Tray900.exe (Philips)
O4 - HKLM..\\Run: [Windows Defender] C:\\Program Files\\Windows Defender\\MSASCui.exe (Microsoft Corporation)
O4 - HKU\\S-1-5-19..\\Run: [WindowsWelcomeCenter] C:\\windows\\System32\\oobefldr.dll (Microsoft Corporation)
O4 - HKU\\S-1-5-20..\\Run: [WindowsWelcomeCenter] C:\\windows\\System32\\oobefldr.dll (Microsoft Corporation)
O4 - HKU\\S-1-5-21-2083490932-3391324787-1819471116-2200..\\Run: [OfficeSyncProcess] C:\\Program Files\\Microsoft Office\\Office14\\MSOSYNC.EXE File not found
O4 - HKU\\S-1-5-21-2083490932-3391324787-1819471116-2200..\\Run: [RoboForm] C:\\Program Files\\Siber Systems\\AI RoboForm\\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKLM..\\RunOnce: [ST Recovery Launcher] C:\\Windows\\SMINST\\Launcher.exe (soft thinks)
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoWelcomeScreen = 1
O8 - Extra context menu item: Customize Menu - C:\\Program Files\\Siber Systems\\AI RoboForm\\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\\Program Files\\Siber Systems\\AI RoboForm\\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\\Program Files\\Siber Systems\\AI RoboForm\\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\\Program Files\\Siber Systems\\AI RoboForm\\RoboFormComSavePass.html ()
O9 - Extra \'Tools\' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\\Program Files\\Java\\jre1.6.0_07\\bin\\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\\Program Files\\Siber Systems\\AI RoboForm\\RoboFormComFillForms.html ()
O9 - Extra \'Tools\' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\\Program Files\\Siber Systems\\AI RoboForm\\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\\Program Files\\Siber Systems\\AI RoboForm\\RoboFormComSavePass.html ()
O9 - Extra \'Tools\' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\\Program Files\\Siber Systems\\AI RoboForm\\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\\Program Files\\Siber Systems\\AI RoboForm\\RoboFormComShowToolbar.html ()
O9 - Extra \'Tools\' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\\Program Files\\Siber Systems\\AI RoboForm\\RoboFormComShowToolbar.html ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\\Program Files\\FlashGet\\flashget.exe (FlashGet.com)
O9 - Extra \'Tools\' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\\Program Files\\FlashGet\\flashget.exe (FlashGet.com)
O10 - NameSpace_Catalog5\\Catalog_Entries\\000000000007 [] - C:\\Program Files\\Bonjour\\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\\Catalog_Entries\\000000000001 - C:\\Program Files\\Common Files\\PC Tools\\Lsp\\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\\Catalog_Entries\\000000000002 - C:\\Program Files\\Common Files\\PC Tools\\Lsp\\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\\Catalog_Entries\\000000000003 - C:\\Program Files\\Common Files\\PC Tools\\Lsp\\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\\Catalog_Entries\\000000000004 - C:\\Program Files\\Common Files\\PC Tools\\Lsp\\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\\Catalog_Entries\\000000000005 - C:\\Program Files\\Common Files\\PC Tools\\Lsp\\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\\Catalog_Entries\\000000000006 - C:\\Program Files\\Common Files\\PC Tools\\Lsp\\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\\Catalog_Entries\\000000000017 - C:\\Program Files\\Common Files\\PC Tools\\Lsp\\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O15 - HKU\\S-1-5-21-2083490932-3391324787-1819471116-2200\\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters: Domain = captimax.local
O18 - Protocol\\Handler\\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\\Program Files\\AVG\\AVG10\\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\\Handler\\myrm {4D034FC3-013F-4b95-B544-44D49ABE3E76} - C:\\Program Files\\McAfee\\Managed VirusScan\\Agent\\myRmProt4.9.0.387.dll File not found
O18 - Protocol\\Handler\\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\\Program Files\\Common Files\\Skype\\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (APSHook.dll) - C:\\windows\\System32\\APSHook.dll (Bioscrypt Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\\windows\\explorer.exe (Microsoft Corporation)
O20 - Winlogon\\Notify\\DeviceNP: DllName - DeviceNP.dll - C:\\windows\\System32\\DeviceNP.dll (Hewlett-Packard Limited)
O20 - Winlogon\\Notify\\igfxcui: DllName - igfxdev.dll - C:\\windows\\System32\\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\\Windows\\Web\\Wallpaper\\img24.jpg
O24 - Desktop BackupWallPaper: C:\\Windows\\Web\\Wallpaper\\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008-04-23 22:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) - G:\\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008-11-24 14:37:48 | 000,027,750 | R--- | M] () - G:\\Autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2007-10-29 13:25:38 | 000,000,047 | R--- | M] () - G:\\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\\{a8dbbc23-3d2c-11df-bd32-00215ae99712}\\Shell - \"\" = AutoRun
O33 - MountPoints2\\{a8dbbc23-3d2c-11df-bd32-00215ae99712}\\Shell\\AutoRun\\command - \"\" = F:\\LaunchU3.exe -- File not found
O33 - MountPoints2\\{acd57072-1e4d-11df-84ee-00215ae99712}\\Shell - \"\" = AutoRun
O33 - MountPoints2\\{acd57072-1e4d-11df-84ee-00215ae99712}\\Shell\\AutoRun\\command - \"\" = H:\\LaunchU3.exe -- File not found
O33 - MountPoints2\\{d5c16054-e1ad-11df-ab81-806e6f6e6963}\\Shell - \"\" = AutoRun
O33 - MountPoints2\\{d5c16054-e1ad-11df-ab81-806e6f6e6963}\\Shell\\AutoRun\\command - \"\" = G:\\AutoRun.exe -- [2008-04-23 22:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\\{e6ccc6ad-e019-11df-b9e0-806e6f6e6963}\\Shell - \"\" = AutoRun
O33 - MountPoints2\\{e6ccc6ad-e019-11df-b9e0-806e6f6e6963}\\Shell\\AutoRun\\command - \"\" = H:\\AutoRun.exe -- File not found
O33 - MountPoints2\\{e6ccc718-e019-11df-b9e0-00215ae99712}\\Shell - \"\" = AutoRun
O33 - MountPoints2\\{e6ccc718-e019-11df-b9e0-00215ae99712}\\Shell\\AutoRun\\command - \"\" = G:\\AutoRun.exe -- [2008-04-23 22:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\\{e6ccc77a-e019-11df-b9e0-00215ae99712}\\Shell - \"\" = AutoRun
O33 - MountPoints2\\{e6ccc77a-e019-11df-b9e0-00215ae99712}\\Shell\\AutoRun\\command - \"\" = H:\\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (C:\\PROGRA~1\\AVG\\AVG10\\avgchsvx.exe /sync) - C:\\Program Files\\AVG\\AVG10\\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\\PROGRA~1\\AVG\\AVG10\\avgrsx.exe /sync /restart) - C:\\Program Files\\AVG\\AVG10\\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\\..comfile [open] -- \"%1\" %*
O35 - HKLM\\..exefile [open] -- \"%1\" %*
O37 - HKLM\\...com [@ = comfile] -- \"%1\" %*
O37 - HKLM\\...exe [@ = exefile] -- \"%1\" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010-11-03 11:07:49 | 000,000,000 | ---D | C] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\Malwarebytes
[2010-11-03 11:07:20 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\\windows\\System32\\drivers\\mbamswissarmy.sys
[2010-11-03 11:07:18 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\\windows\\System32\\drivers\\mbam.sys
[2010-11-03 11:07:18 | 000,000,000 | ---D | C] -- C:\\Program Files\\Malwarebytes\' Anti-Malware
[2010-11-03 11:07:18 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Malwarebytes
[2010-10-29 14:27:10 | 000,000,000 | ---D | C] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\AVG10
[2010-10-29 14:23:56 | 000,000,000 | ---D | C] -- C:\\windows\\System32\\drivers\\AVG
[2010-10-29 12:55:20 | 000,000,000 | -H-D | C] -- C:\\ProgramData\\Common Files
[2010-10-29 12:50:58 | 000,000,000 | ---D | C] -- C:\\Program Files\\AVG
[2010-10-28 12:10:28 | 000,000,000 | ---D | C] -- C:\\ProgramData\\AVG10
[2010-10-28 11:10:52 | 000,000,000 | ---D | C] -- C:\\ProgramData\\MFAData
[2010-10-28 11:07:55 | 000,000,000 | ---D | C] -- C:\\Program Files\\CCleaner
[2010-10-28 08:42:12 | 000,000,000 | ---D | C] -- C:\\Users\\marta.CAPTIMAX\\Desktop\\marta roboform backup
[2010-10-28 02:01:08 | 000,000,000 | ---D | C] -- C:\\windows\\CheckSur
[2010-10-27 15:59:51 | 000,000,000 | ---D | C] -- C:\\_OTL
[2010-10-27 14:40:48 | 000,000,000 | ---D | C] -- C:\\windows\\System32\\appmgmt
[2010-10-27 14:29:32 | 000,000,000 | ---D | C] -- C:\\Users\\marta.CAPTIMAX\\Desktop\\Marta Docs
[2010-10-27 14:28:47 | 000,000,000 | ---D | C] -- C:\\Users\\marta.CAPTIMAX\\Desktop\\Marta to sort
[2010-10-27 14:28:23 | 000,000,000 | ---D | C] -- C:\\Users\\marta.CAPTIMAX\\Desktop\\Marta Images
[2010-10-27 10:50:18 | 004,240,384 | ---- | C] (Microsoft) -- C:\\windows\\System32\\GameUXLegacyGDFs.dll
[2010-10-27 10:50:16 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\Apphlpdm.dll
[2010-10-25 11:59:15 | 000,068,880 | --S- | C] (PC Tools) -- C:\\windows\\System32\\drivers\\TfSysMon.sys
[2010-10-25 11:59:15 | 000,051,984 | --S- | C] (PC Tools) -- C:\\windows\\System32\\drivers\\TfFsMon.sys
[2010-10-25 11:59:15 | 000,033,552 | --S- | C] (PC Tools) -- C:\\windows\\System32\\drivers\\TfNetMon.sys
[2010-10-25 11:59:03 | 001,865,680 | ---- | C] (Threat Expert Ltd.) -- C:\\windows\\PCTBDCore.dll
[2010-10-25 11:59:03 | 000,739,280 | ---- | C] (Threat Expert Ltd.) -- C:\\windows\\PCTBDRes.dll
[2010-10-25 11:59:03 | 000,149,456 | ---- | C] (PC Tools) -- C:\\windows\\SGDetectionTool.dll
[2010-10-25 11:49:04 | 000,656,320 | ---- | C] (PC Tools) -- C:\\windows\\System32\\drivers\\pctEFA.sys
[2010-10-25 11:49:04 | 000,338,880 | ---- | C] (PC Tools) -- C:\\windows\\System32\\drivers\\pctDS.sys
[2010-10-25 11:49:04 | 000,247,824 | ---- | C] (PC Tools) -- C:\\windows\\System32\\drivers\\pctgntdi.sys
[2010-10-25 11:49:04 | 000,102,184 | ---- | C] (PC Tools) -- C:\\windows\\System32\\drivers\\pctwfpfilter.sys
[2010-10-25 11:48:55 | 000,237,632 | ---- | C] (PC Tools) -- C:\\windows\\System32\\drivers\\PCTCore.sys
[2010-10-25 11:48:55 | 000,159,296 | ---- | C] (PC Tools) -- C:\\windows\\System32\\drivers\\PCTAppEvent.sys
[2010-10-25 11:48:50 | 000,087,400 | ---- | C] (PC Tools) -- C:\\windows\\System32\\drivers\\pctNdis-PacketFilter.sys
[2010-10-25 11:48:50 | 000,031,960 | ---- | C] (PC Tools) -- C:\\windows\\System32\\drivers\\pctNdis-DNS.sys
[2010-10-25 11:48:49 | 000,123,968 | ---- | C] (PC Tools) -- C:\\windows\\System32\\drivers\\pctplfw.sys
[2010-10-25 11:48:49 | 000,070,536 | ---- | C] (PC Tools) -- C:\\windows\\System32\\drivers\\pctplsg.sys
[2010-10-25 11:29:04 | 000,621,056 | ---- | C] (DiBcom SA) -- C:\\windows\\System32\\drivers\\mod7700.sys
[2010-10-25 11:29:04 | 000,113,152 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\\windows\\System32\\drivers\\ewusbnet.sys
[2010-10-25 11:29:04 | 000,101,760 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\\windows\\System32\\drivers\\ewusbmdm.sys
[2010-10-25 11:29:04 | 000,023,424 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\\windows\\System32\\drivers\\ewdcsc.sys
[2010-10-25 02:01:14 | 000,000,000 | ---D | C] -- C:\\Program Files\\Microsoft CAPICOM 2.1.0.2
[2010-10-24 15:25:23 | 000,000,000 | ---D | C] -- C:\\ProgramData\\TEMP
[2010-10-24 15:25:23 | 000,000,000 | ---D | C] -- C:\\Program Files\\PC Tools Security
[2010-10-24 15:25:23 | 000,000,000 | ---D | C] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\PC Tools
[2010-10-24 15:25:23 | 000,000,000 | ---D | C] -- C:\\Program Files\\Common Files\\PC Tools
[2010-10-24 15:14:40 | 000,000,000 | ---D | C] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\Birdstep Technology
[2010-10-24 15:14:06 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Birdstep Technology
[2010-10-24 15:09:59 | 000,000,000 | ---D | C] -- C:\\Program Files\\Huawei Modems
[2010-10-24 15:09:39 | 000,000,000 | ---D | C] -- C:\\Program Files\\3
[2010-10-24 14:32:32 | 000,000,000 | ---D | C] -- C:\\ProgramData\\PC Tools
[2010-10-16 17:41:54 | 000,000,000 | ---D | C] -- \\\\Serverstorage\\PUBLIC\\Captimax Users\\Users\\marta\\My Documents\\Scanned Documents
[2010-10-16 17:41:54 | 000,000,000 | ---D | C] -- \\\\Serverstorage\\PUBLIC\\Captimax Users\\Users\\marta\\My Documents\\Fax
[2010-10-14 09:38:41 | 000,000,000 | ---D | C] -- C:\\downloads
[2010-10-14 02:02:31 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\msshsq.dll
[2010-10-13 21:51:19 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\wmploc.DLL
[2010-10-13 21:51:06 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\netevent.dll
[2010-10-13 21:51:00 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\t2embed.dll
[2010-10-13 21:50:59 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\mfc40.dll
[2010-10-13 21:50:59 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\mfc40u.dll
[2010-10-13 21:50:58 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\win32k.sys
[2010-10-13 21:50:57 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\wmpmde.dll
[2010-10-13 21:50:50 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\msfeeds.dll
[2010-10-13 21:50:49 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\mstime.dll
[2010-10-13 21:50:49 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\ieapfltr.dll
[2010-10-13 21:50:49 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\ieaksie.dll
[2010-10-13 21:50:48 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\mshtml.tlb
[2010-10-13 21:50:48 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\html.iec
[2010-10-13 21:50:48 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\iedkcs32.dll
[2010-10-13 21:50:48 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\iepeers.dll
[2010-10-13 21:50:48 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\ieencode.dll
[2010-10-13 21:50:48 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\\windows\\System32\\jsproxy.dll
[2010-10-08 14:17:12 | 000,000,000 | ---D | C] -- C:\\Program Files\\MediaFeed
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010-11-04 13:23:09 | 000,598,702 | ---- | M] () -- C:\\windows\\System32\\perfh009.dat
[2010-11-04 13:23:09 | 000,104,716 | ---- | M] () -- C:\\windows\\System32\\perfc009.dat
[2010-11-04 13:19:39 | 098,331,948 | ---- | M] () -- C:\\windows\\System32\\drivers\\AVG\\incavi.avm
[2010-11-04 13:15:49 | 000,003,216 | -H-- | M] () -- C:\\windows\\System32\\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010-11-04 13:15:48 | 000,003,216 | -H-- | M] () -- C:\\windows\\System32\\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010-11-04 13:15:44 | 000,067,584 | --S- | M] () -- C:\\windows\\bootstat.dat
[2010-11-04 13:15:42 | 2073,366,528 | -HS- | M] () -- C:\\hiberfil.sys
[2010-11-03 11:07:27 | 000,000,818 | ---- | M] () -- C:\\Users\\Public\\Desktop\\Malwarebytes\' Anti-Malware.lnk
[2010-10-29 14:25:14 | 000,000,830 | ---- | M] () -- C:\\Users\\Public\\Desktop\\AVG 2011.lnk
[2010-10-29 11:45:41 | 000,212,344 | ---- | M] () -- C:\\Users\\marta.CAPTIMAX\\Desktop\\Iberdrola.JPG
[2010-10-29 07:40:30 | 000,000,731 | ---- | M] () -- C:\\Users\\marta.CAPTIMAX\\Desktop\\Downloads - Shortcut.lnk
[2010-10-28 11:07:57 | 000,000,804 | ---- | M] () -- C:\\Users\\marta.CAPTIMAX\\Desktop\\CCleaner.lnk
[2010-10-28 07:41:14 | 000,002,127 | ---- | M] () -- C:\\Users\\marta.CAPTIMAX\\Desktop\\Google Chrome.lnk
[2010-10-28 07:41:14 | 000,002,089 | ---- | M] () -- C:\\Users\\marta.CAPTIMAX\\Application Data\\Microsoft\\Internet Explorer\\Quick Launch\\Google Chrome.lnk
[2010-10-27 14:34:39 | 000,178,688 | ---- | M] () -- C:\\Users\\marta.CAPTIMAX\\AppData\\Local\\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-10-27 10:50:52 | 001,905,738 | ---- | M] () -- C:\\windows\\System32\\drivers\\Cat.DB
[2010-10-25 11:30:13 | 000,001,748 | ---- | M] () -- C:\\Users\\Public\\Desktop\\3Connect.lnk
[2010-10-25 11:30:13 | 000,001,716 | ---- | M] () -- C:\\Users\\marta.CAPTIMAX\\Application Data\\Microsoft\\Internet Explorer\\Quick Launch\\3Connect.lnk
[2010-10-25 11:26:26 | 000,070,671 | ---- | M] () -- C:\\windows\\Huawei ModemsUninstall.exe
[2010-10-23 17:32:31 | 000,000,680 | ---- | M] () -- C:\\Users\\marta.CAPTIMAX\\AppData\\Local\\d3d9caps.dat
[2010-10-19 10:41:44 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\\windows\\System32\\MpSigStub.exe
[2010-10-14 10:08:21 | 000,000,926 | ---- | M] () -- C:\\windows\\tasks\\GoogleUpdateTaskUserS-1-5-21-2083490932-3391324787-1819471116-2200Core1cb6b7f597ce1f5.job
[2010-10-14 02:25:03 | 000,377,648 | ---- | M] () -- C:\\windows\\System32\\FNTCACHE.DAT
[2010-10-08 14:17:16 | 000,000,816 | ---- | M] () -- C:\\Users\\marta.CAPTIMAX\\Desktop\\MediaFeed.lnk
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010-11-04 13:19:39 | 098,331,948 | ---- | C] () -- C:\\windows\\System32\\drivers\\AVG\\incavi.avm
[2010-11-03 11:07:27 | 000,000,818 | ---- | C] () -- C:\\Users\\Public\\Desktop\\Malwarebytes\' Anti-Malware.lnk
[2010-10-29 14:25:14 | 000,000,830 | ---- | C] () -- C:\\Users\\Public\\Desktop\\AVG 2011.lnk
[2010-10-29 11:45:46 | 000,212,344 | ---- | C] () -- C:\\Users\\marta.CAPTIMAX\\Desktop\\Iberdrola.JPG
[2010-10-29 07:40:30 | 000,000,731 | ---- | C] () -- C:\\Users\\marta.CAPTIMAX\\Desktop\\Downloads - Shortcut.lnk
[2010-10-28 11:07:57 | 000,000,804 | ---- | C] () -- C:\\Users\\marta.CAPTIMAX\\Desktop\\CCleaner.lnk
[2010-10-27 14:27:12 | 000,002,127 | ---- | C] () -- C:\\Users\\marta.CAPTIMAX\\Desktop\\Google Chrome.lnk
[2010-10-27 09:42:08 | 2073,366,528 | -HS- | C] () -- C:\\hiberfil.sys
[2010-10-25 11:59:03 | 000,767,952 | ---- | C] () -- C:\\windows\\BDTSupport.dll
[2010-10-25 11:59:03 | 000,002,074 | ---- | C] () -- C:\\windows\\UDB.zip
[2010-10-25 11:59:03 | 000,000,882 | ---- | C] () -- C:\\windows\\RegSDImport.xml
[2010-10-25 11:59:03 | 000,000,879 | ---- | C] () -- C:\\windows\\RegISSImport.xml
[2010-10-25 11:59:03 | 000,000,131 | ---- | C] () -- C:\\windows\\IDB.zip
[2010-10-25 11:30:13 | 000,001,748 | ---- | C] () -- C:\\Users\\Public\\Desktop\\3Connect.lnk
[2010-10-25 11:30:13 | 000,001,716 | ---- | C] () -- C:\\Users\\marta.CAPTIMAX\\Application Data\\Microsoft\\Internet Explorer\\Quick Launch\\3Connect.lnk
[2010-10-25 11:26:26 | 000,070,671 | ---- | C] () -- C:\\windows\\Huawei ModemsUninstall.exe
[2010-10-25 10:25:15 | 001,905,738 | ---- | C] () -- C:\\windows\\System32\\drivers\\Cat.DB
[2010-10-23 17:32:31 | 000,000,680 | ---- | C] () -- C:\\Users\\marta.CAPTIMAX\\AppData\\Local\\d3d9caps.dat
[2010-10-14 10:08:21 | 000,000,926 | ---- | C] () -- C:\\windows\\tasks\\GoogleUpdateTaskUserS-1-5-21-2083490932-3391324787-1819471116-2200Core1cb6b7f597ce1f5.job
[2010-10-08 14:17:16 | 000,000,816 | ---- | C] () -- C:\\Users\\marta.CAPTIMAX\\Desktop\\MediaFeed.lnk
[2010-09-23 12:21:49 | 000,000,038 | ---- | C] () -- C:\\windows\\avisplitter.ini
[2010-09-23 12:21:48 | 000,790,528 | ---- | C] () -- C:\\windows\\System32\\xvidcore.dll
[2010-09-23 12:21:48 | 000,134,144 | ---- | C] () -- C:\\windows\\System32\\xvidvfw.dll
[2010-09-23 12:21:48 | 000,108,032 | ---- | C] () -- C:\\windows\\System32\\ff_vfw.dll
[2010-02-03 18:32:20 | 000,165,376 | ---- | C] () -- C:\\windows\\System32\\unrar.dll
[2010-01-18 19:18:21 | 000,000,025 | ---- | C] () -- C:\\windows\\libem.INI
[2009-12-10 14:39:13 | 000,000,056 | -H-- | C] () -- C:\\ProgramData\\ezsidmv.dat
[2009-12-09 17:32:44 | 000,178,688 | ---- | C] () -- C:\\Users\\marta.CAPTIMAX\\AppData\\Local\\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-12-03 19:35:45 | 000,031,007 | ---- | C] () -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\UserTile.png
[2009-11-27 14:24:23 | 000,055,476 | RHS- | C] () -- C:\\ProgramData\\ntuser.pol
[2009-01-21 21:52:53 | 000,204,800 | ---- | C] () -- C:\\windows\\System32\\IVIresizeW7.dll
[2009-01-21 21:52:53 | 000,200,704 | ---- | C] () -- C:\\windows\\System32\\IVIresizeA6.dll
[2009-01-21 21:52:53 | 000,192,512 | ---- | C] () -- C:\\windows\\System32\\IVIresizeP6.dll
[2009-01-21 21:52:53 | 000,192,512 | ---- | C] () -- C:\\windows\\System32\\IVIresizeM6.dll
[2009-01-21 21:52:53 | 000,188,416 | ---- | C] () -- C:\\windows\\System32\\IVIresizePX.dll
[2009-01-21 21:52:53 | 000,020,480 | ---- | C] () -- C:\\windows\\System32\\IVIresize.dll
[2009-01-21 21:35:46 | 000,147,456 | ---- | C] () -- C:\\windows\\System32\\igfxCoIn_v1518.dll
[2008-08-08 02:47:42 | 000,109,184 | ---- | C] () -- C:\\windows\\System32\\drivers\\SafeBoot.sys
[2008-08-07 00:19:14 | 000,294,912 | ---- | C] () -- C:\\windows\\System32\\flcdlmsg.dll
[2007-11-28 02:41:06 | 000,114,688 | ---- | C] () -- C:\\windows\\System32\\aicext.dll
[2007-04-23 14:44:10 | 001,347,584 | ---- | C] () -- C:\\windows\\System32\\drivers\\camdrv41.sys
[2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\\windows\\System32\\pacerprf.ini
[2005-04-03 23:30:00 | 000,110,592 | ---- | C] () -- C:\\windows\\System32\\scardsyn.dll
[1998-05-07 04:10:00 | 000,069,632 | ---- | C] () -- C:\\windows\\System32\\ODMA32.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010-06-16 11:22:13 | 000,000,000 | ---D | M] -- C:\\Users\\Elisabeth\\AppData\\Roaming\\FlashGet
[2010-08-24 13:16:17 | 000,000,000 | ---D | M] -- C:\\Users\\Elisabeth\\AppData\\Roaming\\OpenFM
[2010-10-29 14:27:10 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\AVG10
[2010-10-24 15:14:40 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\Birdstep Technology
[2010-02-21 17:39:58 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\BITS
[2010-10-04 09:22:36 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\FFSJ
[2010-02-21 17:42:49 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\FlashGet
[2010-01-18 19:17:34 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\FlashGetBHO
[2009-12-12 16:52:59 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\Gadu-Gadu 10
[2010-03-25 12:48:09 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\InterVideo
[2010-08-05 13:32:39 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\LinkManager 4.0
[2009-12-03 19:35:45 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\PeerNetworking
[2010-08-05 13:32:38 | 000,000,000 | ---D | M] -- C:\\Users\\marta.CAPTIMAX\\AppData\\Roaming\\Visioneer
[2010-11-03 17:13:46 | 000,032,546 | ---- | M] () -- C:\\Windows\\Tasks\\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 202 bytes -> C:\\ProgramData\\TEMP:DFC5A2B2
@Alternate Data Stream - 102 bytes -> C:\\ProgramData\\TEMP:430C6D84
 
< End of report >
 
Wygenerowano w 0.387s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!