wklejto.pl
Dodane przez: olcia176 (2011-01-12 23:52) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
368.
369.
370.
371.
372.
373.
374.
375.
376.
377.
378.
379.
380.
381.
382.
383.
384.
385.
386.
387.
388.
389.
390.
391.
392.
393.
394.
395.
396.
397.
398.
399.
400.
401.
402.
403.
404.
405.
406.
407.
408.
409.
410.
411.
412.
413.
414.
415.
416.
417.
418.
419.
420.
421.
422.
423.
424.
425.
426.
427.
428.
429.
430.
431.
432.
433.
434.
435.
436.
437.
438.
439.
440.
441.
442.
443.
444.
445.
446.
447.
448.
449.
450.
451.
452.
453.
454.
455.
456.
457.
458.
459.
460.
461.
462.
463.
464.
465.
466.
467.
468.
469.
470.
471.
472.
473.
474.
475.
476.
477.
478.
479.
480.
481.
482.
483.
484.
485.
486.
487.
488.
489.
490.
491.
492.
493.
494.
495.
496.
497.
498.
499.
500.
501.
502.
503.
504.
505.
506.
507.
508.
509.
510.
511.
512.
513.
514.
515.
516.
517.
518.
519.
520.
521.
522.
523.
524.
525.
526.
527.
528.
529.
530.
531.
532.
533.
534.
535.
536.
537.
538.
539.
540.
541.
542.
543.
544.
545.
546.
547.
548.
549.
550.
551.
552.
553.
554.
555.
556.
557.
558.
559.
560.
561.
562.
563.
564.
565.
566.
567.
568.
569.
570.
571.
572.
573.
574.
575.
576.
577.
578.
579.
580.
581.
582.
583.
584.
585.
586.
587.
588.
589.
590.
591.
592.
593.
594.
595.
596.
597.
598.
599.
600.
601.
602.
603.
604.
605.
606.
607.
608.
609.
610.
611.
612.
613.
614.
615.
616.
617.
618.
619.
620.
621.
622.
623.
624.
625.
626.
627.
628.
629.
630.
631.
632.
633.
634.
635.
636.
637.
638.
639.
640.
641.
642.
643.
644.
645.
646.
647.
648.
649.
650.
651.
652.
653.
654.
655.
656.
657.
658.
659.
660.
661.
662.
663.
664.
665.
666.
667.
668.
669.
670.
671.
672.
673.
674.
675.
676.
677.
678.
679.
680.
681.
682.
683.
684.
685.
686.
687.
688.
689.
690.
691.
692.
693.
694.
695.
696.
697.
698.
699.
700.
701.
702.
703.
704.
705.
706.
707.
708.
709.
710.
711.
712.
713.
714.
715.
716.
717.
718.
719.
720.
721.
722.
723.
724.
725.
726.
727.
728.
729.
730.
731.
732.
733.
734.
735.
736.
737.
738.
739.
740.
741.
742.
743.
744.
745.
746.
747.
748.
749.
750.
751.
752.
753.
754.
755.
756.
757.
758.
759.
760.
761.
762.
763.
764.
765.
766.
767.
768.
769.
770.
771.
772.
773.
774.
775.
776.
777.
778.
779.
780.
781.
782.
783.
784.
785.
786.
787.
788.
789.
790.
791.
792.
793.
794.
795.
796.
797.
798.
799.
800.
801.
802.
803.
804.
805.
806.
807.
808.
809.
810.
811.
812.
813.
814.
815.
816.
817.
818.
819.
820.
821.
822.
823.
824.
825.
826.
827.
828.
829.
830.
831.
832.
833.
834.
835.
836.
837.
838.
839.
840.
841.
842.
843.
844.
845.
846.
847.
848.
849.
850.
851.
OTL logfile created on: 2011-01-12 23:37:21 - Run 3
OTL by OldTimer - Version 3.2.20.1     Folder = C:\Users\ola\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 148,81 Gb Total Space | 79,42 Gb Free Space | 53,37% Space Free | Partition Type: NTFS
Drive D: | 148,88 Gb Total Space | 142,51 Gb Free Space | 95,72% Space Free | Partition Type: NTFS
 
Computer Name: OLA-TOSH | User Name: ola | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011-01-12 22:49:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ola\Downloads\OTL.exe
PRC - [2010-12-20 18:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010-12-03 20:58:04 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010-12-03 20:58:04 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010-10-11 16:12:08 | 000,273,672 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\mswinext.exe
PRC - [2010-07-23 06:05:56 | 000,126,904 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe
PRC - [2010-03-03 11:47:38 | 004,581,280 | ---- | M] (TOSHIBA) -- C:\Program Files (x86)\Toshiba\TOSHIBA Online Product Information\TOPI.exe
PRC - [2010-02-22 12:23:50 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009-07-28 19:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009-03-10 17:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2011-01-12 22:49:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ola\Downloads\OTL.exe
MOD - [2010-08-21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2010-10-26 13:59:10 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2010-07-23 06:05:56 | 000,126,904 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe -- (NAV)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-01-28 15:44:40 | 000,249,200 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009-10-06 08:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-03-10 17:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011-01-10 18:07:03 | 001,791,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20110112.002\EX64.SYS -- (NAVEX15)
DRV - [2011-01-10 18:07:03 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011-01-10 18:07:03 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20110112.002\ENG64.SYS -- (NAVENG)
DRV - [2010-11-23 03:20:07 | 000,953,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20101123.003\BHDrvx64.sys -- (BHDrvx64)
DRV - [2010-11-09 01:50:27 | 000,476,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20110110.002\IDSviA64.sys -- (IDSVia64)
DRV - [2010-08-13 10:00:00 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://alawar.pl
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1113780735-3516732747-1708026271-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
IE - HKU\S-1-5-21-1113780735-3516732747-1708026271-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1113780735-3516732747-1708026271-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-1113780735-3516732747-1708026271-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.selectedEngine: "Google PL"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ftp_port: 9666
FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.backup.gopher_port: 9666
FF - prefs.js..network.proxy.backup.socks: "127.0.0.1"
FF - prefs.js..network.proxy.backup.socks_port: 9666
FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ssl_port: 9666
FF - prefs.js..network.proxy.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.ftp_port: 9666
FF - prefs.js..network.proxy.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.gopher_port: 9666
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9666
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 9666
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011-01-09 10:58:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011-01-09 10:58:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\IPSFFPlgn\ [2011-01-10 17:43:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-01-09 10:54:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-01-09 10:54:02 | 000,000,000 | ---D | M]
 
[2011-01-09 10:54:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ola\AppData\Roaming\mozilla\Extensions
[2011-01-09 10:54:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ola\AppData\Roaming\mozilla\Firefox\Profiles\27c6zcra.default\extensions
[2011-01-09 17:22:12 | 000,001,728 | ---- | M] () -- C:\Users\ola\AppData\Roaming\Mozilla\Firefox\Profiles\27c6zcra.default\searchplugins\google-pl.xml
[2011-01-12 09:43:31 | 000,001,860 | ---- | M] () -- C:\Users\ola\AppData\Roaming\Mozilla\Firefox\Profiles\27c6zcra.default\searchplugins\search.xml
[2011-01-10 17:37:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010-08-24 13:05:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011-01-08 07:48:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011-01-10 17:43:35 | 000,000,000 | ---D | M] (Norton IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\IPSFFPLGN
[2010-02-21 11:22:32 | 000,712,704 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll
[2010-11-12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010-12-03 18:54:54 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2007-07-26 13:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\crawlersrch.xml
[2010-12-03 18:54:54 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2010-12-03 18:54:54 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2010-12-03 18:54:54 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2010-12-03 18:54:54 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-12-03 18:54:54 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.6.22.dll (BitComet)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\18.1.0.37\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O4 - HKLM..\Run: [Bing Bar] C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKU\.DEFAULT..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-18..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1113780735-3516732747-1708026271-1000..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_09.01.2011_10-39.lnk = C:\Users\ola\Desktop\Virus Removal Tool\setup_9.0.0.722_09.01.2011_10-39\startup.exe File not found
O4 - Startup: C:\Users\ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_09.01.2011_20-40.lnk = C:\Users\ola\Desktop\Virus Removal Tool\setup_9.0.0.722_09.01.2011_20-40\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Pobierz wszystkie wideo za pomocą BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Pobierz za pomocą BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.6.22.dll (BitComet)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.34.49 212.76.34.50
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: McMPFSvc - Service
SafeBootNet: MCODS - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011-01-12 22:22:45 | 000,000,000 | ---D | C] -- C:\Users\ola\AppData\Roaming\Malwarebytes
[2011-01-12 22:22:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011-01-12 22:22:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011-01-12 22:22:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011-01-12 22:22:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011-01-11 21:27:20 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011-01-11 20:37:31 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2011-01-11 20:37:04 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll
[2011-01-11 20:37:04 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2011-01-11 20:37:03 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011-01-11 20:37:03 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011-01-11 20:37:02 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2011-01-11 20:37:02 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011-01-11 20:37:02 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll
[2011-01-11 20:37:02 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2011-01-11 20:37:01 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll
[2011-01-10 17:50:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2011-01-10 17:49:22 | 000,000,000 | ---D | C] -- C:\Users\ola\Documents\Symantec
[2011-01-10 17:45:33 | 000,000,000 | ---D | C] -- C:\Users\ola\AppData\Local\CrashDumps
[2011-01-10 17:40:39 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
[2011-01-10 17:40:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton AntiVirus
[2011-01-10 17:37:13 | 000,000,000 | ---D | C] -- C:\ProgramData\PCSettings
[2011-01-10 17:31:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011-01-10 17:29:36 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2011-01-10 17:29:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2011-01-10 17:17:27 | 000,000,000 | ---D | C] -- C:\Users\ola\Documents\norton antywirus 2011  6 miesiecy free
[2011-01-10 11:59:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCRx
[2011-01-09 19:41:53 | 000,000,000 | ---D | C] -- C:\Users\ola\Desktop\Virus Removal Tool
[2011-01-09 17:12:06 | 000,000,000 | ---D | C] -- C:\ProgramData\TOSHIBA Tempro
[2011-01-09 17:12:06 | 000,000,000 | ---D | C] -- C:\ProgramData\IsolatedStorage
[2011-01-09 11:34:53 | 000,000,000 | ---D | C] -- C:\Users\ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArcaVir
[2011-01-09 11:34:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ArcaBit
[2011-01-09 11:29:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2011-01-09 11:26:21 | 000,000,000 | ---D | C] -- C:\Users\ola\AppData\Roaming\ArcaVirMicroScan
[2011-01-09 10:57:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bing Bar Installer
[2011-01-09 10:54:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2011-01-08 07:48:11 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011-01-08 07:48:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011-01-08 07:48:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011-01-07 20:33:59 | 000,000,000 | ---D | C] -- C:\Users\ola\AppData\Roaming\Grisoft
[2011-01-07 20:33:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Grisoft
[2011-01-06 11:50:57 | 000,000,000 | ---D | C] -- C:\mIRC
[2011-01-06 10:10:28 | 000,000,000 | ---D | C] -- C:\Users\ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RemoveIT Pro v4 - SE
[2011-01-06 10:10:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RemoveIT Pro v4 - SE
[2011-01-06 10:10:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\InCode Solutions
[2011-01-06 08:40:40 | 000,000,000 | ---D | C] -- C:\Users\ola\AppData\Local\G DATA
[2011-01-03 20:43:17 | 000,000,000 | ---D | C] -- C:\Users\ola\Desktop\[www.tnttorrent.info] Deadly Crossing 2011 [DVDRip.XviD-miguel] [Ekipa TnT]
[2010-12-16 05:30:30 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2010-12-16 05:30:30 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2010-12-16 05:30:30 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2010-12-16 05:30:29 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010-12-16 05:30:29 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2010-12-16 05:30:26 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2010-12-16 05:30:15 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010-12-16 05:30:15 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010-12-16 05:30:15 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010-12-16 05:30:15 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010-12-16 05:30:15 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010-12-16 05:30:14 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010-12-16 05:30:14 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011-01-12 22:39:20 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\Registry Reviver64-ola-Startup.job
[2011-01-12 22:39:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-01-12 22:39:07 | 3117,391,872 | -HS- | M] () -- C:\hiberfil.sys
[2011-01-12 22:22:36 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-01-11 21:27:18 | 669,235,779 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011-01-10 17:41:26 | 000,002,468 | ---- | M] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2011-01-10 13:30:07 | 152,085,931 | ---- | M] () -- C:\Users\ola\Desktop\norton antywirus 2011  6 miesiecy free.rar
[2011-01-09 19:42:55 | 000,002,237 | ---- | M] () -- C:\Users\ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_09.01.2011_20-40.lnk
[2011-01-09 11:34:52 | 000,002,883 | ---- | M] () -- C:\Users\ola\Desktop\Łatanie systemu.lnk
[2011-01-09 11:29:35 | 000,002,237 | ---- | M] () -- C:\Users\ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_09.01.2011_10-39.lnk
[2011-01-09 10:54:04 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010-12-20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011-01-12 22:22:36 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-01-11 21:27:18 | 669,235,779 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011-01-10 17:41:26 | 000,002,468 | ---- | C] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2011-01-10 12:06:34 | 152,085,931 | ---- | C] () -- C:\Users\ola\Desktop\norton antywirus 2011  6 miesiecy free.rar
[2011-01-09 19:42:55 | 000,002,237 | ---- | C] () -- C:\Users\ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_09.01.2011_20-40.lnk
[2011-01-09 11:34:52 | 000,002,883 | ---- | C] () -- C:\Users\ola\Desktop\Łatanie systemu.lnk
[2011-01-09 11:29:35 | 000,002,237 | ---- | C] () -- C:\Users\ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_09.01.2011_10-39.lnk
[2011-01-09 10:54:04 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010-10-13 20:01:10 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010-10-13 20:01:05 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010-10-13 20:01:05 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010-10-13 20:01:05 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010-08-26 17:05:50 | 000,006,144 | ---- | C] () -- C:\Users\ola\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-05-26 00:12:03 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2010-02-20 07:27:36 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010-02-20 07:27:36 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2002-10-15 23:54:04 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011-01-09 17:12:14 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\ArcaVirMicroScan
[2010-08-29 08:40:01 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\Ashampoo
[2011-01-07 11:13:32 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\AVI ReComp
[2011-01-12 22:29:56 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\BitComet
[2010-09-13 14:46:41 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\ChomikBox
[2010-09-19 12:50:11 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\ERS Game Studios
[2010-10-07 06:14:39 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\EscapeFromParadise2
[2010-09-06 09:37:20 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\Gaijin Ent
[2010-09-19 07:35:49 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\Gogii
[2011-01-07 20:33:59 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\Grisoft
[2010-09-23 12:32:13 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\OpenCandy
[2010-09-05 08:31:03 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\PlayFirst
[2010-12-28 23:50:59 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\Toshiba
[2010-10-09 17:03:56 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\Virtual City
[2010-08-29 08:26:43 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\WinAVI
[2011-01-12 22:39:20 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\Registry Reviver64-ola-Startup.job
[2011-01-03 18:09:00 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2011-01-12 22:39:07 | 3117,391,872 | -HS- | M] () -- C:\hiberfil.sys
[2011-01-06 10:46:00 | 000,000,000 | ---- | M] () -- C:\ntuser.dat
[2011-01-06 12:08:05 | 000,000,000 | -HS- | M] () -- C:\ntuser.dat.LOG1
[2011-01-06 12:08:05 | 000,000,000 | -HS- | M] () -- C:\ntuser.dat.LOG2
[2011-01-12 22:39:14 | 4156,522,496 | -HS- | M] () -- C:\pagefile.sys
[2010-04-22 11:17:32 | 000,000,070 | -H-- | M] () -- C:\SWSTAMP.TXT
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
 
[color=#A23BEC]< MD5 for: BEEP.SYS  >[/color]
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys
 
[color=#A23BEC]< MD5 for: CDROM.SYS  >[/color]
[2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
 
[color=#A23BEC]< MD5 for: NDIS.SYS  >[/color]
[2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
 
[color=#A23BEC]< MD5 for: USERINIT.EXE  >[/color]
[2009-07-14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009-07-14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009-07-14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009-07-14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
 
[color=#A23BEC]< MD5 for: WINLOGON.EXE  >[/color]
[2009-07-14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009-10-28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009-10-28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:E266F325
 
< End of report >
SRV:[b]64bit:[/b] - [2010-09-22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2010-02-05 16:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:[b]64bit:[/b] - [2009-11-05 21:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:[b]64bit:[/b] - [2009-07-28 13:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010-10-26 13:59:10 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2010-07-23 06:05:56 | 000,126,904 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe -- (NAV)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-01-28 15:44:40 | 000,249,200 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009-10-06 08:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-03-10 17:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011-01-10 18:07:03 | 001,791,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20110112.002\EX64.SYS -- (NAVEX15)
DRV - [2011-01-10 18:07:03 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011-01-10 18:07:03 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20110112.002\ENG64.SYS -- (NAVENG)
DRV - [2010-11-23 03:20:07 | 000,953,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20101123.003\BHDrvx64.sys -- (BHDrvx64)
DRV - [2010-11-09 01:50:27 | 000,476,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20110110.002\IDSviA64.sys -- (IDSVia64)
DRV - [2010-08-13 10:00:00 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://alawar.pl
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1113780735-3516732747-1708026271-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
IE - HKU\S-1-5-21-1113780735-3516732747-1708026271-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1113780735-3516732747-1708026271-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-1113780735-3516732747-1708026271-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.selectedEngine: "Google PL"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ftp_port: 9666
FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.backup.gopher_port: 9666
FF - prefs.js..network.proxy.backup.socks: "127.0.0.1"
FF - prefs.js..network.proxy.backup.socks_port: 9666
FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ssl_port: 9666
FF - prefs.js..network.proxy.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.ftp_port: 9666
FF - prefs.js..network.proxy.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.gopher_port: 9666
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9666
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 9666
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011-01-09 10:58:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011-01-09 10:58:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\IPSFFPlgn\ [2011-01-10 17:43:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-01-09 10:54:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-01-09 10:54:02 | 000,000,000 | ---D | M]
 
[2011-01-09 10:54:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ola\AppData\Roaming\mozilla\Extensions
[2011-01-09 10:54:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ola\AppData\Roaming\mozilla\Firefox\Profiles\27c6zcra.default\extensions
[2011-01-09 17:22:12 | 000,001,728 | ---- | M] () -- C:\Users\ola\AppData\Roaming\Mozilla\Firefox\Profiles\27c6zcra.default\searchplugins\google-pl.xml
[2011-01-12 09:43:31 | 000,001,860 | ---- | M] () -- C:\Users\ola\AppData\Roaming\Mozilla\Firefox\Profiles\27c6zcra.default\searchplugins\search.xml
[2011-01-10 17:37:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010-08-24 13:05:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011-01-08 07:48:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011-01-10 17:43:35 | 000,000,000 | ---D | M] (Norton IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\IPSFFPLGN
[2010-02-21 11:22:32 | 000,712,704 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll
[2010-11-12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010-12-03 18:54:54 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2007-07-26 13:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\crawlersrch.xml
[2010-12-03 18:54:54 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2010-12-03 18:54:54 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2010-12-03 18:54:54 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2010-12-03 18:54:54 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-12-03 18:54:54 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.6.22.dll (BitComet)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\18.1.0.37\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O4 - HKLM..\Run: [Bing Bar] C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKU\.DEFAULT..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-18..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1113780735-3516732747-1708026271-1000..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_09.01.2011_10-39.lnk = C:\Users\ola\Desktop\Virus Removal Tool\setup_9.0.0.722_09.01.2011_10-39\startup.exe File not found
O4 - Startup: C:\Users\ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_09.01.2011_20-40.lnk = C:\Users\ola\Desktop\Virus Removal Tool\setup_9.0.0.722_09.01.2011_20-40\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Pobierz wszystkie wideo za pomocą BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Pobierz za pomocą BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.6.22.dll (BitComet)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.34.49 212.76.34.50
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011-01-12 22:22:45 | 000,000,000 | ---D | C] -- C:\Users\ola\AppData\Roaming\Malwarebytes
[2011-01-12 22:22:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011-01-12 22:22:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011-01-12 22:22:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011-01-12 22:22:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011-01-11 21:27:20 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011-01-11 20:37:31 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2011-01-11 20:37:04 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll
[2011-01-11 20:37:04 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2011-01-11 20:37:03 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011-01-11 20:37:03 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011-01-11 20:37:02 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2011-01-11 20:37:02 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011-01-11 20:37:02 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll
[2011-01-11 20:37:02 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2011-01-11 20:37:01 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll
[2011-01-10 17:50:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2011-01-10 17:49:22 | 000,000,000 | ---D | C] -- C:\Users\ola\Documents\Symantec
[2011-01-10 17:45:33 | 000,000,000 | ---D | C] -- C:\Users\ola\AppData\Local\CrashDumps
[2011-01-10 17:40:39 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
[2011-01-10 17:40:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton AntiVirus
[2011-01-10 17:37:13 | 000,000,000 | ---D | C] -- C:\ProgramData\PCSettings
[2011-01-10 17:31:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011-01-10 17:29:36 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2011-01-10 17:29:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2011-01-10 17:17:27 | 000,000,000 | ---D | C] -- C:\Users\ola\Documents\norton antywirus 2011  6 miesiecy free
[2011-01-10 11:59:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCRx
[2011-01-09 19:41:53 | 000,000,000 | ---D | C] -- C:\Users\ola\Desktop\Virus Removal Tool
[2011-01-09 17:12:06 | 000,000,000 | ---D | C] -- C:\ProgramData\TOSHIBA Tempro
[2011-01-09 17:12:06 | 000,000,000 | ---D | C] -- C:\ProgramData\IsolatedStorage
[2011-01-09 11:34:53 | 000,000,000 | ---D | C] -- C:\Users\ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArcaVir
[2011-01-09 11:34:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ArcaBit
[2011-01-09 11:29:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2011-01-09 11:26:21 | 000,000,000 | ---D | C] -- C:\Users\ola\AppData\Roaming\ArcaVirMicroScan
[2011-01-09 10:57:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bing Bar Installer
[2011-01-09 10:54:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2011-01-08 07:48:11 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011-01-08 07:48:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011-01-08 07:48:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011-01-07 20:33:59 | 000,000,000 | ---D | C] -- C:\Users\ola\AppData\Roaming\Grisoft
[2011-01-07 20:33:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Grisoft
[2011-01-06 11:50:57 | 000,000,000 | ---D | C] -- C:\mIRC
[2011-01-06 10:10:28 | 000,000,000 | ---D | C] -- C:\Users\ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RemoveIT Pro v4 - SE
[2011-01-06 10:10:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RemoveIT Pro v4 - SE
[2011-01-06 10:10:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\InCode Solutions
[2011-01-06 08:40:40 | 000,000,000 | ---D | C] -- C:\Users\ola\AppData\Local\G DATA
[2011-01-03 20:43:17 | 000,000,000 | ---D | C] -- C:\Users\ola\Desktop\[www.tnttorrent.info] Deadly Crossing 2011 [DVDRip.XviD-miguel] [Ekipa TnT]
[2010-12-16 05:30:30 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2010-12-16 05:30:30 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2010-12-16 05:30:30 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2010-12-16 05:30:29 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010-12-16 05:30:29 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2010-12-16 05:30:26 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2010-12-16 05:30:15 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010-12-16 05:30:15 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010-12-16 05:30:15 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010-12-16 05:30:15 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010-12-16 05:30:15 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010-12-16 05:30:14 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010-12-16 05:30:14 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011-01-12 22:39:20 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\Registry Reviver64-ola-Startup.job
[2011-01-12 22:39:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-01-12 22:39:07 | 3117,391,872 | -HS- | M] () -- C:\hiberfil.sys
[2011-01-12 22:22:36 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-01-11 21:27:18 | 669,235,779 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011-01-10 17:41:26 | 000,002,468 | ---- | M] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2011-01-10 13:30:07 | 152,085,931 | ---- | M] () -- C:\Users\ola\Desktop\norton antywirus 2011  6 miesiecy free.rar
[2011-01-09 19:42:55 | 000,002,237 | ---- | M] () -- C:\Users\ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_09.01.2011_20-40.lnk
[2011-01-09 11:34:52 | 000,002,883 | ---- | M] () -- C:\Users\ola\Desktop\Łatanie systemu.lnk
[2011-01-09 11:29:35 | 000,002,237 | ---- | M] () -- C:\Users\ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_09.01.2011_10-39.lnk
[2011-01-09 10:54:04 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010-12-20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011-01-12 22:22:36 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-01-11 21:27:18 | 669,235,779 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011-01-10 17:41:26 | 000,002,468 | ---- | C] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2011-01-10 12:06:34 | 152,085,931 | ---- | C] () -- C:\Users\ola\Desktop\norton antywirus 2011  6 miesiecy free.rar
[2011-01-09 19:42:55 | 000,002,237 | ---- | C] () -- C:\Users\ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_09.01.2011_20-40.lnk
[2011-01-09 11:34:52 | 000,002,883 | ---- | C] () -- C:\Users\ola\Desktop\Łatanie systemu.lnk
[2011-01-09 11:29:35 | 000,002,237 | ---- | C] () -- C:\Users\ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_09.01.2011_10-39.lnk
[2011-01-09 10:54:04 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010-10-13 20:01:10 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010-10-13 20:01:05 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010-10-13 20:01:05 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010-10-13 20:01:05 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010-08-26 17:05:50 | 000,006,144 | ---- | C] () -- C:\Users\ola\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-05-26 00:12:03 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2010-02-20 07:27:36 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010-02-20 07:27:36 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2002-10-15 23:54:04 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011-01-09 17:12:14 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\ArcaVirMicroScan
[2010-08-29 08:40:01 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\Ashampoo
[2011-01-07 11:13:32 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\AVI ReComp
[2011-01-12 22:29:56 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\BitComet
[2010-09-13 14:46:41 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\ChomikBox
[2010-09-19 12:50:11 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\ERS Game Studios
[2010-10-07 06:14:39 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\EscapeFromParadise2
[2010-09-06 09:37:20 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\Gaijin Ent
[2010-09-19 07:35:49 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\Gogii
[2011-01-07 20:33:59 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\Grisoft
[2010-09-23 12:32:13 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\OpenCandy
[2010-09-05 08:31:03 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\PlayFirst
[2010-12-28 23:50:59 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\Toshiba
[2010-10-09 17:03:56 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\Virtual City
[2010-08-29 08:26:43 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\WinAVI
[2011-01-12 22:39:20 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\Registry Reviver64-ola-Startup.job
[2011-01-03 18:09:00 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2011-01-12 22:39:07 | 3117,391,872 | -HS- | M] () -- C:\hiberfil.sys
[2011-01-06 10:46:00 | 000,000,000 | ---- | M] () -- C:\ntuser.dat
[2011-01-06 12:08:05 | 000,000,000 | -HS- | M] () -- C:\ntuser.dat.LOG1
[2011-01-06 12:08:05 | 000,000,000 | -HS- | M] () -- C:\ntuser.dat.LOG2
[2011-01-12 22:39:14 | 4156,522,496 | -HS- | M] () -- C:\pagefile.sys
[2010-04-22 11:17:32 | 000,000,070 | -H-- | M] () -- C:\SWSTAMP.TXT
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
 
[color=#A23BEC]< MD5 for: BEEP.SYS  >[/color]
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys
 
[color=#A23BEC]< MD5 for: CDROM.SYS  >[/color]
[2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
 
[color=#A23BEC]< MD5 for: NDIS.SYS  >[/color]
[2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
 
[color=#A23BEC]< MD5 for: USERINIT.EXE  >[/color]
[2009-07-14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009-07-14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009-07-14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009-07-14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
 
[color=#A23BEC]< MD5 for: WINLOGON.EXE  >[/color]
[2009-07-14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009-10-28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009-10-28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:E266F325
 
< End of report >
[2011-01-12 22:46:43 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2011-01-10 17:41:39 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec
[2011-01-10 17:32:06 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Symantec Shared
[2011-01-10 17:32:06 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2010-12-17 08:37:31 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2010-12-17 08:37:31 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2009-07-14 05:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011-01-12 22:39:20 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\Registry Reviver64-ola-Startup.job
[2011-01-12 22:39:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-01-12 22:39:07 | 3117,391,872 | -HS- | M] () -- C:\hiberfil.sys
[2011-01-12 22:22:36 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-01-11 21:27:18 | 669,235,779 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011-01-10 17:41:26 | 000,002,468 | ---- | M] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2011-01-10 13:30:07 | 152,085,931 | ---- | M] () -- C:\Users\ola\Desktop\norton antywirus 2011  6 miesiecy free.rar
[2011-01-09 19:42:55 | 000,002,237 | ---- | M] () -- C:\Users\ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_09.01.2011_20-40.lnk
[2011-01-09 11:34:52 | 000,002,883 | ---- | M] () -- C:\Users\ola\Desktop\Łatanie systemu.lnk
[2011-01-09 11:29:35 | 000,002,237 | ---- | M] () -- C:\Users\ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_09.01.2011_10-39.lnk
[2011-01-09 10:54:04 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010-12-20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011-01-09 17:12:14 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\ArcaVirMicroScan
[2010-08-29 08:40:01 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\Ashampoo
[2011-01-07 11:13:32 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\AVI ReComp
[2011-01-12 22:29:56 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\BitComet
[2010-09-13 14:46:41 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\ChomikBox
[2010-09-19 12:50:11 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\ERS Game Studios
[2010-10-07 06:14:39 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\EscapeFromParadise2
[2010-09-06 09:37:20 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\Gaijin Ent
[2010-09-19 07:35:49 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\Gogii
[2011-01-07 20:33:59 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\Grisoft
[2010-09-23 12:32:13 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\OpenCandy
[2010-09-05 08:31:03 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\PlayFirst
[2010-12-28 23:50:59 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\Toshiba
[2010-10-09 17:03:56 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\Virtual City
[2010-08-29 08:26:43 | 000,000,000 | ---D | M] -- C:\Users\ola\AppData\Roaming\WinAVI
[2011-01-12 22:39:20 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\Registry Reviver64-ola-Startup.job
[2011-01-03 18:09:00 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2011-01-12 22:39:07 | 3117,391,872 | -HS- | M] () -- C:\hiberfil.sys
[2011-01-06 10:46:00 | 000,000,000 | ---- | M] () -- C:\ntuser.dat
[2011-01-06 12:08:05 | 000,000,000 | -HS- | M] () -- C:\ntuser.dat.LOG1
[2011-01-06 12:08:05 | 000,000,000 | -HS- | M] () -- C:\ntuser.dat.LOG2
[2011-01-12 22:39:14 | 4156,522,496 | -HS- | M] () -- C:\pagefile.sys
[2010-04-22 11:17:32 | 000,000,070 | -H-- | M] () -- C:\SWSTAMP.TXT
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
 
[color=#A23BEC]< MD5 for: BEEP.SYS  >[/color]
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys
 
[color=#A23BEC]< MD5 for: CDROM.SYS  >[/color]
[2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
 
[color=#A23BEC]< MD5 for: NDIS.SYS  >[/color]
[2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
 
[color=#A23BEC]< MD5 for: USERINIT.EXE  >[/color]
[2009-07-14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009-07-14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009-07-14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009-07-14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
 
[color=#A23BEC]< MD5 for: WINLOGON.EXE  >[/color]
[2009-07-14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009-10-28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009-10-28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:E266F325
 
< End of report >
 
Wygenerowano w 0.506s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!

Copyright © 2007 - 2010 wklejto.pl Wszelkie prawa zastrzezone